Ciao Ovidiu! We're often in parallel :)
I found that if you create the transaction before creating (if any) the dialog, then the ACK is traced even from HEP. What I would add to the super nice recipe is: - let's give a portrange to sngrep, so it will not analyze all traffic on all ports, and will not trace the RTP packets too - let's give a limit on how many dialogs will keep in memory, default is 2000 - let's do a rotation of dialogs, FIFO, so will keep the latest and discard the older - let's try to understand fragmented udp too - let's use aliases for having names for our servers - let's not listen for HEP trace when we want (without duplicate display) - let's send both to a local sngrep and a remote homer - let's trace the 100 reply to INVITE too ========= let's put in .bashrc: alias sngrepa='sngrep -l 5000 -R -Ludp:127.0.0.1:9080 -v "OPTIONS\ sip" "portrange 5050-5090 or (ip[6:2] & 0x1fff) != 0"' alias sngrepw='sngrep -l 5000 -R -v "OPTIONS\ sip" "portrange 9069-9071 or (ip[6:2] & 0x1fff) != 0"' sngrepa will be used for "normal traffic", "sngrepw" for HEP trace the negation of OPTIONS would not be useful in sngrepw, but is there so the command line understands when the BPF filter begins ========= opensips.cfg: modparam("tm", "auto_100trying", 0) modparam("proto_hep", "hep_id", "[hep_dst] 127.0.0.1:9070; transport=udp; version=3") modparam("proto_hep", "hep_id", "[hep_dst2] 168.77.20.250:9060; transport=udp; version=3") modparam("proto_hep", "homer5_on", 1) modparam("proto_hep", "homer5_delim", "#") modparam("proto_hep", "hep_capture_id", 100) modparam("tracer", "trace_on", 1) modparam("tracer", "trace_id", "[sngrep]uri=hep:hep_dst") modparam("tracer", "trace_id", "[homer]uri=hep:hep_dst2") route { t_newtran(); if (!has_totag()) { if(is_method("INVITE") ) { trace("sngrep", "D"); trace("homer", "D"); send_reply(100, "Trying Hard"); } } else { match_dialog(); } if(is_method("MESSAGE|REGISTER|SUBSCRIBE|NOTIFY|PUBLISH") ) { trace("sngrep", "T"); trace("homer", "T"); } } local_route { if(is_method("NOTIFY") ) { trace("sngrep", "M"); trace("homer", "M"); } } onreply_route[local] { if(is_method("NOTIFY") ) { trace("sngrep", "M"); trace("homer", "M"); } } ========= beginning of the commonc .sngreprc: alias 168.77.20.201 FS1 alias 168.77.20.202 FS2 alias 168.77.20.203 FS3 alias 67.153.242.46 LB alias 168.77.20.200 LB alias 194.143.78.61 GW1 alias 94.43.18.61 GW2 ... set background default ... set eep.listen on set eep.listen.version 3 set eep.listen.address 127.0.0.1 set eep.listen.port 9070 set eep.listen.pass set eep.listen.uuid off -giovanni On Wed, Mar 24, 2021 at 2:43 AM Ovidiu Sas <o...@voipembedded.com> wrote: > Hello all, > > Here's a quick recipe to ease the troubleshooting of encrypted SIP traffic: > > https://voipembedded.wordpress.com/2021/03/23/troubleshooting-opensips-encrypted-sip-traffic/ > > Regards, > Ovidiu Sas > > -- > VoIP Embedded, Inc. > http://www.voipembedded.com > > _______________________________________________ > Users mailing list > Users@lists.opensips.org > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > -- Sincerely, Giovanni Maruzzelli OpenTelecom.IT cell: +39 347 266 56 18
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users