Sniffer upgrade: Difference between revisions

From VoIPmonitor.org
(Add deprecated options section for 2025.09.1)
(Rewrite: konsolidace a vylepšení struktury - kompaktnější formát, tabulky, lepší organizace troubleshootingu)
 
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{DISPLAYTITLE:Upgrading and Downgrading the Sniffer}}
{{DISPLAYTITLE:Upgrading and Downgrading the Sniffer}}


'''This guide provides step-by-step instructions for upgrading or downgrading the VoIPmonitor sensor (sniffer). There are two primary methods: using the Web GUI for simplicity, or performing a manual update via the command line for more control.'''
'''This guide covers VoIPmonitor sensor (sniffer) upgrades and downgrades. Two methods are available: Web GUI (recommended) or manual CLI.'''


== Method 1: Upgrading via the Web GUI (Recommended) ==
<kroki lang="mermaid">
This is the easiest and safest way to manage your sensor versions. This method only works for sensors that are currently running and connected to the GUI.
%%{init: {'flowchart': {'nodeSpacing': 15, 'rankSpacing': 30}}}%%
flowchart LR
    START[Need Upgrade?] --> Q1{GUI Available?}
    Q1 -->|Yes| GUI[GUI Upgrade]
    Q1 -->|No| CLI[Manual CLI]
    GUI --> DONE[Verify Version]
    CLI --> DONE
</kroki>


# Navigate to '''Settings -> Sensors''' in the VoIPmonitor GUI.
== Quick Reference ==
# Find the sensor you wish to update. If you need to see more details or older versions, click the '''[+]''' icon to expand the sensor's information.
# Click the blue '''UPGRADE''' button. A dropdown menu will appear.
# Select the desired version from the list. The list will contain the latest stable release as well as several previous versions for downgrading.
# The GUI will automatically handle the download and restart of the remote sensor service.


== Method 2: Manual Upgrade/Downgrade (via Command Line) ==
{| class="wikitable"
This method gives you full control and is necessary if the GUI method is not available or if you need to install a specific development build.
|-
! Task !! Command
|-
| Stop service || <code>systemctl stop voipmonitor</code>
|-
| Start service || <code>systemctl start voipmonitor</code>
|-
| Check version (local) || <code>/usr/local/sbin/voipmonitor --version</code>
|-
| Check version (remote) || <code>echo 'sniffer_version' <nowiki>|</nowiki> nc 127.0.0.1 5029</code>
|-
| Download latest stable || <code>wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz</code>
|}


=== Step 1: Stop the Running Sniffer ===
== Method 1: GUI Upgrade (Recommended) ==
First, log in to the sensor's server via SSH and stop the service. For modern systems using systemd:
 
<pre>
# Navigate to '''Settings → Sensors'''
# Click the blue '''UPGRADE''' button next to the sensor
# Select the desired version from the dropdown
# The GUI handles download and restart automatically
 
{{Note|This method requires the sensor to be running and connected to the GUI.}}
 
=== Scheduling Upgrades to Avoid Rate-Limiting ===
 
When upgrading many sensors simultaneously, you may encounter '''429 Too Many Requests''' errors from <code>download.voipmonitor.org</code>.
 
'''Solution:''' Stagger upgrade times:
# Click the '''wrench icon''' next to each sensor
# Go to the '''UPGRADE''' subtab
# Set different '''auto-upgrade datetime''' values for sensor groups
 
{{Tip|Example: Upgrade 10 sensors at 06:30, next 10 at 06:40, etc.}}
 
== Method 2: Manual CLI Upgrade ==
 
=== Step 1: Stop Service ===
<syntaxhighlight lang="bash">
systemctl stop voipmonitor
systemctl stop voipmonitor
</pre>
</syntaxhighlight>
For older systems using SysV init:
<pre>
/etc/init.d/voipmonitor stop
</pre>
''Tip: If the service fails to stop, you may need to terminate the process manually as a last resort: `killall -9 voipmonitor`''


=== Step 2: Download the Sniffer Archive ===
=== Step 2: Download Binary ===
Download the latest stable static binary from the official VoIPmonitor website. This package contains all necessary files.
<syntaxhighlight lang="bash">
<pre>
# This command downloads the latest stable 64-bit static sniffer
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz
</pre>
</syntaxhighlight>
If you need a specific older version or a special build (like one with SS7 support), you must get the direct download link from the support team or historical archives and use it with the `wget` command.
 
'''Alternative - Direct binary download:'''
<syntaxhighlight lang="bash">
# For specific version (replace version number)
wget https://download.voipmonitor.org/senzor/download/2025.04.4/voipmonitor.gz.64 -O voipmonitor.gz
gunzip voipmonitor.gz
cp voipmonitor /usr/local/sbin/voipmonitor
chmod +x /usr/local/sbin/voipmonitor
</syntaxhighlight>


=== Step 3: Install the New Binary ===
=== Step 3: Install ===
<pre>
<syntaxhighlight lang="bash">
# Extract the downloaded archive
tar xzf voipmonitor-sniffer.tar.gz
tar xzf voipmonitor-sniffer.tar.gz
# Navigate into the new directory. The wildcard (*) handles any version number.
cd voipmonitor-*-static
cd voipmonitor-*-static


# (Recommended) Back up your old binary
# Backup old binary
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.backup
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.backup


# Copy the new binary into place
# Install new binary
cp ./voipmonitor /usr/local/sbin/voipmonitor
cp ./voipmonitor /usr/local/sbin/voipmonitor
# Ensure the new binary is executable
chmod +x /usr/local/sbin/voipmonitor
chmod +x /usr/local/sbin/voipmonitor
</pre>
</syntaxhighlight>


=== Step 4: Start the Service ===
=== Step 4: Start Service ===
Finally, start the sniffer service again.
<syntaxhighlight lang="bash">
<pre>
systemctl start voipmonitor
systemctl start voipmonitor
</pre>
</syntaxhighlight>
Or for older systems:
<pre>
/etc/init.d/voipmonitor start
</pre>
 
== Verifying the Version ==
After an upgrade or downgrade, it's important to verify that the correct version is running.
 
=== Local Check ===
You can check the version directly from the binary on the sensor's server:
<pre>
/usr/local/sbin/voipmonitor --version
</pre>
Or, for more detail:
<pre>
/usr/local/sbin/voipmonitor | head
</pre>


=== Remote Check (via Manager API) ===
== Offline Upgrade ==
If the sniffer is running, you can query its version remotely using its manager API (default port 5029):
<pre>
echo 'sniffer_version' | nc 127.0.0.1 5029
</pre>


== Reinstalling After Operating System Upgrades ==
For servers without internet access:


After a major operating system upgrade (for example, upgrading from Debian 10 to Debian 11 or Debian 11 to Debian 12), the VoIPmonitor sniffer service may stop working or report errors such as "sensor is not registered" or fail to start properly. This occurs because system libraries, kernel interfaces, or service management systems (systemd) may have changed incompatibly with the existing installation.
# '''On a machine WITH internet:'''
#: <code>wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz</code>
# '''Transfer to offline server:'''
#: <code>scp voipmonitor-sniffer.tar.gz user@offline-server:/tmp/</code>
# '''On offline server:''' Follow Steps 1, 3, 4 from Method 2 above


When the sensor fails after an OS upgrade, the recommended solution is to perform a fresh installation using the static binary method rather than attempting to upgrade the existing installation.
{{Note|1=Restore backup if needed: <code>cp /usr/local/sbin/voipmonitor.backup /usr/local/sbin/voipmonitor</code>}}


=== Fresh Installation After OS Upgrade ===
== Reinstalling After OS Upgrade ==


Follow these steps to perform a fresh clean installation:
After major OS upgrades (e.g., Debian 10→11→12), perform a fresh installation:


;1. Stop and disable the old service:
<syntaxhighlight lang="bash">
<pre>
# 1. Stop and disable old service
sudo systemctl stop voipmonitor
sudo systemctl stop voipmonitor && sudo systemctl disable voipmonitor
sudo systemctl disable voipmonitor
</pre>


;2. Back up your configuration file (important!):
# 2. Backup configuration
<pre>
sudo cp /etc/voipmonitor.conf /etc/voipmonitor.conf.backup
sudo cp /etc/voipmonitor.conf /etc/voipmonitor.conf.backup
</pre>
This preserves your database connection settings, network interface configuration, and sensor ID.
;3. Download the latest stable static binary:
<pre>
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz
</pre>
Use the appropriate URL for your architecture (32-bit or ARM) if needed.


;4. Extract and run the installation script:
# 3. Download and install fresh
<pre>
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
tar xzf voipmonitor-sniffer.tar.gz
tar xzf voipmonitor-sniffer-*.tar.gz
cd voipmonitor-*-static
cd voipmonitor-*-static
sudo ./install-script.sh
sudo ./install-script.sh
</pre>


;5. Restore your configuration file:
# 4. Restore configuration
<pre>
sudo cp /etc/voipmonitor.conf.backup /etc/voipmonitor.conf
sudo cp /etc/voipmonitor.conf.backup /etc/voipmonitor.conf
</pre>


;6. Start and enable the service:
# 5. Enable and start
<pre>
sudo systemctl enable --now voipmonitor
sudo systemctl enable voipmonitor
</syntaxhighlight>
sudo systemctl start voipmonitor
 
</pre>
{{Tip|For client-server deployments, verify firewall rules for ports 5029 (manager) and 60024 (packet buffer).}}
 
== Deprecated Options (v2025.09.1+) ==


;7. Verify the sensor is working:
Remove these obsolete directives from <code>voipmonitor.conf</code>:
* Check service status: <code>sudo systemctl status voipmonitor</code>
* View logs: <code>sudo journalctl -u voipmonitor -f</code>
* If using client-server mode, verify the sensor appears in the GUI under '''Settings -> Sensors'''


For Client-Server deployments, you may need to update firewall rules on the new operating system to allow traffic on the manager port (default 5029) and packet buffer sender port (default 60024).
{| class="wikitable"
|-
! Removed Option !! Replacement
|-
| <code>vxlan</code>, <code>vxlan_port</code>, <code>vxlan_skipcrc</code> || <code>udp_port_vxlan = 4789</code>
|-
| <code>packet_buffer_total_size</code> || <code>max_buffer_mem</code>, <code>ringbuffer</code>
|-
| <code>udp_reassembly*</code>, <code>sipdefrag*</code> || Handled internally
|-
| <code>interface_snaplen</code> || <code>snaplen = 3200</code>
|-
| <code>max_sip_size</code>, <code>sanity_checks</code>, <code>check_sip_header</code> || Built-in improvements
|}


The fresh installation ensures that all service files, systemd configurations, and dependencies are compatible with the new operating system version, while preserving your original configuration settings.
Verify after cleanup:
<syntaxhighlight lang="bash">
systemctl restart voipmonitor
journalctl -u voipmonitor -n 50 | grep -i "unknown\|option"
</syntaxhighlight>


== Troubleshooting ==
== Troubleshooting ==


=== Upgrading One Sensor Upgrades Multiple Sensors ===
=== Upgrading One Sensor Affects Multiple Sensors ===
 
'''Cause:''' Multiple sensors share the same Manager IP + Port combination.
 
'''Fix:'''
# Check '''Settings → Sensors''' for duplicate IP/Port entries
# Ensure each sensor has a unique Manager IP (or unique port if on same host)
# Never use <code>127.0.0.1</code> for remote sensors


If attempting to upgrade a single sensor causes another sensor (or the entire GUI) to upgrade unexpectedly, the issue is likely due to duplicate sensor configuration.
=== Cannot Enable Auto-Upgrade for Default Local Sensor ===


'''Symptoms:'''
The default "local sensor" entry does not support auto-upgrade.
* Clicking the UPGRADE button for Sensor A causes Sensor B to update instead
* A sensor configured with <code>127.0.0.1</code> (localhost) affects multiple other sensors
* All sensors on the Settings > Sensors page show identical version after upgrade


'''Root Cause:'''
'''Solution:''' Create a new sensor entry:
This occurs when multiple sensor entries in the GUI are configured with the same Manager IP and Manager Port. The GUI sends upgrade commands to a specific endpoint (IP + Port), and any sensor entry pointing to that endpoint will reflect the change.
# '''Settings → Sensors → Add new sensor'''
# Set: Sensor ID (unique), Manager IP: <code>127.0.0.1</code>, Manager Port: <code>5029</code>
# Restart service: <code>systemctl restart voipmonitor</code>
# Configure auto-upgrade on the new sensor entry


In particular, if one sensor is configured with <code>127.0.0.1</code> (localhost) instead of its actual IP address, it will point to the GUI server itself. This causes unexpected behavior where operations on other sensors may affect the GUI server's local sensor if it exists.
=== "New Sensor Version Available" Notification Persists ===


'''Resolution:'''
'''Cause:''' Development version option is enabled.


1. Navigate to '''Settings → Sensors''' in the GUI
'''Fix:''' Disable '''System Configuration → Advanced → "enable upgrade sniffer to development version"'''
2. Examine the '''Manager IP''' and '''Manager Port''' columns for each sensor
3. Look for sensors configured with <code>127.0.0.1</code> or duplicate IP/Port combinations
4. For any sensor using <code>127.0.0.1</code>, change it to the actual IP address of that sensor
5. Ensure each sensor has a unique Manager IP (or unique Manager Port if multiple instances run on the same host)
6. Click '''Save''' to apply the changes


'''Verification:'''
=== "sniffer error: need AES!" ===
After correcting the configuration, attempt the upgrade again on the target sensor. Verify that only that specific sensor updates its version.


For more information on configuring sensors, see [[Settings#Sensors|GUI Settings]].
After upgrade, the GUI cannot communicate with sensor due to encryption key mismatch.


=== "New Sensor Version Available" Notification Persists After Upgrade ===
'''Solutions:'''
<syntaxhighlight lang="bash">
# Option 1: Remove old AES key from GUI database
cd /var/www/voipmonitor && php php/run.php delete_aes_key


If the GUI continues to display a "new sensor version available" notification even after all sensors have been updated to the latest version, this is typically caused by the development version upgrade setting.
# Option 2: Disable encryption in sensor config
echo "manager_enable_unencrypted = yes" >> /etc/voipmonitor.conf
systemctl restart voipmonitor
</syntaxhighlight>


'''Symptoms:'''
{{Warning|1=<code>manager_enable_unencrypted = yes</code> reduces security. Use only in trusted networks.}}
* All sensors show the latest version (e.g., 30.4) in Settings > Sensors
* GUI still displays "New sniffer version available" notification
* Clicking the notification shows no newer versions available


''' root Cause:'''
=== "Permission denied" During Upgrade ===
The GUI may be comparing against development/snapshot versions when the development version option is enabled.


'''Resolution:'''
'''Cause:''' <code>/tmp</code> mounted with <code>noexec</code> flag.


1. Navigate to '''System Configuration -> Advanced''' in the GUI
'''Fix:'''
2. Ensure the option "enable upgrade sniffer to development version" is '''disabled'''
<syntaxhighlight lang="bash">
3. Log out of the GUI and log back in to refresh the session
# Temporary fix
4. If the notification persists, wait for a period of time as the system may need time to propagate the version information to all components
mount -o remount,exec /tmp


'''Prevention:'''
# Permanent fix: edit /etc/fstab and remove 'noexec' from /tmp line
Keep the "enable upgrade sniffer to development version" setting disabled unless you specifically need to test prerelease or snapshot builds. Development versions are not recommended for production use.
</syntaxhighlight>


== Deprecated Configuration Options ==
=== Binary Lacks Execute Permission After Upgrade ===


When upgrading to sensor version 2025.09.1 or newer, certain configuration options that were supported in older versions have been removed or deprecated. While the sniffer will automatically ignore unknown options, it is recommended to remove these obsolete directives from your `voipmonitor.conf` file for clarity and to avoid confusion.
'''Symptom:''' Service fails to start, "Permission denied" on <code>/usr/local/sbin/voipmonitor</code>.


=== Options Removed in 2025.09.1 ===
'''Fix:'''
The following configuration options are no longer supported in sensor version 2025.09.1 and should be removed from your configuration file:
<syntaxhighlight lang="bash">
chmod +x /usr/local/sbin/voipmonitor
systemctl start voipmonitor
</syntaxhighlight>


* <code>vxlan</code>
=== "Could not resolve host: download.voipmonitor.org" ===
* <code>vxlan_port</code>
* <code>vxlan_skipcrc</code>
* <code>packet_buffer_total_size</code>
* <code>udp_reassembly</code>
* <code>udp_reassembly_max_size</code>
* <code>sipdefrag</code>
* <code>sipdefrag_maxpacket</code>
* <code>defragment_max_size</code>
* <code>defragment_timeout</code>
* <code>ignore_sip_parsing_errors</code>
* <code>sip_auto_clean</code>
* <code>max_sip_size</code>
* <code>sip_force_content_length</code>
* <code>sanity_checks</code>
* <code>check_sip_header</code>
* <code>interface_snaplen</code>


=== Recommended Replacements ===
'''Solutions:'''


If you were previously using any of the removed options, consider the following alternatives:
'''1. Configure proxy (if required):'''
<syntaxhighlight lang="ini">
# In /etc/voipmonitor.conf
curlproxy = http://proxy.example.com:3128
</syntaxhighlight>


* '''VXLAN support''': The old `<code>vxlan</code>` family of options has been replaced with `<code>udp_port_vxlan = 4789</code>` (default: 4789) for VXLAN tunnel detection in cloud environments like AWS.
'''2. Manual binary copy from another sensor:'''
<syntaxhighlight lang="bash">
scp working-sensor:/usr/local/sbin/voipmonitor /tmp/
cp /tmp/voipmonitor /usr/local/sbin/voipmonitor
chmod +x /usr/local/sbin/voipmonitor
</syntaxhighlight>


* '''Packet buffer sizing''': The `<code>packet_buffer_total_size</code>` option is no longer needed. Packet buffer memory is now managed automatically via `<code>max_buffer_mem</code>` (default: 2000 MB) and `<code>ringbuffer</code>` (default: 50 MB, increase to 500+ for >100 Mbit traffic).
=== SSL/TLS Protocol Error During Upgrade ===


* '''UDP reassembly and SIP defragmentation''': These features are now handled internally by the sniffer. The `<code>udp_reassembly*</code>` and `<code>sipdefrag*</code>` options are no longer configurable.
'''Symptom:''' <code>tlsv1 alert protocol version</code> error.


* '''SIP sanitization options''': Options like `<code>max_sip_size</code>`, `<code>sip_force_content_length</code>`, `<code>sanity_checks</code>`, and `<code>check_sip_header</code>` have been removed as the sniffer now includes built-in improvements for handling malformed SIP packets.
'''Temporary fix:'''
<syntaxhighlight lang="ini">
# In /etc/voipmonitor.conf
upgrade_try_http_if_https_fail = yes
</syntaxhighlight>


* '''Interface snap length''': `<code>interface_snaplen</code>` has been removed. Use the `<code>snaplen</code> parameter instead (default: 3200, increase to 65535 or 20000 for large SIP packets with extensive SDP or custom headers).
{{Warning|1=Disable this option after upgrade completes. HTTP is less secure than HTTPS.}}


=== Remaining Supported Options ===
=== Missing Database Table After Upgrade ===


The following options mentioned in the upgrade context remain supported and should be kept if needed in your environment:
'''Symptom:''' <code>Table 'voipmonitor.cdr_audio_transcribe' doesn't exist</code>


* <code>udp_port_vxlan = 4789</code> - VXLAN tunnel detection
'''Fix:''' Create the missing table manually:
* <code>auto_enable_use_blocks = yes</code> - Required for deduplication and correct RTP association
<syntaxhighlight lang="sql">
* <code>deduplicate = yes</code> - Packet deduplication
-- Connect to database
* <code>snaplen = 3200</code> - Packet capture length
mysql -h your_db_host -u your_db_user -p voipmonitor


=== Verification ===
-- Create the missing table (example for cdr_audio_transcribe)
CREATE TABLE `cdr_audio_transcribe` (
  `ID` bigint unsigned NOT NULL AUTO_INCREMENT,
  `calldate` datetime NOT NULL,
  `fbasename` varchar(255) DEFAULT NULL,
  `a_language` varchar(10) DEFAULT NULL,
  `b_language` varchar(10) DEFAULT NULL,
  `a_text` mediumtext,
  `b_text` mediumtext,
  PRIMARY KEY (`ID`,`calldate`),
  KEY `fbasename` (`fbasename`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3
PARTITION BY RANGE COLUMNS(calldate)
(PARTITION p_future VALUES LESS THAN MAXVALUE ENGINE = InnoDB);
</syntaxhighlight>


After removing deprecated options and adding any needed replacements, restart the sensor and verify it starts without warnings about unknown options:
Then restart: <code>systemctl restart voipmonitor</code>


<pre>
== See Also ==
systemctl restart voipmonitor
journalctl -u voipmonitor -n 50 | grep -i "unknown\|option"
</pre>


If you see warnings about unknown options, identify and remove those directives from your configuration file.
* [[Sniffer_installation]] - Initial sensor installation
* [[Sniffer_configuration]] - Configuration parameters
* [[Settings#Sensors]] - GUI sensor management
* [[Systemd_for_voipmonitor_service_management]] - Service management


== AI Summary for RAG ==
== AI Summary for RAG ==
'''Summary:''' This guide details the procedures for upgrading or downgrading the VoIPmonitor sensor. It presents two primary methods. The first and recommended method is using the Web GUI, by navigating to "Settings -> Sensors" and selecting a new version from the upgrade dropdown menu. The second method is a manual update via the command line, which involves four steps: 1) Stopping the voipmonitor service (`systemctl stop voipmonitor`). 2) Downloading the desired static binary `tar.gz` package using `wget`. 3) Backing up the old binary, copying the new one to `/usr/local/sbin/`, and setting execute permissions with `chmod`. 4) Starting the service again. The article also covers version verification methods, includes troubleshooting for sensor upgrade issues (duplicate Manager IP, localhost 127.0.0.1 configuration), troubleshooting for persistent "new sensor version available" notifications (caused by "enable upgrade sniffer to development version" setting), and provides a specific section on reinstalling after operating system upgrades (such as Debian 10 to 11 or 11 to 12). After a major OS upgrade when the sensor stops working or reports "sensor is not registered", the recommended solution is to perform a fresh installation using the static binary method while preserving the configuration file backup. Additionally, the document includes a "Deprecated Configuration Options" section for sensor version 2025.09.1 and newer, which lists 17 options that have been removed (vxlan, vxlan_port, vxlan_skipcrc, packet_buffer_total_size, udp_reassembly, udp_reassembly_max_size, sipdefrag, sipdefrag_maxpacket, defragment_max_size, defragment_timeout, ignore_sip_parsing_errors, sip_auto_clean, max_sip_size, sip_force_content_length, sanity_checks, check_sip_header, interface_snaplen) and provides recommended replacements where applicable (udp_port_vxlan, max_buffer_mem, ringbuffer, snaplen). The section also lists options that remain supported (udp_port_vxlan, auto_enable_use_blocks, deduplicate, snaplen) and provides verification commands to check for unknown options after configuration changes.
 
'''Keywords:''' upgrade, downgrade, update, sniffer, sensor, install, new version, old version, GUI upgrade, manual upgrade, command line, CLI, wget, tar.gz, systemctl, service, check version, verify, voipmonitor.org/download, troubleshooting, multiple sensors, duplicate IP, localhost, 127.0.0.1, Manager IP, operating system upgrade, OS upgrade, Debian 10, Debian 11, Debian 12, reinstall, fresh installation, sensor not registered, new sensor version available, notification persists, development version, enable upgrade sniffer to development version, System Configuration Advanced, System Configuration, deprecated options, unsupported options, 2025.09.1, voipmonitor.conf, vxlan, vxlan_port, vxlan_skipcrc, packet_buffer_total_size, udp_reassembly, udp_reassembly_max_size, sipdefrag, sipdefrag_maxpacket, defragment_max_size, defragment_timeout, ignore_sip_parsing_errors, sip_auto_clean, max_sip_size, sip_force_content_length, sanity_checks, check_sip_header, interface_snaplen, udp_port_vxlan, auto_enable_use_blocks, deduplicate, snaplen, max_buffer_mem, ringbuffer, configuration cleanup
'''Summary:''' Guide for upgrading/downgrading VoIPmonitor sensor. Two methods: (1) '''GUI upgrade''' - Settings → Sensors → UPGRADE button, includes scheduling to avoid 429 rate-limiting errors by setting different auto-upgrade datetime per sensor group. (2) '''Manual CLI''' - stop service, wget binary, backup old, copy new to <code>/usr/local/sbin/</code>, chmod +x, start. Covers offline upgrade (SCP transfer), fresh install after OS upgrade (backup config, run install-script.sh, restore config). Deprecated options in v2025.09.1: vxlan→udp_port_vxlan, sipdefrag→internal, interface_snaplen→snaplen. Troubleshooting: duplicate Manager IP causes multi-sensor upgrade, default local sensor needs manual replacement for auto-upgrade, "need AES" fix with delete_aes_key or manager_enable_unencrypted, noexec /tmp fix with remount, missing chmod +x, curlproxy for network issues, upgrade_try_http_if_https_fail for TLS errors, manual CREATE TABLE for missing DB tables.
 
'''Keywords:''' upgrade, downgrade, sniffer, sensor, GUI upgrade, manual upgrade, wget, systemctl, chmod, version check, Manager API, OS upgrade, reinstall, rate limiting, 429 error, schedule upgrades, auto-upgrade datetime, need AES, delete_aes_key, manager_enable_unencrypted, deprecated options, 2025.09.1, permission denied, noexec, curlproxy, TLS error, upgrade_try_http_if_https_fail, missing table
 
'''Key Questions:'''
'''Key Questions:'''
* How do I upgrade the VoIPmonitor sniffer?
* How do I upgrade the VoIPmonitor sniffer via GUI or CLI?
* How can I downgrade the sensor to a previous version?
* How can I downgrade the sensor to a previous version?
* What is the easiest way to update my remote sensors?
* How do I avoid "429 Too Many Requests" errors when upgrading many sensors?
* How do I perform a manual upgrade of the sniffer using the command line?
* How do I schedule sensor upgrades to prevent rate limiting?
* How can I check which version of the sniffer I am currently running?
* Why can I not enable auto-upgrade for the default local sensor?
* Where can I download the latest stable sniffer binary?
* What should I do after upgrading the operating system?
* Why does upgrading one sensor upgrade multiple sensors?
* Why does upgrading one sensor upgrade multiple sensors?
* How do I fix a sensor configured with 127.0.0.1?
* How do I fix "sniffer error: need AES!" after upgrade?
* Why are all sensors updating when I upgrade only one?
* Which configuration options are deprecated in version 2025.09.1?
* What should I do after upgrading the operating system (e.g., Debian 11 to Debian 12)?
* How do I fix "Permission denied" during sensor upgrade?
* How do I fix a "sensor is not registered" error after an OS upgrade?
* How do I fix "Could not resolve host" during GUI upgrade?
* How do I perform a fresh installation of the sniffer after an operating system upgrade?
* How do I fix SSL/TLS protocol version error during upgrade?
* Why does the GUI still show "new sensor version available" after all sensors are updated?
* How do I fix missing database table error after upgrade?
* Which configuration options are deprecated in sensor version 2025.09.1?
* What options should I remove from voipmonitor.conf after upgrading to 2025.09.1?
* What are the deprecated options for the latest sniffer version?
* How do I clean up unsupported options from my voipmonitor.conf?
* What is the replacement for the vxlan configuration options?
* What replaced the deprecated interface_snaplen option?
* How do I verify my configuration file has no deprecated options?

Latest revision as of 16:48, 8 January 2026


This guide covers VoIPmonitor sensor (sniffer) upgrades and downgrades. Two methods are available: Web GUI (recommended) or manual CLI.

Quick Reference

Task Command
Stop service systemctl stop voipmonitor
Start service systemctl start voipmonitor
Check version (local) /usr/local/sbin/voipmonitor --version
Check version (remote) echo 'sniffer_version' | nc 127.0.0.1 5029
Download latest stable wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz

Method 1: GUI Upgrade (Recommended)

  1. Navigate to Settings → Sensors
  2. Click the blue UPGRADE button next to the sensor
  3. Select the desired version from the dropdown
  4. The GUI handles download and restart automatically

ℹ️ Note: This method requires the sensor to be running and connected to the GUI.

Scheduling Upgrades to Avoid Rate-Limiting

When upgrading many sensors simultaneously, you may encounter 429 Too Many Requests errors from download.voipmonitor.org.

Solution: Stagger upgrade times:

  1. Click the wrench icon next to each sensor
  2. Go to the UPGRADE subtab
  3. Set different auto-upgrade datetime values for sensor groups

💡 Tip: Example: Upgrade 10 sensors at 06:30, next 10 at 06:40, etc.

Method 2: Manual CLI Upgrade

Step 1: Stop Service

systemctl stop voipmonitor

Step 2: Download Binary

wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz

Alternative - Direct binary download: 

# For specific version (replace version number)
wget https://download.voipmonitor.org/senzor/download/2025.04.4/voipmonitor.gz.64 -O voipmonitor.gz
gunzip voipmonitor.gz
cp voipmonitor /usr/local/sbin/voipmonitor
chmod +x /usr/local/sbin/voipmonitor

Step 3: Install

tar xzf voipmonitor-sniffer.tar.gz
cd voipmonitor-*-static

# Backup old binary
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.backup

# Install new binary
cp ./voipmonitor /usr/local/sbin/voipmonitor
chmod +x /usr/local/sbin/voipmonitor

Step 4: Start Service

systemctl start voipmonitor

Offline Upgrade

For servers without internet access:

  1. On a machine WITH internet:
    wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
  2. Transfer to offline server:
    scp voipmonitor-sniffer.tar.gz user@offline-server:/tmp/
  3. On offline server: Follow Steps 1, 3, 4 from Method 2 above

ℹ️ Note: Restore backup if needed: cp /usr/local/sbin/voipmonitor.backup /usr/local/sbin/voipmonitor

Reinstalling After OS Upgrade

After major OS upgrades (e.g., Debian 10→11→12), perform a fresh installation: 

# 1. Stop and disable old service
sudo systemctl stop voipmonitor && sudo systemctl disable voipmonitor

# 2. Backup configuration
sudo cp /etc/voipmonitor.conf /etc/voipmonitor.conf.backup

# 3. Download and install fresh
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
tar xzf voipmonitor-sniffer-*.tar.gz
cd voipmonitor-*-static
sudo ./install-script.sh

# 4. Restore configuration
sudo cp /etc/voipmonitor.conf.backup /etc/voipmonitor.conf

# 5. Enable and start
sudo systemctl enable --now voipmonitor

💡 Tip: For client-server deployments, verify firewall rules for ports 5029 (manager) and 60024 (packet buffer).

Deprecated Options (v2025.09.1+)

Remove these obsolete directives from voipmonitor.conf:

Removed Option Replacement
vxlan, vxlan_port, vxlan_skipcrc udp_port_vxlan = 4789
packet_buffer_total_size max_buffer_mem, ringbuffer
udp_reassembly*, sipdefrag* Handled internally
interface_snaplen snaplen = 3200
max_sip_size, sanity_checks, check_sip_header Built-in improvements

Verify after cleanup: 

systemctl restart voipmonitor
journalctl -u voipmonitor -n 50 | grep -i "unknown\|option"

Troubleshooting

Upgrading One Sensor Affects Multiple Sensors

Cause: Multiple sensors share the same Manager IP + Port combination.

Fix:

  1. Check Settings → Sensors for duplicate IP/Port entries
  2. Ensure each sensor has a unique Manager IP (or unique port if on same host)
  3. Never use 127.0.0.1 for remote sensors

Cannot Enable Auto-Upgrade for Default Local Sensor

The default "local sensor" entry does not support auto-upgrade.

Solution: Create a new sensor entry:

  1. Settings → Sensors → Add new sensor
  2. Set: Sensor ID (unique), Manager IP: 127.0.0.1, Manager Port: 5029
  3. Restart service: systemctl restart voipmonitor
  4. Configure auto-upgrade on the new sensor entry

"New Sensor Version Available" Notification Persists

Cause: Development version option is enabled.

Fix: Disable System Configuration → Advanced → "enable upgrade sniffer to development version"

"sniffer error: need AES!"

After upgrade, the GUI cannot communicate with sensor due to encryption key mismatch.

Solutions: 

# Option 1: Remove old AES key from GUI database
cd /var/www/voipmonitor && php php/run.php delete_aes_key

# Option 2: Disable encryption in sensor config
echo "manager_enable_unencrypted = yes" >> /etc/voipmonitor.conf
systemctl restart voipmonitor

⚠️ Warning: manager_enable_unencrypted = yes reduces security. Use only in trusted networks.

"Permission denied" During Upgrade

Cause: /tmp mounted with noexec flag.

Fix: 

# Temporary fix
mount -o remount,exec /tmp

# Permanent fix: edit /etc/fstab and remove 'noexec' from /tmp line

Binary Lacks Execute Permission After Upgrade

Symptom: Service fails to start, "Permission denied" on /usr/local/sbin/voipmonitor.

Fix: 

chmod +x /usr/local/sbin/voipmonitor
systemctl start voipmonitor

"Could not resolve host: download.voipmonitor.org"

Solutions:

1. Configure proxy (if required): 

# In /etc/voipmonitor.conf
curlproxy = http://proxy.example.com:3128

2. Manual binary copy from another sensor: 

scp working-sensor:/usr/local/sbin/voipmonitor /tmp/
cp /tmp/voipmonitor /usr/local/sbin/voipmonitor
chmod +x /usr/local/sbin/voipmonitor

SSL/TLS Protocol Error During Upgrade

Symptom: tlsv1 alert protocol version error.

Temporary fix: 

# In /etc/voipmonitor.conf
upgrade_try_http_if_https_fail = yes

⚠️ Warning: Disable this option after upgrade completes. HTTP is less secure than HTTPS.

Missing Database Table After Upgrade

Symptom: Table 'voipmonitor.cdr_audio_transcribe' doesn't exist

Fix: Create the missing table manually: 

-- Connect to database
mysql -h your_db_host -u your_db_user -p voipmonitor

-- Create the missing table (example for cdr_audio_transcribe)
CREATE TABLE `cdr_audio_transcribe` (
  `ID` bigint unsigned NOT NULL AUTO_INCREMENT,
  `calldate` datetime NOT NULL,
  `fbasename` varchar(255) DEFAULT NULL,
  `a_language` varchar(10) DEFAULT NULL,
  `b_language` varchar(10) DEFAULT NULL,
  `a_text` mediumtext,
  `b_text` mediumtext,
  PRIMARY KEY (`ID`,`calldate`),
  KEY `fbasename` (`fbasename`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3
PARTITION BY RANGE COLUMNS(calldate)
(PARTITION p_future VALUES LESS THAN MAXVALUE ENGINE = InnoDB);

Then restart: systemctl restart voipmonitor

See Also

AI Summary for RAG

Summary: Guide for upgrading/downgrading VoIPmonitor sensor. Two methods: (1) GUI upgrade - Settings → Sensors → UPGRADE button, includes scheduling to avoid 429 rate-limiting errors by setting different auto-upgrade datetime per sensor group. (2) Manual CLI - stop service, wget binary, backup old, copy new to /usr/local/sbin/, chmod +x, start. Covers offline upgrade (SCP transfer), fresh install after OS upgrade (backup config, run install-script.sh, restore config). Deprecated options in v2025.09.1: vxlan→udp_port_vxlan, sipdefrag→internal, interface_snaplen→snaplen. Troubleshooting: duplicate Manager IP causes multi-sensor upgrade, default local sensor needs manual replacement for auto-upgrade, "need AES" fix with delete_aes_key or manager_enable_unencrypted, noexec /tmp fix with remount, missing chmod +x, curlproxy for network issues, upgrade_try_http_if_https_fail for TLS errors, manual CREATE TABLE for missing DB tables.

Keywords: upgrade, downgrade, sniffer, sensor, GUI upgrade, manual upgrade, wget, systemctl, chmod, version check, Manager API, OS upgrade, reinstall, rate limiting, 429 error, schedule upgrades, auto-upgrade datetime, need AES, delete_aes_key, manager_enable_unencrypted, deprecated options, 2025.09.1, permission denied, noexec, curlproxy, TLS error, upgrade_try_http_if_https_fail, missing table

Key Questions:

  • How do I upgrade the VoIPmonitor sniffer via GUI or CLI?
  • How can I downgrade the sensor to a previous version?
  • How do I avoid "429 Too Many Requests" errors when upgrading many sensors?
  • How do I schedule sensor upgrades to prevent rate limiting?
  • Why can I not enable auto-upgrade for the default local sensor?
  • What should I do after upgrading the operating system?
  • Why does upgrading one sensor upgrade multiple sensors?
  • How do I fix "sniffer error: need AES!" after upgrade?
  • Which configuration options are deprecated in version 2025.09.1?
  • How do I fix "Permission denied" during sensor upgrade?
  • How do I fix "Could not resolve host" during GUI upgrade?
  • How do I fix SSL/TLS protocol version error during upgrade?
  • How do I fix missing database table error after upgrade?
Retrieved from "https://www.voipmonitor.org/doc/index.php?title=Sniffer_upgrade&oldid=10108"