Tls
Since version 11 VoIPmonitor sniffer is able to decode and decrypt TLS SIP protocol by providing private key. Currently the code is in GIT develop branch and here is statically beta version 64bit which should run on any >= 2.6.18 linux.
Decrypted SIP packets are converted to virtual UDP packets with the same ethernet headers replacing the IP TCP layer with UDP so you will not see the TCP stream in stored pcap files.
TLS feature is still in beta - if you will have any problems which are reproducible we need to see pcap file with the TLS packets (no need for RTP) and of course the private key.
Please note that TLS where cipher suite is set to Diffie–Hellman key exchange is not possible to decode in any way. It is possible only if your software (PBX/SBC) is storing key for each TLS session but still this feature is not supported. The only solution is to change the cipher suite to use anything else than diffie hellman cipher suites.
Download
Link to beta version: http://download.voipmonitor.org/voipmonitor-tls
Or compile from source (git develop branch)
Configuration
add to the voipmonitor.conf
ssl_ipport = 10.0.0.1 : 5061 /etc/private.key
where 10.0.0.1 is server with TLS port 5061. Private key is in /etc/private.key and it is in PEM format (starting with -----BEGIN RSA PRIVATE KEY-----)