[Winpcap-users] VOIP [RTP]

Maria de Fatima Requena MariaF.Requena at a-e.es
Mon Apr 7 06:16:18 GMT 2008 

Which protocol are you sniffing?


María de Fátima Requena Cabot (2488)
+34 91 787 23 00 alhambra-eidos.es
 

-----Mensaje original-----
De: winpcap-users-bounces at winpcap.org [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
Enviado el: sábado, 05 de abril de 2008 0:00
Para: winpcap-users at winpcap.org
Asunto: Re: [Winpcap-users] VOIP [RTP]

Thank you so much it work !!
To convert the two file i use lame(from sourceforge) and to mix it is use 
sox (from sourceforge).
Thank you so much i am so happppppppyyy :)
But, now i need to know:
1- How can i detect the end of call ?
2- How can i get some details about communication like phone number (...) ?

Thank you Thank you Thank you Thank you

----- Original Message ----- 
From: "Camiel Vanderhoeven" <iamcamiel at gmail.com>
To: <winpcap-users at winpcap.org>
Sent: Thursday, April 03, 2008 9:05 PM
Subject: Re: [Winpcap-users] VOIP [RTP]


> Hello Wajdi,
>
> You should record each direction into a separate file, so you get two
> files; have you done this? If you record every packet you get into a
> single file, it will become a mess. Once you have the two files,
> convert both files to wav, and then use another program to mix them
> together.
>
> Camiel.
>
> On Mon, Mar 31, 2008 at 11:31 AM, TORKHANI Wajdi
> <wajdi.torkhani at laposte.net> wrote:
>>
>>
>>
>> Hi,
>> please help me :(
>> i don't know where to go, or what to search, so any suggestions .
>> Let's go step by step :
>> If i record in one direction the voice run quickly !!
>> But when it recorded in both directions; there is a noise on the 
>> packets!!
>> (I used a linear list to sort the recived packet by the timestamp and 
>> then
>> store it in a binary file)
>>
>> Thank you.
>>
>> ----- Original Message -----
>> From: Maria de Fatima Requena
>> To: winpcap-users at winpcap.org
>> Sent: Tuesday, March 18, 2008 9:09 AM
>> Subject: RE: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>> Just like you use lame, there are other programs to mix two files (with a
>> little help of google I'm sure you will find the best for you)
>>
>>
>>
>>
>>
>>
>>
>>
>> María de Fátima Requena Cabot (2488)
>> +34 91 787 23 00 alhambra-eidos.es
>>
>>
>>
>>
>>
>>
>>
>> De: winpcap-users-bounces at winpcap.org
>> [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
>> Enviado el: lunes, 17 de marzo de 2008 23:52
>> Para: winpcap-users at winpcap.org
>> Asunto: Re: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>>
>> Thank you so much
>>
>> After 4 weeks I can finally to hear the voice,
>> But now I have another problem!
>> If i record only one direction the sound run very quickly and if record 
>> both
>> direction (in one file) i have a very very very bad quality of voice !!!!
>>
>> 1-I record the payload in a binary file:
>>
>>
>>
>> Code:
>>
>>
>>
>>
>>
>> void rawfile(unsigned char * payload,FILE *f){
>> fwrite(payload, 10,1,f);  //10 :because audio data is packed into 80 bits
>> (10 bytes)
>> }
>>
>>
>>
>> 2- I decode the binary file by using voiceage G729, which gives me a file 
>> :
>> "16-bit mono PCM speech data sampled at 8000 Hz"
>>
>> 3- convert PCM file into wav by using Lame with:
>> lame --decode -x -r -s 8000 -m m -b 16 file.pcm file.wav
>>
>> Is it correct ?!
>>
>>
>> If i create two file one for each direction how can i mix them later ?
>>
>>
>> thank you so much
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> ----- Original Message -----
>>
>>
>> From: Maria de Fatima Requena
>>
>>
>> To: winpcap-users at winpcap.org
>>
>>
>> Sent: Monday, March 17, 2008 8:26 AM
>>
>>
>> Subject: RE: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>> RTP packets can be captured on two streams (one for each direction), and
>> later you can mix them. I think raw files doesn't need a header, but you 
>> can
>> use programs to open your streams specifying a certain format
>>
>>
>>
>>
>>
>>
>>
>>
>> María de Fátima Requena Cabot (2488)
>> +34 91 787 23 00 alhambra-eidos.es
>>
>>
>>
>>
>>
>>
>>
>> De: winpcap-users-bounces at winpcap.org
>> [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
>> Enviado el: jueves, 13 de marzo de 2008 20:49
>> Para: winpcap-users at winpcap.org
>> Asunto: Re: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>> Hello,
>>
>>
>>
>>
>>
>> Does any one know how can i create a bitstream seems the (.raw) file
>> exported by ethreal (seems the output file of rtpdum.exe) ?
>>
>>
>>
>>
>>
>> Thank you,
>>
>>
>>
>> ----- Original Message -----
>>
>>
>> From: TORKHANI Wajdi
>>
>>
>> To: winpcap-users at winpcap.org
>>
>>
>> Sent: Wednesday, March 12, 2008 12:09 AM
>>
>>
>> Subject: Re: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>>
>> thank you so so much :)
>>
>>
>>
>>
>>
>> I took your advice and I solved the problem number 3 :
>>
>>
>> _______________________________________
>>
>>
>> I- change Structure RTP header :
>>
>>
>> struct rtphdr{
>>
>>
>>  unsigned short CSRC_count:4;  // CSRC count
>>  unsigned short extension:1;   // header extension flag
>>  unsigned short padding:1;   // padding flag
>>  unsigned short ver:2; // protocol version
>>  unsigned short Payload:7;  // payload type
>>  unsigned short Marker:1;   // marker bit
>>  unsigned short Sequence;   // sequence number
>>  unsigned int Timestamp;   // timestamp
>>  unsigned int SSRC;   // synchronization source
>>  //unsigned int csrc[1];  // optional CSRC list
>>
>>
>> };
>>
>>
>> _________________________
>>
>>
>> II- replace : sizeof(struct iphdr) by (ip->ihl * 4)
>>
>>
>> rtp=(struct rtphdr *)(pkt_data+(sizeof(struct ethhdr)+(ip->ihl *
>> 4)+sizeof(struct udphdr)));
>>
>>
>> ________________________
>>
>>
>> III- htons and htonl :
>>
>>
>> fprintf(stdout,"------------------------------------------------------\n");
>> fprintf(stdout,"Version      : %d |\r\n",rtp->ver);
>> fprintf(stdout,"Padding       : %.5d |\r\n",htons(rtp->padding));
>> fprintf(stdout,"Extension       : %.5d |\r\n",htons(rtp->extension));
>> fprintf(stdout,"CSRC_count       : %.5d |\r\n",htons(rtp->CSRC_count));
>> fprintf(stdout,"Marker       : %.5d |\r\n",htons(rtp->Marker));
>> fprintf(stdout,"Payload      : %d |\r\n",rtp->Payload);
>> fprintf(stdout,"Sequence Number       : %u |\r\n",htons(rtp->Sequence));
>> fprintf(stdout,"Timestamp       : %u |\r\n",htonl(rtp->Timestamp));
>> fprintf(stdout,"Synchronization source       : %u 
>> |\r\n",htonl(rtp->SSRC));
>>
>>
>> _____________________________
>>
>>
>>
>>
>>
>> For the first and second question i will give you more details maybe they
>> can help  you to help me :P
>> 1-I must create a voip sniffer (to capture communication VOIP on the LAN)
>> and then to convert them into audio format.
>> 2-regroup the paquet of a communication together to store it the 
>> bitstream
>> format required by the decoder (voiceage G729).
>> I succeeded in :
>> preparing a sniffer in C++ (by using the library winpcap) (capture 
>> network
>> traffic,filtre UDP trafic,Read ethernet,ip,udp  and RTP header)
>> and  now i'm working on the bulding of the bitstream file.
>>
>>
>>
>>
>>
>>
>>
>>
>> Thank you,
>>
>>
>> Wajdi TORKHANI
>>
>>
>>
>> ----- Original Message -----
>>
>>
>> From: Maria de Fatima Requena
>>
>>
>> To: winpcap-users at winpcap.org
>>
>>
>> Sent: Tuesday, March 11, 2008 8:23 AM
>>
>>
>> Subject: RE: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>> Maybe the problem is byte order. If you take a look at wireshark 
>> examples,
>> you will see instructions like ntohs, or some ones that apply bit masks,
>> that do this change.
>>
>>
>>
>> On the other hand, once you have stopped reading packets, you can use 
>> tools
>> to give the streams format. For example goldwave lets you determine the 
>> type
>> of coding you need before opening the file. Anyway, you can manually add
>> header format to your files.
>>
>>
>>
>> I hope this helps
>>
>>
>>
>>
>>
>>
>>
>>
>> María de Fátima Requena Cabot (2488)
>> +34 91 787 23 00 alhambra-eidos.es
>>
>>
>>
>>
>>
>>
>>
>> De: winpcap-users-bounces at winpcap.org
>> [mailto:winpcap-users-bounces at winpcap.org] En nombre de Gianluca Varenni
>> Enviado el: viernes, 07 de marzo de 2008 18:12
>> Para: winpcap-users at winpcap.org
>> Asunto: Re: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>> I'm not an expert about RTP, so I cannot answer questions 1 and 2. 
>> Regarding
>> 3, for sure there's something that "smells" in your code
>>
>>
>> - you are assuming that you are always receiving UDP packets encapsulated
>> over IPv4. Unless you are filtering the captured packets to make sure 
>> they
>> are IPv4 and UDP, you should check the ethertype and the L3 protocol 
>> type.
>>
>>
>> - you are assuming that the IP header has a fixed size (...sizeof(struct
>> iphdr)...). This is not true. You need to compute the length of the IPv4
>> header by looking at the first byte in the IP header itself.
>>
>>
>>
>>
>>
>> Hope it helps
>>
>>
>> GV
>>
>>
>>
>>
>>
>>
>> ----- Original Message -----
>>
>>
>> From: TORKHANI Wajdi
>>
>>
>> To: winpcap-users at winpcap.org
>>
>>
>> Sent: Tuesday, March 04, 2008 2:40 PM
>>
>>
>> Subject: [Winpcap-users] VOIP [RTP]
>>
>>
>>
>>
>>
>> Hi,
>>
>> I get the rtp packet from winpcap but i have the following problem:
>>
>> 1-how to regroup the paquet of a communication together to store it and
>> apply the CODEC(G.729A)?
>> 2-how detect the end of call ?!
>> 3-I have a problem with reading the RTP header, below a part of my source
>> code :
>> ------------------
>>
>>
>>
>> Code:
>>
>>
>>
>>
>>
>> struct rtphdr{
>>
>> unsigned short ver:2 ;
>> unsigned short padding:1;
>> unsigned short extension:1 ;
>> unsigned short CSRC_count:4 ;
>> unsigned short Marker:1 ;
>> unsigned short Payload :7 ;
>> unsigned short Sequence ;// 16 bits
>> unsigned int Timestamp;//32 bits
>> unsigned int SSRC  ;//32 bits
>> };
>>
>>
>> --------------------
>> Code:
>>
>>
>> rtp=(struct rtphdr *)(pkt_data+(sizeof(struct ethhdr)+sizeof(struct
>> iphdr)+sizeof(struct udphdr)));
>>
>>
>> ---------------------------
>>
>>
>> Code:
>>
>>
>>
>>
>>
>> fprintf(stdout,"------------------------------------------------------\n");
>> fprintf(stdout,"Version      : %d |\r\n",rtp->ver);
>> fprintf(stdout,"Padding       : %.5d |\r\n",htons(rtp->padding));
>> fprintf(stdout,"Extension       : %.5d |\r\n",htons(rtp->extension));
>> fprintf(stdout,"CSRC_count       : %.5d |\r\n",htons(rtp->CSRC_count));
>> fprintf(stdout,"Marker       : %.5d |\r\n",htons(rtp->Marker));
>> fprintf(stdout,"Payload      : %.5d |\r\n",htons(rtp->Payload));
>> fprintf(stdout,"Sequence Number       : %.5d 
>> |\r\n",htons(rtp->Sequence));
>> fprintf(stdout,"Timestamp       : %.5d |\r\n",htons(rtp->Timestamp));
>> fprintf(stdout,"Synchronization source       : %.5d
>> |\r\n",htons(rtp->SSRC));
>> ------------------------
>> Ethernet,IP and UDP header are correct.
>> When i compare the result whith ethreal result i fin that only SSRC is
>> correct !
>> thank you.
>> I'm sorry for my bad english
>>
>>
>>
>>
>>
>> TORKHANI Wajdi
>>  ________________________________
>>
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>  ________________________________
>>
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>  ________________________________
>>
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>  ________________________________
>>
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>
>>  ________________________________
>>
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>
>> _______________________________________________
>>  Winpcap-users mailing list
>>  Winpcap-users at winpcap.org
>>  https://www.winpcap.org/mailman/listinfo/winpcap-users
>>
>>
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
> 

_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users

More information about the Winpcap-users mailing list