could you please provide pcap traces? or simply enable the sip msg traces via cli.
Samsung Mobile tarafından gönderildi -------- Orjinal mesaj -------- Kimden: Paul Miller Tarih:2014 10 04 1:28 AM (GMT+02:00) Alıcı: Volkan KUMBASAR Cc: sipp-users Konu: Re: [Sipp-users] Regex CSeq issue Hi Volkan, It caused a mall formed packet alert in wireshark and shows like this: Status-Line: SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.0.65:5060;branch=z9hG4bKPj6fdc4a99f1cb4e47bcea48de5e1c1d57 From: "Paul" <sip:192.168.0.65>;tag=cb3ad175c1b24240afa45c21759c818f To: <sip:[email protected]<mailto:sip%[email protected]>>;tag=1 Date: Fri, 03 Oct 2014 22:08:00 GMT Call-ID: 8de1d05d49f149b291c8fed43b874836 Server: Cisco-SIPGateway/IOS-15.3.2.T branch=z9hG4bKPj6fdc4a99f1cb4e47bcea48de5e1c1d57 CSeq: Content-Length: 0 I am not sure if I can attach an image to the mailing list, but I am willing to sent my scenario and the wireshark trace if anyone thinks I am somehow adding non standard characters. Thanks Paul On Sat, Oct 4, 2014 at 10:03 AM, Volkan KUMBASAR <[email protected]<mailto:[email protected]>> wrote: Hi Paul, You need to add “CSeq:” header. So, could you re-test the scenario with following 200 OK: <send> <![CDATA[ SIP/2.0 200 OK Via: SIP/2.0/[transport] [remote_ip]:[remote_port];[$PRKbranch] [last_From:] [last_To:] Date: [date] [last_Call-ID:] Server: Cisco-SIPGateway/IOS-15.3.2.T CSeq: [$PRKcseq] Content-Length: 0 ]]> </send> On 03 Oct 2014, at 22:44, Paul Miller <[email protected]<mailto:[email protected]><mailto:[email protected]<mailto:[email protected]>>> wrote: Hi there, I am trying to get the CSeq number from a UAS transaction in fact a PRACK message, I have tried many regex and have finally realised there is something else going on. As you can see below the branch parameter is being handled correctly but the CSeq header is not, ideas? XML Extract: <!-- PRACK transaction initiated by Network --> <recv request="PRACK"> <action> <ereg regexp="[Bb]ranch=(.*)" search_in="hdr" header="Via:" check_it="true" assign_to="PRKbranch" /> <ereg regexp=":\s+(.*)@" search_in="hdr" header="From:" check_it="true" assign_to="INVFromUser" /> <ereg regexp=".*" search_in="hdr" header="To:" check_it="true" assign_to="INVTo" /> <ereg regexp=".*" search_in="hdr" header="CSeq:" check_it="true" assign_to="PRKcseq" /> </action> </recv> <!-- 200 OK (PRACK)...... --> <send> <![CDATA[ SIP/2.0 200 OK Via: SIP/2.0/[transport] [remote_ip]:[remote_port];[$PRKbranch] [last_From:] [last_To:] Date: [date] [last_Call-ID:] Server: Cisco-SIPGateway/IOS-15.3.2.T [$PRKbranch] [$PRKcseq] Content-Length: 0 ]]> </send> The 200 OK from wireshark (note the Branch is there twice once as a parameter of the via hdr and once on the base message (correct) but the Cseq line is not there at all) SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.0.65:5060;branch=z9hG4bKPjb7d0a29d01fc4f308efa40f0cfea6a76 From: "Paul" <sip:[email protected]<mailto:sip%[email protected]><mailto:sip%[email protected]<mailto:sip%[email protected]>>>;tag=aa189dfaa2904bf78deb3c90e81776a0 To: <sip:[email protected]<mailto:sip%[email protected]><mailto:sip%[email protected]<mailto:sip%[email protected]>>>;tag=1 Date: Thu, 02 Oct 2014 04:23:41 GMT Call-ID: eecb48282c5e413c9dce2439bfdde27b Server: Cisco-SIPGateway/IOS-15.3.2.T branch=z9hG4bKPjb7d0a29d01fc4f308efa40f0cfea6a76 Content-Length: 0 Thanks Paul ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk_______________________________________________ Sipp-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/sipp-users Bu e-posta mesaji ve ekleri gönderildigi kisi ya da kuruma özeldir ve gizlidir. Ayrica hukuken de gizli olabilir. Hiçbir sekilde üçüncü kisilere açiklanamaz ve yayinlanamaz. Eger mesajin gönderildigi alici degilseniz bu elektronik postanin içerigini açiklamaniz, kopyalamaniz, yönlendirmeniz ve kullanmaniz kesinlikle yasaktir ve bu elektronik postayi ve eklerini derhal silmeniz gerekmektedir. NETAS TELEKOMÜNIKASYON A.S. bu mesajin içerdigi bilgilerin dogrulugu veya eksiksiz oldugu konusunda herhangi bir garanti vermemektedir. Bu nedenle bu bilgilerin ne sekilde olursa olsun içeriginden, iletilmesinden, alinmasindan, saklanmasindan ve kullanilmasindan sorumlu degildir. Bu mesajdaki görüsler gönderen kisiye ait olup, NETAS TELEKOMÜNIKASYON A.S.’nin görüslerini yansitmayabilir. ------------------------------------------------------- This e-mail and its attachments are private and confidential and intended for the exclusive use of the individual or entity to whom it is addressed. It may also be legally confidential. Any disclosure, distribution or other dissemination of this message to any third party is strictly prohibited. If you are not the intended recipient you are hereby notified that any dissemination, forwarding, copying or use of any of the information is strictly prohibited, and the e-mail should immediately be deleted. NETAS TELEKOMÜNIKASYON A.S. makes no warranty as to the accuracy or completeness of any information contained in this message and hereby excludes any liability of any kind for the information contained therein or for the transmission, reception, storage or use of such information in any way whatsoever. The opinions expressed in this message are those of the sender and may not necessarily reflect the opinions of NETAS TELEKOMÜNIKASYON A.S. Bu e-posta mesajı ve ekleri gönderildiği kişi ya da kuruma özeldir ve gizlidir. Ayrıca hukuken de gizli olabilir. Hiçbir şekilde üçüncü kişilere açıklanamaz ve yayınlanamaz. Eğer mesajın gönderildiği alıcı değilseniz bu elektronik postanın içeriğini açıklamanız, kopyalamanız, yönlendirmeniz ve kullanmanız kesinlikle yasaktır ve bu elektronik postayı ve eklerini derhal silmeniz gerekmektedir. NETAŞ TELEKOMÜNİKASYON A.Ş. bu mesajın içerdiği bilgilerin doğruluğu veya eksiksiz olduğu konusunda herhangi bir garanti vermemektedir. Bu nedenle bu bilgilerin ne şekilde olursa olsun içeriğinden, iletilmesinden, alınmasından, saklanmasından ve kullanılmasından sorumlu değildir. Bu mesajdaki görüşler gönderen kişiye ait olup, NETAŞ TELEKOMÜNİKASYON A.Ş.’nin görüşlerini yansıtmayabilir. ------------------------------------------------------- This e-mail and its attachments are private and confidential and intended for the exclusive use of the individual or entity to whom it is addressed. It may also be legally confidential. Any disclosure, distribution or other dissemination of this message to any third party is strictly prohibited. If you are not the intended recipient you are hereby notified that any dissemination, forwarding, copying or use of any of the information is strictly prohibited, and the e-mail should immediately be deleted. NETAŞ TELEKOMÜNİKASYON A.Ş. makes no warranty as to the accuracy or completeness of any information contained in this message and hereby excludes any liability of any kind for the information contained therein or for the transmission, reception, storage or use of such information in any way whatsoever. The opinions expressed in this message are those of the sender and may not necessarily reflect the opinions of NETAŞ TELEKOMÜNİKASYON A.Ş. ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Sipp-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/sipp-users
