Applies To

This information applies to

• V6 SR2

Remote PCAP

What is remote PCAP?

With remote PCAP, network traffic can be captured directly from another network device, instead of capturing the network traffic from the own device.

Requirements

• You should have installed the latest wireshark release > 0.9.9.6 Wireshark Download
• If you want to display ISDN LAPD/Q.931 packets, you have to install the innovaphone.dll. Just copy the dll to your wireshark plugin directory and pay attention on your currently used version (e.g.: c:\programme\wireshark\plugins\0.99.6a\).
• If you want to display AC DSP packets (only IP22,IP24,IP302 and IP305), you have to install the Ac49xPacketRecording.dll. Install it like the innovaphone.dll.
• open the example pcap file with lapd and q.931 packets to check your current installation. It should look like this, if you have the innovaphone.dll correctly installed:

PCAP ISDN example

• and the example pcap file with dsp packets like this, if you have the audiocodes dll correctly installed:

PCAP DSP example

Setting up the rpcap server

• The rpcap server can be any innovaphone device.
• The remote pcap server is disabled per default. To enable it, just go to Diagnostics->Tracing and check the "Enable" flag in the "Remote PCAP" group. If you are experiencing problems, also enable the trace flag.
• To capture all ip traffic (udp and tcp), enable the "IP (PCAP only)" flag in the group "IP". Otherwise just enable all the trace flags on the modules you want to capture.

Capturing with wireshark

Open your wireshark and the capture options dialogue. Type "rpcap://IP/TRACE" into the field.

It should look like this:

Wireshark capture options

Known Problems

Related Articles

To Do

When moving this chapter to a public page, change the following page and add new group remote pcap and new flag under group IP: "Configuration/General/Admin"