Latest release notes of the VoIP Analyzer Tool
v23.09.16.00
- Optimize SharkEdit: Anonymize any field in any Wireshark pcap file based on the well known Wireshark display filters
- also called “flexible anonymize” in the GUI
- Optimize SharkExport/filter any field in any Wireshark pcap file based on the well known Wireshark display filters.
- Export on HTML format and in Excel CSV format
- also called “flexible filter” in the GUI
- Support LinkLayers.Ppp
- text2pcap: add syslog remark when limit of 1000 packets is reached
- text2pcap: better detection of date/time for unknown vendors
- Bug fixing
v23.06.10.00
- NEW: SharkEdit: Anonymize any field in any Wireshark pcap file based on the well known Wireshark display filters
- also called “flexible anonymize” in the GUI
- NEW: Export/filter any field in any Wireshark pcap file based on the well known Wireshark display filters.
- Export on HTML format and in Excel CSV format
- also called “flexible filter” in the GUI
- Add live suggestion in GUI of any Wireshark display filter for anonymize or export/filter
- Bug fixing
v23.06.10.00
- NEW: SharkEdit: Anonymize any field in any Wireshark pcap file based on the well known Wireshark display filters
- also called “flexible anonymize” in the GUI
- NEW: Export/filter any field in any Wireshark pcap file based on the well known Wireshark display filters.
- Export on HTML format and in Excel CSV format
- also called “flexible filter” in the GUI
- Add live suggestion in GUI of any Wireshark display filter for anonymize or export/filter
- Bug fixing
v23.04.21.00
- Bugfixing
v23.04.21.00
- Bugfixing
v22.12.02.00
- SIP
- Siplog2Pcap: conversion from a SIP log to a pcap now supported for following SIP vendors:
- 3CX
- Alcatel
- Anveo
- Asterisk
- AudioCodes Syslog
- AudioCodes SIP ladder diagram files
- Avaya
- BroadWorks XS logs (BroadSoft)
- Cisco or CUCM Sip Logs
- Enovation UMO (UMO SIP Alarm devices)
- Genesys
- Lync
- Mediatrix Syslog
- Microsoft Teams -> see AudioCodes syslog
- Mitel
- OneAccess (Ekinops)
- OpenScape Business (Atos/Unify)
- OpenScape 4000 STMI SIP logs (Atos/Unify)
- OpenScape Voice RTT traces (Atos/Unify)
- RingCentral
- Twilio
- Yealink
- Other SIP vendors can be supported on simple demand.
- Siplog2Pcap: conversion from a SIP log to a pcap now supported for following SIP vendors:
-
- SipLog2Pcap: OpenScape voice RTT trace: optimize handling of SIP-Q message body
- Show also SIP CANCEL after SIP RE-INVITE as incomplete SIP dialog
- Show SIP Source IP and SIP Destination IP as summary in SIP Ladder diagram pop-ups
- SIP Call duration is zero when there is no SIP BYE message
- Anonymize
- anonymize the HTTP protocol
- anonymize the SSDP protocol
- anonymize the FTP protocol (USER and PASS only)
- anonymize also SIPS (Secure SIP)
- Text2Pcap
- Text2Pcap: make detection of start of a new hex packet more defensive
- Text2Pcap: support Cisco ASR 5000 / Cisco ASR 5500 hexdump file format (RawIP)
- Text2Pcap: support Fortinet hex dumps
- Text2Pcap: support "Cisco monitor capture" format
- Text2Pcap: support Juniper Netscreen Snoop format hex dumps
- Other
- Support CSTA III during pcap analysis: Show CSTA III messages in generated HTML page
- optimize readability of the XML protocol in a SIP message body in the SIP ladder diagrams
- support IP fragmentation for IP in a GRE tunnel (Generic Routing Encapsulation)
- Optimize SEO
- support TZSP encapsulation: TaZmen Sniffer Protocol
- Generate wave files also for SRTP
- Optimize RTCP logging
- support of 802.3br packets
v22.06.01.00
- SIP
- optimize creation of short SIP headers when there is a ";" sign in the SIP header display part
- RTP
- RTP comfort noice not correct indicated for SRTP in RTP HTML table
- Anonymize
- anonymize FTP password
- anonymize HTTP GET string
- always anonymize SIP TEL URI (also when they are not RFC conform formatted)
- keep original IP addreses during anonymize when there are pre-defined documentation IP addresses (RFC5737)
- Automatic update
- check version.txt and version.html at startup
- detect download of update failure. Make timeout shorter.
- optimize handling if HTTPS request to check latest version is blocked
- GPRS Tunneling Protocol (GTP)
- optimize detection and unpacking of of GPRS Tunneling Protocol (GTP) when there are optional GTP parameters
- Other
- show license request sting in the logging at startup when there is no license
- adjust executable names for linux (all lower case now)
- default path to c:\voipanalyzer in Windows install program
v22.05.16.00
- SIP
- anonymize RFC7315 private SIP headers
- support RFC3262 RAck SIP header for ABNF check
- SIP request line sometimes too long in the SVG diagram
- AudioCodes
- Major performance optimalisation for AudioCodes SipLog2Pcap conversion
- optimize AudioCodes SID filtered files
- Detect CallID2 for Audiocodes sipLog2PCap. Show in HTML tables CallID2
- Support multipart body for SipLog2Pcap (e.g. QISG, SIP-Q, ...) (e.g. for OpenScape Voice - OpenScape 4000 - OpenScape Business)
- RTP
- anonymize RTP payload while volume is still detectable
- detect ambiguous RTP sender timestamp
- MGCP
- defensive reading of MGCP messages. allow <br> and \n
- updater
- add automatic online updater
- ZIP
- minor correction for unzipping with gzip
- SipLog2Pcap
- add CONVERSIONS button in GUI
- General
- optimize TCP reassemble when reassembled packet is larger than 64kB
- Add counter in HTML tables simular as in CSV files
v22.03.14.00
- SipLog2Pcap
- add CONVERSIONS button in GUI
- SipLog2Pcap: convert SIP logs to Wireshark pcap files.
- SIP log conversions supported from following vendors:
- ▪ Anveo
▪ Asterisk
▪ AudioCodes Syslog
▪ AudioCodes SIP ladder diagram files
▪ Broadsoft
▪ Genesys
▪ Lync
▪ Mediatrix Syslog
▪ Mitel
▪ OneAccess (Ekinops)
▪ OpenScape Business (Atos/Unify)
▪ OpenScape 4000 STMI SIP logs (Atos/Unify)
▪ OpenScape Voice RTT traces (Atos/Unify)
▪ Twilio
- ▪ Anveo
- AudioCodes
- convert AudioCodes syslog files to an audit with a filtered AudioCodes syslog file for each unique SIP call [SID=xxx:xxx:xxx]
o Add unique AudioCodes Log as table entry in all the HTML pages after audit
o Support Audit of AudioCodes Debug Recording (ACDR) capture inclusive AudioCodes logs (SIP + RTP + RTCP)
o Convert AudioCodes debug recording capture to a normal Wireshark capture during the Merge functionality (SIP + RTP + RTCP) - Hex2Pcap: convert Wireshark HEX files to Wireshark pcap files
- Tunneled QSIG in SIP message body
o more exact processing of tunneled QSIG in SIP (or SIP-Q): process as HEX
o detect false hits on \r in multipart/mixed body
o Support "Content-Disposition:" as body header for multipart/mixed - Still show the tool GUI when the license is expired
- Optimize handling of captures on the Null/loopback device
- add VoIPAnalyzerUpdater: check at startup if online any update is available
- Use "frame.number==" in loggings (not WP== anymore)
- Correct gzip issue during merge on Linux
- convert AudioCodes syslog files to an audit with a filtered AudioCodes syslog file for each unique SIP call [SID=xxx:xxx:xxx]
- Anonymize
- o also anonymize optional parameters in the SIP FROM header
o support anonymize of IGMP multicast packets
o do not process DHCP packets during anonymize
- o also anonymize optional parameters in the SIP FROM header
- RTP
- o Show Max RTP delay, max RTP Jitter and Max RTP Skew in RTP HTML table
o correct influence between RTP and DTMF on RTP statistics
- o Show Max RTP delay, max RTP Jitter and Max RTP Skew in RTP HTML table
v22.02.14.00
- correct influence between RTP and DTMF on RTP statistics
- detect IPv6 For Raw captures
- add extra hints in syslog for anonymize
- anonymize ICE candidates in SDP
- SipLog2Pcap: paste DateTime also when year is not available (e.g. for AudioCodes syslog)
- support AVPF and SAVPF in SDP
- clean addition struct memory at the end of an audit/anonymize/merge
- make anonymized DNS names iso mapped IP addresses
- use more natural filename after anonymize (xxx_ANON)
- correct rewriting of SDP length after anonymize
- optimize TCP re-assembly mechanism
- optimize cleanup of leftovers after TCP assembly
- give warning when zip fle is opened
- correct processing of abbreviated headers
- TCP reassembly rework + hexdump in hex2pcap format
- gzip for pcapng
- cleanup/optimize IP fragmentation
- SipLog2Pcap generates incorrect "application/csta+xml" body
- optimize handling of pcapng capture with both ethernet packets as also sll packets
- Only last RTP codec is shown in the HTML RTP overview
- Update logging for abbreviated SIP headers
- Support the SIP NEGOTIATE method
- optimize logging of sip.Call-ID=="xxx"
- Update SipLog2Pcap help file
- SipLog2Pcap: support Mitel Sip log conversion to pcap
- SipLog2Pcap: add Mitel and OpenScape Voice RTT log conversion to pcap
- Correct PCAP with wrong TCP flags (e.g. push flag)
- solve progress bar > 100% issue
- Support detection of IEEE802.3br preemption
- Add proprietary X-RTP-Stat headers
- LinkLayerType as short
- update on IEEE 802.3br detection
- Add proprietar Siemens SIP headers
- Add proprietar ThigSbc SIP "X-" headers
- SipLog2Pcap: add vendor OneAccess for SIP log conversion to pcap
- SipLog2Pcap: also detect abbreviated content-type SIP header "c:"
- Read QSIG in body as bytes, not as chars
- SipLog2Pcap code optimalisation: make separate classes
- support ^M
- SipLog2Pcap: detect splitted SIP headers and combine them
- Add also "SIP Reason header" in HTML table for Register, Options etc
- Show SIP 403 Forbidden in the HTML ERROR tables
- SipLog2Pcap: detect SDP splitted on 2 lines for AudioCodes syslog logs.
- SipLog2Pcap: optimize splitted SIP messages
- SipLog2Pcap: support SIP messages on one line with numerous \n
- SipLog2Pcap: only search for \n if also SIP/2.0 can be found in the string
- add icons to Web projects and put header on index page
- SVG corrupted for "var protmessage0" when \r leftover occurs
- first detection SIP Common Log Format (CLF)
- error in cleanup tcp stream
- siplog2pcap html corrections (header)
- web: correct clear page for Firefox + make buttons
- Show errors/warnings when SIP RFC errors occur
v21.12.27.00
- Support "RAck" SIP header (RFC3262)
- support IP fragmentation with duplicate packets
- adjust handling of fragmented packets
- Adjust default OpenScape SBC ports from 50000-50019 to 50000-50039
- check maximum framesize of 64K after IP or TCP assembly
- do not use duplicate RTP packets for wave files
- cleanup at the end of IP fragments and TCP segments
- hex2pcap for online tool on website https://hex2pcap.voipanalyzertool.com/
- hex2pcap: detect de-chunked data and skip it
- allow a tab character for Hex2Pcap splitting
- allow maximal merged filesize of 4 Gb
- optimize link layer detection
- detect RTP packets when they use well known SIP ports
- allow any SIP response code in the range 100-699
- add remark in HTML when RTP delay is highter than 60ms
- check if the 5 mandatory SIP headers are available during audit
- prevent false hits on RTP and RTCP after SIP BYE
- SipLog2Pcap for online tool on website https://siplog2pcap.voipanalyzertool.com/
- online web tool: make specific page for wrong cases (e.g. wrong input)
- Wireshark OSPF packet not always correct parsed
- support radius and diagram protocol (not in GUI yet)
- adjust parsing of MGCP request line
- adjust parsing of CSeq SIP header
- do not allow SVG drawing with negative x position
- add help file for relevant commands for tshark to text
- culture dependency for DateTime
- use minimal HTML table height when table is empty
- show short names for wave files in HTML tables
- Add SIP reason header in generated HTML tables
- optimize splitting of long strings (e.g. SIP From/To/CallID) in HTML tables
v21.10.02.00
- now supported as Date format: day/month/year or month/day/year or year/month/day
- Support RawIP for Hex to Pcap conversions
- also anonymize SRTP
- give warning for zero duration parameter for DTMF via RFC2833/RFC4733
- use only destination IP and destination port for RTCP filenames
- check if SDP content length value header is consistent with SDP body length
- minor correction for new SDP content length after anonymize
- major performance optimalisation during writing of syslog entries from Pcap to syslog text files
- correction regarding detection of multiple SIP messages in one single Wireshark packet
- support P-RTP-Stat header for RTP statistics
- ignore X-Siemens-RTP-Stats: stats not available
v21.09.16.00
- major performance optimalisation during audit
- - finetune anonymize of MGCP messages
- - minor updates in help files
- - create new CHM help file
- - minor bug fixes
v21.05.12.00
- New code signing certificate
- Detect ZRTP magic cookie in RTP header
- SIP port range extended to 5060-5080 and 5090
- Time processing : Local or UTC (also in GUI)
- Merge folder selection instead of one file selection in the merge folder
- MGCP csv file
- Support nested 802.1Q
- Useragent text added to message flow diagrams
v21.03.31.00
- support of the MGCP protocol
- Handling SVG message graphs more generic (also for MGCP)
- Correction on script error popup for .chm help file
- Correction with multiple linktypes in pcapng
- Filter column buttons in HTML tables
- issue solving
v21.02.22.00
- support Raw IP header
- use colors in RTP HTML pages to highlight issues with packet drop, jitter, skew etc
- support abbreviated SIP headers
- use always TTL value 64 after anonymize to hide network topology
- support detection of GRE tunnel will NULL encryption
- add “clear logging window” button in GUI
- TCP segmentation finetuning
- Detect SIP BYE immediate after SIP RE-INVITE (incomplete SIP dialog)
- Make ethernet address anonymous during anonymize
- Add dropzone on website
- Added free online demo on our https://www.voipanalyzertool.com website
- Optimize performance
v20.11.14.00
- performance optimalisation during merge action
- update of online help files
- update of offline CHM help files
- update tool icon
- bug fixes
v20.10.27.00
- support merging of Ethernet packets + Linux SLL packets at the same time to one wireshark capture
v20.10.26.00
- support the Wireshark snoop format
- use UTC time for Wireshark captures
- make also RTP stats in CSV format
- also anonymize data TCP packets with data length zero (e.g. TCP SYN)
- support VoIPAnalyzer tool on Linux
- support VoIPAnalyzer tool on macOS
- bugfixes
v20.10.04.00
- Support of PCAPNG (pcap next generation) Wireshark format
- Add also a split button next to the merge button
- Improved performance in some area’s
- Add progressbar in GUI
- bugfixes
v20.07.13.00
- Initial version released for any 64 bit Windows Operating system