Sniffer installation: Difference between revisions

From VoIPmonitor.org
(Add Sensor ID configuration and System Resource Considerations sections)
(Improved formatting: added overview diagram, fixed syntax highlighting in compile section, converted system resources to table, fixed internal links, added See Also section, condensed AI Summary)
Line 1: Line 1:
{{DISPLAYTITLE:Sniffer Installation Guide}}
Category:Installation


'''This guide provides step-by-step instructions for installing the VoIPmonitor sensor (sniffer). The recommended method for all modern Linux distributions is to use the pre-compiled static binary.'''
'''This guide provides step-by-step instructions for installing the VoIPmonitor sensor (sniffer). The recommended method for all modern Linux distributions is to use the pre-compiled static binary.'''
== Overview ==
The VoIPmonitor sensor installation process follows these steps:
<kroki lang="plantuml">
@startuml
skinparam shadowing false
skinparam defaultFontName Arial
skinparam activity {
  BackgroundColor #E8F4FD
  BorderColor #4A90E2
}
start
:Download static binary archive;
note right: wget from voipmonitor.org
:Extract and run install-script.sh;
note right: Installs binary, config, service
:Edit /etc/voipmonitor.conf;
note right: Database, interface, id_sensor
:Start and enable service;
note right: systemctl start/enable
:Verify traffic capture;
note right: journalctl -u voipmonitor -f
stop
@enduml
</kroki>


== Recommended Method: Static Binary Installation ==
== Recommended Method: Static Binary Installation ==
Line 36: Line 67:
./install-script.sh
./install-script.sh
</syntaxhighlight>
</syntaxhighlight>
The `install-script.sh` will:
 
* Copy the `voipmonitor` binary to `/usr/local/sbin/`.
The <code>install-script.sh</code> will:
* Copy the default configuration file to `/etc/voipmonitor.conf`.
* Copy the <code>voipmonitor</code> binary to <code>/usr/local/sbin/</code>
* Copy the service startup script to `/etc/init.d/voipmonitor`.
* Copy the default configuration file to <code>/etc/voipmonitor.conf</code>
* Attempt to enable the service to start on boot.
* Copy the service startup script to <code>/etc/init.d/voipmonitor</code>
* Attempt to enable the service to start on boot


=== Step 3: Initial Configuration ===
=== Step 3: Initial Configuration ===
Line 47: Line 79:
nano /etc/voipmonitor.conf
nano /etc/voipmonitor.conf
</syntaxhighlight>
</syntaxhighlight>
At a minimum, configure your [[Sniffer_configuration#MySQL_Options|database connection settings]] and the [[Sniffer_configuration#Basic_Options|network interface]] to monitor.
 
At a minimum, configure your [[Sniffer_configuration#Database_Configuration|database connection settings]] and the [[Sniffer_configuration#Network_Interface_.26_Sniffing|network interface]] to monitor.


==== Sensor ID Configuration (for Multi-Sensor Deployments) ====
==== Sensor ID Configuration (for Multi-Sensor Deployments) ====
If you are deploying multiple sniffer instances (either on the same server with multiple network interfaces, or on different servers), you must assign a '''unique sensor ID''' to each instance.
If you are deploying multiple sniffer instances (either on the same server with multiple network interfaces, or on different servers), you must assign a '''unique sensor ID''' to each instance.


* Set a unique numeric identifier (1-65535) for this sensor:
<syntaxhighlight lang="ini">
<code>id_sensor = 1</code>
# Set a unique numeric identifier (1-65535) for this sensor
id_sensor = 1
</syntaxhighlight>


* The sensor ID is stored in the <code>cdr.id_sensor</code> database column and allows you to distinguish which sensor captured each call.
* The sensor ID is stored in the <code>cdr.id_sensor</code> database column and allows you to distinguish which sensor captured each call.
* This is '''essential''' in multi-sensor deployments, distributed architectures, or when using the Client/Server mode.
* This is '''essential''' in multi-sensor deployments, [[Sniffer_distributed_architecture|distributed architectures]], or when using the [[Sniffer_distributed_architecture#Client-Server_Mode|Client/Server mode]].
* Leave this parameter ''unset'' (default) if you only have a single sensor deployment.
* Leave this parameter ''unset'' (default) if you only have a single sensor deployment.


For detailed information, see [[Sniffer_configuration#id_sensor|id_sensor configuration]].
For detailed information, see [[Sniffer_configuration#General_.26_Core_Settings|id_sensor configuration]].


==== System Resource Considerations ====
==== System Resource Considerations ====
Before deploying a sniffer on a new server, ensure the server has adequate CPU, RAM, and disk I/O resources for your expected traffic load.
Before deploying a sniffer on a new server, ensure the server has adequate CPU, RAM, and disk I/O resources for your expected traffic load.


* '''CPU:''' The main packet capture thread (t0) runs on a single CPU core. A modern Xeon with 2+ cores is recommended for production environments. Monitor t0CPU usage in logs – if consistently above 90-95%, you may need a faster CPU or additional sensors.
{| class="wikitable"
* '''RAM:''' Minimum 2-4 GB is recommended for small deployments (under 500 concurrent calls). For high traffic (2000+ concurrent calls), consider 8-16 GB RAM. If MySQL/MariaDB runs on the same server, carefully allocate RAM to avoid OOM killer events. See [[Scaling|Scaling and Performance Tuning]] for detailed formulas.
|-
* '''Disk I/O:''' If recording audio, ensure adequate disk performance. A standard 7200 RPM SATA drive can handle ~2000 concurrent calls with full recording. For higher throughput, use SSD or RAID with WriteBack cache policy.
! Resource !! Recommendation
* '''Storage:''' Plan storage capacity based on your retention policy. Estimate space needed for PCAP files and CDR data based on average call duration and expected daily call volume.
|-
| '''CPU''' || The main packet capture thread (t0) runs on a single CPU core. A modern Xeon with 2+ cores is recommended for production. Monitor <code>t0CPU</code> usage in logs – if consistently above 90-95%, you may need a faster CPU or additional sensors.
|-
| '''RAM''' || Minimum 2-4 GB for small deployments (<500 concurrent calls). For high traffic (2000+ calls), consider 8-16 GB. If MySQL runs on the same server, carefully allocate RAM to avoid [[Sniffer_troubleshooting#Check_for_OOM_.28Out_of_Memory.29_Issues|OOM killer events]].
|-
| '''Disk I/O''' || If recording audio, ensure adequate disk performance. A standard 7200 RPM SATA drive can handle ~2000 concurrent calls. For higher throughput, use SSD or RAID with WriteBack cache policy.
|-
| '''Storage''' || Plan capacity based on your [[Data_Cleaning|retention policy]]. Estimate space for PCAP files and CDR data based on average call duration and daily call volume.
|}


For detailed performance tuning and scaling guidance, refer to the [[Scaling|Performance Tuning and Scaling guide]].
For detailed performance tuning, refer to the [[Scaling|Scaling and Performance Tuning guide]].


=== Step 4: Service Management (systemd) ===
=== Step 4: Service Management (systemd) ===
Modern Linux distributions use `systemd` to manage services. Use the following commands to control the sniffer:
Modern Linux distributions use <code>systemd</code> to manage services. Use the following commands to control the sniffer:


;Start the service:
;Start the service:
Line 83: Line 126:
:<syntaxhighlight lang="bash">systemctl enable voipmonitor</syntaxhighlight>
:<syntaxhighlight lang="bash">systemctl enable voipmonitor</syntaxhighlight>


For a more detailed `systemd` service file template and advanced options, please see the [[Systemd_for_voipmonitor_service_management|systemd guide]].
For a more detailed <code>systemd</code> service file template and advanced options, please see the [[Systemd_for_voipmonitor_service_management|systemd guide]].


=== Step 5: Verification ===
=== Step 5: Verification ===
After starting the service, verify that it is running correctly and capturing traffic:
After starting the service, verify that it is running correctly and capturing traffic:


* Check service status:
;1. Check service status:
<syntaxhighlight lang="bash">systemctl status voipmonitor</syntaxhighlight>
<syntaxhighlight lang="bash">
systemctl status voipmonitor
</syntaxhighlight>
You should see <code>Active: active (running)</code>.
You should see <code>Active: active (running)</code>.


* Monitor live logs for traffic capture statistics:
;2. Monitor live logs for traffic capture statistics:
<syntaxhighlight lang="bash">journalctl -u voipmonitor -f</syntaxhighlight>
<syntaxhighlight lang="bash">
Look for periodic output like <code>traffic[X Mb/s] calls[X] queue[0]</code> to confirm the sensor is detecting traffic on the configured network interface.
journalctl -u voipmonitor -f
</syntaxhighlight>
Look for periodic output like <code>calls[X][Y] PS[...] SQLq[0]</code> to confirm the sensor is detecting traffic on the configured network interface.
 
For additional troubleshooting if the sensor is not capturing calls, see [[Sniffer_troubleshooting|Sniffer Troubleshooting]].


=== Troubleshooting Download Issues ===
=== Troubleshooting Download Issues ===
Line 121: Line 170:
If you need a specific version (e.g., one that includes the Wireshark SS7 module), you can find historical releases on the [https://sourceforge.net/projects/voipmonitor/files/ VoIPmonitor SourceForge page].
If you need a specific version (e.g., one that includes the Wireshark SS7 module), you can find historical releases on the [https://sourceforge.net/projects/voipmonitor/files/ VoIPmonitor SourceForge page].


Copy the download link for the desired file and use it with the `wget` command from Step 1.
Copy the download link for the desired file and use it with the <code>wget</code> command from Step 1.
 
;Example for version 20.4.4 with the SS7 module:
;Example for version 20.4.4 with the SS7 module:
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 147: Line 197:
=== Compiling from Source ===
=== Compiling from Source ===
For developers or special use cases, you can compile the sniffer from its source code. This is '''not''' the recommended method for most users.
For developers or special use cases, you can compile the sniffer from its source code. This is '''not''' the recommended method for most users.
;Clone the master branch (stable):
;Clone the master branch (stable):
:<syntaxhighlight lang="bash">git clone https://github.com/voipmonitor/sniffer.git</syntaxhighlight>
:<syntaxhighlight lang="bash">git clone https://github.com/voipmonitor/sniffer.git</syntaxhighlight>
;Or clone the develop branch (latest features):
;Or clone the develop branch (latest features):
:<syntaxhighlight lang="bash">git clone -b develop https://github.com/voipmonitor/sniffer.git</syntaxhighlight>
:<syntaxhighlight lang="bash">git clone -b develop https://github.com/voipmonitor/sniffer.git</syntaxhighlight>
Then follow the instructions in the `README` file within the repository.


=== Example of compiling from the source (e.g. for arm64) ===
Then follow the instructions in the <code>README</code> file within the repository.
Debian12


apt install git make g++ unixodbc-dev libvorbis-dev libmp3lame-dev libmpg123-dev libpcap-dev libssl-dev libsnappy-dev libcurl4-openssl-dev libicu-dev libpng-dev libjpeg-dev libfftw3-dev libjson-c-dev librrd-dev libglib2.0-dev libxml2-dev libmariadb-dev-compat libmariadb-dev libzstd-dev liblz4-dev liblzma-dev liblzo2-dev gnutls-dev libgcrypt-dev libgoogle-perftools-dev
==== Example: Compiling from Source on Debian 12 (e.g., for ARM64) ====


cd /usr/src
;1. Install required dependencies:
git clone https://github.com/voipmonitor/sniffer.git
<syntaxhighlight lang="bash">
cd sniffer
apt install git make g++ unixodbc-dev libvorbis-dev libmp3lame-dev libmpg123-dev \
./configure
    libpcap-dev libssl-dev libsnappy-dev libcurl4-openssl-dev libicu-dev libpng-dev \
make
    libjpeg-dev libfftw3-dev libjson-c-dev librrd-dev libglib2.0-dev libxml2-dev \
# if exists old binary
    libmariadb-dev-compat libmariadb-dev libzstd-dev liblz4-dev liblzma-dev \
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.static
    liblzo2-dev gnutls-dev libgcrypt-dev libgoogle-perftools-dev
</syntaxhighlight>


mv /usr/src/sniffer/voipmonitor /usr/local/sbin/voipmonitor
;2. Clone and compile:
<syntaxhighlight lang="bash">
cd /usr/src
git clone https://github.com/voipmonitor/sniffer.git
cd sniffer
./configure
make
</syntaxhighlight>


Add these lines to the config:
;3. Install the compiled binary:
<syntaxhighlight lang="bash">
# Back up the existing static binary if present
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.static


# Install the newly compiled binary
mv /usr/src/sniffer/voipmonitor /usr/local/sbin/voipmonitor
</syntaxhighlight>
;4. (Optional) Enable automatic upgrades via git:
Add the following to <code>/etc/voipmonitor.conf</code>:
<syntaxhighlight lang="ini">
upgrade_by_git = yes
upgrade_by_git = yes
git_folder = /usr/src/sniffer
git_folder = /usr/src/sniffer
</syntaxhighlight>


AND restart:
;5. Restart the service:
service voipmonitor restart
<syntaxhighlight lang="bash">
systemctl restart voipmonitor
</syntaxhighlight>


== Uninstallation ==
== Uninstallation ==
Line 202: Line 271:
</syntaxhighlight>
</syntaxhighlight>


=== For older SysV-based Systems ===
=== For Older SysV-based Systems ===
Run the following commands to stop the service and remove its files:
Run the following commands to stop the service and remove its files:
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 211: Line 280:
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup
</syntaxhighlight>
</syntaxhighlight>
== See Also ==
* [[Sniffer_configuration|Sniffer Configuration Reference]]
* [[Sniffer_troubleshooting|Sniffer Troubleshooting]]
* [[Sniffer_distributed_architecture|Distributed Architecture: Client-Server Mode]]
* [[Scaling|Scaling and Performance Tuning]]
* [[Data_Cleaning|Data Cleaning and Retention]]
* [[Systemd_for_voipmonitor_service_management|systemd Service Management]]


== AI Summary for RAG ==
== AI Summary for RAG ==
'''Summary:''' This guide provides a step-by-step process for installing the VoIPmonitor sensor (sniffer). The primary and recommended method is using the pre-compiled static binary, which involves downloading the correct archive for the system architecture (64-bit, 32-bit, or ARM), extracting it, and running the included `install-script.sh`. The guide details the post-installation steps: editing `/etc/voipmonitor.conf`, configuring the sensor ID for multi-sensor deployments (`id_sensor`), verifying system resource requirements (CPU, RAM, disk I/O, storage), managing the service with `systemctl` (start, stop, enable), and monitoring live logs for traffic capture verification. For download issues on Debian 11/12 or other systems where the primary URL fails or hangs due to SourceForge redirect issues, an alternative direct download URL is available at `https://download.voipmonitor.org/` which bypasses the redirect chain. It also covers advanced scenarios, such as installing a specific older version from SourceForge, manually upgrading to a development build, and compiling from source via `git clone`. Finally, it provides complete uninstallation procedures for both modern `systemd` systems and older `SysV` systems, including commands to remove binaries, configuration files, and service links.
'''Summary:''' Step-by-step guide for installing the VoIPmonitor sensor (sniffer) using pre-compiled static binaries. The process involves: downloading the correct archive for your architecture (64-bit, 32-bit, ARM), extracting and running <code>install-script.sh</code>, configuring <code>/etc/voipmonitor.conf</code> (database, network interface, id_sensor for multi-sensor deployments), and managing the service with systemctl. Includes system resource requirements, verification steps, alternative download URLs for when primary links fail, compiling from source for ARM64/Debian 12, and complete uninstallation procedures.
'''Keywords:''' install, installation, setup, sniffer, sensor, static binary, install-script.sh, download, wget, tar.gz, systemd, systemctl, enable on boot, start service, id_sensor, sensor ID, multi-sensor deployment, unique sensor, system resources, CPU, RAM, disk I/O, storage, performance, monitoring, t0CPU, verify, traffic capture, verify logs, compile from source, git, development build, upgrade, uninstall, remove, SysV, init.d, arm, x86_64, download issues, redirect, SourceForge, alternative download URL
'''Keywords:''' install, installation, setup, sniffer, sensor, static binary, install-script.sh, download, wget, tar.gz, systemd, systemctl, id_sensor, multi-sensor, compile from source, git, ARM64, Debian 12, uninstall, remove
'''Key Questions:'''
'''Key Questions:'''
* How do I install the VoIPmonitor sniffer?
* How do I install the VoIPmonitor sniffer?
* What is the recommended way to install VoIPmonitor?
* Where can I download the sensor static binary?
* Where can I download the latest static binary for the sensor?
* How do I configure id_sensor for multi-sensor deployments?
* What does the `install-script.sh` do?
* What are the CPU and RAM requirements?
* How do I configure a unique sensor ID for multi-sensor deployments?
* How do I start and enable the voipmonitor service?
* What is id_sensor and when is it required?
* What if the download URL hangs or fails?
* What are the minimum CPU and RAM requirements for VoIPmonitor?
* How do I compile from source on Debian 12 or ARM64?
* How much disk space and I/O do I need for VoIPmonitor?
* How do I uninstall VoIPmonitor completely?
* How do I start the voipmonitor service and enable it on boot?
* How do I verify the sniffer is capturing network traffic?
* How can I install an older version of the sniffer?
* How do I completely uninstall or remove the VoIPmonitor sensor?
* What do I do if the wget download hangs or fails on Debian 11/12?
* What is the alternative direct download URL if the primary URL fails?
* How to compile the sniffer from source code?

Revision as of 22:48, 4 January 2026

Category:Installation

This guide provides step-by-step instructions for installing the VoIPmonitor sensor (sniffer). The recommended method for all modern Linux distributions is to use the pre-compiled static binary.

Overview

The VoIPmonitor sensor installation process follows these steps:

Recommended Method: Static Binary Installation

A static binary includes all necessary libraries and is the quickest and most reliable way to get the sensor running on any supported Linux distribution with a kernel version of 2.6.18 or newer.

Step 1: Download the Correct Archive

First, download the latest stable binary for your system's architecture from the official website.

For 64-bit (x86_64) Systems (most common)
wget https://www.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz -O voipmonitor-sniffer.tar.gz
For 32-bit (i686) Systems
wget https://www.voipmonitor.org/current-stable-sniffer-static-32bit.tar.gz -O voipmonitor-sniffer.tar.gz
For ARMv6/v7 (e.g., Raspberry Pi)
wget https://www.voipmonitor.org/current-stable-sniffer-static-armv6k.tar.gz -O voipmonitor-sniffer.tar.gz

Step 2: Extract and Run the Install Script

The downloaded archive contains an installation script that automates the setup process. 

# Extract the archive
tar xzf voipmonitor-sniffer.tar.gz

# Navigate into the newly created directory
# The 'cd voipmonitor-*' command will work regardless of the exact version number
cd voipmonitor-*-static

# Run the installation script with root privileges
./install-script.sh

The install-script.sh will:

  • Copy the voipmonitor binary to /usr/local/sbin/
  • Copy the default configuration file to /etc/voipmonitor.conf
  • Copy the service startup script to /etc/init.d/voipmonitor
  • Attempt to enable the service to start on boot

Step 3: Initial Configuration

After the installation, you must edit the main configuration file to connect the sensor to your database and set basic parameters. 

nano /etc/voipmonitor.conf

At a minimum, configure your database connection settings and the network interface to monitor.

Sensor ID Configuration (for Multi-Sensor Deployments)

If you are deploying multiple sniffer instances (either on the same server with multiple network interfaces, or on different servers), you must assign a unique sensor ID to each instance. 

# Set a unique numeric identifier (1-65535) for this sensor
id_sensor = 1
  • The sensor ID is stored in the cdr.id_sensor database column and allows you to distinguish which sensor captured each call.
  • This is essential in multi-sensor deployments, distributed architectures, or when using the Client/Server mode.
  • Leave this parameter unset (default) if you only have a single sensor deployment.

For detailed information, see id_sensor configuration.

System Resource Considerations

Before deploying a sniffer on a new server, ensure the server has adequate CPU, RAM, and disk I/O resources for your expected traffic load.

Resource Recommendation
CPU The main packet capture thread (t0) runs on a single CPU core. A modern Xeon with 2+ cores is recommended for production. Monitor t0CPU usage in logs – if consistently above 90-95%, you may need a faster CPU or additional sensors.
RAM Minimum 2-4 GB for small deployments (<500 concurrent calls). For high traffic (2000+ calls), consider 8-16 GB. If MySQL runs on the same server, carefully allocate RAM to avoid OOM killer events.
Disk I/O If recording audio, ensure adequate disk performance. A standard 7200 RPM SATA drive can handle ~2000 concurrent calls. For higher throughput, use SSD or RAID with WriteBack cache policy.
Storage Plan capacity based on your retention policy. Estimate space for PCAP files and CDR data based on average call duration and daily call volume.

For detailed performance tuning, refer to the Scaling and Performance Tuning guide.

Step 4: Service Management (systemd)

Modern Linux distributions use systemd to manage services. Use the following commands to control the sniffer:

Start the service
systemctl start voipmonitor
Stop the service
systemctl stop voipmonitor
Check the service status
systemctl status voipmonitor
Enable the service to start automatically on boot
systemctl enable voipmonitor

For a more detailed systemd service file template and advanced options, please see the systemd guide.

Step 5: Verification

After starting the service, verify that it is running correctly and capturing traffic:

1. Check service status
systemctl status voipmonitor

You should see Active: active (running).

2. Monitor live logs for traffic capture statistics
journalctl -u voipmonitor -f

Look for periodic output like calls[X][Y] PS[...] SQLq[0] to confirm the sensor is detecting traffic on the configured network interface.

For additional troubleshooting if the sensor is not capturing calls, see Sniffer Troubleshooting.

Troubleshooting Download Issues

If the primary download URL hangs or fails (especially on Debian 11/12), this is often caused by issues with the chain of redirects to SourceForge mirrors. In such cases, use the alternative direct download link that bypasses the redirects:

Alternative direct download for 64-bit systems
wget https://download.voipmonitor.org/current-stable-sniffer-static-64bit.tar.gz
Alternative direct download for 32-bit systems
wget https://download.voipmonitor.org/current-stable-sniffer-static-32bit.tar.gz
Alternative direct download for ARMv6/v7
wget https://download.voipmonitor.org/current-stable-sniffer-static-armv6k.tar.gz

This alternative URL provides a direct download from voipmonitor.org, avoiding the redirect chain and potential SourceForge-related issues.

Advanced & Special Installation Cases

Installing a Specific or Older Version

If you need a specific version (e.g., one that includes the Wireshark SS7 module), you can find historical releases on the VoIPmonitor SourceForge page.

Copy the download link for the desired file and use it with the wget command from Step 1.

Example for version 20.4.4 with the SS7 module
wget https://sourceforge.net/projects/voipmonitor/files/20.4/voipmonitor-wireshark-amd64-20.4.4-static.tar.gz/download -O voipmonitor-sniffer.tar.gz

Then proceed with the extraction and installation as described above.

Installing a Development Build (Manual Upgrade)

If instructed by the support team, you can manually upgrade to a new development build. 

# Create a temporary directory and download the new build
mkdir /tmp/new-sniffer && cd /tmp/new-sniffer
wget https://download.voipmonitor.org/some-development-build.tar.gz -O sniffer.tar.gz
tar xzf sniffer.tar.gz

# Stop the current service and back up the old binary
systemctl stop voipmonitor
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.backup

# Copy the new binary into place and start the service
cp voipmonitor-*-static/voipmonitor /usr/local/sbin/voipmonitor
systemctl start voipmonitor

Compiling from Source

For developers or special use cases, you can compile the sniffer from its source code. This is not the recommended method for most users.

Clone the master branch (stable)
git clone https://github.com/voipmonitor/sniffer.git
Or clone the develop branch (latest features)
git clone -b develop https://github.com/voipmonitor/sniffer.git

Then follow the instructions in the README file within the repository.

Example: Compiling from Source on Debian 12 (e.g., for ARM64)

1. Install required dependencies
apt install git make g++ unixodbc-dev libvorbis-dev libmp3lame-dev libmpg123-dev \
    libpcap-dev libssl-dev libsnappy-dev libcurl4-openssl-dev libicu-dev libpng-dev \
    libjpeg-dev libfftw3-dev libjson-c-dev librrd-dev libglib2.0-dev libxml2-dev \
    libmariadb-dev-compat libmariadb-dev libzstd-dev liblz4-dev liblzma-dev \
    liblzo2-dev gnutls-dev libgcrypt-dev libgoogle-perftools-dev
2. Clone and compile
cd /usr/src
git clone https://github.com/voipmonitor/sniffer.git
cd sniffer
./configure
make
3. Install the compiled binary
# Back up the existing static binary if present
mv /usr/local/sbin/voipmonitor /usr/local/sbin/voipmonitor.static

# Install the newly compiled binary
mv /usr/src/sniffer/voipmonitor /usr/local/sbin/voipmonitor
4. (Optional) Enable automatic upgrades via git

Add the following to /etc/voipmonitor.conf: 

upgrade_by_git = yes
git_folder = /usr/src/sniffer
5. Restart the service
systemctl restart voipmonitor

Uninstallation

To completely remove the VoIPmonitor sensor from a system, follow these steps.

For systemd-based Systems (Recommended)

# 1. Stop and disable the service
systemctl stop voipmonitor
systemctl disable voipmonitor

# 2. Remove the service files and binary
rm -f /etc/systemd/system/voipmonitor.service
rm -f /etc/init.d/voipmonitor
rm -f /usr/local/sbin/voipmonitor

# 3. Reload systemd to apply changes
systemctl daemon-reload

# 4. (Optional) Back up and remove the configuration file
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup

# 5. (Optional) Delete the spool directory (contains all captured data)
# WARNING: This is irreversible!
# rm -rf /var/spool/voipmonitor

For Older SysV-based Systems

Run the following commands to stop the service and remove its files: 

/etc/init.d/voipmonitor stop
update-rc.d voipmonitor remove
rm -f /etc/init.d/voipmonitor
rm -f /usr/local/sbin/voipmonitor
mv /etc/voipmonitor.conf /etc/voipmonitor.conf.backup

See Also

AI Summary for RAG

Summary: Step-by-step guide for installing the VoIPmonitor sensor (sniffer) using pre-compiled static binaries. The process involves: downloading the correct archive for your architecture (64-bit, 32-bit, ARM), extracting and running install-script.sh, configuring /etc/voipmonitor.conf (database, network interface, id_sensor for multi-sensor deployments), and managing the service with systemctl. Includes system resource requirements, verification steps, alternative download URLs for when primary links fail, compiling from source for ARM64/Debian 12, and complete uninstallation procedures. Keywords: install, installation, setup, sniffer, sensor, static binary, install-script.sh, download, wget, tar.gz, systemd, systemctl, id_sensor, multi-sensor, compile from source, git, ARM64, Debian 12, uninstall, remove Key Questions:

  • How do I install the VoIPmonitor sniffer?
  • Where can I download the sensor static binary?
  • How do I configure id_sensor for multi-sensor deployments?
  • What are the CPU and RAM requirements?
  • How do I start and enable the voipmonitor service?
  • What if the download URL hangs or fails?
  • How do I compile from source on Debian 12 or ARM64?
  • How do I uninstall VoIPmonitor completely?
Retrieved from "https://www.voipmonitor.org/doc/index.php?title=Sniffer_installation&oldid=6631"