How to list UDP streams in wireshark?

[pmhaynes]

Anyone know how to list udp streams in Wireshark?

Background:
MBG teleworker with minet phones
As they are not SIP i cant use the VOIP option to show calls
So, i can find the udp streams from the inside of the MBG
I can also find the udp streams from the outside (MBG external to teleworker handset) but these are encypted (can be turned off i beleive in MIVB suystem options)

I then filter the capture by using time.frame >= start time %% time.frame<= end time of problem call

Then i click on the udp entries and see what UDP stream index it is (number 1 to x depending on ow many streams are in the capture)

Then i filter the capture again to show only that stream "udp.stream ==1"

Then i listen to each stream to find the person voice who reported the issue.

I decode the UDP streams in to RTP and can listen to them and export them to an AU file to play in media player.

If i have the wrong stream i start again and filter on UDP stream 2, and repeat until i find the correct call.
In this particular case the calls last 10 minutes so in that time frame there are many calls taking place and many UDP streams

So the question is rather than do all that is there away to list all the UDP or RTP streams in the capture and then play them back one by one instead of doing all this filtering?

Hope all this makes sense

Thanks
P

[sarond]

There is an article on how to disable encryption on the MBG, it is related to MiVCR but don't see why it wouldn't work.

That way you could hopefully filter on src/dst ip address of the user ion question.

Article in KMS is HO3204

https://mitel.custhelp.com/app/answers/answer_view/a_id/1012200/

[pmhaynes]

There is an article on how to disable encryption on the MBG, it is related to MiVCR but don't see why it wouldn't work.

That way you could hopefully filter on src/dst ip address of the user ion question.

Article in KMS is HO3204

https://mitel.custhelp.com/app/answers/answer_view/a_id/1012200/

Great thanks, i will check it out.

[pmhaynes]

I have created a how to on my blog
https://phonesystemhelp.info/how-to-listen-and-extract-audio-from-a-wireshark-trace/

Hope it helps someone
 

[acejavelin]

I have created a how to on my blog
https://phonesystemhelp.info/how-to-listen-and-extract-audio-from-a-wireshark-trace/

Hope it helps someone
 

Nice little tutorial!

Can I make a slightly off-topic suggestion? I use wireshark to troubleshoot SIP issues as we are a hosted carrier... I use it a LOT!!! If you are decoding and following RTP, on the main screen add two columns, one for Source Port and one for Destination Port. It makes following RTP streams much easier especial in the case of reInvites mid-call.

[pmhaynes]

Nice little tutorial!

Can I make a slightly off-topic suggestion? I use wireshark to troubleshoot SIP issues as we are a hosted carrier... I use it a LOT!!! If you are decoding and following RTP, on the main screen add two columns, one for Source Port and one for Destination Port. It makes following RTP streams much easier especial in the case of reInvites mid-call.

Great idea i will see if i can add those columns.
Thanks