The Manager API is a TCP-based interface exposed by the VoIPmonitor sniffer on port 5029. It allows the GUI, scripts, and external tools to query sensor status, list active calls, and perform administrative tasks.

Overview

Configuration

Basic Settings

# /etc/voipmonitor.conf

# Bind address - use 127.0.0.1 for local-only access
# Use 0.0.0.0 to allow remote connections (requires firewall!)
managerip = 127.0.0.1

# TCP port (default: 5029)
managerport = 5029

Unix Socket (Alternative)

For local scripts that need unencrypted access:

# /etc/voipmonitor.conf
managersocket = /tmp/vm_manager_socket

The socket file is created when the sniffer starts. Use with nc -U:

echo 'listcalls' | nc -U /tmp/vm_manager_socket

Encryption

Since sniffer version 2024.02.2 and GUI 26.20, Manager API communication is encrypted by default using AES.

How It Works

1. The GUI generates an AES key and stores it in the database
2. The sniffer reads the key from the database on startup
3. All communication between GUI and sniffer is encrypted

No manual configuration is required - key exchange is automatic.

Manual Key Configuration

If automatic key exchange fails (e.g., sniffer cannot access GUI database), configure keys manually:

Generate a key using the GUI:

cd /var/www/html
php php/run.php generate_aes_key    # Generate without saving
php php/run.php store_aes_key       # Generate and save to DB
php php/run.php delete_aes_key      # Remove key from DB

Configure in voipmonitor.conf (sniffer):

# Base64-encoded AES key and IV
manager_aes_key = <base64_key>
manager_aes_iv = <base64_iv>

Configure in configuration.php (GUI):

$VPMANAGER_AES_KEY = '<base64_key>';
$VPMANAGER_AES_IV = '<base64_iv>';
$VPMANAGER_AES_CIPHER = 'aes-128-cbc';  // default

Disable Encryption (Debugging Only)

# /etc/voipmonitor.conf
manager_enable_unencrypted = yes

With encryption disabled, you can use simple netcat:

echo 'listcalls' | nc 127.0.0.1 5029

HA Configuration (Multiple GUIs)

When using High Availability with multiple GUI servers sharing a database, ensure all use the same encryption key:

# Copy key from HOST1 to HOST2
key=$(echo "SELECT content FROM \`system\` WHERE type = 'manager_key'" | \
  mysql -h HOST1 -u root -pPASS1 -D voipmonitor 2>/dev/null | grep key)

echo "UPDATE \`system\` SET content = '$key' WHERE type = 'manager_key'" | \
  mysql -h HOST2 -u root -pPASS2 -D voipmonitor 2>/dev/null

API Commands

Command Reference

listcalls

Returns JSON array of active calls with caller, called, codec, duration, and quality metrics.

echo 'listcalls' | nc -U /tmp/vm_manager_socket

With filter (via GUI's run.php):

php php/run.php send_manager_cmd -s 1 -c 'listcalls {"limit":30,"filter":[{"caller":"%123%"}]}'

sniffer_stat

Returns comprehensive sensor status in JSON format, including the pbStatString field which contains the syslog status line.

echo 'sniffer_stat' | nc -U /tmp/vm_manager_socket

Key fields in response:

• version - Sniffer version
• uptime - Seconds since start
• calls - Active call count
• pbStatString - Status string (same as syslog output)

 * Contains: SQLq[C:X M:Y] - SQL queue sizes
 * Contains: t0CPU[X%] - Packet capture thread CPU

sniffer_threads

Shows CPU usage of internal threads. Useful for diagnosing performance issues.

echo 'sniffer_threads' | nc -U /tmp/vm_manager_socket

Options:

• sniffer_threads no_sort - Don't sort by CPU load
• sniffer_threads only_traffic - Only threads with traffic
• sniffer_threads all - Include idle threads
• sniffer_threads line - Single-line output format

reload

Reloads configuration from /etc/voipmonitor.conf without restart.

echo 'reload' | nc -U /tmp/vm_manager_socket

Usage Examples

With Encryption Disabled

# Simple query
echo 'listcalls' | nc 127.0.0.1 5029

# Get version
echo 'sniffer_version' | nc 127.0.0.1 5029

With GUI's run.php (Encrypted)

By sensor ID:

php /var/www/html/php/run.php send_manager_cmd -s 2 -c listcalls
# -s = sensor ID from GUI
# -c = command

By IP address:

php /var/www/html/php/run.php send_manager_cmd -h 10.0.0.50 -p 5029 -a -c listcalls
# -h = host
# -p = port
# -a = enable encryption
# -c = command

Via Unix Socket

# Define socket in config first: managersocket = /tmp/vm_manager_socket
echo 'listcalls' | nc -U /tmp/vm_manager_socket

# Or enable socket at runtime
echo 'manager_file start /tmp/vm_manager_socket' | nc 127.0.0.1 5029

Remote Access via SSH

# Query remote sensor through SSH tunnel
ssh sensor-host 'echo listcalls | nc -U /tmp/vm_manager_socket'

Server API (Port 60024)

In distributed deployments, the central server exposes port 60024 for probe management:

# List connected probes
echo '{"type_connection":"manager_command","command":"active"}' | nc 127.0.0.1 60024

# Send command to specific probe
echo '{"type_connection":"gui_command","sensor_id":1011,"command":"terminating"}' | nc 127.0.0.1 60024

Troubleshooting

GUI Cannot Connect to Sensor

Testing Connectivity

# Test from GUI server to sensor
telnet sensor-ip 5029

# Test with encryption disabled (temporarily)
echo 'sniffer_version' | nc sensor-ip 5029

Netcat -U Not Working

On Debian/Ubuntu, install the correct netcat package:

apt install netcat-openbsd

See Also

• Syslog_Status_Line - Understanding the status line output
• Sniffer_distributed_architecture - Client/server deployments
• Active_calls - GUI active calls monitoring
• Live_sniffer - Real-time packet inspection
• WEB_API - HTTP-based GUI API