Ethereal

[Ethereal-users] Re: VoIP Sniffing
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: June 2002

 

Hi!

Andreas said:
> Filter out all traffic NOT going to/from the endpoints (and servers like
> gatekeepers) using a capture filter.
> ip hst 192.168.11.4 or ip hst 192.168.11.5 or ip hst 192.168.11.1

Part of the analysis is to know which hosts are producing voip traffic,
i.e.: I don't know the ip addresses of the endpoints... so, I think there is
nothing I can do about this (will have to capture every host's traffic)

Andreas also said:
> A couple of more suggestions:
> - Filter out all non tcp or udp traffic
> - filter out all non ethernet traffic

After trying for a while, I came out with this capture filter:

       tcp or udp or ether proto \ip

But I'm not quite sure about the ethernet part, would somebody
tell me if it's ok?

As always, thanks in advance!
Héctor

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.