Sniffer installation: Difference between revisions
Tag: Undo |
(Add critical info about connecting to existing production DB - 1000 CDR auto-modify threshold and unique id_sensor requirement) Tag: Reverted |
||
| Line 124: | Line 124: | ||
For performance tuning, see [[Scaling|Scaling and Performance Tuning]]. | For performance tuning, see [[Scaling|Scaling and Performance Tuning]]. | ||
== Connecting to Existing Production Database == | |||
{{Warning|1='''Database Schema Safety Mechanism:''' When connecting a new sniffer to an existing production database, the system includes built-in protection. The sniffer will '''only auto-modify tables if the database contains fewer than 1000 CDRs'''. For larger production databases, it will log the required ALTER queries to syslog, messages, or journalctl upon service restart. You must manually execute these queries during a low-traffic period (e.g., overnight) to prevent table locking.}} | |||
=== Running Multiple Sniffers Simultaneously === | |||
If running both old and new servers simultaneously, '''ensure the id_sensor option is unique''' on each server to distinguish the source of CDRs: | |||
<syntaxhighlight lang="ini"> | |||
# Old server | |||
id_sensor = 1 | |||
# New server | |||
id_sensor = 2 | |||
</syntaxhighlight> | |||
=== Hardware-Dependent Settings to Review === | |||
Configure these settings appropriately on the new server based on its hardware: | |||
{| class="wikitable" | |||
|- | |||
! Parameter !! Description | |||
|- | |||
| <code>interface</code> || Network interface to capture traffic | |||
|- | |||
| <code>max_buffer_mem</code> || Maximum memory for packet buffer | |||
|- | |||
| <code>spooldir</code> || PCAP/audio storage directory (ensure sufficient disk space) | |||
|- | |||
| <code>maxpoolsize</code> || RTP packet buffer pool size | |||
|} | |||
{{Tip|For distributed sensor deployments, see [[Multiple_sniffer_instancies|Multiple Sniffer Instances]] and [[Sniffer_distributed_architecture|Distributed Architecture]].}} | |||
== Step 4: Start the Service == | == Step 4: Start the Service == | ||
| Line 239: | Line 275: | ||
* [[Data_Cleaning|Data Cleaning and Retention]] | * [[Data_Cleaning|Data Cleaning and Retention]] | ||
* [[Systemd_for_voipmonitor_service_management|systemd Service Management]] | * [[Systemd_for_voipmonitor_service_management|systemd Service Management]] | ||
== AI Summary for RAG == | == AI Summary for RAG == | ||
Revision as of 11:10, 9 January 2026
This guide provides step-by-step instructions for installing the VoIPmonitor sensor (sniffer). The recommended method is the pre-compiled static binary.
Understanding VoIPmonitor Components
VoIPmonitor consists of two separate components:
| Component | Description | Requirements |
|---|---|---|
| Sniffer / Sensor (This Guide) | Static binary that captures and analyzes VoIP traffic. Self-contained - no web server, PHP, or local database required. | Linux (kernel 2.6.18+), root privileges |
| Web GUI | PHP web interface for viewing data and configuration. | Web server (Apache/Nginx), PHP, MySQL/MariaDB. See GUI Installation Guide |
💡 Tip: The sniffer and GUI are designed to run independently. You can deploy multiple sniffers sending data to a single central GUI, or install both on the same server for small deployments.
Installation Overview
Step 1: Download the Static Binary
Download the archive for your system architecture:
| Architecture | Download Command |
|---|---|
| 64-bit (x86_64) | wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz
|
| 32-bit (i686) | wget https://www.voipmonitor.org/current-stable-sniffer-static-32bit.tar.gz -O voipmonitor-sniffer.tar.gz
|
| ARM (Raspberry Pi) | wget https://www.voipmonitor.org/current-stable-sniffer-static-armv6k.tar.gz -O voipmonitor-sniffer.tar.gz
|
ℹ️ Note: If the primary URL hangs (common on Debian 11/12), use the alternative: wget https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
Step 2: Extract and Install
tar xzf voipmonitor-sniffer.tar.gz
cd voipmonitor-*-static
sudo ./install-script.sh
The script installs:
- Binary to
/usr/local/sbin/voipmonitor - Config to
/etc/voipmonitor.conf - Service to
/etc/init.d/voipmonitor
ℹ️ Note: The service always runs as root regardless of installation prompts - this is required for packet capture privileges.
Step 3: Configure
Edit the configuration file:
nano /etc/voipmonitor.conf
Essential settings:
| Parameter | Description | Example |
|---|---|---|
mysqlhost |
Database server address | 192.168.1.100
|
mysqldb |
Database name | voipmonitor
|
mysqluser |
Database user | voipmonitor
|
mysqlpassword |
Database password | secret
|
interface |
Network interface to monitor | eth0
|
id_sensor |
Unique ID (1-65535) for multi-sensor deployments | 1
|
For complete configuration options, see Sniffer Configuration Reference.
System Resource Requirements
| Resource | Recommendation |
|---|---|
| CPU | Main capture thread (t0) uses 1 core. Monitor t0CPU - if >90%, consider faster CPU or additional sensors.
|
| RAM | 2-4 GB for <500 calls; 8-16 GB for 2000+ calls. Account for MySQL if co-located. |
| Disk I/O | HDD: ~2000 concurrent calls. SSD/RAID WriteBack for higher throughput. |
| Storage | Plan based on retention policy and daily call volume. |
For performance tuning, see Scaling and Performance Tuning.
Connecting to Existing Production Database
⚠️ Warning: Database Schema Safety Mechanism: When connecting a new sniffer to an existing production database, the system includes built-in protection. The sniffer will only auto-modify tables if the database contains fewer than 1000 CDRs. For larger production databases, it will log the required ALTER queries to syslog, messages, or journalctl upon service restart. You must manually execute these queries during a low-traffic period (e.g., overnight) to prevent table locking.
Running Multiple Sniffers Simultaneously
If running both old and new servers simultaneously, ensure the id_sensor option is unique on each server to distinguish the source of CDRs:
# Old server
id_sensor = 1
# New server
id_sensor = 2
Hardware-Dependent Settings to Review
Configure these settings appropriately on the new server based on its hardware:
| Parameter | Description |
|---|---|
interface |
Network interface to capture traffic |
max_buffer_mem |
Maximum memory for packet buffer |
spooldir |
PCAP/audio storage directory (ensure sufficient disk space) |
maxpoolsize |
RTP packet buffer pool size |
💡 Tip: For distributed sensor deployments, see Multiple Sniffer Instances and Distributed Architecture.
Step 4: Start the Service
systemctl start voipmonitor
systemctl enable voipmonitor
Other commands: systemctl stop voipmonitor, systemctl status voipmonitor
For advanced systemd configuration, see systemd Service Management.
Step 5: Verify
# Check service status
systemctl status voipmonitor
# Monitor live logs
journalctl -u voipmonitor -f
Look for output like calls[X][Y] PS[...] SQLq[0] confirming traffic capture.
If no calls appear, see Sniffer Troubleshooting.
Downloading Specific Versions
For specific versions or automation:
# Specific version (replace VERSION, e.g., 2025.07.1)
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-amd64-VERSION-static.tar.gz
# Example
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-amd64-2025.07.1-static.tar.gz
# Historical releases with SS7 module
wget https://sourceforge.net/projects/voipmonitor/files/20.4/voipmonitor-wireshark-amd64-20.4.4-static.tar.gz/download -O voipmonitor-sniffer.tar.gz
Direct download URLs work without portal login - ideal for automation, CI/CD, Ansible, Puppet, etc.
Advanced Installation
Legacy OS (CentOS 6, older glibc)
- Download the oldest available binary from the download page (better glibc compatibility)
- If GUI shows ionCube errors, install the "Linux glibc2.4 (64 bits)" loader from ioncube.com
Manual Development Build Upgrade
mkdir /tmp/new-sniffer && cd /tmp/new-sniffer
wget https://download.voipmonitor.org/some-development-build.tar.gz -O sniffer.tar.gz
tar xzf sniffer.tar.gz
systemctl stop voipmonitor
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.backup
cp voipmonitor-*-static/voipmonitor /usr/local/sbin/voipmonitor
systemctl start voipmonitor
Compiling from Source (ARM64/Special Cases)
ℹ️ Note: Only for developers or when static binary is unavailable (e.g., ARM64/aarch64).
# Install dependencies (Debian 12)
apt install git make g++ unixodbc-dev libvorbis-dev libmp3lame-dev libmpg123-dev \
libpcap-dev libssl-dev libsnappy-dev libcurl4-openssl-dev libicu-dev libpng-dev \
libjpeg-dev libfftw3-dev libjson-c-dev librrd-dev libglib2.0-dev libxml2-dev \
libmariadb-dev-compat libmariadb-dev libzstd-dev liblz4-dev liblzma-dev \
liblzo2-dev gnutls-dev libgcrypt-dev libgoogle-perftools-dev
# Clone and compile
cd /usr/src
git clone https://github.com/voipmonitor/sniffer.git
cd sniffer
./configure
make
# Install
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.static # backup if exists
mv /usr/src/sniffer/voipmonitor /usr/local/sbin/voipmonitor
systemctl restart voipmonitor
For automatic git-based upgrades, add to /etc/voipmonitor.conf:
upgrade_by_git = yes
git_folder = /usr/src/sniffer
Uninstallation
systemctl stop voipmonitor
systemctl disable voipmonitor
rm -f /etc/systemd/system/voipmonitor.service
rm -f /etc/init.d/voipmonitor
rm -f /usr/local/sbin/voipmonitor
systemctl daemon-reload
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup
⚠️ Warning: Spool directory contains PCAP files and recordings! Only delete if you no longer need this data: rm -rf /var/spool/voipmonitor
See Also
- Sniffer Configuration Reference
- Sniffer Troubleshooting
- Distributed Architecture: Client-Server Mode
- Scaling and Performance Tuning
- Data Cleaning and Retention
- systemd Service Management
AI Summary for RAG
Summary: Step-by-step guide for installing VoIPmonitor sensor (sniffer) using pre-compiled static binaries. Process: download correct archive for architecture (64-bit, 32-bit, ARM), run install-script.sh, configure /etc/voipmonitor.conf (database, interface, id_sensor), start with systemctl. Service always runs as root. Direct download URLs (https://download.voipmonitor.org/...) work without login for automation. Covers system requirements (CPU t0 thread, RAM 2-16GB based on call volume, disk I/O), specific version downloads, legacy OS compatibility, compiling from source for ARM64, and uninstallation.
Keywords: install, installation, sniffer, sensor, static binary, install-script.sh, download, wget, systemd, systemctl, id_sensor, multi-sensor, ARM64, aarch64, Raspberry Pi, compile from source, git, upgrade_by_git, uninstall, CentOS 6, legacy, automation, CI/CD, direct download
Key Questions:
- How do I install the VoIPmonitor sniffer?
- Where can I download the sensor static binary?
- How do I configure id_sensor for multi-sensor deployments?
- What are the CPU and RAM requirements?
- How do I start and enable the voipmonitor service?
- What if the download URL hangs or fails?
- How do I install on legacy CentOS 6?
- How do I compile from source on ARM64?
- How do I uninstall VoIPmonitor?
- What are the direct download URLs for automation?