[Serusers] Remote Access for SIP trace

Wed Nov 23 13:04:41 CET 2005

Greger,

Greger V. Teigre wrote:
> I know another approach has been to:
> a) Run tcpdump continously (or when tracing is required) and dump to a file
> b) Use sip_analyze to generate the SIP trace in HTML and make it available
> c) Make an HTML interface to sip_analyze where various filters could be set
> 

It's a nice idea!
What's sip_analyze?

Thanks for your reply.

> This way a simple html form can be used to create a trace.  The drawback
> is the tcpdump file, but you could use rotatelogs and clean up old dumps
> in cron.
> 
> This is one of the things that many people would like (or would benefit
> from) and I'm working on a debugging "framework" for the onsip.org
> Getting Started configs and such a setup would be useful. I would be
> interested to hear from anyone who have a working setup and who would
> like to contribute their code to open source.
> g-)
> 
> ----- Original Message ----- From: "Steve Blair" <blairs at isc.upenn.edu>
> To: "Rodrigo P. Telles" <telles at devel.it>
> Cc: <serusers at lists.iptel.org>
> Sent: Tuesday, November 22, 2005 10:02 PM
> Subject: Re: [Serusers] Remote Access for SIP trace
> 
> 
>>
>>
>> Rodrigo P. Telles wrote:
>>
> Hi Folks,
> 
> I'm using SER in a carrier grade mode and I need to create an
> interface (GUI) to
> our support team run SIP traces in our SER box.
> I think I have an idea to solve that problem but I don't know if it's
> the best
> one, follow the idea:
> 
> SERVER (SER)
> 1 - Run an application in daemon mode using libpcap to capture
> traffic on port 5060
> - listening on a TCP port
> - capture traffic all the time
> - push all captured traffic to that TCP port (any one who
> connect/telnet on
> that port can see the traffic - without authentication by now)
> 
> 
>>> This is sort of what we did for basic troubleshooting. The difference
>>> is that we provide a web
>>> interface with three links, 10 second, 30 second and 60 second
>>> capture. The duration of the
>>> capture is then passed to a cgi script that runs ethereal and displays
>>> the results on the web
>>> page. You could probably improve upon this by adding address filtering
>>> options to the web
>>> interface.
>>>
> CLIENT (GUI)
> 2 - Developed using JAVA || PHP-GTK || C++ || ....
> - Connect to remote port to listen the traffic
> - Can filter what do you want to see (show only filtered traffic or all)
> - Colorized matches
> - Can save the result of your dump/filter to a file
> - etc
> 
> 
>>> The web interface I described allows us to avoid writing anything
>>> other than some php and
>>> perl but a java interface would do too.
>>>
> So I did a concept proof...
> 
> 1 - Wrote a simple server program using Perl who run ngrep in SER box
> and push
> the captured traffic through it's listening TCP port;
> 2 - Wrote a simple client program using Perl who connect to a remote
> port and
> filter what you want to see or all the traffic;
> 
> ..and works like
>>>
>>> I'd probably do away with the client just because I don't like
>>> distributing software to
>>> clients but that's me :-)
>>>
> a charm :-)
> 
> I'd like to hear opnions from SER members about the idea.
> 
> Best regards,
> --
> ============================================
> Rodrigo P. Telles <telles at devel.it>
> IT Manager
> Devel-IT - http://www.devel.it
> IVOZ # 1029
> +55 14 3324-1200
> Bestcom Group
> ============================================
>>>
_______________________________________________
Serusers mailing list
serusers at lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
>>>
>>
>> _______________________________________________
>> Serusers mailing list
>> serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>