[clug] Wireshark VOIP and Caller IP address
Keith Goggin
lroyjh at gmail.com
Wed Oct 28 09:04:56 UTC 2020
Thanks Kim,
I can see all packet data and I would have thought they must pass the
real source IP address buried in the packet some where. But it would
have to follow a known format. If that is the case I could learn to use
Wireshark packet filters to show the address.
As for the Telstra 'call guardian' phone I'll google for that.
https://crowdsupport.telstra.com.au/t5/announcements/telstra-call-guardian-301-never-answer-a-nuisance-call-again/ba-p/465103
and the cost about $50 on ebay.
On 28/10/20 7:00 pm, Kim Holburn via linux wrote:
> There are several probems with VOIP/SIP. One is that most VOIP/SIP
> protocols pass the IP numbers in the data part of the packets. Two is
> there are sometimes several streams most often of UDP packets. It is a
> really exasperating protocol suite. It is quite hard to work this out
> with wireshark. Three is that if both parties are behind a NAT
> firewall, they can't talk directly anyway.
>
> The only real way is to use a VOIP session border controller which is
> expensive. Barring that you could set up a small asterisk server
> which could do it but is expensive in time and patience to set up.
>
> How much is the Telstra device?
>
> I have this problem with my VOIP "landline". I generally pick the
> phone up and listen. If its spam they generally hang up. I am at the
> point of giving up the landline altogether.
>
> On 2020/10/28 4:00 pm, Keith Goggin via linux wrote:
>> Due to increased occurrence of Unsolicited VOIP calls I've been
>> motivated to try to track the callers IP address and block them.
>>
>> I have a Gigaset VOIP Phone connected to a Mikrotik router connected
>> to a 4G modem/router.
>>
>> Using the Mikrotik Packet Sniffer tool I can collect call data and
>> pass it to Wireshark for examination.
>>
>> I was expecting calls to be set up (dialed) via my VOIP provider, but
>> once established (answered) on going traffic would be directly
>> between the caller ip and the receiver ip addresses.
>>
>> This doesn't seem to be the case as I collected call data from a
>> friend and the UDP packets source address was that of my providers
>> server not the callers address.
>>
>> In principle this should be straight forward even for dummies like,
>> me alas not so.
>>
>> Can anyone offer a good reference text for beginners.
>>
>> Thanks
>>
>>
>>
>
More information about the linux
mailing list