![]() Often, we are only interested in SIP traffic (which by default is sent/received on 5060 port), so to capture only SIP traffic you can use this command: If you have many calls, capturing all traffic will result in huge file after few minutes. You can send captured file capture.pcap from your server and open with Wireshark GUI and analyse the packets. Packets will be saved to directory /home/capture.pcap To save a dump of packets please stop capturing by pressing ctrl+c When you run this command in your server, your interface can have other name (eth1, em1, etc), so you need to put your server actual interface name. Please note that in this example and other examples bellow we are using network interface eth0. To install Wireshark put this command to Terminal: More information about Wireshark can be found here It let you capture and interactively browse the traffic running on a computer network. Wireshark is the world's foremost network protocol analyzer. 1.2.2.4 Capture SIP traffic on port 5060 and RTP traffic for specific IP address.1.2.2.3 Capture SIP traffic on port 5060 and RTP traffic into split files. ![]() 1.2.2.2 Capture SIP traffic on port 5060 and RTP traffic.1.2.2.1 Capture SIP Traffic only for specific IP.
0 Comments
Leave a Reply. |