2014-12-04 14:19:53 -05:00
|
|
|
# sngrep [![Build Status](https://travis-ci.org/irontec/sngrep.svg)](https://travis-ci.org/irontec/sngrep)
|
2013-06-20 13:11:33 -04:00
|
|
|
|
2015-02-25 08:01:25 -05:00
|
|
|
sngrep is a tool for displaying SIP calls message flows from terminal.
|
2013-06-20 13:11:33 -04:00
|
|
|
|
2014-10-14 12:18:38 -04:00
|
|
|
It supports live capture to display realtime SIP packets and can also be used
|
|
|
|
as PCAP viewer.
|
2013-06-20 13:11:33 -04:00
|
|
|
|
2014-12-10 05:26:25 -05:00
|
|
|
[Some screenshots of sngrep](https://github.com/irontec/sngrep/wiki/Screenshots)
|
|
|
|
|
2015-02-25 08:01:25 -05:00
|
|
|
## Installing
|
|
|
|
|
2015-03-06 13:27:09 -05:00
|
|
|
### Binaries
|
2015-03-08 09:18:51 -04:00
|
|
|
#### Debian / Ubuntu
|
|
|
|
[Install sngrep Debian/Ubuntu package](https://github.com/irontec/sngrep/wiki/Installing-Binaries#debian--ubuntu)
|
2015-03-06 13:27:09 -05:00
|
|
|
|
2015-03-08 09:18:51 -04:00
|
|
|
#### CentOS / RedHat / Fedora
|
|
|
|
[Install sngrep CentOS/RedHat/Fedora package](https://github.com/irontec/sngrep/wiki/Installing-Binaries#centos--fedora--rhel)
|
2015-03-06 13:27:09 -05:00
|
|
|
|
2015-07-28 16:16:32 -04:00
|
|
|
#### Gentoo
|
|
|
|
You can find unofficial ebuilds for sngrep at [Gentoo Bugtracker System](https://bugs.gentoo.org/show_bug.cgi?id=534780) (thanks to Space Dream)
|
|
|
|
|
|
|
|
Feel free to vote if you would like to see sngrep be part of Gentoo portage tree.
|
|
|
|
|
|
|
|
#### Arch
|
|
|
|
You can find an unofficial PKGBUILD for Arch at [ArchLinux User Repositories](https://aur.archlinux.org/packages/sngrep/) (thanks to w1ngnutt)
|
|
|
|
|
|
|
|
Feel free to vote if you would like to see sngrep at official Arch repositories.
|
|
|
|
|
2015-03-06 13:27:09 -05:00
|
|
|
#### OSX
|
|
|
|
OSX users can install sngrep using [homebrew](https://github.com/Homebrew/homebrew)
|
|
|
|
|
|
|
|
brew install sngrep
|
|
|
|
|
|
|
|
### Building from sources
|
2015-02-25 08:01:25 -05:00
|
|
|
Prerequisites
|
2013-06-20 13:11:33 -04:00
|
|
|
|
2015-02-25 08:01:25 -05:00
|
|
|
- libncurse5 - for UI, windows, panels.
|
2014-10-14 12:18:38 -04:00
|
|
|
- libpcap - for capturing packets.
|
2015-02-25 08:01:25 -05:00
|
|
|
- libssl - (optional) for TLS transport decrypt
|
|
|
|
- libncursesw5 - (optional) for UI, windows, panels (wide-character support)
|
2015-03-01 08:49:50 -05:00
|
|
|
- libpcre - (optional) for Perl Compatible regular expressions
|
2013-06-20 13:11:33 -04:00
|
|
|
|
2015-02-25 08:01:25 -05:00
|
|
|
On most systems the commands to build will be the standard autotools procedure:
|
2013-06-20 13:11:33 -04:00
|
|
|
|
2015-02-06 08:31:47 -05:00
|
|
|
./bootstrap.sh
|
2013-06-20 13:11:33 -04:00
|
|
|
./configure
|
|
|
|
make
|
|
|
|
make install (as root)
|
|
|
|
|
2015-02-25 08:01:25 -05:00
|
|
|
You can pass following flags to ./configure to enable some features
|
|
|
|
|
2015-03-10 15:16:07 -04:00
|
|
|
| configure flag | Feature |
|
|
|
|
| ------------- | ------------- |
|
|
|
|
| `--with-openssl` | Adds OpenSSL support to parse TLS captured messages (req. libssl) |
|
|
|
|
| `--with-pcre`| Adds Perl Compatible regular expressions support in regexp fields |
|
|
|
|
| `--enable-unicode` | Adds Ncurses UTF-8/Unicode support (req. libncursesw5) |
|
2015-04-08 12:32:46 -04:00
|
|
|
| `--enable-ipv6` | Enables IPv6 packet capture support. |
|
2013-07-03 07:48:14 -04:00
|
|
|
|
2015-01-22 06:23:38 -05:00
|
|
|
You can find [detailed instructions for some distributions] (https://github.com/irontec/sngrep/wiki/Building) on wiki.
|
|
|
|
|
2013-06-24 11:36:22 -04:00
|
|
|
## Usage
|
|
|
|
|
2015-02-25 08:01:25 -05:00
|
|
|
See `--help` for a list of available flags and their syntax
|
|
|
|
|
2015-02-26 07:27:53 -05:00
|
|
|
For example, sngrep can be used to view SIP packets from a pcap file, also applying filters
|
2013-06-24 11:36:22 -04:00
|
|
|
|
2015-02-26 07:27:53 -05:00
|
|
|
sngrep -I file.pcap host 192.168.1.1 and port 5060
|
|
|
|
|
|
|
|
or live capturing, saving packets to a new file
|
|
|
|
|
|
|
|
sngrep -d eth0 -O save.pcap port 5060 and udp
|
2013-06-24 11:36:22 -04:00
|
|
|
|
2013-07-03 07:53:30 -04:00
|
|
|
|
2015-04-14 06:46:15 -04:00
|
|
|
## Configuration
|
2013-07-03 07:53:30 -04:00
|
|
|
|
2015-04-14 06:46:15 -04:00
|
|
|
You can configure some options using [sngreprc] (https://github.com/irontec/sngrep/wiki/Configuration) file
|
2013-07-03 07:53:30 -04:00
|
|
|
|
2013-06-20 13:11:33 -04:00
|
|
|
## Frequent Asked Questions
|
2014-12-10 05:26:25 -05:00
|
|
|
See FAQ on [Github Wiki](https://github.com/irontec/sngrep/wiki#frequent-asked-questions)
|
2013-06-20 13:11:33 -04:00
|
|
|
|
|
|
|
## License
|
2014-10-21 11:53:25 -04:00
|
|
|
sngrep - SIP Messages flow viewer
|
|
|
|
Copyright (C) 2013,2014 Irontec S.L.
|
2013-06-20 13:11:33 -04:00
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
2014-12-05 08:26:30 -05:00
|
|
|
In addition, as a special exception, the copyright holders give
|
|
|
|
permission to link the code of portions of this program with the
|
|
|
|
OpenSSL library under certain conditions as described in each
|
|
|
|
individual source file, and distribute linked combinations
|
|
|
|
including the two.
|
|
|
|
You must obey the GNU General Public License in all respects
|
|
|
|
for all of the code used other than OpenSSL. If you modify
|
|
|
|
file(s) with this exception, you may extend this exception to your
|
|
|
|
version of the file(s), but you are not obligated to do so. If you
|
|
|
|
do not wish to do so, delete this exception statement from your
|
|
|
|
version. If you delete this exception statement from all source
|
|
|
|
files in the program, then also delete it here.
|
|
|
|
|
2013-06-20 13:11:33 -04:00
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|