Ciao Giovanni, Those are great additions! I will integrate them into the blog, to be more comprehensive.
Thanks, Ovidiu On Wed, Mar 24, 2021 at 10:31 AM Giovanni Maruzzelli <[email protected]> wrote: > > Ciao Ovidiu! > > We're often in parallel :) > > I found that if you create the transaction before creating (if any) the > dialog, then the ACK is traced even from HEP. > > What I would add to the super nice recipe is: > > - let's give a portrange to sngrep, so it will not analyze all traffic on all > ports, and will not trace the RTP packets too > - let's give a limit on how many dialogs will keep in memory, default is 2000 > - let's do a rotation of dialogs, FIFO, so will keep the latest and discard > the older > - let's try to understand fragmented udp too > - let's use aliases for having names for our servers > - let's not listen for HEP trace when we want (without duplicate display) > > - let's send both to a local sngrep and a remote homer > - let's trace the 100 reply to INVITE too > > ========= > > let's put in .bashrc: > > alias sngrepa='sngrep -l 5000 -R -Ludp:127.0.0.1:9080 -v "OPTIONS\ sip" > "portrange 5050-5090 or (ip[6:2] & 0x1fff) != 0"' > alias sngrepw='sngrep -l 5000 -R -v "OPTIONS\ sip" "portrange 9069-9071 or > (ip[6:2] & 0x1fff) != 0"' > > sngrepa will be used for "normal traffic", "sngrepw" for HEP trace > the negation of OPTIONS would not be useful in sngrepw, but is there so the > command line understands when the BPF filter begins > > ========= > > opensips.cfg: > > modparam("tm", "auto_100trying", 0) > > modparam("proto_hep", "hep_id", "[hep_dst] 127.0.0.1:9070; transport=udp; > version=3") > modparam("proto_hep", "hep_id", "[hep_dst2] 168.77.20.250:9060; > transport=udp; version=3") > modparam("proto_hep", "homer5_on", 1) > modparam("proto_hep", "homer5_delim", "#") > modparam("proto_hep", "hep_capture_id", 100) > > modparam("tracer", "trace_on", 1) > modparam("tracer", "trace_id", "[sngrep]uri=hep:hep_dst") > modparam("tracer", "trace_id", "[homer]uri=hep:hep_dst2") > > route { > t_newtran(); > > if (!has_totag()) { > if(is_method("INVITE") ) { > trace("sngrep", "D"); > trace("homer", "D"); > send_reply(100, "Trying Hard"); > } > } else { > match_dialog(); > } > > if(is_method("MESSAGE|REGISTER|SUBSCRIBE|NOTIFY|PUBLISH") ) { > trace("sngrep", "T"); > trace("homer", "T"); > } > } > > local_route { > if(is_method("NOTIFY") ) { > trace("sngrep", "M"); > trace("homer", "M"); > } > } > > onreply_route[local] { > if(is_method("NOTIFY") ) { > trace("sngrep", "M"); > trace("homer", "M"); > } > } > > ========= > > beginning of the commonc .sngreprc: > > alias 168.77.20.201 FS1 > alias 168.77.20.202 FS2 > alias 168.77.20.203 FS3 > alias 67.153.242.46 LB > alias 168.77.20.200 LB > alias 194.143.78.61 GW1 > alias 94.43.18.61 GW2 > ... > set background default > ... > set eep.listen on > set eep.listen.version 3 > set eep.listen.address 127.0.0.1 > set eep.listen.port 9070 > set eep.listen.pass > set eep.listen.uuid off > > > -giovanni > > > On Wed, Mar 24, 2021 at 2:43 AM Ovidiu Sas <[email protected]> wrote: >> >> Hello all, >> >> Here's a quick recipe to ease the troubleshooting of encrypted SIP traffic: >> https://voipembedded.wordpress.com/2021/03/23/troubleshooting-opensips-encrypted-sip-traffic/ >> >> Regards, >> Ovidiu Sas >> >> -- >> VoIP Embedded, Inc. >> http://www.voipembedded.com >> >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > -- > Sincerely, > > Giovanni Maruzzelli > OpenTelecom.IT > cell: +39 347 266 56 18 > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users -- VoIP Embedded, Inc. http://www.voipembedded.com _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
