Examples: sngrep

Lorenzo Mangani edited this page Apr 30, 2016 · 6 revisions

sngrep

Irontec's awesome sngrep 1.x+ introduces command line option (-H) and settings (eep.send) to send capture data in HEP/EEP to Homer and to run headless as a capture agent:

  • -H or --eep-send: Send captured data to other Homer (udp:10.10.10.10:9060)
  • -N or --no-interface: Don't display sngrep interface, just capture
  • -q or --quiet: Don't print captured dialogs in no interface mode

Example: SIP

Mirror all SIP packets from all devices with src||dst port 5060 to Homer

sngrep port 5060 -H udp:10.10.10.10:9060 --no-interface -q

Example: TLS

Mirror all SIP/TLS packets from all devices with src||dst portrange 5060-5061 to Homer

sngrep portrange 5060-5061 -k ./privkey.pem -H udp:10.10.10.10:9060 --no-interface -q

For further information please visit the sngrep wiki.