Command tshark - Pepelux/sippts GitHub Wiki

Usage

$ sippts tshark -h

Target:
  -f FILE         PCAP file to analyze
  -filter FILTER  Filter data to show

RTP:
  -o FILE         Save RTP streams into a PCAP file
  -rtp_extract    Extract RTP streams. Ex: -rtp_extract -r 1210 -o rtp.pcap
  -r PORT         RTP port to extract streams

Other options:
  -nocolor        Show result without colors
  -h, --help      Show this help

Filters:
-------
stats               SIP packet statistics
auth                Show auth digest
messages            Show all SIP messages
frame <id>          Show a SIP message filtering by frame number
method <method>     Filter frames by method: register, invite, ...
callids             Show all call-ID
callid <cid>        Filter by call-ID
rtp                 Show all RTP streams

Examples

$ python3 siptshark.py -f captura3.pcap -filter auth

Captured Authentication Digest:

Authorization: Digest username="test201", realm="10.0.0.1", nonce="XhXFKF4Vw/ynsVCQ0eu1nE+pojkDWeo5", uri="sip:192.168.1.1:5061", response="19015a14601fd62b781ba7164e8fe10c", algorithm=MD5, cnonce="03382053", qop=auth, nc=00000006

Authorization: Digest username="test202", realm="10.0.0.1", nonce="XhXEyF4Vw5yhaW8ey8QmXmzDOTRBHc4j", uri="sip:192.168.1.1", response="4fa59b5fe2127856eda31a4f2dcd41d1", algorithm=MD5, cnonce="05606883", qop=auth, nc=00000003

$ sippts tshark -f captura3.pcap -filter rtp

Captured RTP streams:

========================= RTP Streams ========================
   Start time      End time     Src IP addr  Port    Dest IP addr  Port       SSRC          Payload  Pkts         Lost   Min Delta(ms)  Mean Delta(ms)   Max Delta(ms)  Min Jitter(ms) Mean Jitter(ms)  Max Jitter(ms) Problems?
    57.057395     58.657030    192.168.1.1 15048  192.168.1.2 54140 0x533FD021            g711U    81     0 (0.0%)          19.770          19.995          20.209           0.014           0.055           0.077
    54.210676     56.871338    192.168.1.1 15048  192.168.1.2 54140 0x5B0AFE1C            g711U   134     0 (0.0%)          15.963          20.005          23.310           0.014           0.670           1.277
==============================================================

$ sippts tshark -f captura3.pcap -filter stats

Dialog statistics:


===================================================================
SIP Statistics

Number of SIP messages: 28
Number of resent SIP messages: 2

* SIP Status Codes in reply packets
  SIP 200 OK              :     7 Packets
  SIP 420 Bad Extension   :     2 Packets
  SIP 100 Trying          :     1 Packets
  SIP 401 Unauthorized    :     3 Packets
  SIP 183 Session Progress :     1 Packets

* List of SIP Request methods
  INVITE          :     2 Packets
  ACK             :     4 Packets
  REGISTER        :     7 Packets
  BYE             :     1 Packets

* Average setup time 2367 ms
 Min 26 ms
 Max 9027 ms
===================================================================
⚠️ **GitHub.com Fallback** ⚠️