Wireshark mailing list archives
Re: SIP trace with tshark?
From: Jaap Keuter <jaap.keuter () xs4all nl>
Date: Sun, 6 Sep 2020 14:02:04 +0200
On 6 Sep 2020, at 10:59, Nicholas Saunders <saunders.nicholas () gmail com> wrote: How do I monitor port 5060 for SIP traffic? Something like: sudo tshark -d udp.port==5060,http obviously, not http. thanks, Nick
Hi, By default the SIP dissector is quite capable to pick up UDP packets on port 5060 for itself, so configuration like this is usually not needed. Otherwise see what ‘sip’ instead of ‘http’ brings. Thanks, Jaap ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- SIP trace with tshark? Nicholas Saunders (Sep 06)
- Re: SIP trace with tshark? Jaap Keuter (Sep 06)
- Re: SIP trace with tshark? Nicholas Saunders (Sep 06)
- Re: SIP trace with tshark? Graham Bloice (Sep 07)
- Re: SIP trace with tshark? Nicholas Saunders (Sep 06)
- Re: SIP trace with tshark? Nutkins, Tom (Sep 06)
- Re: SIP trace with tshark? Jaap Keuter (Sep 06)