[Winpcap-users] VOIP [RTP]

TORKHANI Wajdi wajdi.torkhani at laposte.net
Mon Apr 7 15:54:05 GMT 2008


Hi,

"UDP".



----- Original Message ----- 
From: "Maria de Fatima Requena" <MariaF.Requena at a-e.es>
To: <winpcap-users at winpcap.org>
Sent: Monday, April 07, 2008 8:16 AM
Subject: RE: [Winpcap-users] VOIP [RTP]


> Which protocol are you sniffing?
>
>
> María de Fátima Requena Cabot (2488)
> +34 91 787 23 00 alhambra-eidos.es
>
>
> -----Mensaje original-----
> De: winpcap-users-bounces at winpcap.org
> [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
> Enviado el: sábado, 05 de abril de 2008 0:00
> Para: winpcap-users at winpcap.org
> Asunto: Re: [Winpcap-users] VOIP [RTP]
>
> Thank you so much it work !!
> To convert the two file i use lame(from sourceforge) and to mix it is use
> sox (from sourceforge).
> Thank you so much i am so happppppppyyy :)
> But, now i need to know:
> 1- How can i detect the end of call ?
> 2- How can i get some details about communication like phone number (...)
> ?
>
> Thank you Thank you Thank you Thank you
>
> ----- Original Message ----- 
> From: "Camiel Vanderhoeven" <iamcamiel at gmail.com>
> To: <winpcap-users at winpcap.org>
> Sent: Thursday, April 03, 2008 9:05 PM
> Subject: Re: [Winpcap-users] VOIP [RTP]
>
>
>> Hello Wajdi,
>>
>> You should record each direction into a separate file, so you get two
>> files; have you done this? If you record every packet you get into a
>> single file, it will become a mess. Once you have the two files,
>> convert both files to wav, and then use another program to mix them
>> together.
>>
>> Camiel.
>>
>> On Mon, Mar 31, 2008 at 11:31 AM, TORKHANI Wajdi
>> <wajdi.torkhani at laposte.net> wrote:
>>>
>>>
>>>
>>> Hi,
>>> please help me :(
>>> i don't know where to go, or what to search, so any suggestions .
>>> Let's go step by step :
>>> If i record in one direction the voice run quickly !!
>>> But when it recorded in both directions; there is a noise on the
>>> packets!!
>>> (I used a linear list to sort the recived packet by the timestamp and
>>> then
>>> store it in a binary file)
>>>
>>> Thank you.
>>>
>>> ----- Original Message -----
>>> From: Maria de Fatima Requena
>>> To: winpcap-users at winpcap.org
>>> Sent: Tuesday, March 18, 2008 9:09 AM
>>> Subject: RE: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>> Just like you use lame, there are other programs to mix two files (with
>>> a
>>> little help of google I'm sure you will find the best for you)
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> María de Fátima Requena Cabot (2488)
>>> +34 91 787 23 00 alhambra-eidos.es
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> De: winpcap-users-bounces at winpcap.org
>>> [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
>>> Enviado el: lunes, 17 de marzo de 2008 23:52
>>> Para: winpcap-users at winpcap.org
>>> Asunto: Re: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>>
>>> Thank you so much
>>>
>>> After 4 weeks I can finally to hear the voice,
>>> But now I have another problem!
>>> If i record only one direction the sound run very quickly and if record
>>> both
>>> direction (in one file) i have a very very very bad quality of voice
>>> !!!!
>>>
>>> 1-I record the payload in a binary file:
>>>
>>>
>>>
>>> Code:
>>>
>>>
>>>
>>>
>>>
>>> void rawfile(unsigned char * payload,FILE *f){
>>> fwrite(payload, 10,1,f);  //10 :because audio data is packed into 80
>>> bits
>>> (10 bytes)
>>> }
>>>
>>>
>>>
>>> 2- I decode the binary file by using voiceage G729, which gives me a
>>> file
>>> :
>>> "16-bit mono PCM speech data sampled at 8000 Hz"
>>>
>>> 3- convert PCM file into wav by using Lame with:
>>> lame --decode -x -r -s 8000 -m m -b 16 file.pcm file.wav
>>>
>>> Is it correct ?!
>>>
>>>
>>> If i create two file one for each direction how can i mix them later ?
>>>
>>>
>>> thank you so much
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ----- Original Message -----
>>>
>>>
>>> From: Maria de Fatima Requena
>>>
>>>
>>> To: winpcap-users at winpcap.org
>>>
>>>
>>> Sent: Monday, March 17, 2008 8:26 AM
>>>
>>>
>>> Subject: RE: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>> RTP packets can be captured on two streams (one for each direction), and
>>> later you can mix them. I think raw files doesn't need a header, but you
>>> can
>>> use programs to open your streams specifying a certain format
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> María de Fátima Requena Cabot (2488)
>>> +34 91 787 23 00 alhambra-eidos.es
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> De: winpcap-users-bounces at winpcap.org
>>> [mailto:winpcap-users-bounces at winpcap.org] En nombre de TORKHANI Wajdi
>>> Enviado el: jueves, 13 de marzo de 2008 20:49
>>> Para: winpcap-users at winpcap.org
>>> Asunto: Re: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>> Hello,
>>>
>>>
>>>
>>>
>>>
>>> Does any one know how can i create a bitstream seems the (.raw) file
>>> exported by ethreal (seems the output file of rtpdum.exe) ?
>>>
>>>
>>>
>>>
>>>
>>> Thank you,
>>>
>>>
>>>
>>> ----- Original Message -----
>>>
>>>
>>> From: TORKHANI Wajdi
>>>
>>>
>>> To: winpcap-users at winpcap.org
>>>
>>>
>>> Sent: Wednesday, March 12, 2008 12:09 AM
>>>
>>>
>>> Subject: Re: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>>
>>> thank you so so much :)
>>>
>>>
>>>
>>>
>>>
>>> I took your advice and I solved the problem number 3 :
>>>
>>>
>>> _______________________________________
>>>
>>>
>>> I- change Structure RTP header :
>>>
>>>
>>> struct rtphdr{
>>>
>>>
>>>  unsigned short CSRC_count:4;  // CSRC count
>>>  unsigned short extension:1;   // header extension flag
>>>  unsigned short padding:1;   // padding flag
>>>  unsigned short ver:2; // protocol version
>>>  unsigned short Payload:7;  // payload type
>>>  unsigned short Marker:1;   // marker bit
>>>  unsigned short Sequence;   // sequence number
>>>  unsigned int Timestamp;   // timestamp
>>>  unsigned int SSRC;   // synchronization source
>>>  //unsigned int csrc[1];  // optional CSRC list
>>>
>>>
>>> };
>>>
>>>
>>> _________________________
>>>
>>>
>>> II- replace : sizeof(struct iphdr) by (ip->ihl * 4)
>>>
>>>
>>> rtp=(struct rtphdr *)(pkt_data+(sizeof(struct ethhdr)+(ip->ihl *
>>> 4)+sizeof(struct udphdr)));
>>>
>>>
>>> ________________________
>>>
>>>
>>> III- htons and htonl :
>>>
>>>
>>> fprintf(stdout,"------------------------------------------------------\n");
>>> fprintf(stdout,"Version      : %d |\r\n",rtp->ver);
>>> fprintf(stdout,"Padding       : %.5d |\r\n",htons(rtp->padding));
>>> fprintf(stdout,"Extension       : %.5d |\r\n",htons(rtp->extension));
>>> fprintf(stdout,"CSRC_count       : %.5d |\r\n",htons(rtp->CSRC_count));
>>> fprintf(stdout,"Marker       : %.5d |\r\n",htons(rtp->Marker));
>>> fprintf(stdout,"Payload      : %d |\r\n",rtp->Payload);
>>> fprintf(stdout,"Sequence Number       : %u |\r\n",htons(rtp->Sequence));
>>> fprintf(stdout,"Timestamp       : %u |\r\n",htonl(rtp->Timestamp));
>>> fprintf(stdout,"Synchronization source       : %u
>>> |\r\n",htonl(rtp->SSRC));
>>>
>>>
>>> _____________________________
>>>
>>>
>>>
>>>
>>>
>>> For the first and second question i will give you more details maybe
>>> they
>>> can help  you to help me :P
>>> 1-I must create a voip sniffer (to capture communication VOIP on the
>>> LAN)
>>> and then to convert them into audio format.
>>> 2-regroup the paquet of a communication together to store it the
>>> bitstream
>>> format required by the decoder (voiceage G729).
>>> I succeeded in :
>>> preparing a sniffer in C++ (by using the library winpcap) (capture
>>> network
>>> traffic,filtre UDP trafic,Read ethernet,ip,udp  and RTP header)
>>> and  now i'm working on the bulding of the bitstream file.
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Thank you,
>>>
>>>
>>> Wajdi TORKHANI
>>>
>>>
>>>
>>> ----- Original Message -----
>>>
>>>
>>> From: Maria de Fatima Requena
>>>
>>>
>>> To: winpcap-users at winpcap.org
>>>
>>>
>>> Sent: Tuesday, March 11, 2008 8:23 AM
>>>
>>>
>>> Subject: RE: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>> Maybe the problem is byte order. If you take a look at wireshark
>>> examples,
>>> you will see instructions like ntohs, or some ones that apply bit masks,
>>> that do this change.
>>>
>>>
>>>
>>> On the other hand, once you have stopped reading packets, you can use
>>> tools
>>> to give the streams format. For example goldwave lets you determine the
>>> type
>>> of coding you need before opening the file. Anyway, you can manually add
>>> header format to your files.
>>>
>>>
>>>
>>> I hope this helps
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> María de Fátima Requena Cabot (2488)
>>> +34 91 787 23 00 alhambra-eidos.es
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> De: winpcap-users-bounces at winpcap.org
>>> [mailto:winpcap-users-bounces at winpcap.org] En nombre de Gianluca Varenni
>>> Enviado el: viernes, 07 de marzo de 2008 18:12
>>> Para: winpcap-users at winpcap.org
>>> Asunto: Re: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>> I'm not an expert about RTP, so I cannot answer questions 1 and 2.
>>> Regarding
>>> 3, for sure there's something that "smells" in your code
>>>
>>>
>>> - you are assuming that you are always receiving UDP packets
>>> encapsulated
>>> over IPv4. Unless you are filtering the captured packets to make sure
>>> they
>>> are IPv4 and UDP, you should check the ethertype and the L3 protocol
>>> type.
>>>
>>>
>>> - you are assuming that the IP header has a fixed size (...sizeof(struct
>>> iphdr)...). This is not true. You need to compute the length of the IPv4
>>> header by looking at the first byte in the IP header itself.
>>>
>>>
>>>
>>>
>>>
>>> Hope it helps
>>>
>>>
>>> GV
>>>
>>>
>>>
>>>
>>>
>>>
>>> ----- Original Message -----
>>>
>>>
>>> From: TORKHANI Wajdi
>>>
>>>
>>> To: winpcap-users at winpcap.org
>>>
>>>
>>> Sent: Tuesday, March 04, 2008 2:40 PM
>>>
>>>
>>> Subject: [Winpcap-users] VOIP [RTP]
>>>
>>>
>>>
>>>
>>>
>>> Hi,
>>>
>>> I get the rtp packet from winpcap but i have the following problem:
>>>
>>> 1-how to regroup the paquet of a communication together to store it and
>>> apply the CODEC(G.729A)?
>>> 2-how detect the end of call ?!
>>> 3-I have a problem with reading the RTP header, below a part of my
>>> source
>>> code :
>>> ------------------
>>>
>>>
>>>
>>> Code:
>>>
>>>
>>>
>>>
>>>
>>> struct rtphdr{
>>>
>>> unsigned short ver:2 ;
>>> unsigned short padding:1;
>>> unsigned short extension:1 ;
>>> unsigned short CSRC_count:4 ;
>>> unsigned short Marker:1 ;
>>> unsigned short Payload :7 ;
>>> unsigned short Sequence ;// 16 bits
>>> unsigned int Timestamp;//32 bits
>>> unsigned int SSRC  ;//32 bits
>>> };
>>>
>>>
>>> --------------------
>>> Code:
>>>
>>>
>>> rtp=(struct rtphdr *)(pkt_data+(sizeof(struct ethhdr)+sizeof(struct
>>> iphdr)+sizeof(struct udphdr)));
>>>
>>>
>>> ---------------------------
>>>
>>>
>>> Code:
>>>
>>>
>>>
>>>
>>>
>>> fprintf(stdout,"------------------------------------------------------\n");
>>> fprintf(stdout,"Version      : %d |\r\n",rtp->ver);
>>> fprintf(stdout,"Padding       : %.5d |\r\n",htons(rtp->padding));
>>> fprintf(stdout,"Extension       : %.5d |\r\n",htons(rtp->extension));
>>> fprintf(stdout,"CSRC_count       : %.5d |\r\n",htons(rtp->CSRC_count));
>>> fprintf(stdout,"Marker       : %.5d |\r\n",htons(rtp->Marker));
>>> fprintf(stdout,"Payload      : %.5d |\r\n",htons(rtp->Payload));
>>> fprintf(stdout,"Sequence Number       : %.5d
>>> |\r\n",htons(rtp->Sequence));
>>> fprintf(stdout,"Timestamp       : %.5d |\r\n",htons(rtp->Timestamp));
>>> fprintf(stdout,"Synchronization source       : %.5d
>>> |\r\n",htons(rtp->SSRC));
>>> ------------------------
>>> Ethernet,IP and UDP header are correct.
>>> When i compare the result whith ethreal result i fin that only SSRC is
>>> correct !
>>> thank you.
>>> I'm sorry for my bad english
>>>
>>>
>>>
>>>
>>>
>>> TORKHANI Wajdi
>>>  ________________________________
>>>
>>>
>>> _______________________________________________
>>> Winpcap-users mailing list
>>> Winpcap-users at winpcap.org
>>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>>  ________________________________
>>>
>>>
>>> _______________________________________________
>>> Winpcap-users mailing list
>>> Winpcap-users at winpcap.org
>>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>>  ________________________________
>>>
>>>
>>> _______________________________________________
>>> Winpcap-users mailing list
>>> Winpcap-users at winpcap.org
>>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>>  ________________________________
>>>
>>>
>>> _______________________________________________
>>> Winpcap-users mailing list
>>> Winpcap-users at winpcap.org
>>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>>
>>>  ________________________________
>>>
>>>
>>> _______________________________________________
>>> Winpcap-users mailing list
>>> Winpcap-users at winpcap.org
>>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>>
>>> _______________________________________________
>>>  Winpcap-users mailing list
>>>  Winpcap-users at winpcap.org
>>>  https://www.winpcap.org/mailman/listinfo/winpcap-users
>>>
>>>
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>



More information about the Winpcap-users mailing list