Sniffer troubleshooting: Difference between revisions

From VoIPmonitor.org
Jump to navigation Jump to search
(Created page with "= voipmonitor does not sniff anything = *Always check if you actually see the SIP traffic. The easest way it to run (apt-get install tshark | yum install wireshark) tsh...")
 
No edit summary
Line 2: Line 2:
*Always check if you actually see the SIP traffic. The easest way it to run  (apt-get install tshark  |    yum install wireshark)  tshark -i eth1 -R sip  
*Always check if you actually see the SIP traffic. The easest way it to run  (apt-get install tshark  |    yum install wireshark)  tshark -i eth1 -R sip  
*if you do not see traffic, make sure that the interface is UP (ip link set up dev eth1)  
*if you do not see traffic, make sure that the interface is UP (ip link set up dev eth1)  
*if you use "-i any" and you are port-mirroring traffic, make sure you put interface to promisc mode (ifcofnig eth1 promisc; ifcofnig eth2 promis;) you can put this directly in /etc/init.d/voipmonitor  
*if you use "-i any" and you are port-mirroring traffic, make sure you put interface to promisc mode (ifconfig eth1 promisc; ifconfig eth2 promis;) you can put this directly in /etc/init.d/voipmonitor  
*Check /var/log/syslog or /var/log/messages for any problems related to voipmonitor.  
*Check /var/log/syslog or /var/log/messages for any problems related to voipmonitor.  
*Check if voipmonitor is running "ps axl |grep voipmonitor" and is using configuration file (--config-file /...)
*Check if voipmonitor is running "ps axl |grep voipmonitor" and is using configuration file (--config-file /...)

Revision as of 16:37, 29 July 2015

voipmonitor does not sniff anything

  • Always check if you actually see the SIP traffic. The easest way it to run (apt-get install tshark | yum install wireshark) tshark -i eth1 -R sip
  • if you do not see traffic, make sure that the interface is UP (ip link set up dev eth1)
  • if you use "-i any" and you are port-mirroring traffic, make sure you put interface to promisc mode (ifconfig eth1 promisc; ifconfig eth2 promis;) you can put this directly in /etc/init.d/voipmonitor
  • Check /var/log/syslog or /var/log/messages for any problems related to voipmonitor.
  • Check if voipmonitor is running "ps axl |grep voipmonitor" and is using configuration file (--config-file /...)