When analyzing a network capture it is common to need to change how a stream is being treated by Wireshark, either because the port assignment is dynamic or is not supported, or both.
It is possible to change this, one stream at a time, and each time the whole capture needs to be rescanned. This time can add up.
This is an example of how to change the internal dissector of a UDP port range (30000-60000) to RTP.
Open the menu, Tools > Lua Console
Paste this code:
local udp_port = DissectorTable.get("udp.port")
local rtp = Dissector.get("rtp")
udp_port:add("30000-60000", rtp)
reload_lua_plugins()
print("Done")Click Evaluate
It will rescan the file and all UDP streams in the range will be interpreted as an RTP stream.
This was based on the example available here:
https://wiki.wireshark.org/Lua/Examples#using-lua-to-register-protocols-to-more-ports