I can filter with SIP or SDP but I can't use "SIP/SDP" which is the specific protocol packets I'm looking for. To be honest I'm not exactly sure what wireshark defines as "SIP/SDP" but that's the protocol name it's given. Thanks in advanced!
sip and sdp or frame.protocols contains "sip:sdp"
/*
* As RFC 2327 says, "SDP is purely a format for session
* description - it does not incorporate a transport protocol,
* and is intended to use different transport protocols as
* appropriate including the Session Announcement Protocol,
* Session Initiation Protocol, Real-Time Streaming Protocol,
* electronic mail using the MIME extensions, and the
* Hypertext Transport Protocol."
*
* We therefore don't set the protocol or info columns;
* instead, we append to them, so that we don't erase
* what the protocol inside which the SDP stuff resides
* put there.
*/
col_append_str(pinfo->cinfo, COL_PROTOCOL, "/SDP");
Comments