[Winpcap-users] VOIP [RTP]
Camiel Vanderhoeven
iamcamiel at gmail.com
Sat Apr 5 08:05:23 GMT 2008
Hello Wajdi,
I'm not an expert on the subject, so I could be all wrong, but I think
that the RTP packets only contain the actual sound data. Session
control (phone numbers, end of call, etc.) is handled through
different protocols like SIP/SDP. If it's SIP, you're looking for
simple text messages at port 5060. Have a look at www.voip-info.org. I
think there's a wealth of information for you there.
Camiel.
On Fri, Apr 4, 2008 at 11:00 PM, TORKHANI Wajdi
<wajdi.torkhani at laposte.net> wrote:
> Thank you so much it work !!
> To convert the two file i use lame(from sourceforge) and to mix it is use
> sox (from sourceforge).
> Thank you so much i am so happppppppyyy :)
> But, now i need to know:
> 1- How can i detect the end of call ?
> 2- How can i get some details about communication like phone number (...) ?
>
> Thank you Thank you Thank you Thank you
>
> ----- Original Message ----- From: "Camiel Vanderhoeven"
> <iamcamiel at gmail.com>
>
> To: <winpcap-users at winpcap.org>
> Sent: Thursday, April 03, 2008 9:05 PM
>
>
> Subject: Re: [Winpcap-users] VOIP [RTP]
>
>
>
> > Hello Wajdi,
> >
> > You should record each direction into a separate file, so you get two
> > files; have you done this? If you record every packet you get into a
> > single file, it will become a mess. Once you have the two files,
> > convert both files to wav, and then use another program to mix them
> > together.
> >
> > Camiel.
> >
> > On Mon, Mar 31, 2008 at 11:31 AM, TORKHANI Wajdi
> > <wajdi.torkhani at laposte.net> wrote:
> >
> > >
> > >
> > >
> > > Hi,
> > > please help me :(
> > > i don't know where to go, or what to search, so any suggestions .
> > > Let's go step by step :
> > > If i record in one direction the voice run quickly !!
> > > But when it recorded in both directions; there is a noise on the
> packets!!
> > > (I used a linear list to sort the recived packet by the timestamp and
> then
> > > store it in a binary file)
> > >
> > > Thank you.
> > >
> > > ----- Original Message -----
> > > From: Maria de Fatima Requena
> > > To: winpcap-users at winpcap.org
> > > Sent: Tuesday, March 18, 2008 9:09 AM
> > > Subject: RE: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > > Just like you use lame, there are other programs to mix two files (with
> a
> > > little help of google I'm sure you will find the best for you)
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > María de Fátima Requena Cabot (2488)
> > > +34 91 787 23 00 alhambra-eidos.es
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > De: winpcap-users-bounces at winpcap.org
> > > [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
> > > Enviado el: lunes, 17 de marzo de 2008 23:52
> > > Para: winpcap-users at winpcap.org
> > > Asunto: Re: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > >
> > > Thank you so much
> > >
> > > After 4 weeks I can finally to hear the voice,
> > > But now I have another problem!
> > > If i record only one direction the sound run very quickly and if record
> both
> > > direction (in one file) i have a very very very bad quality of voice
> !!!!
> > >
> > > 1-I record the payload in a binary file:
> > >
> > >
> > >
> > > Code:
> > >
> > >
> > >
> > >
> > >
> > > void rawfile(unsigned char * payload,FILE *f){
> > > fwrite(payload, 10,1,f); //10 :because audio data is packed into 80
> bits
> > > (10 bytes)
> > > }
> > >
> > >
> > >
> > > 2- I decode the binary file by using voiceage G729, which gives me a
> file :
> > > "16-bit mono PCM speech data sampled at 8000 Hz"
> > >
> > > 3- convert PCM file into wav by using Lame with:
> > > lame --decode -x -r -s 8000 -m m -b 16 file.pcm file.wav
> > >
> > > Is it correct ?!
> > >
> > >
> > > If i create two file one for each direction how can i mix them later ?
> > >
> > >
> > > thank you so much
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > ----- Original Message -----
> > >
> > >
> > > From: Maria de Fatima Requena
> > >
> > >
> > > To: winpcap-users at winpcap.org
> > >
> > >
> > > Sent: Monday, March 17, 2008 8:26 AM
> > >
> > >
> > > Subject: RE: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > > RTP packets can be captured on two streams (one for each direction), and
> > > later you can mix them. I think raw files doesn't need a header, but you
> can
> > > use programs to open your streams specifying a certain format
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > María de Fátima Requena Cabot (2488)
> > > +34 91 787 23 00 alhambra-eidos.es
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > De: winpcap-users-bounces at winpcap.org
> > > [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
> > > Enviado el: jueves, 13 de marzo de 2008 20:49
> > > Para: winpcap-users at winpcap.org
> > > Asunto: Re: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > > Hello,
> > >
> > >
> > >
> > >
> > >
> > > Does any one know how can i create a bitstream seems the (.raw) file
> > > exported by ethreal (seems the output file of rtpdum.exe) ?
> > >
> > >
> > >
> > >
> > >
> > > Thank you,
> > >
> > >
> > >
> > > ----- Original Message -----
> > >
> > >
> > > From: TORKHANI Wajdi
> > >
> > >
> > > To: winpcap-users at winpcap.org
> > >
> > >
> > > Sent: Wednesday, March 12, 2008 12:09 AM
> > >
> > >
> > > Subject: Re: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > >
> > > thank you so so much :)
> > >
> > >
> > >
> > >
> > >
> > > I took your advice and I solved the problem number 3 :
> > >
> > >
> > > _______________________________________
> > >
> > >
> > > I- change Structure RTP header :
> > >
> > >
> > > struct rtphdr{
> > >
> > >
> > > unsigned short CSRC_count:4; // CSRC count
> > > unsigned short extension:1; // header extension flag
> > > unsigned short padding:1; // padding flag
> > > unsigned short ver:2; // protocol version
> > > unsigned short Payload:7; // payload type
> > > unsigned short Marker:1; // marker bit
> > > unsigned short Sequence; // sequence number
> > > unsigned int Timestamp; // timestamp
> > > unsigned int SSRC; // synchronization source
> > > //unsigned int csrc[1]; // optional CSRC list
> > >
> > >
> > > };
> > >
> > >
> > > _________________________
> > >
> > >
> > > II- replace : sizeof(struct iphdr) by (ip->ihl * 4)
> > >
> > >
> > > rtp=(struct rtphdr *)(pkt_data+(sizeof(struct ethhdr)+(ip->ihl *
> > > 4)+sizeof(struct udphdr)));
> > >
> > >
> > > ________________________
> > >
> > >
> > > III- htons and htonl :
> > >
> > >
> > >
> fprintf(stdout,"------------------------------------------------------\n");
> > > fprintf(stdout,"Version : %d |\r\n",rtp->ver);
> > > fprintf(stdout,"Padding : %.5d |\r\n",htons(rtp->padding));
> > > fprintf(stdout,"Extension : %.5d |\r\n",htons(rtp->extension));
> > > fprintf(stdout,"CSRC_count : %.5d |\r\n",htons(rtp->CSRC_count));
> > > fprintf(stdout,"Marker : %.5d |\r\n",htons(rtp->Marker));
> > > fprintf(stdout,"Payload : %d |\r\n",rtp->Payload);
> > > fprintf(stdout,"Sequence Number : %u |\r\n",htons(rtp->Sequence));
> > > fprintf(stdout,"Timestamp : %u |\r\n",htonl(rtp->Timestamp));
> > > fprintf(stdout,"Synchronization source : %u
> |\r\n",htonl(rtp->SSRC));
> > >
> > >
> > > _____________________________
> > >
> > >
> > >
> > >
> > >
> > > For the first and second question i will give you more details maybe
> they
> > > can help you to help me :P
> > > 1-I must create a voip sniffer (to capture communication VOIP on the
> LAN)
> > > and then to convert them into audio format.
> > > 2-regroup the paquet of a communication together to store it the
> bitstream
> > > format required by the decoder (voiceage G729).
> > > I succeeded in :
> > > preparing a sniffer in C++ (by using the library winpcap) (capture
> network
> > > traffic,filtre UDP trafic,Read ethernet,ip,udp and RTP header)
> > > and now i'm working on the bulding of the bitstream file.
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > Thank you,
> > >
> > >
> > > Wajdi TORKHANI
> > >
> > >
> > >
> > > ----- Original Message -----
> > >
> > >
> > > From: Maria de Fatima Requena
> > >
> > >
> > > To: winpcap-users at winpcap.org
> > >
> > >
> > > Sent: Tuesday, March 11, 2008 8:23 AM
> > >
> > >
> > > Subject: RE: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > > Maybe the problem is byte order. If you take a look at wireshark
> examples,
> > > you will see instructions like ntohs, or some ones that apply bit masks,
> > > that do this change.
> > >
> > >
> > >
> > > On the other hand, once you have stopped reading packets, you can use
> tools
> > > to give the streams format. For example goldwave lets you determine the
> type
> > > of coding you need before opening the file. Anyway, you can manually add
> > > header format to your files.
> > >
> > >
> > >
> > > I hope this helps
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > María de Fátima Requena Cabot (2488)
> > > +34 91 787 23 00 alhambra-eidos.es
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > De: winpcap-users-bounces at winpcap.org
> > > [mailto:winpcap-users-bounces at winpcap.org] En nombre de Gianluca Varenni
> > > Enviado el: viernes, 07 de marzo de 2008 18:12
> > > Para: winpcap-users at winpcap.org
> > > Asunto: Re: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > > I'm not an expert about RTP, so I cannot answer questions 1 and 2.
> Regarding
> > > 3, for sure there's something that "smells" in your code
> > >
> > >
> > > - you are assuming that you are always receiving UDP packets
> encapsulated
> > > over IPv4. Unless you are filtering the captured packets to make sure
> they
> > > are IPv4 and UDP, you should check the ethertype and the L3 protocol
> type.
> > >
> > >
> > > - you are assuming that the IP header has a fixed size (...sizeof(struct
> > > iphdr)...). This is not true. You need to compute the length of the IPv4
> > > header by looking at the first byte in the IP header itself.
> > >
> > >
> > >
> > >
> > >
> > > Hope it helps
> > >
> > >
> > > GV
> > >
> > >
> > >
> > >
> > >
> > >
> > > ----- Original Message -----
> > >
> > >
> > > From: TORKHANI Wajdi
> > >
> > >
> > > To: winpcap-users at winpcap.org
> > >
> > >
> > > Sent: Tuesday, March 04, 2008 2:40 PM
> > >
> > >
> > > Subject: [Winpcap-users] VOIP [RTP]
> > >
> > >
> > >
> > >
> > >
> > > Hi,
> > >
> > > I get the rtp packet from winpcap but i have the following problem:
> > >
> > > 1-how to regroup the paquet of a communication together to store it and
> > > apply the CODEC(G.729A)?
> > > 2-how detect the end of call ?!
> > > 3-I have a problem with reading the RTP header, below a part of my
> source
> > > code :
> > > ------------------
> > >
> > >
> > >
> > > Code:
> > >
> > >
> > >
> > >
> > >
> > > struct rtphdr{
> > >
> > > unsigned short ver:2 ;
> > > unsigned short padding:1;
> > > unsigned short extension:1 ;
> > > unsigned short CSRC_count:4 ;
> > > unsigned short Marker:1 ;
> > > unsigned short Payload :7 ;
> > > unsigned short Sequence ;// 16 bits
> > > unsigned int Timestamp;//32 bits
> > > unsigned int SSRC ;//32 bits
> > > };
> > >
> > >
> > > --------------------
> > > Code:
> > >
> > >
> > > rtp=(struct rtphdr *)(pkt_data+(sizeof(struct ethhdr)+sizeof(struct
> > > iphdr)+sizeof(struct udphdr)));
> > >
> > >
> > > ---------------------------
> > >
> > >
> > > Code:
> > >
> > >
> > >
> > >
> > >
> > >
> fprintf(stdout,"------------------------------------------------------\n");
> > > fprintf(stdout,"Version : %d |\r\n",rtp->ver);
> > > fprintf(stdout,"Padding : %.5d |\r\n",htons(rtp->padding));
> > > fprintf(stdout,"Extension : %.5d |\r\n",htons(rtp->extension));
> > > fprintf(stdout,"CSRC_count : %.5d |\r\n",htons(rtp->CSRC_count));
> > > fprintf(stdout,"Marker : %.5d |\r\n",htons(rtp->Marker));
> > > fprintf(stdout,"Payload : %.5d |\r\n",htons(rtp->Payload));
> > > fprintf(stdout,"Sequence Number : %.5d
> |\r\n",htons(rtp->Sequence));
> > > fprintf(stdout,"Timestamp : %.5d |\r\n",htons(rtp->Timestamp));
> > > fprintf(stdout,"Synchronization source : %.5d
> > > |\r\n",htons(rtp->SSRC));
> > > ------------------------
> > > Ethernet,IP and UDP header are correct.
> > > When i compare the result whith ethreal result i fin that only SSRC is
> > > correct !
> > > thank you.
> > > I'm sorry for my bad english
> > >
> > >
> > >
> > >
> > >
> > > TORKHANI Wajdi
> > > ________________________________
> > >
> > >
> > > _______________________________________________
> > > Winpcap-users mailing list
> > > Winpcap-users at winpcap.org
> > > https://www.winpcap.org/mailman/listinfo/winpcap-users
> > > ________________________________
> > >
> > >
> > > _______________________________________________
> > > Winpcap-users mailing list
> > > Winpcap-users at winpcap.org
> > > https://www.winpcap.org/mailman/listinfo/winpcap-users
> > > ________________________________
> > >
> > >
> > > _______________________________________________
> > > Winpcap-users mailing list
> > > Winpcap-users at winpcap.org
> > > https://www.winpcap.org/mailman/listinfo/winpcap-users
> > > ________________________________
> > >
> > >
> > > _______________________________________________
> > > Winpcap-users mailing list
> > > Winpcap-users at winpcap.org
> > > https://www.winpcap.org/mailman/listinfo/winpcap-users
> > >
> > > ________________________________
> > >
> > >
> > > _______________________________________________
> > > Winpcap-users mailing list
> > > Winpcap-users at winpcap.org
> > > https://www.winpcap.org/mailman/listinfo/winpcap-users
> > >
> > > _______________________________________________
> > > Winpcap-users mailing list
> > > Winpcap-users at winpcap.org
> > > https://www.winpcap.org/mailman/listinfo/winpcap-users
> > >
> > >
> > >
> >
> > _______________________________________________
> > Winpcap-users mailing list
> > Winpcap-users at winpcap.org
> > https://www.winpcap.org/mailman/listinfo/winpcap-users
> >
> >
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
More information about the Winpcap-users
mailing list