Hi Alejandro,
looks very promising.
it will take sometime to review the huge patch, but I'd like to get it
into ethereal soon. I don't know how long it will take to get through it
in my spare time. I will concentrate on the h323 and sip part. I hope
others have some time to have a closer look at the GUI part, too.
Do you have some capture files, you could provide? e.g. a call with a
sip and an h323 leg, or h323 gatekeeper routed call with more than one
gatekeeper involved.
Regards,
Lars
Alejandro Vaquero schrieb:
Hi All,
Attached is the new "Voip call analysis" patch file and a screen shot
of a SIP to H323 interop call. It is based on Francisco Alcoba source,
and added support of H323, RTP and a Graph analysis. The Graph interface
can also be used in other no Voip analysis.
Here are the features:
- Collect ISUP, SIP and H323 calls from a capture and show them in
window with the following info:
- Start and Stop time of the call
- Initial Speaker: the IP source address of the first message that
started the call
- From and To: In H323 and ISUP, it is the calling and called
number. In SIP the From and To fields.
- Protocol: H323, SIP and ISUP (from now)
- State: the sate of the call
- Comments: For H323, it shows if the call is a FastSatrt call and
if Tunneling H245 is enable or not.
- Prepare a filter of a particular call when selected.
- Select one or multiple calls to "graph analysis"
And the "Graph Analysis" has:
- Graph up to ten columns or "nodes". Each "node" it is defined as an IP
address.
- Shows the direction of the message using arrows
- Display a "frame" label on top of the arrow, and a "comment" at the
right of each packet.
- For SIP and H323 the "frame" label also shows the Codec used.
- The "comment" column will show different info based on the packet. For
Setup and INVITE messages, it shows the calling/called number and
From/To fields. For Release H323 messages, the Q931 release cause. For
H225 messages, if tunneling is enable or not, and if FastStart is
present in the packet.
- RTP streams involved in the call. It is displayed as a wider arrow.
The "frame" label also shows the Codec for the stream and the "comment"
shows the number of RTP packets in this stream, the duration, and ssrc.
- When "click" on a frame in the graph, the selected frame number will
be selected in the Main windows.
- The graph also shows the time, and the UPD/TCP ports per frame.
I have tested it in a Windows machine using GTK 1 and 2. There is not
support for ISUP calls in the Graph yet (don't have such captures).
Comments and changes are very welcome.
Regards
Alejandro