[SR-Users] Kamailio to capture mirrored traffic
Igor Olhovskiy
igorolhovskiy at gmail.com
Sat Oct 26 15:45:33 CEST 2019
Hi!
I'm trying to get Kamailio working as a traffic capture on a same machine with other PBX software installed.
Actually, traffic is mirrored with
iptables -A PREROUTING -t mangle -i eth0 -p udp --dport 5060 -j TEE --gateway 127.0.0.2 (https://link.getmailspring.com/link/AB5F9D36-533D-4A52-ADE3-FB76B813163C@getmailspring.com/0?redirect=127.0.0.2&recipient=c3ItdXNlcnNAbGlzdHMua2FtYWlsaW8ub3Jn)
iptables -t nat -A PREROUTING -d 127.0.0.2 -p udp --dport 5060 -j DNAT --to 127.0.0.1:5062 (https://link.getmailspring.com/link/AB5F9D36-533D-4A52-ADE3-FB76B813163C@getmailspring.com/1?redirect=127.0.0.1%3A5062&recipient=c3ItdXNlcnNAbGlzdHMua2FtYWlsaW8ub3Jn)
Kamailio request route is super simple
request_route {
xlog("L_ALERT", "[SIP-PACKET] Got packet [F=$fu R=$ru D=$du M=$rm IP=($si:$sp $Ri:$Rp) ID=$ci]\n");
drop;
}
I was trying to get Kamailio just listen on interface 127.0.0.1:5062, but no luck
listen=udp:127.0.0.1:5062
Next was to use sipcapture module with following parameters
loadmodule "sipcapture.so"
modparam("sipcapture", "db_url", "text:///tmp/")
modparam("sipcapture", "raw_socket_listen", "127.0.0.1:5060-5062")
modparam("sipcapture", "raw_interface", "lo")
modparam("sipcapture", "promiscious_on", 1)
Also no luck. Means Kamailio can't see packets, but I see em with wireshark on lo interface.
What is best way to get it working? Or I'm missing something?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191026/92d682a7/attachment.html>
More information about the sr-users
mailing list