Sv translation | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||
FiltersSimply filtering for a particular SIP host, for example all traffic from and to a PBX, could be achieved using the following filter:
This filter could be used to filter all packets from and to a particular subnet, for example a subnet with a PBX and extensions:
If several trunks are present, it may be necessary to filter all SIP packets. This cannot be done reliably by capturing only port 5060 - this will miss extremely large SIP messages (in particular INVITE) in some setups - the UDP packet may be fragmented, and some of the message will be missing.
Command Line TracingList InterfacesThe following command can be used to list all interfaces for tracing from the command line with the -i option:
Howto: create a wireshark rotating dump file with a fixed sizeThis can be useful, to create wireshark traces on a machine where a problem is being analysed, but the trace must be left running for a long time. This command specifies the interface to use (-i), includes a capture filter (-f), and limits the number of files to 10, and the file size to 100000KB.
|
...