>> Though if it's indeed a >> 2k DVB-H you'd find encryption in either IPsec or SRTP fashion. > > I don't know what IPsec or SRTP packets look like in a tcpdump > file, but > at least UDP headers are not encrypted, and the first 4 data bytes > look > like some big-endian counter that gets incremented by 1 after each > packet (separately for packets sent to ports 20000 and 20002). The > next > 4 bytes also look like a big-endian 32-bit number that increases for > each packet by approximately 1920 for port 20002 and by 3600 for port > 20000 (that has less packets sent to it) - looks like a timestamp. From the description it sounds like RTP or a variant allright. You might be able to dissect the packet dump with ethereal/wireshark. I think it has an option to force the interpretation of a packet using a specific protocol dissector. If I'm not mistaken there is no standard way to deduce the RTP payload from the payload type field in the header without external information (maybe coming from an ancillary RTCP stream), but you might be lucky and end up with something easy to understand. Regards, Pierluigi _______________________________________________ linux-dvb mailing list linux-dvb@xxxxxxxxxxx http://www.linuxtv.org/cgi-bin/mailman/listinfo/linux-dvb
