Send RTP packet with scapy and see it in a cap

python void rtp scapy

I have this code to write a RTP packet in a cap:

client = "192.168.10.1"
server = "192.168.10.5"
client_port = 5061
server_port = 5060


rtp = { 
        "sequence": 1,
        "timestamp": 1,
        "marker": 1,
        "payload_type": 17
    }

pkt= Ether()/IP(src=client, dst=server)/UDP(sport=client_port, dport=server_port)/RTP(**rtp)

wrpcap("rtp_pkt.pcap",pkt)

The problem is that I see the packet as UDP in wireshark and not RTP. I can see it with SIP structures so I don't know where is the problem,


Solution 1:

In short - Wireshark shows you UDP, because there's no SIP/SDP packets. These packets initiate connection session and Wireshark then can follow the stream and decode UDP to RTP. In SIP/SDP you can find main information: From, To, Media type etc. (RFC 4566 SDP, RFC3621 SIP). So even if you build ideal RTP packet with scapy, without session initiation Wireshark will always decode it as UDP.

EDIT: By the way, use bind_layers(UDP, RTP, dport=*) in scapy to bind UDP packets with RTP, might help

Related

How do I safely delete a posix timer in c++?
Check if SQL INSERT was successful
Limit the click area on the view android
Knex.js One to Many table join
How can I fix the issue with this for loop? [closed]
Writing prefix count into a txt file using python
Why is git apply of a patch with binary files not creating the binary files?
Generate multiple html pages with webpack and pug
Matplotlib: how to show legend elements horizontally?
Q: Django ImproperlyConfigured - from django.contrib.auth.models import User
Is there an official (complete) BNF or EBNF for the CLIPS language
Protocol Buffers library-dependent location in IntelliJ