Latest revision as of 16:00, 19 January 2026

SIPREC

SIPREC (Session Recording Protocol, RFC 7866/7865) is an IETF standard for recording SIP-based communications. VoIPmonitor acts as a Session Recording Server (SRS) that receives call streams from SIPREC-enabled SIP proxies or SBCs.

How SIPREC Works

Key components:

Session Recording Client (SRC): SIP proxy, PBX, or SBC (OpenSIPS, Kamailio, Cisco CUBE, AudioCodes, Oracle, Avaya) that initiates recording by forking media/metadata to the SRS
Session Recording Server (SRS): VoIPmonitor receives SIPREC INVITEs with XML metadata and RTP/SRTP streams

Benefits over packet sniffing:

Receives call metadata (participants, timestamps, call-IDs) automatically via XML
Works in cloud/multi-tenant environments where port mirroring isn't possible
Standard protocol supported by most VoIP vendors

ℹ️ Note: SIPREC and packet capture can run concurrently - enabling SIPREC doesn't disable native sniffing.

VoIPmonitor Configuration

Add to /etc/voipmonitor.conf:

# Enable SIPREC server
siprec_bind = 0.0.0.0
siprec_bind_port = 5099

Parameter	Default	Description
`siprec_bind`	(none)	IP address to bind (0.0.0.0 = all interfaces). Required to enable SIPREC.
`siprec_bind_port`	(none)	SIP port for SIPREC INVITEs (e.g., 5099). Required.
`siprec_rtp_min`	10000	Lower bound of UDP port range for RTP
`siprec_rtp_max`	20000	Upper bound of UDP port range for RTP
`siprec_rtp_stream_timeout_s`	300	Timeout (seconds) for RTP inactivity before ending session
`siprec_rtp_streams_max_threads`	2	Max threads for RTP processing
`siprec_rtp_streams_max_per_thread`	100	Max RTP streams per thread before spawning new thread

After configuration:

systemctl restart voipmonitor

SIP Proxy Configuration

Configure your SRC to send SIPREC sessions to sip:VOIPMONITOR_IP:5099.

OpenSIPS

loadmodule "siprec.so"

modparam("siprec", "recorder_uri", "sip:192.168.1.12:5099")
modparam("siprec", "media_server_uri", "rtpengine")

route[record] {
    siprec_start("both");
}

// Call route(record) from your main route on INVITE

Kamailio

loadmodule "siprec.so"

modparam("siprec", "recorder_id", "kamailio-rec")
modparam("siprec", "recorder_uri", "sip:192.168.1.12:5099")

request_route {
    if (is_method("INVITE")) {
        siprec_start("both");
    }
}

Commercial SBCs

For Cisco CUBE, AudioCodes, Oracle, Avaya: set the "Recording Server" address to sip:VOIPMONITOR_IP:5099 and enable SIPREC on desired call policies. Refer to vendor documentation.

Testing

Ensure RTP proxy (RTPengine/RTPproxy) is running
Start SIP proxy with SIPREC enabled
Start VoIPmonitor and verify SIPREC is listening (check logs)
Place a test call through the proxy
Verify call appears in VoIPmonitor with metadata

💡 Tip: Use sngrep to watch SIPREC INVITE signaling between SRC and VoIPmonitor.

Firewall Requirements

Open these ports on the VoIPmonitor server:

TCP/UDP 5099 (or your configured SIPREC port) - SIP signaling
UDP 10000-20000 (or your configured range) - RTP media streams

Compliance Use Cases

SIPREC helps meet call recording requirements:

Industry	Regulations	Requirement
Financial Services	CFTC Rules 23.202/1.35, FINRA 3170, SEC 17a-4(f), MiFID II	Record and retain trader communications with tamper-proof storage
Emergency Services	NENA i3 (NG9-1-1)	SIP-based logging of 9-1-1 calls with metadata
Contact Centers	PCI-DSS	Avoid recording cardholder data (pause/resume, DTMF masking)

VoIPmonitor supports:

Immutable storage with audit trails (for SEC 17a-4, CFTC 1.31)
Selective or always-on recording
DTMF suppression to mask payment card tones
Pause/resume recording via API for PCI-DSS compliance
Detailed metadata for e-discovery and legal hold

FAQ

Q: Can I use SIPREC and packet capture simultaneously? Yes. Enabling SIPREC doesn't disable native capture. Both can run concurrently.

Q: What if my PBX doesn't support SIPREC? Use VoIPmonitor's native packet capture mode with port mirroring or network tap.

Q: Why choose SIPREC over port mirroring?

Easier in cloud/multi-tenant environments
Automatic call metadata via XML
Vendor-agnostic standard protocol

Q: How does this help with FINRA/CFTC compliance? Recordings are stored with immutability and audit logs per SEC 17a-4(f) and CFTC 1.31 requirements.

AI Summary for RAG

Summary: SIPREC (RFC 7866/7865) is an IETF standard for SIP call recording. VoIPmonitor acts as a Session Recording Server (SRS) receiving streams from SIPREC-enabled proxies/SBCs (the SRC). Configuration requires siprec_bind and siprec_bind_port in voipmonitor.conf. SIPREC can run alongside native packet capture. Benefits include automatic metadata, cloud compatibility, and vendor interoperability. Supports compliance requirements for financial services (CFTC, FINRA, SEC, MiFID II), emergency services (NENA i3), and PCI-DSS.

Keywords: SIPREC, Session Recording Protocol, RFC 7866, RFC 7865, SRS, SRC, call recording, VoIPmonitor SIPREC, siprec_bind, OpenSIPS siprec, Kamailio siprec, compliance recording, CFTC, FINRA, MiFID II, NENA i3, PCI-DSS

Key Questions:

How do I enable SIPREC in VoIPmonitor?
What is the difference between SIPREC and packet capture?
How to configure OpenSIPS or Kamailio for SIPREC with VoIPmonitor?
What ports need to be open for SIPREC?
Can VoIPmonitor use SIPREC and packet sniffing at the same time?
How does SIPREC help with CFTC/FINRA/MiFID II compliance?

@@ Line 81: / Line 81: @@
      siprec_start("both");
 }
+// Call route(record) from your main route on INVITE
 </syntaxhighlight>
@@ Line 133: / Line 135: @@
 * Immutable storage with audit trails (for SEC 17a-4, CFTC 1.31)
 * Selective or always-on recording
-* DTMF suppression and pause/resume API for PCI-DSS
+* DTMF suppression to mask payment card tones
+* Pause/resume recording via API for PCI-DSS compliance
 * Detailed metadata for e-discovery and legal hold
@@ Line 156: / Line 159: @@
 * [[GUI_CDR_viewer]] - Viewing recorded calls
 * [[Storing_audio]] - Audio storage options
 == AI Summary for RAG ==

SIPREC: Difference between revisions