Packets capture via ngrep

Created by Yevgeniya Suminova on 2021-03-12

Updated by Sonja Guicheux on 2021-03-12
Updated by Yevgeniya Suminova on 2021-05-24

Contents

Introduction. 1

Trace packages. 1

References. 1

To check. 1

End of document. 1

 

Introduction

This document explains how to see network packages via ngrep.

Only useful commands are provided for observation purposes. If there are better commands and tools that help to observe, sort and understand SIP packets behavior, this document must be updated with additional information.

Trace packages

First install ngrep.

Type yum install ngrep

To trace trace all network packages coming to the port 5060, type ngrep -qtW byline astpp.4z.com port 5060

Make calls and observe the SIP packages on the server

You can trace only one number with same command just instead of domain type the account number.

F.E.  ngrep -qtW byline 41615045719 port 5060

 

References

https://freeswitch.org/confluence/display/FREESWITCH/Packet+Capture

To check

 

http://lists.freeswitch.org/pipermail/freeswitch-users/2012-April/082961.html

https://github.com/sipcapture/sipgrep

https://support.simwood.com/hc/en-us/articles/223811708-Packet-Capturing-sngrep

 

End of document

***

© 4z.com