2013-06-20 13:11:33 -04:00
|
|
|
# sngrep
|
|
|
|
|
2014-10-14 12:18:38 -04:00
|
|
|
sngrep is a tool for displaying SIP calls message flows.
|
2013-06-20 13:11:33 -04:00
|
|
|
|
2014-10-14 12:18:38 -04:00
|
|
|
It supports live capture to display realtime SIP packets and can also be used
|
|
|
|
as PCAP viewer.
|
2013-06-20 13:11:33 -04:00
|
|
|
|
|
|
|
## Prerequisites
|
|
|
|
|
|
|
|
- libncurse5 - for UI , windows, panels.
|
2014-10-14 12:18:38 -04:00
|
|
|
- libpcap - for capturing packets.
|
2013-06-20 13:11:33 -04:00
|
|
|
|
|
|
|
## Installing
|
|
|
|
|
|
|
|
On most systems the commands to build will be the standard atotools procedure:
|
|
|
|
|
|
|
|
./configure
|
|
|
|
make
|
|
|
|
make install (as root)
|
|
|
|
|
2013-07-03 07:48:14 -04:00
|
|
|
If you dont want to use libpcap (because is not available in your system or
|
2014-10-14 12:18:38 -04:00
|
|
|
don't want to install more development libraries), you can use release 0.0.0
|
|
|
|
available at https://github.com/irontec/sngrep/releases
|
2013-07-03 07:48:14 -04:00
|
|
|
|
2013-06-24 11:36:22 -04:00
|
|
|
## Usage
|
|
|
|
|
2014-10-14 12:18:38 -04:00
|
|
|
sngrep can be used to view SIP packets from a pcap file
|
2013-06-24 11:36:22 -04:00
|
|
|
|
|
|
|
sngrep file.pcap
|
|
|
|
|
2014-10-14 12:18:38 -04:00
|
|
|
or live capturing
|
2013-07-03 07:53:30 -04:00
|
|
|
|
|
|
|
sngrep port 5060 and udp
|
|
|
|
|
2014-10-14 12:18:38 -04:00
|
|
|
You can configure some options using a sngreprc file
|
2013-07-03 07:53:30 -04:00
|
|
|
|
2013-06-20 13:11:33 -04:00
|
|
|
## Frequent Asked Questions
|
|
|
|
<dl>
|
|
|
|
<dt>Why a new tool from network filtering?</dt>
|
|
|
|
<dd>Don't know. I didn't find any console tool that will display call flows.</dd>
|
|
|
|
<dt>Why dont you filter packages in online mode instead of using ngrep?</dt>
|
2013-07-03 07:53:30 -04:00
|
|
|
<dd>You can actually capture disabling ngrep using only pcap filters (see Installing options above)</dd>
|
2013-06-20 13:11:33 -04:00
|
|
|
<dt>Why only parsing SIP Messages?</dt>
|
|
|
|
<dd>Because it's useful for us</dd>
|
|
|
|
<dt>Extended Call flow window doesn't work</dt>
|
|
|
|
<dd>If you want to make relations between different dialogs (extended callflow)
|
|
|
|
a header must be present in of the dialogs referencing the other one.
|
|
|
|
This header can be X-CID or X-Call-ID and must contain the Call-ID of the
|
|
|
|
other related dialog.</dd>
|
|
|
|
<dt>I have found a bug, what should I do?</dt>
|
|
|
|
<dd>There are LOTS of bugs. The strange thing will be you haven't found one.
|
2013-06-24 11:36:22 -04:00
|
|
|
Just write an issue at github and I will try to fix it.</dd>
|
2013-06-20 13:11:33 -04:00
|
|
|
<dt>I think the idea is better than the tool.</dt>
|
|
|
|
<dd> I think that too. If you want to start a new tool with the same purpose
|
|
|
|
send me an email, I'll want to contribute.</dd>
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
## License
|
|
|
|
sngrep - SIP callflow viewer using ngrep
|
|
|
|
Copyright (C) 2013 Irontec S.L.
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|