Ethereal-dev: RE: [Ethereal-dev] Transform "H323 Conversations" to a more generic "VoIP Conves

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Alejandro Vaquero" <alejandrovaquero@xxxxxxxxx>
Date: Mon, 25 Oct 2004 07:30:04 -0600

> -----Original Message-----
> From: ethereal-dev-bounces@xxxxxxxxxxxx [mailto:ethereal-dev-
> bounces@xxxxxxxxxxxx] On Behalf Of Francisco Alcoba (TS/EEM)
> Sent: Monday, October 25, 2004 6:29 AM
> To: 'Ethereal development'
> Subject: RE: [Ethereal-dev] Transform "H323 Conversations" to a more
> generic "VoIP Convesations"
> 
> > Alejandro Vaquero wrote:
> >
> > > Hi Miha and All,
> > >
> > > I think the "H323 Conversation" is a really nice tool and soon
> > > probably be new protocols added to have the same
> > functionality (like
> > > SIP and MGCP). To this mind, I think we should create a
> > more generic
> > > "Voip conversation".
> .............
> 
> Hi,
> 
> I sent a proposal for the implementation some days ago, with some
comments
> on issues, in:
> 
>    http://www.ethereal.com/lists/ethereal-dev/200410/msg00146.html
> 
> but I have received no feedback. Right now it works for SIP and ISUP
over
> MTP3.
> 
Sorry I haven't seen your original mail. I'll add H323 based on the
current h323_conversation.

> > > have all the Voip calls together (H323, SIP, MGCP, etc..). In this
> > > window each call will have:
> > >
> > > "Protocol": H323, SIP, MGCP, etc...
> > >
> > > "IP:port A"
> > >
> > > "IP:port B"
> > >
> > > "Calling ID": this could be the number in H323/SIP/MGCP. Some
> > > protocols don't always have this info, for example in MGCP we
could
> > > put the EndpointID and in SIP the sip URI.
> > >
> > > "Called ID"
> > >
> > > "Status"
> > >
> > > "Comments": here put some protocol specific comments like
> > "Faststart",
> > > "H225 pkts" and "H245 pkts" on H323 calls
> > >
> 
> What I sent has "protocol", "calling id", "called id", "status",
"number
> of packets", "starting time" and "comments". It does not have the
IP:port
> A and IP:port B -it does have an "initial speaker" - because that
focuses
> on calls where only two parties are involved. If you have a SIP call
with
> a couple of proxies it is hard to say which are the correct A and B to
put
> there.
> 
> > > In this window will have a bottom similar than "Analyze" renamed
> > > something like "Add to Analyze". When clicked, this call
> > will be added
> > > to the "Voip Analysis" windows (similar than the "H323 Voip
> > Analysis"
> > > window). This will allow the user to add multiple calls to
> > analysis.
> > > For example if it is a call that started as H323 and then
> > it is SIP,
> > > you can add this "two" calls to analyze to have the whole picture.
> 
> Te code I sent has a "Filter" button that ORs the data of one
conversation
> to the generic display filter. This is because I think that it can be
more
> useful to do the "analysis" stuff independent, you that you can use it
for
> other protocols. So right now you can select a call, add it to the
filter,
> do the same with two calls more, then apply the filter and see the
calls
> in the main window.
> 
> > Ulf Lamping wrote:
> 
> > I would like to have something not only for the VoIP
> > conversations. The
> > same mechanism would be helpful for a lot of other protocols as
well.
> >
> > So before start a special implementation for each and every protocol
> > seperately, we might find a general way to create such a thing.
> >
> > And I do think, that this would be possible to some extend. However,
> > this will be a bit more work for the first time implementation.
> >
> > I could help you with the GUI parts of that, but my knowledge on the
> > current conversation stuff is limited.
> 
> That would also be easier if we separate the "conversation list"
function
> from the "flow display" stuff.

I think for the "flow or analysis display" will be better to be a
"graphic" instead of just a "list". The "conversation list" will fill a
structure when the "call" is selected to analysis. This structure is
like:
"Time"
"IP:port src"
"IP:port dst"
"Protocol"
"Message": with any additional info like: "SETUP 12345"
"Comment": additional comments 

And then the "flow display" will have to display something like:

Time  Protocol       Node_A		Node_B		Node_C
Comments
1:00	H323_H225      SETUP 12345 --->
FastStart 
1:00  H323_H225                      SETUP 12345 --->
FastStart
1:01  H323_H225                             <--- CALL PROC
 
The "Node_X" will be identified by just IP address (not the port). So
the "flow display" will dynamically add more nodes if it is necessary.



  
> 
> Regards,
> 
>   Francisco
> 
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev