sngrep

sngrep

Since March 2017 Sngrep is installed on all systems by default. This is a very useful tool to help troubleshoot all types of sip related issues.

If you installed FusionPBX prior to March 2017 you can still manually install sngrep.

Manual Install

From your FusionPBX install SSH window or console window

cd /usr/src
git clone https://github.com/fusionpbx/fusionpbx-install.sh.git
cd /usr/src/fusionpbx-install.sh/debian/resources/
./sngrep.sh

Command

sngrep

sngrep: https://github.com/irontec/sngrep

See `--help` for a list of available flags and their syntax

For example, sngrep can be used to view SIP packets from a pcap file, also applying filters

    sngrep -I file.pcap host 192.168.1.1 and port 5060

or live capturing, saving packets to a new file

    sngrep -d eth0 -O save.pcap port 5060 and udp

root@fs-COM-BT:/mnt/fsvoip/src/fsapp# sngrep -O save.pcap

root@fs-COM-BT:/mnt/fsvoip/src/fsapp# sngrep -I save.pcap

 

Call Quality and Monitoring

Call quality can be a nucense in the voip world. Having a way to track and make reports are a very needed tool.

Homer

Homer is well known to help track and graph quality issues with SIP like utilizing QoS Reports.

Quote:

HOMER is a robust, carrier-grade, scalable SIP Capture system and VoiP Monitoring Application offering HEP/EEP, IP Proto4 (IPIP) encapsulation & port mirroring/monitoring support right out of the box, ready to process & store insane amounts of signaling, logs and statistics with instant search, end-to-end analysis and drill-down capabilities for ITSPs, VoIP Providers and Trunk Suppliers using SIP signaling protocol.

To install and configure Homer visit https://github.com/sipcapture/homer

 

================================================================================================

以下摘自

呼叫中心使用技巧之 sngrep捕获sip数据包

安装请参考 https://github.com/irontec/sngrep/wiki/Building
演示使用centos7安装配置
git clone git@github.com:irontec/sngrep.git –depth=1
 

1

cd sngrep/

./bootstrap.sh


2

报错缺少依赖 直接安装依赖即可
yum install -y ncurses-devel make libpcap-devel pcre-devel openssl-devel git gcc autoconf automake

3

脚本执行成功

你可以将以下标志传递给. /configure 以启用某些功能
配置标志功能
–with-openssl 添加OpenSSL支持来解析捕获的消息( 请求。 libssl )
–with-gnutls 添加GnuTLS支持来解析捕获的消息( 请求。 gnutls )
–with-pcre 在正则表达式字段中添加Perl兼容的正规表达式 支持
–enable-unicode 添加 Ncurses/unicode支持( 要求。 libncursesw5 )
–enable-ipv6 启用IPv6数据包捕获支持。
–enable-eep 启用EEP数据包发送/接收支持。

./configure


4

执行成功
make && make install

 

运行sngrep
呼叫列表窗口
空格选中呼叫流 ,回车进入


5

呼叫流窗口
CSeq简单的呼叫流着色消息 


6

通过请求/响应着色消息的多个呼叫流的组合视图 


7

SIP消息上的语法 


8

点击回车进入调用原始窗口


9

空格选中两条消息流,回车进入消息差异窗口


10

F8设置


11

列表选择


12

F7滤镜对话框


13

F2保存对话框


14

统计


15

sngrep –help
Usage: sngrep [-hVcivNqrD] [-IO pcap_dump] [-d dev] [-l limit] [] [] -h –help This usage
-V –version Version information
-d –device Use this capture device instead of default
-I –input Read captured data from pcap file #sngrep -I sip.pcap
-O –output Write captured data to pcap file
-c –calls Only display dialogs starting with INVITE
-r –rtp Capture RTP packets payload
-l –limit Set capture limit to N dialogs
-i –icase Make case insensitive
-v –invert Invert 
-N –no-interface Don’t display sngrep interface, just capture
-q –quiet Don’t print captured dialogs in no interface mode
-D –dump-config Print active configuration settings and exit
-f –config Read configuration from file
-F –no-config Do not read configuration from default config file
-R –rotate Rotate calls when capture limit have been reached

抓取INVITE请求的包:
sngrep ^INVITE

抓取REGISTER请求的包:
sngrep ^REGISTER

抓取OPTIONS请求的包:
sngrep ^OPTIONS

捕获端口5060上的所有SIP数据包:
sngrep port 5060

使用sngrep查看来自pcap文件的SIP数据包，并使用过滤器:
sngrep -I file.pcap host 192.168.1.1 and port 5060

或实时捕获，将数据包保存到新文件:
sngrep -d eth0 -O save.pcap port 5060 and udp