Ipgrab is an network protocol grab utility which may be used for a SIP message sniffing/analyzing. Ipgrab may be installed directly from debian repository:
apt-get install ipgrab
The usage for SIP message analysis may look like
ipgrab -i eth0 -lmnt port 5060 ipgrab 0.9.9 Listening on device eth0 (ethernet) 1 1317991855.410595 SIP INVITE sip:jan@ps.sip.uniza.sk SIP/2.0 2 1317991855.412129 SIP SIP/2.0 407 Proxy Authentication Required 3 1317991855.414234 SIP ACK sip:jan@ps.sip.uniza.sk SIP/2.0 4 1317991855.416493 SIP INVITE sip:jan@ps.sip.uniza.sk SIP/2.0 5 1317991855.418473 SIP SIP/2.0 100 trying -- your call is important to us 6 1317991855.418726 SIP INVITE sip:jan@192.168.10.108:57903;transport=udp SIP/2.0
where
-i – is an interface on which listen to
-m – minimal mode output.
-n – don’t display network layer headers
-t – don’t display transport layer headers.
port 5060 – tcpdump like expresion which specify port number
More info inside of the manual or use man pages for ipgrab and tcpdump (expresions).