Ss7
For enable the parsing of ISUP/ss7 packets you need to use voipmonitor including wireshark libs
Generic ss7 ISUP support
sniffer binary
download static binary
you can download it from [sourceforge] the binary voipmonitor-wireshark-amd is the one that you need to gets used (download it, unpack and place it to /usr/local/sbin/voipmonitor)
make from sources
or you can get sources using git and then use make ss7 to build dynamic voipmonitor binary including wireshark libs
git clone https://github.com/voipmonitor/sniffer.git ./sniffer-git cd sniffer-git ./configure make ss7 make install
sniffer settings /etc/voipmonitor.conf
add following option to sniffer's config
ss7=yes
GUI's settings
There is no need to do any changes - there will appears new section SS7 in the GUI's menu after first SS7 call stored in to ss7 table in db.
Sonus STPs SS7
sniffer binary
make from sources
you need to get sources using git and then use make ss7 to build voipmonitor including wireshark libs (static binary cannot be used)
sniffer settings /etc/voipmonitor.conf
enable following options in sniffer's service config
ss7 = yes ss7port = 7377 ss7callid = cic ws_param = mtp3.heuristic_standard:TRUE ws_param = mtp3.standard:ANSI ws_param = mtp3.itu_pc_structure:3-8-3
GUI's settings /var/www/html/config/configuration.php
GUI requires additional options added to its configuration.php file:
define("TSHARK_PATHNAME", "tshark");
define("TSHARK_PARAMS_SS7_SONUS", "mtp3.heuristic_standard:TRUE;mtp3.standard:ANSI;mtp3.itu_pc_structure:3-8-3");
add and configure tshark with lua plugins
in usr/share/wireshark (or /usr/local/share/wireshark) edit the file init.lua and add at the end of the file:
dofile(DATA_DIR.."sonuscm.1.12.lua") dofile(DATA_DIR.."sonusimf.1.12.lua")
upload the lua files to same directory where init.lua was created (you can get lua files from voipmonitor sniffer sources in ./scripts/ss7/lua subfolder)
testing
tshark -o 'mtp3.heuristic_standard:TRUE' -o 'mtp3.standard:ANSI' -o 'mtp3.itu_pc_structure:3-8-3' -r imf_sample.pcap -T json 'frame.number==22'
then wipe the packet #22 and use for voipmonitor upload - the output of tshark and voipmonitor should be same:
voipmonitor --config-file=./config/voipmonitor.conf -p XobmuJ -b voipmonitor_ipv6 -k -v1,dump_packets_via_wireshark -r imf_sample_frame22.pcap --json_config='[{"ws_param":"mtp3.heuristic_standard:TRUE"},{"ws_param":"mtp3.standard: ANSI"},{"ws_param":"mtp3.itu_pc_structure: 3-8-3"},{"ss7":"yes"},{"ss7port":"7377"},{"ss7callid":"cic"}]'