Wireshark · Ethereal-users: RE: [Ethereal-users] Sniffing Just VOIP traffic

Ethereal-users: RE: [Ethereal-users] Sniffing Just VOIP traffic

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "Patrick T. McAlister" <patrick@xxxxxxxxxxxxx>

Date: Mon, 6 Mar 2006 15:46:53 -0800

Thank you. 



Depends on what you mean for VOIP traffic.

Signalling only or Signalling and Media? Both

in regard to signalling which (set of) protocol(s)?
   - SIP ?
   - H323 ?
   - BICC ?
   - MGCP ?
  -  other?
All Of them

if you are to capture media you need to capture all UDP traffic as
there's no way to know beforehand which udp.port RTP is going to use.

If you need to *display* voip signalling only the filter
    sip || h225 || h245 || q931 || mgcp || bicc
should be enough.

in order to filter in capture you need to know which ports these
protocols are using and set you capture filter accordingly.

--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

References:
- Re: [Ethereal-users] Sniffing Just VOIP traffic
  - From: LEGO

Prev by Date: Re: [Ethereal-users] Sniffing Just VOIP traffic
Next by Date: [Ethereal-users] Every packet is retransmitted
Previous by thread: Re: [Ethereal-users] Sniffing Just VOIP traffic
Next by thread: [Ethereal-users] Every packet is retransmitted
Index(es):
- Date
- Thread