tcpdump-iwlan0-s0-w1.cap&
tcpdump-irmnet0-s0-wtest.cap&
第一个是wifi的第二格是移动网络的
服务器端信令抓包
1. Download and
installWireshark
on your windows computer.
2. Download and
installWinSCP
on your windows computer.
3. Use putty to
login to your linux server.
4Once logged in use the following command to
start the SIP capture:
tcpdump -i eth1 -t -n -s 0 port 5060 -vvv
-w /home/capture_file_name.cap
-i = interface you want to capture on,
eth0, eth1, eth2, etc, you will want to do this on your public
interface most likely.
-t =
time
-n = Do not convert ip addresses to names,
prevents dns lookups.
-s = How many bytes of data to grab from
each packet, zero means use the required length to catch whole
packets.
port = What port to listen to, 5060 is the
default port for SIP.
-vvv = Even more verbose output, this will
give you as many details as possible.
-w = Write to a raw file to be parsed
later.
5. Now that we are capturing packets let it
run for a while at least 5 to 10 minutes to collect some data then
to stop the capture use CTRL Key + C.
6. Once you stopped the capture login to
the server using WinSCP and go to the home directory. You will find
the capture file in there just copy that file to your windows
computer so you will be able to open it with Wireshark.