...
Sv translation | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||
FiltersSimply filtering for a particular SIP host, for example all traffic from and to a PBX, could be achieved using the following filter:
If several trunks are present, it may be necessary to filter all SIP packets. This cannot be done reliably by capturing only port 5060 - this will miss extremely large SIP messages (in particular INVITE) in some setups - the UDP packet may be fragmented, and some of the message will be missing.
Howto: create a wireshark rotating dump file with a fixed sizeThis can be useful, to create wireshark traces on a machine where a problem is being analysed, but the trace must be left running for a long time. This command specifies the interface to use (-i), includes a capture filter (-f), and limits the number of files to 10, and the file size to 100000KB.
|