Sniffer troubleshooting: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 2: | Line 2: | ||
*Always check if you actually see the SIP traffic. The easest way it to run (apt-get install tshark | yum install wireshark) tshark -i eth1 -R sip | *Always check if you actually see the SIP traffic. The easest way it to run (apt-get install tshark | yum install wireshark) tshark -i eth1 -R sip | ||
*if you do not see traffic, make sure that the interface is UP (ip link set up dev eth1) | *if you do not see traffic, make sure that the interface is UP (ip link set up dev eth1) | ||
*if you use "-i any" and you are port-mirroring traffic, make sure you put interface to promisc mode (ifconfig eth1 promisc; ifconfig eth2 | *if you use "-i any" and you are port-mirroring traffic, make sure you put interface to promisc mode (ifconfig eth1 promisc; ifconfig eth2 promisc;) you can put this directly in /etc/init.d/voipmonitor | ||
*Check /var/log/syslog or /var/log/messages for any problems related to voipmonitor. | *Check /var/log/syslog or /var/log/messages for any problems related to voipmonitor. | ||
*Check if voipmonitor is running "ps axl |grep voipmonitor" and is using configuration file (--config-file /...) | *Check if voipmonitor is running "ps axl |grep voipmonitor" and is using configuration file (--config-file /...) |
Latest revision as of 17:16, 29 July 2015
voipmonitor does not sniff anything
- Always check if you actually see the SIP traffic. The easest way it to run (apt-get install tshark | yum install wireshark) tshark -i eth1 -R sip
- if you do not see traffic, make sure that the interface is UP (ip link set up dev eth1)
- if you use "-i any" and you are port-mirroring traffic, make sure you put interface to promisc mode (ifconfig eth1 promisc; ifconfig eth2 promisc;) you can put this directly in /etc/init.d/voipmonitor
- Check /var/log/syslog or /var/log/messages for any problems related to voipmonitor.
- Check if voipmonitor is running "ps axl |grep voipmonitor" and is using configuration file (--config-file /...)