view doc/RTP-analysis @ 14:e7f43262efa1

rtp-stream-dump: add hex dump option
author Mychaela Falconia <falcon@freecalypso.org>
date Sun, 28 Jul 2024 01:53:41 +0000
parents 5216e7fb1c9e
children
line wrap: on
line source

The present package includes a number of utilities for analyzing RTP streams
that have been captured with tcpdump or equivalent tools in pcap format.  In
order to use any of these utilities, you need to have a pcap file (obviously),
and you need to identify the RTP stream to be analyzed or extracted by either
source or destination IP:port.  All tools begin by applying a filter,
considering only those packets that are UDP in IPv4 (no IPv6 support currently),
and only those that match the specified source or destination IP:port.  Every
matched packet is checked for a valid RTP header, and then the actual RTP stream
analysis or extraction takes place, depending on the specific tool:

rtp-cont-check	This program checks the selected RTP stream for continuity.  It
		verifies that every matched packet has the same SSRC, that the
		sequence number always increments by 1 from each individual
		packet to the next, and that the RTP header timestamp always
		increments by 160 units.  (The assumption is that the
		application at hand is in the traditional telephony domain,
		with a sampling rate of 8000 samples/s and 20 ms packetization
		for RTP.)  This tool also looks at the capture time deltas
		between successive packets and reports the observed minimum and
		maximum; by seeing min and max delta-T, a developer can easily
		notice timing aberrations that aren't caught by RTP header
		sequence number and timestamp checks.

rtp-g711-extr	This program focuses on a single selected RTP stream like the
		others, enforces its continuity just like rtp-cont-check, and
		then further enforces that every RTP packet be a 160-byte
		payload, presumed to be either PCMU or PCMA.  (The payload type
		number is NOT considered, only the payload length.)  The
		selected G.711 RTP stream is then extracted and written into a
		raw binary file.

rtp-gsmfr-dump	This program focuses on a single selected RTP stream like the
		others, enforces its continuity just like rtp-cont-check, and
		then expects the RTP payload to be one of GSM FR or EFR formats
		listed in the FR-EFR-formats document.  Each recognized FR/EFR
		or BFI payload is then dumped in human-readable form on stdout,
		similarly to the gsmrec-dump utility from Themyscira Wireless
		GSM codec libraries & utilities package.

rtp-gsmfr-extr	This program operates like rtp-gsmfr-dump, imposing the same
		expectations on the selected RTP stream, but the latter stream
		is then extracted and written into a gsmx binary file, as
		defined in the GSM codec libraries and utilities package.

rtp-jitter-view	This program analyzes a single selected RTP stream just like
		rtp-cont-check, but instead of reporting minimum and maximum
		time deltas for the entire stream, it prints the individual
		capture time delta between every successive pair of packets.