Menu Close

Using ipgrab for SIP diagnostics

Ipgrab is an network protocol grab utility which may be used for a SIP message sniffing/analyzing. Ipgrab may be installed directly from debian repository:

apt-get install ipgrab

The usage for SIP message analysis may look like

ipgrab -i eth0 -lmnt port 5060
ipgrab 0.9.9
Listening on device eth0 (ethernet)
1 1317991855.410595 SIP INVITE SIP/2.0
2 1317991855.412129 SIP SIP/2.0 407 Proxy Authentication Required
3 1317991855.414234 SIP ACK SIP/2.0
4 1317991855.416493 SIP INVITE SIP/2.0
5 1317991855.418473 SIP SIP/2.0 100 trying -- your call is important to us
6 1317991855.418726 SIP INVITE sip:jan@;transport=udp SIP/2.0


-i – is an interface on which listen to

-m  – minimal mode output.

-n – don’t display network layer headers

-t – don’t display transport layer headers.

port 5060 – tcpdump like expresion which specify port number

More info inside of the manual or use man pages for ipgrab and tcpdump (expresions).


Other tools

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.