Hello Luca, Thanks for answering. While trying to get a trace for you, I realized that adding L4 ports to the template, nprobe does send rtp information to the collector. In other words using: -T "%LAST_SWITCHED %FIRST_SWITCHED %IPV4_SRC_ADDR %IPV4_DST_ADDR %IN_BYTES %IN_PKTS %OUT_BYTES %SIP_CALL_ID %SIP_CALLING_PARTY %SIP_CALLED_PARTY %SIP_RTP_CODECS %SIP_RTP_SRC_PORT %SIP_RTP_DST_PORT %RTP_FIRST_SSRC %RTP_IN_JITTER %RTP_OUT_PAYLOAD_TYPE %RTP_IN_MAX_DELTA"
didn't work, adding %L4_SRC_PORT %L4_DST_PORT seems to work fine. Now, I am trying to find if there is another combination for SIP info. Thanks a lot!, A --- Luca Deri <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Anthony, > nprobe reports you info about SIP if it can see SIP > traffic. Can you > please mail me an ethereal traffic dump of your SIP > traffic in order to > check what;s wrong? > > Thanks, Luca > > > anthony thomas wrote: > > Hello, > > > > I am probably doing something very wrong so > forgive > > me for asking this but, when I am running nprobe > on my > > network sniffing voip (SIP and RTP) traffic, all > > voip-related tags come empty. > > > > I know that the flows that nprobe is sending to > my > > collector are from RTP sessions since is the only > > traffic that is on the network and the number of > > packets is very high. > > > > Whe nprobe starts it says that is initializing > RTP > > and SIP plugins cleanly. > > > > This is the command line option I am using -T > > "%LAST_SWITCHES %FIRST_SWITCHED %IN_BYTES %IN_PKTS > > %OUT_BYTES %SIP_CALL_ID %SIP_CALLING_PARTY > > %SIP_CALLED_PARTY" > > > > In an ethereal trace, all tags are in the > packet, > > but all are zeroed. > > > > As allways, I hope that someone could give me > some > > light on this. > > > > Thanks!! > > > > A > > > > > > > > __________________________________ > > Yahoo! FareChase: Search multiple travel sites in > one click. > > http://farechase.yahoo.com > > _______________________________________________ > > Ntop mailing list > > [email protected] > > http://listgateway.unipi.it/mailman/listinfo/ntop > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (Darwin) > Comment: Using GnuPG with Thunderbird - > http://enigmail.mozdev.org > > iD8DBQFDcdr2mMhDxnkh3zQRAmYDAJ4qFFzEpB+ivjwuWs6M+gvoNYhH5ACeM6p8 > uhXFrmNGzaqrmwhLdfQEvQA= > =L4x+ > -----END PGP SIGNATURE----- > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop > __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
