Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Ethereal-users: [Ethereal-users] Re: VoIP Sniffing

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Hector Villafuerte" <hec.villafuerte@xxxxxxxxxxxxx>
Date: Sun, 9 Jun 2002 21:22:34 -0600
Hi!

Andreas said:
> Filter out all traffic NOT going to/from the endpoints (and servers like
> gatekeepers) using a capture filter.
> ip hst 192.168.11.4 or ip hst 192.168.11.5 or ip hst 192.168.11.1

Part of the analysis is to know which hosts are producing voip traffic,
i.e.: I don't know the ip addresses of the endpoints... so, I think there is
nothing I can do about this (will have to capture every host's traffic)

Andreas also said:
> A couple of more suggestions:
> - Filter out all non tcp or udp traffic
> - filter out all non ethernet traffic

After trying for a while, I came out with this capture filter:

       tcp or udp or ether proto \ip

But I'm not quite sure about the ethernet part, would somebody
tell me if it's ok?

As always, thanks in advance!
Héctor
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube