Hello,
network sniffers (such as wireshark, ngrep, tcpdump, sngrep, ...)
capture the traffic at network interface layer (well, using some
kernel hooks), before getting to application layer (even before
the firewall) and I expect is the same for heplify. They do not
"receive" the packets like an application that does "listen", just
take a copy of the traffic via those kernel hooks and then the
packets are sent to the application layer. In other words, heplify
doesn't received the sip traffic and then resends it locally, just
gets a copy of the traffic.
Cheers,
Daniel
Regards, IgorOn 26 Oct 2019, 21:21 +0200, Federico Cabiddu <federico.cabiddu@gmail.com>, wrote:
Just use heplify or captagent for this:
You can run them on the same machines where you're running your sip services and send the captured traffic to a homer instance.
Cheers,
Federico
_______________________________________________On Sat, 26 Oct 2019, 20:40 Igor Olhovskiy, <igorolhovskiy@gmail.com> wrote:
I'm trying to avoid SIP packet touching at all. Plus, I can't move third-party soft to other port/interface or so.
Idea is I don't want for Kamailio to be a proxy, but a sip packet analyzer for mirrored port, but on same machine.
On Oct 26 2019, at 6:40 pm, David Villasmil <david.villasmil.work@gmail.com> wrote:_______________________________________________Why not just receiving with kamailio and transparently proxying to the pbx after capturing? I.e.: kamailio in the middle
On Sat, 26 Oct 2019 at 14:46, Igor Olhovskiy <igorolhovskiy@gmail.com> wrote:Hi!
I'm trying to get Kamailio working as a traffic capture on a same machine with other PBX software installed.
Actually, traffic is mirrored with
iptables -A PREROUTING -t mangle -i eth0 -p udp --dport 5060 -j TEE --gateway 127.0.0.2iptables -t nat -A PREROUTING -d 127.0.0.2 -p udp --dport 5060 -j DNAT --to 127.0.0.1:5062
Kamailio request route is super simplerequest_route {xlog("L_ALERT", "[SIP-PACKET] Got packet [F=$fu R=$ru D=$du M=$rm IP=($si:$sp $Ri:$Rp) ID=$ci]\n");drop;}
I was trying to get Kamailio just listen on interface 127.0.0.1:5062, but no luck
listen=udp:127.0.0.1:5062
Next was to use sipcapture module with following parameters
loadmodule "sipcapture.so"modparam("sipcapture", "db_url", "text:///tmp/")modparam("sipcapture", "raw_socket_listen", "127.0.0.1:5060-5062")modparam("sipcapture", "raw_interface", "lo")modparam("sipcapture", "promiscious_on", 1)
Also no luck. Means Kamailio can't see packets, but I see em with wireshark on lo interface.
What is best way to get it working? Or I'm missing something?
Thanks!_______________________________________________Kamailio (SER) - Users Mailing List--_______________________________________________Kamailio (SER) - Users Mailing List
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training, Oct 21-23, 2019, Berlin, Germany -- https://asipto.com/u/kat