Menu
I found on the web few samples on tracking RTMP (Real Time Messaging Protocol) with Wireshark, but it doesn't work for me. All RTMPT packets rendered as basic TCP packet like this:
149 14.324999 85.115.xxx.xxx 192.168.1.20 TCP macromedia-fcs > 54557 [ACK] Seq=1 Ack=1452 Win=69 Len=0
I'm using Wireshark 1.2.8 with all protocols installed on Windows Vista.
What can i do to fix it?
Thx!
904
WireShark relies on a few heuristics to decide how to decode a stream. One of them is the port number.
The first item to check: is the RTMP using the standard port 1935 in this capture? If not, tell WireShark how to decode it (see last step below).
The second item to check: turn on heuristics Edit → Preferences → Protocols → TCP → Try heuristic sub-dissectors first.
If all else fails, brute force: right-click one of the packets → Decode As... → RTMP.
196
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
