What I am trying to do is capture the WAV data of a phone conversation on a VOIP network using SharpPCap/PCap.Net.
We are using the H.323 recommendation and my understanding is that voice data is located in the RTP packets. However, there is no way to heuristically determine if a UDP packet is a RTP packet, so we have to do more work before we can capture the data.
The H.323 recommendation apparently uses a lot of traffic on specific TCP ports to negotiate the call before the WAV data is sent via RTP. However, I am having very little luck determining what data is actually sent on those TCP ports, when it is sent, what the packets look like, how to handle it, etc.
If anyone has any information on how to go about this I'd really appreciate it. My Google-Fu seems to be failing me on this one.
