Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: [Wireshark-users] Call filtering advice

Date: Mon, 30 Oct 2006 16:16:07 -0000

Monitoring MGCP traffic.

 

Via the VoIP calls window, I can locate calls that I am after. However, Wireshark doesn’t allow me to make use of the “filter” option.

It seems that it is only possible to build filters as large as 80 messages. Unfortunately, the call I was after included 172 messages.

Maybe just a filter string length issue?!

 

As it was an MGCP call, I was able to systematically go through the call and filter on the transaction ids, as each primary action i.e. MDCX/CRCD/DLCX will have all responses tagged with their transaction id.

 

Is there an easier way of doing this, as it took a while to record around 40 transaction ids then, build a filter to include them.