Giacomo Vacca

  Wireshark offers a simple but effective option to extend its capabilities, by using Lua dissectors . Just to give an example, recently received a pcap file containing some traffic (it was RTP) encapsulated inside a UDP header. The reason for encapsulation was transporting over a VPN. I'm in such a habit to look into RTP streams on Wireshark, that I have a setting that tells it to try an interpret any UDP packet automatically as carrying RTP ( I wrote how here ). That also failed. So Wireshark was not able to interpret those frames as RTP (or anything else, for what matters), and I remembered time ago writing a custom dissector. Wireshark allows to do that simply in Lua and add it as a plugin. The code is available here . I just had to make it available inside '$HOME/.local/lib/wireshark/plugins/`.

You’ve surely heard at least once in your life somebody saying “Calm down: it’s not a sprint, it’s a marathon”. People use this phrase to try and slow things down, but it misses the point. The first misconception is that a marathon is something you do slowly. A marathon is fast; it’s just as fast as possible for that athlete in that moment. Most people couldn’t hold an elite marathoner’s pace for even 100 meters. It’s a marathon, but it’s not slow. It’s easy to make a point that running a marathon is tough, not just for the distance but for the speed you try to keep. What’s maybe harder to see is that a marathon is much easier than many life challenges. You can simply prepare for a marathon. You get to the starting line with months or years of preparation. You tried progressively longer and tougher sessions, simulating the marathon effort. That’s a privilege. Many hurdles you’ll face in life will just appear in front of you while you were thinking of something else. A marathon has a fi...

If you have a pcap file with encrypted RTP (SDES SRTP) and have access to the SIP signalling to see the keys, these instructions will help you decrypt the RTP payload and save it as raw audio. Optionally, depending on the codec, you can then import the raw audio in Wireshark and save it as an audio file. Steps

Before I forget again, a Wireshark setting that can help saving time by trying to interpret any UDP as RTP, if possible: Analyze --> Enabled Protocols... --> Search for RTP and enable at least 'rtp_udp' Without that change, when SIP signalling is not present (or it's encrypted) Wireshark would not understand automatically that UDP packets may be RTP. This is particularly true for example for WebRTC calls, where signalling happens elsewhere and is not available to Wireshark. This will also save the reader some time if you're used to right click and 'Decode As...' to achieve the same.

Disclaimer: I wrote this article on March 2022 while working with Subspace, and the original link is here:  https://subspace.com/resources/ice-negotiation . This post in my personal blog is a way to ensure it doesn't get lost. There is nothing service-specific in it, I've made only minor edits and I hope it can be a good technical reference on the topic. WebRTC is a set of protocols that allow applications, typically running on Web browsers, to exchange media (audio, video, data) with other entities. Before media can flow, however, the WebRTC entities need to discover what type of connection is possible, and among the possible connections, what’s the best to be used. This needs to happen as fast as possible, so that users can perceive the service as instantaneous as possible. WebRTC includes protocols like STUN and TURN that are designed to facilitate the establishment of connections when a direct connection is not possible. The typical case is a computer inside a home or o...

  WebRTC applications use the ICE negotiation to discovery the best way to communicate with a remote party. I t dynamically finds a pair of candidates (IP address, port and transport, also known as “transport address”) suitable for exchanging media and data. The most important aspect of this is “dynamically”: a local and a remote transport address are found based on the network conditions at the time of establishing a session. For example, a WebRTC client that normally uses a server reflexive transport address to communicate with an SFU. when running inside the home office, may use a relay transport address over TCP when running inside an office network which limits remote UDP targets. The same configuration (defined as “iceServers” when creating an RTCPeerConnection will work in both cases, producing different outcomes.

 I'm a passionate runner, and always considered cycling as something fun, e.g. mountain-biking, but difficult to practice regularly. There's a lot of overhead in cycling, like the preparation, bike maintenance, dealing with city traffic, etc. Anyway about eight months ago I bought a road bike and felt in love with it. Soon after that I discovered Zwift and that gave an additional dimension to the sport: practice whenever you want from home, with accurate power measurements and a way to socialise with distant people. That was a game changer. In five months I cycled 1600 virtual Km and climbed almost 17 virtual Km. Meanwhile my running performance, instead of degrading, improved, and that surprised me. Anyway what I wanted to write about is a great article I read, "Physiological Differences Between Cycling and Running" . It's a review of articles published in that area. Some conclusions are very interesting. In general it seems sports medicine is still inconclusive...