The command above will write to file in the background and will rotate at 9 meg so suitable for cloudshark
usr/sbin/tcpdump -n -i eth0 -w /tmp/wireshark.pcap -s2000 udp screen -S "udpDump" -dm tcpdump -n -i eth0 -C 9 -W 15 -w /var/log/asterisk/dumpsip.pcap -s2000 udp port 5060 usr/sbin/tcpdump -n -i eth0 -w /tmp/wireshark.pcap -s2000 udp port 5060 In the second we dont specify port 5060 so that we get the rtp stream as well. Here we have 2 commands, The first captures packets on interface eth0, -n means we won’t convert addresses, -w means we just capture raw packets and udp means its only the udp packets we want and finally port 5060 means its only the sip messaging we want.
We use a simple command line tool called tcpdump, if its not installed install it now, You wont be able to live without it. We also have a short tutorial for download here in PDF formatįirst we need to get the packets we want. Here we have a short Video that goes over the basics of getting a call captured and opened in Cloudshark Wireshark and Cloudshark are invaluable tools for debugging sip and iax issues on your Asterisk server.
0 kommentar(er)
