Latest release notes of the VoIP Analyzer Tool

v22.03.14.00

  • SipLog2Pcap
    • add CONVERSIONS button in GUI
    • SipLog2Pcap: convert SIP logs to Wireshark pcap files.
    • SIP log conversions supported from following vendors:
      • ▪ Anveo
        ▪ Asterisk
        ▪ AudioCodes Syslog
        ▪ AudioCodes SIP ladder diagram files
        ▪ Broadsoft
        ▪ Genesys
        ▪ Lync
        ▪ Mediatrix Syslog
        ▪ Mitel
        ▪ OneAccess (Ekinops)
        ▪ OpenScape Business (Atos/Unify)
        ▪ OpenScape 4000 STMI SIP logs (Atos/Unify)
        ▪ OpenScape Voice RTT traces (Atos/Unify)
        ▪ Twilio
  • AudioCodes
    • convert AudioCodes syslog files to an audit with a filtered AudioCodes syslog file for each unique SIP call [SID=xxx:xxx:xxx]
      o Add unique AudioCodes Log as table entry in all the HTML pages after audit
      o Support Audit of AudioCodes Debug Recording (ACDR) capture inclusive AudioCodes logs (SIP + RTP + RTCP)
      o Convert AudioCodes debug recording capture to a normal Wireshark capture during the Merge functionality (SIP + RTP + RTCP)
    • Hex2Pcap: convert Wireshark HEX files to Wireshark pcap files
      - Tunneled QSIG in SIP message body
      o more exact processing of tunneled QSIG in SIP (or SIP-Q): process as HEX
      o detect false hits on \r in multipart/mixed body
      o Support "Content-Disposition:" as body header for multipart/mixed
  • Still show the tool GUI when the license is expired
  • Optimize handling of captures on the Null/loopback device
  • add VoIPAnalyzerUpdater: check at startup if online any update is available
  • Use "frame.number==" in loggings (not WP== anymore)
  • Correct gzip issue during merge on Linux
  • Anonymize
    • o also anonymize optional parameters in the SIP FROM header
      o support anonymize of IGMP multicast packets
      o do not process DHCP packets during anonymize
  • RTP
    • o Show Max RTP delay, max RTP Jitter and Max RTP Skew in RTP HTML table
      o correct influence between RTP and DTMF on RTP statistics

v22.02.14.00

  • correct influence between RTP and DTMF on RTP statistics
  • detect IPv6 For Raw captures
  • add extra hints in syslog for anonymize
  • anonymize ICE candidates in SDP
  • SipLog2Pcap: paste DateTime also when year is not available (e.g. for AudioCodes syslog)
  • support AVPF and SAVPF in SDP
  • clean addition struct memory at the end of an audit/anonymize/merge
  • make anonymized DNS names iso mapped IP addresses
  • use more natural filename after anonymize (xxx_ANON)
  • correct rewriting of SDP length after anonymize
  • optimize TCP re-assembly mechanism
  • optimize cleanup of leftovers after TCP assembly
  • give warning when zip fle is opened
  • correct processing of abbreviated headers
  • TCP reassembly rework + hexdump in hex2pcap format
  • gzip for pcapng
  • cleanup/optimize IP fragmentation
  • SipLog2Pcap generates incorrect "application/csta+xml" body
  • optimize handling of pcapng capture with both ethernet packets as also sll packets
  • Only last RTP codec is shown in the HTML RTP overview
  • Update logging for abbreviated SIP headers
  • Support the SIP NEGOTIATE method
  • optimize logging of sip.Call-ID=="xxx"
  • Update SipLog2Pcap help file
  • SipLog2Pcap: support Mitel Sip log conversion to pcap
  • SipLog2Pcap: add Mitel and OpenScape Voice RTT log conversion to pcap
  • Correct PCAP with wrong TCP flags (e.g. push flag)
  • solve progress bar > 100% issue
  • Support detection of IEEE802.3br preemption
  • Add proprietary X-RTP-Stat headers
  • LinkLayerType as short
  • update on IEEE 802.3br detection
  • Add proprietar Siemens SIP headers
  • Add proprietar ThigSbc SIP "X-" headers
  • SipLog2Pcap: add vendor OneAccess for SIP log conversion to pcap
  • SipLog2Pcap: also detect abbreviated content-type SIP header "c:"
  • Read QSIG in body as bytes, not as chars
  • SipLog2Pcap code optimalisation: make separate classes
  • support ^M
  • SipLog2Pcap: detect splitted SIP headers and combine them
  • Add also "SIP Reason header" in HTML table for Register, Options etc
  • Show SIP 403 Forbidden in the HTML ERROR tables
  • SipLog2Pcap: detect SDP splitted on 2 lines for AudioCodes syslog logs.
  • SipLog2Pcap: optimize splitted SIP messages
  • SipLog2Pcap: support SIP messages on one line with numerous \n
  • SipLog2Pcap: only search for \n if also SIP/2.0 can be found in the string
  • add icons to Web projects and put header on index page
  • SVG corrupted for "var protmessage0" when \r leftover occurs
  • first detection SIP Common Log Format (CLF)
  • error in cleanup tcp stream
  • siplog2pcap html corrections (header)
  • web: correct clear page for Firefox + make buttons
  • Show errors/warnings when SIP RFC errors occur 

v21.12.27.00

  • Support "RAck" SIP header (RFC3262)
  • support IP fragmentation with duplicate packets
  • adjust handling of fragmented packets
  • Adjust default OpenScape SBC ports from 50000-50019 to 50000-50039
  • check maximum framesize of 64K after IP or TCP assembly
  • do not use duplicate RTP packets for wave files
  • cleanup at the end of IP fragments and TCP segments
  • hex2pcap for online tool on website https://hex2pcap.voipanalyzertool.com/
  • hex2pcap: detect de-chunked data and skip it
  • allow a tab character for Hex2Pcap splitting
  • allow maximal merged filesize of 4 Gb
  • optimize link layer detection
  • detect RTP packets when they use well known SIP ports
  • allow any SIP response code in the range 100-699
  • add remark in HTML when RTP delay is highter than 60ms
  • check if the 5 mandatory SIP headers are available during audit
  • prevent false hits on RTP and RTCP after SIP BYE
  • SipLog2Pcap for online tool on website https://siplog2pcap.voipanalyzertool.com/
  • online web tool: make specific page for wrong cases (e.g. wrong input)
  • Wireshark OSPF packet not always correct parsed
  • support radius and diagram protocol (not in GUI yet)
  • adjust parsing of MGCP request line
  • adjust parsing of CSeq SIP header
  • do not allow SVG drawing with negative x position
  • add help file for relevant commands for tshark to text
  • culture dependency for DateTime
  • use minimal HTML table height when table is empty
  • show short names for wave files in HTML tables
  • Add SIP reason header in generated HTML tables
  • optimize splitting of long strings (e.g. SIP From/To/CallID) in HTML tables

v21.10.02.00

  • now supported as Date format: day/month/year or month/day/year or year/month/day
  • Support RawIP for Hex to Pcap conversions
  • also anonymize SRTP
  • give warning for zero duration parameter for DTMF via RFC2833/RFC4733
  • use only destination IP and destination port for RTCP filenames
  • check if SDP content length value header is consistent with SDP body length
  • minor correction for new SDP content length after anonymize
  • major performance optimalisation during writing of syslog entries from Pcap to syslog text files
  • correction regarding detection of multiple SIP messages in one single Wireshark packet
  • support P-RTP-Stat header for RTP statistics
  • ignore X-Siemens-RTP-Stats: stats not available

v21.09.16.00

  • major performance optimalisation during audit
  • - finetune anonymize of MGCP messages
  • - minor updates in help files
  • - create new CHM help file
  • - minor bug fixes

v21.05.12.00

  • New code signing certificate
  • Detect ZRTP magic cookie in RTP header
  • SIP port range extended to 5060-5080 and 5090
  • Time processing : Local or UTC (also in GUI)
  • Merge folder selection instead of one file selection in the merge folder
  • MGCP csv file
  • Support nested 802.1Q
  • Useragent text added to message flow diagrams

v21.03.31.00

  • support of the MGCP protocol
  • Handling SVG message graphs more generic (also for MGCP)
  • Correction on script error popup for .chm help file
  • Correction with multiple linktypes in pcapng
  • Filter column buttons in HTML tables
  • issue solving

v21.02.22.00

  • support Raw IP header
  • use colors in RTP HTML pages to highlight issues with packet drop, jitter, skew etc
  • support abbreviated SIP headers
  • use always TTL value 64 after anonymize to hide network topology
  • support detection of GRE tunnel will NULL encryption
  • add “clear logging window” button in GUI
  • TCP segmentation finetuning
  • Detect SIP BYE immediate after SIP RE-INVITE (incomplete SIP dialog)
  • Make ethernet address anonymous during anonymize
  • Add dropzone on website
  • Added free online demo on our https://www.voipanalyzertool.com website
  • Optimize performance

v20.11.14.00

  • performance optimalisation during merge action
  • update of online help files
  • update of offline CHM help files
  • update tool icon
  • bug fixes

v20.10.27.00

  • support merging of Ethernet packets + Linux SLL packets at the same time to one wireshark capture

v20.10.26.00

  • support the Wireshark snoop format
  • use UTC time for Wireshark captures
  • make also RTP stats in CSV format
  • also anonymize data TCP packets with data length zero (e.g. TCP SYN)
  • support VoIPAnalyzer tool on Linux
  • support VoIPAnalyzer tool on macOS
  • bugfixes

v20.10.04.00

  • Support of PCAPNG (pcap next generation) Wireshark format
  • Add also a split button next to the merge button
  • Improved performance in some area’s
  • Add progressbar in GUI
  • bugfixes

v20.07.13.00

  • Initial version released for any 64 bit Windows Operating system