Hi,
Isn't the H.248 signaling over SCTP? IF so I thnk you can use SCTP as a fileter or SCTP port perhaps.
Alternatively use the IP address(es). Possibly the MGW IP address is only used for signaling.
regards
Anders
________________________________________
From: wireshark-users-bounces@xxxxxxxxxxxxx [wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Francesco Cappuccio [francesco.cappuccio@xxxxxxxxxxxx]
Sent: Wednesday, April 07, 2010 11:39 AM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] H248 filter
Hi,
I am actually trying to sniff some H248 traffic, as the number of lines increase I need o set up a capture filter to avoid all RTP content.
I tried the following filters:
"udp port 2944"
"port 2944"
They both works but I miss messages coming from the Virtual Gateway towards the MGC.
I am wondering if someone has better option to set up the capture filter, as "megaco" or "h248" are not working.
Thanks.
--
Francesco Cappuccio
