sngrep/doc/sngrep.8

.\" Man page for the sngrep
.\"
.\" Copyright (c) 2013-2015  Ivan Alonso <kaian@irontec.com>
.\" Copyright (c) 2013-2015  Irontec S.L.

.TH SNGREP 8 "March 2015" "sngrep 0.3.0"

.SH NAME

sngrep \- SIP Messages flow viewer

.SH SYNOPSIS

.B sngrep [-hVciv] [ -IO
.I pcap_dump
.B ] [ -d 
.I dev
.B ] [ -l
.I limit
.B ] [ -k
.I keyfile
.B ] [
.I <match expression>
.B ] [
.I <bpf filter>
.B ]

.SH DESCRIPTION
sngrep is a terminal tool that groups SIP (Session Initiation Protocol)
Messages by Call-Id, and displays them in arrow flows similar to the used in
SIP RFCs. The aim of this tool is to make easier the process of learnig or
debugging SIP. It recognizes UDP, TCP and partially TLS SIP packets and
understands bpf filter logic in the same way 
.B ngrep (8)
and
.B tcpdump (1)
does.

.SH OPTIONS
.TP
.I \-h
Display help and usage information.

.TP
.I \-V
Display version information.

.TP
.I \-c
Only capture dialogs starting with an INVITE request.

.TP
.I \-i
Make match expression case insensitive.

.TP
.I \-v
Invert match expression.

.TP
.I \-I pcap_dump
Read packets from pcap file instead of network devices. This option can be used
with bpf filters.

.TP 
.I \-O pcap_dump
Save all captured packets to a pcap file. This option can be used 
with bpf filters.

.TP 
.I \-d dev
Use this capture device instead of default (\fIany\fP).

.TP
.I -k keyfile
Use private keyfile to decrypt TLS packets.

.TP
.I -l limit
Change default capture limit (10000 dialogs)

.TP
.I match expression
Match given expression in Messages' payload. If one request message matches the
given expression, the following messages within the same dialog will be also
captured.

.TP
.I bpf filter
Selects a filter that specifies what packets will be parsed.  If no
\fIbpf filter\fP is given, all SIP packets seen on the selected
interface or pcap file will be displayed.  Otherwise, only packets for which
\fIbpf filter\fP is `true' will be displayed.

.SH Interface
There are multiple windows to provide different information. Most of the
program windows have a help dialog with a brief description and useful
keybindings.

.SH "    Call List Window"
.PP
The first window that sngrep shows is Call List window and display the
different SIP Call-Ids found in messages. The displayed columns depends on your
terminal width and your custom configuration.  You can move between dialogs
with arrow keys and selected them using Spacebar. Selecting multiple dialogs
will display all them in Call flow window and Call Raw window, and will allow
to save only the selected message dialogs to a PCAP file.

.SH "    Call Flow Window"
.PP
This window will a flow diagram of the selected dialogs' messages. The selected
message payload will be displayed in the right side of the window. You can move
between messages using arrow keys and select them using Spacebar. Selecting
multiple messages will display the Message Diff Window.

.SH "    Call Raw Window"
.PP
This window will display the selected dialog messages in plain text. It was
designed to allow copying the messages payload easily. You can also save the
displayed information to a text file from this screen.

.SH "    Column selection Window"
.PP
Columns displayed in Call List can be updated in this window. You can add or
remove columns or change their order in the list. Additionally, you can save
column state to be use in next sngrep execution.

.SH "    Message Diff Window"
.PP
This window will compare two messages. Right now the comparison is done
searching each line in the other message, highlighting those not found exactly.
You can reach this window by selecting two messages using Spacebar in Call Flow
window

.SH FILES
Full paths below may vary between installations.

.PP
.I /etc/sngreprc
.IP
System\-wide configuration file. Some sngrep options can be overridden using
this file.

.PP
.I ~/.sngreprc
.IP
User's configuration file. If this file is present, options will be override
system\-wide configurations.

.SH BUGS

Please report bugs to the sngrep github project at

    http://github.com/irontec/sngrep

Non-bug, non-feature-request general feedback should be sent to the
author directly by email.

.SH AUTHOR

Written by Ivan Alonso [a.k.a. Kaian] <kaian@irontec.com>.
Added man page 2015-01-07 07:30:12 -05:00			`.\" Man page for the sngrep`
			`.\"`
			`.\" Copyright (c) 2013-2015 Ivan Alonso <kaian@irontec.com>`
			`.\" Copyright (c) 2013-2015 Irontec S.L.`

Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`.TH SNGREP 8 "March 2015" "sngrep 0.3.0"`
Added man page 2015-01-07 07:30:12 -05:00
			`.SH NAME`

			`sngrep \- SIP Messages flow viewer`

			`.SH SYNOPSIS`

Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`.B sngrep [-hVciv] [ -IO`
Added man page 2015-01-07 07:30:12 -05:00			`.I pcap_dump`
			`.B ] [ -d`
			`.I dev`
Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`.B ] [ -l`
			`.I limit`
			`.B ] [ -k`
Added man page 2015-01-07 07:30:12 -05:00			`.I keyfile`
			`.B ] [`
Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`.I <match expression>`
			`.B ] [`
Added man page 2015-01-07 07:30:12 -05:00			`.I <bpf filter>`
			`.B ]`

			`.SH DESCRIPTION`
			`sngrep is a terminal tool that groups SIP (Session Initiation Protocol)`
			`Messages by Call-Id, and displays them in arrow flows similar to the used in`
			`SIP RFCs. The aim of this tool is to make easier the process of learnig or`
			`debugging SIP. It recognizes UDP, TCP and partially TLS SIP packets and`
			`understands bpf filter logic in the same way`
			`.B ngrep (8)`
			`and`
			`.B tcpdump (1)`
			`does.`

			`.SH OPTIONS`
			`.TP`
			`.I \-h`
			`Display help and usage information.`

			`.TP`
Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`.I \-V`
Added man page 2015-01-07 07:30:12 -05:00			`Display version information.`

Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`.TP`
			`.I \-c`
			`Only capture dialogs starting with an INVITE request.`

			`.TP`
			`.I \-i`
			`Make match expression case insensitive.`

			`.TP`
Fix wrong description for -v in man page 2015-03-03 13:45:57 -05:00			`.I \-v`
Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`Invert match expression.`

Added man page 2015-01-07 07:30:12 -05:00			`.TP`
			`.I \-I pcap_dump`
			`Read packets from pcap file instead of network devices. This option can be used`
			`with bpf filters.`

			`.TP`
			`.I \-O pcap_dump`
			`Save all captured packets to a pcap file. This option can be used`
			`with bpf filters.`

			`.TP`
			`.I \-d dev`
			`Use this capture device instead of default (\fIany\fP).`

			`.TP`
			`.I -k keyfile`
			`Use private keyfile to decrypt TLS packets.`

			`.TP`
Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`.I -l limit`
			`Change default capture limit (10000 dialogs)`

			`.TP`
			`.I match expression`
			`Match given expression in Messages' payload. If one request message matches the`
			`given expression, the following messages within the same dialog will be also`
			`captured.`
Added man page 2015-01-07 07:30:12 -05:00
			`.TP`
			`.I bpf filter`
			`Selects a filter that specifies what packets will be parsed. If no`
			`\fIbpf filter\fP is given, all SIP packets seen on the selected`
			`interface or pcap file will be displayed. Otherwise, only packets for which`
			\fIbpf filter\fP is `true' will be displayed.

			`.SH Interface`
			`There are multiple windows to provide different information. Most of the`
			`program windows have a help dialog with a brief description and useful`
			`keybindings.`

			`.SH " Call List Window"`
			`.PP`
			`The first window that sngrep shows is Call List window and display the`
			`different SIP Call-Ids found in messages. The displayed columns depends on your`
			`terminal width and your custom configuration. You can move between dialogs`
			`with arrow keys and selected them using Spacebar. Selecting multiple dialogs`
			`will display all them in Call flow window and Call Raw window, and will allow`
			`to save only the selected message dialogs to a PCAP file.`

			`.SH " Call Flow Window"`
			`.PP`
			`This window will a flow diagram of the selected dialogs' messages. The selected`
			`message payload will be displayed in the right side of the window. You can move`
			`between messages using arrow keys and select them using Spacebar. Selecting`
			`multiple messages will display the Message Diff Window.`

			`.SH " Call Raw Window"`
			`.PP`
			`This window will display the selected dialog messages in plain text. It was`
Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`designed to allow copying the messages payload easily. You can also save the`
			`displayed information to a text file from this screen.`

			`.SH " Column selection Window"`
			`.PP`
			`Columns displayed in Call List can be updated in this window. You can add or`
Fix typo in man page 2015-03-04 07:51:39 -05:00			`remove columns or change their order in the list. Additionally, you can save`
Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`column state to be use in next sngrep execution.`
Added man page 2015-01-07 07:30:12 -05:00
			`.SH " Message Diff Window"`
			`.PP`
			`This window will compare two messages. Right now the comparison is done`
			`searching each line in the other message, highlighting those not found exactly.`
			`You can reach this window by selecting two messages using Spacebar in Call Flow`
			`window`

			`.SH FILES`
			`Full paths below may vary between installations.`

			`.PP`
			`.I /etc/sngreprc`
			`.IP`
			`System\-wide configuration file. Some sngrep options can be overridden using`
			`this file.`

			`.PP`
			`.I ~/.sngreprc`
			`.IP`
			`User's configuration file. If this file is present, options will be override`
			`system\-wide configurations.`

			`.SH BUGS`

			`Please report bugs to the sngrep github project at`

			`http://github.com/irontec/sngrep`

			`Non-bug, non-feature-request general feedback should be sent to the`
			`author directly by email.`

			`.SH AUTHOR`

Prepare doc files for 0.3.0 2015-03-02 12:26:30 -05:00			`Written by Ivan Alonso [a.k.a. Kaian] <kaian@irontec.com>.`
Added man page 2015-01-07 07:30:12 -05:00