VoIP/Telephony
The majority of these protocol definitions, unless otherwise specified, will generate one Gop for each Call Log.
- ISUP
Action=PduDef; Name=isup_pdu; Proto=isup; Transport=mtp3; mtp3pc=mtp3.dpc; mtp3pc=mtp3.opc; cic=isup.cic; isup_msg=isup.message_type; Action=GopDef; Name=isup_leg; On=isup_pdu; ShowPduTree=TRUE; mtp3pc; mtp3pc; cic; Action=GopStart; For=isup_leg; isup_msg=1; Action=GopStop; For=isup_leg; isup_msg=16;
- Q931
- H225 RAS
- SIP
- MEGACO
Every transaction will generate a Gop. Use Action=GogKey; Name=your call; On=mgc tr; addr!mgc addr; Megaco ctx to “bind” them to your call’s GoG.
MATE’s Configuration Library in Wireshark
MATE stands for Meta Analysis and Tracing Engine. Using this plugin, the user is allowed to define the relationships between various frames. To accomplish this, the Frames tree is quite helpful as MATE collects data from here and then attempts to organize the frames by how MATE is set up. Whenever the PDUs get connected, MATE will build a “protocol” tree with filterable fields. Since the fields are nearly identical for all connected frames, it is possible to filter a session that spans several frames and many protocols based on a property that appears in a related frame. Moreover, MATE permits frame filtering that relies on reaction timings, the amount of pdus in a group, and many other factors.
MATE’s main purpose is to employ various protocols and filter every packet of a call while simply knowing the calling number. The other problem is that they use many protocols, filtering all packets from all calls based on why one of their “segments” was released. It also applies especially “dense” captures to slow transactions (Finding asks for a timeout). It makes it possible to locate pending transactions (no responses). If rerouting of requests is required, it is accomplished through the use of additional gateways and proxies.