北京赛车黑马人工计划

Manual export of pcap files from spooldir

Contents

Notes

RTP format:北京赛车黑马人工计划 With default voipmonitor.conf RTP pcap chunks are compressed by LZO which are tared and archived in directory in date-hourminute

option pcap_dump_zip_rtp = lzo

SIP format: With default voipmonitor.conf SIP compression uses gzip

option tar_compress_sip = gzip


Export pcap file with default config used

Get information about CDR from database

北京赛车黑马人工计划you will need:

1.cdr.id (103)
2.Date time of call start (2016-08-23 16:37:38)
3.Call-ID (CwA8j-SNSN)
4.Location of your spooldir (spooldir=X) 

example : Cdr detail for export pcap default.jpg

sql query:

SELECT cdr.calldate,cdr.caller,cdr.called,cdr.id as cdrID,cdr_next.fbasename as callID 
FROM cdr,cdr_next 
WHERE cdr.id=cdr_next.cdr_ID AND cdr.calldate >= '2017-02-01 00:00:00' AND cdr.calldate <= '2017-02-01 23:59:59' AND cdr.caller like '+222%';

you must use cdr.calldate condition otherwise database will be overloaded by searching in all partitions

export SIP pcap

tar --wildcards -xOf '/var/spool/voipmonitor/2016-08-23/16/37/SIP/sip_2016-08-23-16-37.tar.gz' 'CwA8j-SNSN.pcap*' > /tmp/expsip.pcap


export RTP

北京赛车黑马人工计划get rtp positions

mysql> SELECT pos FROM voipmonitor.cdr_tar_part where cdr_id = 103 and type = 2 and calldate = '2016-08-23 16:37:38';

Returned:

pos: 0
pos: 164352
pos: 328704
pos: 493056
4 rows in set (0,00 sec)

北京赛车黑马人工计划use positions returned from db and extract pcap

/usr/local/sbin/voipmonitor -kc -d /var/spool/voipmonitor/ --untar-gui='/var/spool/voipmonitor//2016-08-23/16/37/RTP/rtp_2016-08-23-16-37.tar CwA8j-SNSN.pcap 0,164352,328704,493056 rtp.pcap'
#rtp.pcap is already decompressed (no unLZO needed) 

Alternative RTP extraction without knowing positions from database - this will consume more IO reads as tar file has to be fully scanned

tar --wildcards -xOf '/var/spool/voipmonitor/2016-08-23/15/27/RTP/rtp_2016-08-23-15-27.tar' 'R3YqlN7pnY.pcap*' > rtp.pcap
# if LZO compression for RTP pcaps is enabled 
voipmonitor -kc --unlzo-gui='/path/to/rtp.pcap /path/to/rtp-uncompressed.pcap'
#if path to file is not absolute (/...) it is relative to the spooldir directory

merge SIP and RTP into one file

北京赛车黑马人工计划(apt-get install tshark | yum install wireshark)

mergecap -w rtp.pcap sip.pcap final.pcap
秒速赛车6码计划 三分彩计划软件下载 分分11选5精准计划群 幸运快3追号计划 超级时时彩缩水计划