Closed akam-it closed 4 years ago
Hi, send /etc/voipmonitor.conf
Hi, there is sensor side config
[general]
utc = 1
id_sensor = 8105
interface = any
promisc = no
filter = udp
mirror_destination_ip = astlogs
mirror_destination_port = 5030
sipport = 5060
pcap_dump_asyncwrite = yes
ringbuffer = 100
packetbuffer_enable = yes
packetbuffer_compress = no
max_buffer_mem = 1000
# number of threads to process RTP packets. If not specified which is default option it will equal to the number of available CPUs.
# If set to 0 threding is turned off.
#rtpthreads = 0
and server side config please
[general]
id_sensor = 999
sqldriver = mysql
query_cache = yes
mysqlhost = 127.0.0.1
mysqlport = 3306
mysqlusername = voipmonitor
mysqlpassword = *******
mysqldb = voipmonitor
cdr_partition = yes
mysql_client_compress = no
mysqlcompress = yes
mysqlloadconfig = no
sqlcallend = yes
interface = eth0
promisc = no
filter = udp
threading_mod = 3
mirror_bind_ip = 192.168.8.90
mirror_bind_port = 5030
managerip = 127.0.0.1 192.168.8.90
managerport = 5029
sipport = 5060
cdr_sipport = yes
cdr_rtpport = yes
remotepartyid = no
remotepartypriority = no
absolute_timeout = 3600
destroy_call_at_bye = 1200
onewaytimeout = 15
ringbuffer = 50
packetbuffer_enable = yes
packetbuffer_compress = no
max_buffer_mem = 2000
cdrproxy = yes
cdr_ua_enable = yes
sip-register = no
sip-register-timeout = 5
sip-register-active-nologbin = yes
nocdr = no
spooldir = /home/voipmonitor
pcap_dump_bufflength = 8184
pcap_dump_zip = yes
pcap_dump_ziplevel_sip = 6
pcap_dump_zip_rtp = gzip
pcap_dump_ziplevel_rtp = 3
pcap_dump_writethreads = 1
pcap_dump_writethreads_max = 32
pcap_dump_asyncwrite = yes
tar = yes
tar_maxthreads = 8
tar_compress_sip = gzip
tar_sip_level = 6
tar_compress_rtp = no
tar_rtp_level = 1
tar_compress_graph = gzip
tar_graph_level = 1
savesip = yes
save_sip_history = all
savertp = yes
faxdetect = yes
savertcp = yes
saveaudio_stereo = yes
ogg_quality = 0.4
dtmf2db = yes
inbanddtmf = yes
silencedetect = no
savegraph = yes
maxpoolsize = 75000
maxpooldays = 50
maxpoolsize_2 = 102400
autocleanspool = yes
autocleanspoolminpercent = 1
autocleanmingb = 5
mos_g729 = no
mos_lqo = no
mos_lqo_bin = pesq
mos_lqo_ref = /usr/local/share/voipmonitor/audio/mos_lqe_original.wav
mos_lqo_ref16 = /usr/local/share/voipmonitor/audio/mos_lqe_original_16khz.wav
dscp = yes
how did you extract the pcap?
usualy from voipmonitor home (sip+rtp)
but I tried from voipmonitor gui too
in voipmonitor home you have .pcap files or .tar files? I do not see how it is possible that you have pcap file in /home because tar = yes ?
Yes, there tar files
but I'm able to open the pcap file - it is ng format (compressed). do you open it with some recent wireshark version?
did you mean my attached pcap file? yes I open it with wireshark
I though that your attached pcap was that one which was corrupted?
Yes it is. "corrputed" I mean "broken" voice and doubled cseq packets.
Hello, what interfaces you set to sniff on in /etc/voipmonitor.conf ? if the voipmonitor intercepts same packets on more places consider to enable option 'deduplicate=yes' in /etc/voipmontor.conf
I have interface = any in config. but I have lo and ens192 only
I tried that option too, no changes. I think because packets are not the same:
Did you set it on a receiver side?
deduplicate = yes
( I tested with your pcap and duplicities were removed )
(But i tested in standalone sniffer) not in mirror mode, in case it still not works try to set deduplicate=yes also on client side:
and you can try to change interface option from any to enum like:
_interface=ens192,lo auto_enable_useblocks = yes
I have two sensor - asterisk A and asterisk B. Also kamailio sip proxy without sensor. In pcap of side B at first leg i have corrupted pcap. Is it bug? (rtp-firstleg = no option didn't help. should it?)
333b6b3d14dea07d0a328fb7493c326b@192.168.8.98_5060.zip