Sniffer installation: Difference between revisions
No edit summary |
(Review: fix HTTP to HTTPS for GUI download URL consistency) |
||
| (29 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:Sniffer Installation Guide}} | |||
[[Category:Installation]] | |||
'''This guide provides step-by-step instructions for installing the VoIPmonitor sensor (sniffer). The recommended method for all modern Linux distributions is to use the pre-compiled static binary.''' | |||
== Understanding VoIPmonitor Components == | |||
VoIPmonitor consists of two separate components that work together: | |||
* '''Sniffer / Sensor''' (This Guide) | |||
** A static binary that captures and analyzes VoIP traffic | |||
** Runs as a background service on Linux servers | |||
** Complete and self-contained - the "static" binary is the full production package | |||
** Does NOT require a web server, PHP, or database to operate on the same machine (it connects to an existing database) | |||
* '''Web GUI''' (Separate Installation) | |||
** A PHP-based web interface for viewing captured data and configuring settings | |||
** Requires a web server (Apache/nginx), PHP, MySQL/MariaDB, and additional dependencies | |||
** The GUI package depends on your PHP version - you must download the version matching your server's PHP | |||
** See [[GUI_installation|GUI Installation Guide]] for complete setup instructions | |||
;Why are these separate? | |||
:The sniffer and web GUI are designed to run independently. You can deploy: | |||
:* Multiple sniffers capturing traffic from different locations, all sending data to a single central GUI | |||
:* Or install both components on the same server for small deployments | |||
The term "Static" in the sniffer package name refers to the binary being self-contained (with embedded libraries), not to the feature set. The static sniffer binary is the complete, recommended production package - there is no separate "full" version. | |||
== Overview == | |||
The VoIPmonitor sensor installation process follows these steps: | |||
<kroki lang="plantuml"> | |||
@startuml | |||
skinparam shadowing false | |||
skinparam defaultFontName Arial | |||
skinparam activity { | |||
BackgroundColor #E8F4FD | |||
BorderColor #4A90E2 | |||
} | |||
start | |||
:Download static binary archive; | |||
note right: wget from voipmonitor.org | |||
:Extract and run install-script.sh; | |||
note right: Installs binary, config, service | |||
:Edit /etc/voipmonitor.conf; | |||
note right: Database, interface, id_sensor | |||
:Start and enable service; | |||
note right: systemctl start/enable | |||
:Verify traffic capture; | |||
note right: journalctl -u voipmonitor -f | |||
stop | |||
@enduml | |||
</kroki> | |||
== Recommended Method: Static Binary Installation == | |||
A static binary includes all necessary libraries and is the quickest and most reliable way to get the sensor running on any supported Linux distribution with a kernel version of 2.6.18 or newer. | |||
=== Step 1: Download the Correct Archive === | |||
First, download the latest stable binary for your system's architecture from the official website. | |||
;For 64-bit (x86_64) Systems (most common): | |||
<syntaxhighlight lang="bash"> | |||
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz | |||
</syntaxhighlight> | |||
;For 32-bit (i686) Systems: | |||
<syntaxhighlight lang="bash"> | |||
wget https://www.voipmonitor.org/current-stable-sniffer-static-32bit.tar.gz -O voipmonitor-sniffer.tar.gz | |||
</syntaxhighlight> | |||
;For ARMv6/v7 (e.g., Raspberry Pi): | |||
<syntaxhighlight lang="bash"> | |||
wget https://www.voipmonitor.org/current-stable-sniffer-static-armv6k.tar.gz -O voipmonitor-sniffer.tar.gz | |||
</syntaxhighlight> | |||
=== Step 2: Extract and Run the Install Script === | |||
The downloaded archive contains an installation script that automates the setup process. | |||
<syntaxhighlight lang="bash"> | |||
# Extract the archive | |||
tar xzf voipmonitor-sniffer.tar.gz | |||
# Navigate into the newly created directory | |||
# The 'cd voipmonitor-*' command will work regardless of the exact version number | |||
cd voipmonitor-*-static | |||
# Run the installation script with root privileges | |||
sudo ./install-script.sh | |||
</syntaxhighlight> | |||
The <code>install-script.sh</code> will: | |||
* Copy the <code>voipmonitor</code> binary to <code>/usr/local/sbin/</code> | |||
* Copy the default configuration file to <code>/etc/voipmonitor.conf</code> | |||
* Copy the service startup script to <code>/etc/init.d/voipmonitor</code> | |||
* Attempt to enable the service to start on boot | |||
{{Note|1='''Which user account should the service run as?''' If the installation script asks which system user should run the VoIPmonitor sniffer service, you can select any option. The service is '''always configured to run under the root account''', regardless of the choice made during installation. This is necessary for packet capture privileges on the network interface. See [[Systemd_for_voipmonitor_service_management|systemd guide]] for details.}} | |||
=== Step 3: Initial Configuration === | |||
After the installation, you must edit the main configuration file to connect the sensor to your database and set basic parameters. | |||
<syntaxhighlight lang="bash"> | |||
nano /etc/voipmonitor.conf | |||
</syntaxhighlight> | |||
At a minimum, configure your [[Sniffer_configuration|database connection settings]] and the network interface to monitor. See [[Sniffer_configuration|Sniffer Configuration Reference]] for all available options. | |||
==== Sensor ID Configuration (for Multi-Sensor Deployments) ==== | |||
If you are deploying multiple sniffer instances (either on the same server with multiple network interfaces, or on different servers), you must assign a '''unique sensor ID''' to each instance. | |||
<syntaxhighlight lang="ini"> | |||
# Set a unique numeric identifier (1-65535) for this sensor | |||
id_sensor = 1 | |||
</syntaxhighlight> | |||
* The sensor ID is stored in the <code>cdr.id_sensor</code> database column and allows you to distinguish which sensor captured each call. | |||
* This is '''essential''' in multi-sensor deployments, [[Sniffer_distributed_architecture|distributed architectures]], or when using the [[Sniffer_distributed_architecture|Client/Server mode]]. | |||
* Leave this parameter ''unset'' (default) if you only have a single sensor deployment. | |||
==== System Resource Considerations ==== | |||
Before deploying a sniffer on a new server, ensure the server has adequate CPU, RAM, and disk I/O resources for your expected traffic load. | |||
{| class="wikitable" | |||
|- | |||
! Resource !! Recommendation | |||
|- | |||
| '''CPU''' || The main packet capture thread (t0) runs on a single CPU core. A modern Xeon with 2+ cores is recommended for production. Monitor <code>t0CPU</code> usage in logs – if consistently above 90-95%, you may need a faster CPU or additional sensors. | |||
|- | |||
| '''RAM''' || Minimum 2-4 GB for small deployments (<500 concurrent calls). For high traffic (2000+ calls), consider 8-16 GB. If MySQL runs on the same server, carefully allocate RAM to avoid OOM killer events. | |||
|- | |||
| '''Disk I/O''' || If recording audio, ensure adequate disk performance. A standard 7200 RPM SATA drive can handle ~2000 concurrent calls. For higher throughput, use SSD or RAID with WriteBack cache policy. | |||
|- | |||
| '''Storage''' || Plan capacity based on your [[Data_Cleaning|retention policy]]. Estimate space for PCAP files and CDR data based on average call duration and daily call volume. | |||
|} | |||
For detailed performance tuning, refer to the [[Scaling|Scaling and Performance Tuning guide]]. | |||
=== Step 4: Service Management (systemd) === | |||
Modern Linux distributions use <code>systemd</code> to manage services. Use the following commands to control the sniffer: | |||
;Start the service: | |||
:<syntaxhighlight lang="bash">systemctl start voipmonitor</syntaxhighlight> | |||
;Stop the service: | |||
:<syntaxhighlight lang="bash">systemctl stop voipmonitor</syntaxhighlight> | |||
;Check the service status: | |||
:<syntaxhighlight lang="bash">systemctl status voipmonitor</syntaxhighlight> | |||
;Enable the service to start automatically on boot: | |||
:<syntaxhighlight lang="bash">systemctl enable voipmonitor</syntaxhighlight> | |||
For a more detailed <code>systemd</code> service file template and advanced options, please see the [[Systemd_for_voipmonitor_service_management|systemd guide]]. | |||
=== Step 5: Verification === | |||
After starting the service, verify that it is running correctly and capturing traffic: | |||
;1. Check service status: | |||
<syntaxhighlight lang="bash"> | |||
systemctl status voipmonitor | |||
</syntaxhighlight> | |||
You should see <code>Active: active (running)</code>. | |||
;2. Monitor live logs for traffic capture statistics: | |||
<syntaxhighlight lang="bash"> | |||
journalctl -u voipmonitor -f | |||
</syntaxhighlight> | |||
Look for periodic output like <code>calls[X][Y] PS[...] SQLq[0]</code> to confirm the sensor is detecting traffic on the configured network interface. | |||
For additional troubleshooting if the sensor is not capturing calls, see [[Sniffer_troubleshooting|Sniffer Troubleshooting]]. | |||
=== Automated Scripts and Direct Downloads (No Portal Login Required) === | |||
For automated deployment scripts or when the support portal login requires captcha verification, you can use the direct download URLs without any authentication or portal access. These URLs are suitable for automation, CI/CD pipelines, and scripted installations. | |||
;Direct static sniffer download (no login required): | |||
:<syntaxhighlight lang="bash">wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz</syntaxhighlight> | |||
:<syntaxhighlight lang="bash">wget https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz</syntaxhighlight> | |||
These URLs provide the production-ready static binary and do not require any portal login, captcha verification, or user account. They are ideal for: | |||
* Automated deployment scripts | |||
* CI/CD pipelines | |||
* Automated update schedules | |||
* Server provisioning tools (Ansible, Puppet, Chef, etc.) | |||
For the GUI component, use the direct download URL with specific version parameters: | |||
:<syntaxhighlight lang="bash">wget 'https://www.voipmonitor.org/download-gui?version=latest&phpver=82' -O gui.tar.gz</syntaxhighlight> | |||
The <code>phpver</code> parameter specifies the PHP version (e.g., 81, 82, 83). | |||
=== Troubleshooting Download Issues === | |||
If the primary download URL hangs or fails (especially on Debian 11/12), this is often caused by issues with the chain of redirects to SourceForge mirrors. In such cases, use the alternative direct download link that bypasses the redirects: | |||
;Alternative direct download for 64-bit systems: | |||
<syntaxhighlight lang="bash"> | |||
wget https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz | |||
</syntaxhighlight> | |||
;Alternative direct download for 32-bit systems: | |||
<syntaxhighlight lang="bash"> | |||
wget https://download.voipmonitor.org/current-stable-sniffer-static-32bit.tar.gz | |||
</syntaxhighlight> | |||
;Alternative direct download for ARMv6/v7: | |||
<syntaxhighlight lang="bash"> | |||
wget https://download.voipmonitor.org/current-stable-sniffer-static-armv6k.tar.gz | |||
</syntaxhighlight> | |||
=== Downloading Specific Versions === | |||
If you need a specific version of the sniffer (e.g., <code>2025.07.1</code>), you can download it directly using the version number: | |||
;For 64-bit AMD64: | |||
<syntaxhighlight lang="bash"> | |||
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-amd64-VERSION-static.tar.gz | |||
# Example: | |||
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-amd64-2025.07.1-static.tar.gz | |||
</syntaxhighlight> | |||
;For 32-bit i686: | |||
<syntaxhighlight lang="bash"> | |||
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-i686-VERSION-static.tar.gz | |||
</syntaxhighlight> | |||
;For ARMv6/v7: | |||
<syntaxhighlight lang="bash"> | |||
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-armv6k-VERSION-static.tar.gz | |||
</syntaxhighlight> | |||
Replace <code>VERSION</code> with the desired version number (e.g., <code>2025.07.1</code>, <code>2025.06.1</code>, etc.). | |||
== Advanced & Special Installation Cases == | |||
=== Installing on Legacy OS Versions (CentOS 6, Older Distributions) === | |||
For legacy operating systems like CentOS 6.9 or distributions with older glibc versions, newer static binaries may have compatibility issues. If you encounter problems with the latest binary, follow these steps: | |||
;Step 1: Determine your system's architecture: | |||
<syntaxhighlight lang="bash"> | |||
uname -a | |||
</syntaxhighlight> | |||
Look for <code>x86_64</code> (64-bit) or <code>i686</code> (32-bit) in the output. | |||
;Step 2: Download the '''oldest available''' sniffer binary for your architecture from the [https://www.voipmonitor.org/download-sniffer VoIPmonitor download page] rather than the latest version. Older binaries are more likely to be compatible with older glibc libraries. | |||
;Step 3: Proceed with extraction and installation as described above. | |||
;Step 4: If you are also installing the GUI on the same legacy system and encounter <code>Error: The ionCube Loader is not installed correctly</code> or ioncube-related PHP errors: | |||
:* Download the '''"Linux glibc2.4 (64 bits)"''' legacy ionCube loader from the [https://www.ioncube.com/loaders.php official ionCube website] | |||
:* Extract and install it according to the ionCube installation instructions for your PHP version | |||
:* Verify the loader is correctly installed by running: | |||
<syntaxhighlight lang="bash"> | |||
php --version | |||
</syntaxhighlight> | |||
You should see the ionCube PHP Loader line listed without any error messages. | |||
=== Installing a Specific or Older Version === | |||
If you need a specific version (e.g., one that includes the Wireshark SS7 module), you can find historical releases on the [https://sourceforge.net/projects/voipmonitor/files/ VoIPmonitor SourceForge page]. | |||
Copy the download link for the desired file and use it with the <code>wget</code> command from Step 1. | |||
;Example for version 20.4.4 with the SS7 module: | |||
<syntaxhighlight lang="bash"> | |||
wget https://sourceforge.net/projects/voipmonitor/files/20.4/voipmonitor-wireshark-amd64-20.4.4-static.tar.gz/download -O voipmonitor-sniffer.tar.gz | |||
</syntaxhighlight> | |||
Then proceed with the extraction and installation as described above. | |||
=== Installing a Development Build (Manual Upgrade) === | |||
If instructed by the support team, you can manually upgrade to a new development build. | |||
<syntaxhighlight lang="bash"> | |||
# Create a temporary directory and download the new build | |||
mkdir /tmp/new-sniffer && cd /tmp/new-sniffer | |||
wget https://download.voipmonitor.org/some-development-build.tar.gz -O sniffer.tar.gz | |||
tar xzf sniffer.tar.gz | |||
# Stop the current service and back up the old binary | |||
systemctl stop voipmonitor | |||
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.backup | |||
# Copy the new binary into place and start the service | |||
cp voipmonitor-*-static/voipmonitor /usr/local/sbin/voipmonitor | |||
systemctl start voipmonitor | |||
</syntaxhighlight> | |||
=== Compiling from Source === | |||
For developers or special use cases, you can compile the sniffer from its source code. This is '''not''' the recommended method for most users. | |||
;Clone the master branch (stable): | |||
:<syntaxhighlight lang="bash">git clone https://github.com/voipmonitor/sniffer.git</syntaxhighlight> | |||
;Or clone the develop branch (latest features): | |||
:<syntaxhighlight lang="bash">git clone -b develop https://github.com/voipmonitor/sniffer.git</syntaxhighlight> | |||
Then follow the instructions in the <code>README</code> file within the repository. | |||
==== Example: Compiling from Source on Debian 12 (e.g., for ARM64) ==== | |||
;1. Install required dependencies: | |||
<syntaxhighlight lang="bash"> | |||
apt install git make g++ unixodbc-dev libvorbis-dev libmp3lame-dev libmpg123-dev \ | |||
libpcap-dev libssl-dev libsnappy-dev libcurl4-openssl-dev libicu-dev libpng-dev \ | |||
libjpeg-dev libfftw3-dev libjson-c-dev librrd-dev libglib2.0-dev libxml2-dev \ | |||
libmariadb-dev-compat libmariadb-dev libzstd-dev liblz4-dev liblzma-dev \ | |||
liblzo2-dev gnutls-dev libgcrypt-dev libgoogle-perftools-dev | |||
</syntaxhighlight> | |||
;2. Clone and compile: | |||
<syntaxhighlight lang="bash"> | |||
cd /usr/src | |||
git clone https://github.com/voipmonitor/sniffer.git | |||
cd sniffer | |||
./configure | |||
make | |||
</syntaxhighlight> | |||
;3. Install the compiled binary: | |||
<syntaxhighlight lang="bash"> | |||
# Back up the existing static binary if present | |||
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.static | |||
# Install the newly compiled binary | |||
mv /usr/src/sniffer/voipmonitor /usr/local/sbin/voipmonitor | |||
</syntaxhighlight> | |||
;4. (Optional) Enable automatic upgrades via git: | |||
:Add the following to <code>/etc/voipmonitor.conf</code>: | |||
<syntaxhighlight lang="ini"> | |||
upgrade_by_git = yes | |||
git_folder = /usr/src/sniffer | |||
</syntaxhighlight> | |||
;5. Restart the service: | |||
<syntaxhighlight lang="bash"> | |||
systemctl restart voipmonitor | |||
</syntaxhighlight> | |||
== Uninstallation == | |||
To completely remove the VoIPmonitor sensor from a system, follow these steps. | |||
=== For systemd-based Systems (Recommended) === | |||
<syntaxhighlight lang="bash"> | |||
# 1. Stop and disable the service | |||
systemctl stop voipmonitor | |||
systemctl disable voipmonitor | |||
# 2. Remove the service files and binary | |||
rm -f /etc/systemd/system/voipmonitor.service | |||
rm -f /etc/init.d/voipmonitor | |||
rm -f /usr/local/sbin/voipmonitor | |||
# 3. Reload systemd to apply changes | |||
systemctl daemon-reload | |||
# 4. (Optional) Back up and remove the configuration file | |||
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup | |||
</syntaxhighlight> | |||
{{Warning|1='''Deleting the spool directory is irreversible!''' The spool directory (<code>/var/spool/voipmonitor</code>) contains all captured PCAP files and audio recordings. Only delete it if you are certain you no longer need this data: <code>rm -rf /var/spool/voipmonitor</code>}} | |||
=== For Older SysV-based Systems === | |||
Run the following commands to stop the service and remove its files: | |||
<syntaxhighlight lang="bash"> | |||
/etc/init.d/voipmonitor stop | |||
update-rc.d voipmonitor remove | |||
rm -f /etc/init.d/voipmonitor | |||
rm -f /usr/local/sbin/voipmonitor | |||
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup | |||
</syntaxhighlight> | |||
== See Also == | |||
* [[Sniffer_configuration|Sniffer Configuration Reference]] | |||
* [[Sniffer_troubleshooting|Sniffer Troubleshooting]] | |||
* [[Sniffer_distributed_architecture|Distributed Architecture: Client-Server Mode]] | |||
* [[Scaling|Scaling and Performance Tuning]] | |||
* [[Data_Cleaning|Data Cleaning and Retention]] | |||
* [[Systemd_for_voipmonitor_service_management|systemd Service Management]] | |||
== AI Summary for RAG == | |||
'''Summary:''' Step-by-step guide for installing the VoIPmonitor sensor (sniffer) using pre-compiled static binaries. The process involves: downloading the correct archive for your architecture (64-bit, 32-bit, ARM), extracting and running <code>install-script.sh</code>, configuring <code>/etc/voipmonitor.conf</code> (database, network interface, id_sensor for multi-sensor deployments), and managing the service with systemctl. The service always runs as root regardless of installation prompts. For automated scripts or when portal login requires captcha verification, use direct download URLs that bypass authentication: <code>https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz</code> or <code>https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz</code>. GUI can be downloaded directly with: <code>wget 'http://www.voipmonitor.org/download-gui?version=latest&phpver=82' -O gui.tar.gz</code>. For legacy systems (CentOS 6, older glibc): download the oldest available binary for better compatibility. Includes system resource requirements, verification steps, alternative download URLs, compiling from source for ARM64/Debian 12, and complete uninstallation procedures. | |||
'''Keywords:''' install, installation, setup, sniffer, sensor, static binary, install-script.sh, download, wget, tar.gz, systemd, systemctl, id_sensor, multi-sensor, compile from source, git, git_folder, upgrade_by_git, ARM64, aarch64, Graviton, Raspberry Pi, Debian 12, 32-bit, 64-bit, uninstall, remove, CentOS 6, legacy, glibc, ionCube loader, x86_64, i686, root account, automated script, automation, CI/CD, Ansible, Puppet, Chef, direct download, captcha, portal login, no authentication, bypass | |||
'''Key Questions:''' | |||
* How do I install the VoIPmonitor sniffer? | |||
* Where can I download the sensor static binary? | |||
* Which user account should run the VoIPmonitor sniffer service? | |||
* How do I configure id_sensor for multi-sensor deployments? | |||
* What are the CPU and RAM requirements? | |||
* How do I start and enable the voipmonitor service? | |||
* What if the download URL hangs or fails? | |||
* How do I install on legacy CentOS 6 or older systems? | |||
* How do I compile from source on Debian 12 or ARM64? | |||
* How do I enable automatic git-based upgrades after compiling from source? | |||
* How do I uninstall VoIPmonitor completely? | |||
* How do I download the sniffer via automated scripts without portal login or captcha? | |||
* What are the direct download URLs for the VoIPmonitor components? | |||
Latest revision as of 21:28, 6 January 2026
This guide provides step-by-step instructions for installing the VoIPmonitor sensor (sniffer). The recommended method for all modern Linux distributions is to use the pre-compiled static binary.
Understanding VoIPmonitor Components
VoIPmonitor consists of two separate components that work together:
- Sniffer / Sensor (This Guide)
- A static binary that captures and analyzes VoIP traffic
- Runs as a background service on Linux servers
- Complete and self-contained - the "static" binary is the full production package
- Does NOT require a web server, PHP, or database to operate on the same machine (it connects to an existing database)
- Web GUI (Separate Installation)
- A PHP-based web interface for viewing captured data and configuring settings
- Requires a web server (Apache/nginx), PHP, MySQL/MariaDB, and additional dependencies
- The GUI package depends on your PHP version - you must download the version matching your server's PHP
- See GUI Installation Guide for complete setup instructions
- Why are these separate?
- The sniffer and web GUI are designed to run independently. You can deploy:
- Multiple sniffers capturing traffic from different locations, all sending data to a single central GUI
- Or install both components on the same server for small deployments
The term "Static" in the sniffer package name refers to the binary being self-contained (with embedded libraries), not to the feature set. The static sniffer binary is the complete, recommended production package - there is no separate "full" version.
Overview
The VoIPmonitor sensor installation process follows these steps:
Recommended Method: Static Binary Installation
A static binary includes all necessary libraries and is the quickest and most reliable way to get the sensor running on any supported Linux distribution with a kernel version of 2.6.18 or newer.
Step 1: Download the Correct Archive
First, download the latest stable binary for your system's architecture from the official website.
- For 64-bit (x86_64) Systems (most common)
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz
- For 32-bit (i686) Systems
wget https://www.voipmonitor.org/current-stable-sniffer-static-32bit.tar.gz -O voipmonitor-sniffer.tar.gz
- For ARMv6/v7 (e.g., Raspberry Pi)
wget https://www.voipmonitor.org/current-stable-sniffer-static-armv6k.tar.gz -O voipmonitor-sniffer.tar.gz
Step 2: Extract and Run the Install Script
The downloaded archive contains an installation script that automates the setup process.
# Extract the archive
tar xzf voipmonitor-sniffer.tar.gz
# Navigate into the newly created directory
# The 'cd voipmonitor-*' command will work regardless of the exact version number
cd voipmonitor-*-static
# Run the installation script with root privileges
sudo ./install-script.sh
The install-script.sh will:
- Copy the
voipmonitorbinary to/usr/local/sbin/ - Copy the default configuration file to
/etc/voipmonitor.conf - Copy the service startup script to
/etc/init.d/voipmonitor - Attempt to enable the service to start on boot
ℹ️ Note: Which user account should the service run as? If the installation script asks which system user should run the VoIPmonitor sniffer service, you can select any option. The service is always configured to run under the root account, regardless of the choice made during installation. This is necessary for packet capture privileges on the network interface. See systemd guide for details.
Step 3: Initial Configuration
After the installation, you must edit the main configuration file to connect the sensor to your database and set basic parameters.
nano /etc/voipmonitor.conf
At a minimum, configure your database connection settings and the network interface to monitor. See Sniffer Configuration Reference for all available options.
Sensor ID Configuration (for Multi-Sensor Deployments)
If you are deploying multiple sniffer instances (either on the same server with multiple network interfaces, or on different servers), you must assign a unique sensor ID to each instance.
# Set a unique numeric identifier (1-65535) for this sensor
id_sensor = 1
- The sensor ID is stored in the
cdr.id_sensordatabase column and allows you to distinguish which sensor captured each call. - This is essential in multi-sensor deployments, distributed architectures, or when using the Client/Server mode.
- Leave this parameter unset (default) if you only have a single sensor deployment.
System Resource Considerations
Before deploying a sniffer on a new server, ensure the server has adequate CPU, RAM, and disk I/O resources for your expected traffic load.
| Resource | Recommendation |
|---|---|
| CPU | The main packet capture thread (t0) runs on a single CPU core. A modern Xeon with 2+ cores is recommended for production. Monitor t0CPU usage in logs – if consistently above 90-95%, you may need a faster CPU or additional sensors.
|
| RAM | Minimum 2-4 GB for small deployments (<500 concurrent calls). For high traffic (2000+ calls), consider 8-16 GB. If MySQL runs on the same server, carefully allocate RAM to avoid OOM killer events. |
| Disk I/O | If recording audio, ensure adequate disk performance. A standard 7200 RPM SATA drive can handle ~2000 concurrent calls. For higher throughput, use SSD or RAID with WriteBack cache policy. |
| Storage | Plan capacity based on your retention policy. Estimate space for PCAP files and CDR data based on average call duration and daily call volume. |
For detailed performance tuning, refer to the Scaling and Performance Tuning guide.
Step 4: Service Management (systemd)
Modern Linux distributions use systemd to manage services. Use the following commands to control the sniffer:
- Start the service
systemctl start voipmonitor
- Stop the service
systemctl stop voipmonitor
- Check the service status
systemctl status voipmonitor
- Enable the service to start automatically on boot
systemctl enable voipmonitor
For a more detailed systemd service file template and advanced options, please see the systemd guide.
Step 5: Verification
After starting the service, verify that it is running correctly and capturing traffic:
- 1. Check service status
systemctl status voipmonitor
You should see Active: active (running).
- 2. Monitor live logs for traffic capture statistics
journalctl -u voipmonitor -f
Look for periodic output like calls[X][Y] PS[...] SQLq[0] to confirm the sensor is detecting traffic on the configured network interface.
For additional troubleshooting if the sensor is not capturing calls, see Sniffer Troubleshooting.
Automated Scripts and Direct Downloads (No Portal Login Required)
For automated deployment scripts or when the support portal login requires captcha verification, you can use the direct download URLs without any authentication or portal access. These URLs are suitable for automation, CI/CD pipelines, and scripted installations.
- Direct static sniffer download (no login required)
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gzwget https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
These URLs provide the production-ready static binary and do not require any portal login, captcha verification, or user account. They are ideal for:
- Automated deployment scripts
- CI/CD pipelines
- Automated update schedules
- Server provisioning tools (Ansible, Puppet, Chef, etc.)
For the GUI component, use the direct download URL with specific version parameters:
wget 'https://www.voipmonitor.org/download-gui?version=latest&phpver=82' -O gui.tar.gz
The phpver parameter specifies the PHP version (e.g., 81, 82, 83).
Troubleshooting Download Issues
If the primary download URL hangs or fails (especially on Debian 11/12), this is often caused by issues with the chain of redirects to SourceForge mirrors. In such cases, use the alternative direct download link that bypasses the redirects:
- Alternative direct download for 64-bit systems
wget https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
- Alternative direct download for 32-bit systems
wget https://download.voipmonitor.org/current-stable-sniffer-static-32bit.tar.gz
- Alternative direct download for ARMv6/v7
wget https://download.voipmonitor.org/current-stable-sniffer-static-armv6k.tar.gz
Downloading Specific Versions
If you need a specific version of the sniffer (e.g., 2025.07.1), you can download it directly using the version number:
- For 64-bit AMD64
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-amd64-VERSION-static.tar.gz
# Example:
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-amd64-2025.07.1-static.tar.gz
- For 32-bit i686
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-i686-VERSION-static.tar.gz
- For ARMv6/v7
wget https://download.voipmonitor.org/sniffer-develop/voipmonitor-armv6k-VERSION-static.tar.gz
Replace VERSION with the desired version number (e.g., 2025.07.1, 2025.06.1, etc.).
Advanced & Special Installation Cases
Installing on Legacy OS Versions (CentOS 6, Older Distributions)
For legacy operating systems like CentOS 6.9 or distributions with older glibc versions, newer static binaries may have compatibility issues. If you encounter problems with the latest binary, follow these steps:
- Step 1
- Determine your system's architecture:
uname -a
Look for x86_64 (64-bit) or i686 (32-bit) in the output.
- Step 2
- Download the oldest available sniffer binary for your architecture from the VoIPmonitor download page rather than the latest version. Older binaries are more likely to be compatible with older glibc libraries.
- Step 3
- Proceed with extraction and installation as described above.
- Step 4
- If you are also installing the GUI on the same legacy system and encounter
Error: The ionCube Loader is not installed correctlyor ioncube-related PHP errors:- Download the "Linux glibc2.4 (64 bits)" legacy ionCube loader from the official ionCube website
- Extract and install it according to the ionCube installation instructions for your PHP version
- Verify the loader is correctly installed by running:
php --version
You should see the ionCube PHP Loader line listed without any error messages.
Installing a Specific or Older Version
If you need a specific version (e.g., one that includes the Wireshark SS7 module), you can find historical releases on the VoIPmonitor SourceForge page.
Copy the download link for the desired file and use it with the wget command from Step 1.
- Example for version 20.4.4 with the SS7 module
wget https://sourceforge.net/projects/voipmonitor/files/20.4/voipmonitor-wireshark-amd64-20.4.4-static.tar.gz/download -O voipmonitor-sniffer.tar.gz
Then proceed with the extraction and installation as described above.
Installing a Development Build (Manual Upgrade)
If instructed by the support team, you can manually upgrade to a new development build.
# Create a temporary directory and download the new build
mkdir /tmp/new-sniffer && cd /tmp/new-sniffer
wget https://download.voipmonitor.org/some-development-build.tar.gz -O sniffer.tar.gz
tar xzf sniffer.tar.gz
# Stop the current service and back up the old binary
systemctl stop voipmonitor
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.backup
# Copy the new binary into place and start the service
cp voipmonitor-*-static/voipmonitor /usr/local/sbin/voipmonitor
systemctl start voipmonitor
Compiling from Source
For developers or special use cases, you can compile the sniffer from its source code. This is not the recommended method for most users.
- Clone the master branch (stable)
git clone https://github.com/voipmonitor/sniffer.git
- Or clone the develop branch (latest features)
git clone -b develop https://github.com/voipmonitor/sniffer.git
Then follow the instructions in the README file within the repository.
Example: Compiling from Source on Debian 12 (e.g., for ARM64)
- 1. Install required dependencies
apt install git make g++ unixodbc-dev libvorbis-dev libmp3lame-dev libmpg123-dev \
libpcap-dev libssl-dev libsnappy-dev libcurl4-openssl-dev libicu-dev libpng-dev \
libjpeg-dev libfftw3-dev libjson-c-dev librrd-dev libglib2.0-dev libxml2-dev \
libmariadb-dev-compat libmariadb-dev libzstd-dev liblz4-dev liblzma-dev \
liblzo2-dev gnutls-dev libgcrypt-dev libgoogle-perftools-dev
- 2. Clone and compile
cd /usr/src
git clone https://github.com/voipmonitor/sniffer.git
cd sniffer
./configure
make
- 3. Install the compiled binary
# Back up the existing static binary if present
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.static
# Install the newly compiled binary
mv /usr/src/sniffer/voipmonitor /usr/local/sbin/voipmonitor
- 4. (Optional) Enable automatic upgrades via git
- Add the following to
/etc/voipmonitor.conf:
upgrade_by_git = yes
git_folder = /usr/src/sniffer
- 5. Restart the service
systemctl restart voipmonitor
Uninstallation
To completely remove the VoIPmonitor sensor from a system, follow these steps.
For systemd-based Systems (Recommended)
# 1. Stop and disable the service
systemctl stop voipmonitor
systemctl disable voipmonitor
# 2. Remove the service files and binary
rm -f /etc/systemd/system/voipmonitor.service
rm -f /etc/init.d/voipmonitor
rm -f /usr/local/sbin/voipmonitor
# 3. Reload systemd to apply changes
systemctl daemon-reload
# 4. (Optional) Back up and remove the configuration file
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup
⚠️ Warning: Deleting the spool directory is irreversible! The spool directory (/var/spool/voipmonitor) contains all captured PCAP files and audio recordings. Only delete it if you are certain you no longer need this data: rm -rf /var/spool/voipmonitor
For Older SysV-based Systems
Run the following commands to stop the service and remove its files:
/etc/init.d/voipmonitor stop
update-rc.d voipmonitor remove
rm -f /etc/init.d/voipmonitor
rm -f /usr/local/sbin/voipmonitor
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup
See Also
- Sniffer Configuration Reference
- Sniffer Troubleshooting
- Distributed Architecture: Client-Server Mode
- Scaling and Performance Tuning
- Data Cleaning and Retention
- systemd Service Management
AI Summary for RAG
Summary: Step-by-step guide for installing the VoIPmonitor sensor (sniffer) using pre-compiled static binaries. The process involves: downloading the correct archive for your architecture (64-bit, 32-bit, ARM), extracting and running install-script.sh, configuring /etc/voipmonitor.conf (database, network interface, id_sensor for multi-sensor deployments), and managing the service with systemctl. The service always runs as root regardless of installation prompts. For automated scripts or when portal login requires captcha verification, use direct download URLs that bypass authentication: https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz or https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz. GUI can be downloaded directly with: wget 'http://www.voipmonitor.org/download-gui?version=latest&phpver=82' -O gui.tar.gz. For legacy systems (CentOS 6, older glibc): download the oldest available binary for better compatibility. Includes system resource requirements, verification steps, alternative download URLs, compiling from source for ARM64/Debian 12, and complete uninstallation procedures.
Keywords: install, installation, setup, sniffer, sensor, static binary, install-script.sh, download, wget, tar.gz, systemd, systemctl, id_sensor, multi-sensor, compile from source, git, git_folder, upgrade_by_git, ARM64, aarch64, Graviton, Raspberry Pi, Debian 12, 32-bit, 64-bit, uninstall, remove, CentOS 6, legacy, glibc, ionCube loader, x86_64, i686, root account, automated script, automation, CI/CD, Ansible, Puppet, Chef, direct download, captcha, portal login, no authentication, bypass
Key Questions:
- How do I install the VoIPmonitor sniffer?
- Where can I download the sensor static binary?
- Which user account should run the VoIPmonitor sniffer service?
- How do I configure id_sensor for multi-sensor deployments?
- What are the CPU and RAM requirements?
- How do I start and enable the voipmonitor service?
- What if the download URL hangs or fails?
- How do I install on legacy CentOS 6 or older systems?
- How do I compile from source on Debian 12 or ARM64?
- How do I enable automatic git-based upgrades after compiling from source?
- How do I uninstall VoIPmonitor completely?
- How do I download the sniffer via automated scripts without portal login or captcha?
- What are the direct download URLs for the VoIPmonitor components?