Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: H248 filter

From: "Francesco Cappuccio" <francesco.cappuccio () ericsson com>
Date: Wed, 7 Apr 2010 13:08:16 +0200
We use signaling over UDP, and it is unuseful to use IP addresses, as signaling exchanged between MGC and VG has same 
IP addressing as udp data.
I should really find a way to filter efficiently udp port 2944 in both directions...


--
Francesco Cappuccio

-----Original Message-----
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Anders 
Broman
Sent: mercoledì 7 aprile 2010 12.56
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] H248 filter

Hi,
Isn't the H.248 signaling over SCTP? IF so I thnk you can use SCTP as a fileter or SCTP port perhaps.
Alternatively use the IP address(es). Possibly the MGW IP address is only used for signaling.
regards
Anders
________________________________________
From: wireshark-users-bounces () wireshark org [wireshark-users-bounces () wireshark org] On Behalf Of Francesco 
Cappuccio [francesco.cappuccio () ericsson com]
Sent: Wednesday, April 07, 2010 11:39 AM
To: wireshark-users () wireshark org
Subject: [Wireshark-users] H248 filter

Hi,
I am actually trying to sniff some H248 traffic, as the number of lines increase I need o set up a capture filter to 
avoid all RTP content.

I tried the following filters:

"udp port 2944"
"port 2944"

They both works but I miss messages coming from the Virtual Gateway towards the MGC.

I am wondering if someone has better option to set up the capture filter, as "megaco" or "h248" are not working.

Thanks.


--
Francesco Cappuccio

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: