Preston_PLB
/
sngrep
forked from Mirrors/sngrep
1
0
Fork 0
Code Pull Requests Activity

doc: Improve man documentation for some command line options #179

This commit is contained in:
Kaian 2017-04-04 11:51:26 +02:00
parent cb46ff5091
commit e4f361382c
1 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
doc/sngrep.8
View File

@ -13,12 +13,14 @@ sngrep \- SIP Messages flow viewer
.B sngrep [-hVcivlkNq] [ -IO .B sngrep [-hVcivlkNq] [ -IO
.I pcap_dump .I pcap_dump
.B ] [ -d .B ] [ -d
.I dev .I dev
.B ] [ -l .B ] [ -l
.I limit .I limit
.B ] [ -k .B ] [ -k
.I keyfile .I keyfile
.B ] [-LH
.I capture_url
.B ] [ .B ] [
.I <match expression> .I <match expression>
.B ] [ .B ] [
@ -30,7 +32,7 @@ sngrep is a terminal tool that groups SIP (Session Initiation Protocol)
Messages by Call-Id, and displays them in arrow flows similar to the used in Messages by Call-Id, and displays them in arrow flows similar to the used in
SIP RFCs. The aim of this tool is to make easier the process of learnig or SIP RFCs. The aim of this tool is to make easier the process of learnig or
debugging SIP. It recognizes UDP, TCP and partially TLS SIP packets and debugging SIP. It recognizes UDP, TCP and partially TLS SIP packets and
understands bpf filter logic in the same way understands bpf filter logic in the same way
.B ngrep (8) .B ngrep (8)
and and
.B tcpdump (1) .B tcpdump (1)
@ -62,12 +64,12 @@ Invert match expression.
Read packets from pcap file instead of network devices. This option can be used Read packets from pcap file instead of network devices. This option can be used
with bpf filters. with bpf filters.
.TP .TP
.I \-O pcap_dump .I \-O pcap_dump
Save all captured packets to a pcap file. This option can be used Save all captured packets to a pcap file. This option can be used
with bpf filters. with bpf filters.
.TP .TP
.I \-d dev .I \-d dev
Use this capture device instead of default (\fIany\fP). Use this capture device instead of default (\fIany\fP).
@ -77,7 +79,16 @@ Use private keyfile to decrypt TLS packets.
.TP .TP
.I -l limit .I -l limit
Change default capture limit (10000 dialogs) Change default capture limit (20000 dialogs)
Limit must be a numeric value above 1 and can not be disabled. This is both
security measure to avoid unlimited memory usage and also used internally
in sngrep to manage hash table sizes.
.TP
.I -R
Remove oldest dialog when the capture limit has reached
Altough not recommended, this can be used to keep sngrep running during long
times with some control over consumed memory.
.TP .TP
.I -N .I -N
@ -87,6 +98,16 @@ Don't display sngrep interface, just capture
.I -q .I -q
Don't print captured dialogs in no interface mode Don't print captured dialogs in no interface mode
.TP
.I -H
Send captured packets to a HEP server (like Homer or another sngrep)
Argument must be an IP address and port in the format: udp:A.B.C.D:PORT
.TP
.I -L
Start a HEP server listening for packets
Argument must be an IP address and port in the format: udp:A.B.C.D:PORT
.TP .TP
.I match expression .I match expression
Match given expression in Messages' payload. If one request message matches the Match given expression in Messages' payload. If one request message matches the