استخراج فایل صوتی از rtp های درون فایل pcap و ذخیره به فرمت wav
#!/bin/bash
# Ensure required tools are installed
if ! command -v tshark &> /dev/null || ! command -v sox &> /dev/null; then
echo "Error: tshark and sox are required. Please install them."
exit 1
fi# Check arguments
if [ "$#" -ne 2 ]; then
echo "Usage: $0 <pcap_file> <output_dir>"
exit 1
fiPCAP_FILE="$1"
OUTPUT_DIR="$2"
RAW_DIR="$OUTPUT_DIR/raw"
WAV_DIR="$OUTPUT_DIR/wav"# Create output directories
mkdir -p "$RAW_DIR"
mkdir -p "$WAV_DIR"# Extract unique 5-tuples for RTP streams (IP:Port pairs)
echo "Identifying RTP streams from $PCAP_FILE..."
tshark -r "$PCAP_FILE" -T fields -e ip.src -e udp.srcport -e ip.dst -e udp.dstport \
-Y "udp" | sort | uniq > "$RAW_DIR/rtp_streams.txt"if [ ! -s "$RAW_DIR/rtp_streams.txt" ]; then
echo "No RTP streams found in the PCAP file."
exit 1
fiecho "Extracting RTP streams..."
STREAM_INDEX=0# Process each 5-tuple
while read -r SRC_IP SRC_PORT DST_IP DST_PORT; do
RAW_FILE="$RAW_DIR/stream_${STREAM_INDEX}.raw"
WAV_FILE="$WAV_DIR/stream_${STREAM_INDEX}.wav"echo "Processing stream $STREAM_INDEX: $SRC_IP:$SRC_PORT -> $DST_IP:$DST_PORT"
# Extract payload for the specific 5-tuple
tshark -r "$PCAP_FILE" -Y "ip.src==$SRC_IP && udp.srcport==$SRC_PORT && ip.dst==$DST_IP && udp.dstport==$DST_PORT" \
-T fields -e rtp.payload | xxd -r -p > "$RAW_FILE"# Convert to WAV (assuming G.711 μ-law at 8000 Hz)
if [ -s "$RAW_FILE" ]; then
sox -t raw -e mu-law -r 8000 -c 1 "$RAW_FILE" "$WAV_FILE"
echo "Saved WAV file: $WAV_FILE"
else
echo "No RTP packets for this stream. Skipping."
rm "$RAW_FILE"
fi((STREAM_INDEX++))
done < "$RAW_DIR/rtp_streams.txt"echo "Extraction and conversion complete. WAV files are in $WAV_DIR.
