BrokenRecord2
IS-IT--Management
Can anyone provide the steps to turn on SIP tracing and how to retrieve the trace files to open up in Wireshark?
Thanks in advance.
Thanks in advance.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
SIP Call Capture
- Thread starter BrokenRecord2
- Start date
- Status
NortelGuy1979
Programmer
Are you wanting the built-in SIPCallTrace output, or do you want a PCAP capture to open in Wireshark?
Also, what release of SS are you? Keep in mind - on the SS, you'll only get the SIP signaling, not any RTP info (such as DTMF / RFC2833).
Matthew - Technical Support Engineer Sr.
Also, what release of SS are you? Keep in mind - on the SS, you'll only get the SIP signaling, not any RTP info (such as DTMF / RFC2833).
Matthew - Technical Support Engineer Sr.
- Thread starter
- #3
BrokenRecord2
IS-IT--Management
Just want to turn on tracing then export the file to wireshark. I'm on 6.0. I am looking to capture failures with the SIP carrier.
NortelGuy1979
Programmer
Ok, good, 6.0 Linux PCAP is built-in. Log in as ... "nortel" I think; might be "admin" (can't remember). The PCAP commands are pretty basic.
Here's a cut and paste from the DTR for Linux 6.0:
PCAP tools for Linux
PCAP Tools for Linux is a network packet capture utility to aid in
troubleshooting network and protocol issues that may arise in the field.
PCAP is intended to simpify the use of tethereal by providing a simple
menu-driven interface at the CLI, or a remote GUI-driven interface on a
Windows-based machine. It is implemented as set of wrapper scripts
around Wireshark/Ethereal to provide interface compatibility with PCAP
Tools for VxWorks and the PCAP Capture Control remote GUI to eliminate
the need for retraining support personnel. See the PCAP for VxWorks
expert guide for more information on the PCAP Capture Control GUI.
Only a limited subset of the PCAP for VxWorks commands are available
on Linux.
The following commands are available:
• pcapStart
• pcapStop
• pcapRestart
• pcapConfig
• pcapConfigShow
• pcapStatus
• pcapHelp
• pcapCtrlStart
• pcapCtrlRemove
The following limitations and requirements apply to the use of this tool:
• PCAP for Linux can only be run by a user belonging to the
‘maintadmin’ group.
• Only one instance of PCAP can be active at any time.
• Capture files cannot be retrieved while PCAP is running.
• Any changes in the PCAP configuration will only take effect after
restarting PCAP.
• Wireshark must be enabled since the Linux Hardening framework
disables it by default. A user belonging to the ‘secuirtyadmin’ group
(eg: nortel) must run “harden nettools on” to enable it
• Tethereal will show up when running ps –ef
• Capture files are stored in /var/opt/nortel/pcap by default.
Then you can SFTP the files off the server for wireshark review.
Enjoy! If you need the PCAP experts guide, let me know a webspace where I can upload it for you.
Matthew - Technical Support Engineer Sr.
Here's a cut and paste from the DTR for Linux 6.0:
PCAP tools for Linux
PCAP Tools for Linux is a network packet capture utility to aid in
troubleshooting network and protocol issues that may arise in the field.
PCAP is intended to simpify the use of tethereal by providing a simple
menu-driven interface at the CLI, or a remote GUI-driven interface on a
Windows-based machine. It is implemented as set of wrapper scripts
around Wireshark/Ethereal to provide interface compatibility with PCAP
Tools for VxWorks and the PCAP Capture Control remote GUI to eliminate
the need for retraining support personnel. See the PCAP for VxWorks
expert guide for more information on the PCAP Capture Control GUI.
Only a limited subset of the PCAP for VxWorks commands are available
on Linux.
The following commands are available:
• pcapStart
• pcapStop
• pcapRestart
• pcapConfig
• pcapConfigShow
• pcapStatus
• pcapHelp
• pcapCtrlStart
• pcapCtrlRemove
The following limitations and requirements apply to the use of this tool:
• PCAP for Linux can only be run by a user belonging to the
‘maintadmin’ group.
• Only one instance of PCAP can be active at any time.
• Capture files cannot be retrieved while PCAP is running.
• Any changes in the PCAP configuration will only take effect after
restarting PCAP.
• Wireshark must be enabled since the Linux Hardening framework
disables it by default. A user belonging to the ‘secuirtyadmin’ group
(eg: nortel) must run “harden nettools on” to enable it
• Tethereal will show up when running ps –ef
• Capture files are stored in /var/opt/nortel/pcap by default.
Then you can SFTP the files off the server for wireshark review.
Enjoy! If you need the PCAP experts guide, let me know a webspace where I can upload it for you.
Matthew - Technical Support Engineer Sr.
- Status
Similar threads
- Locked
- Question
