[prev in list] [next in list] [prev in thread] [next in thread]
List: wireshark-users
Subject: Re: [Wireshark-users] Wireshark 1.2.1 doesn't capture SIP on
From: "Gianluca Varenni" <gianluca.varenni () cacetech ! com>
Date: 2009-07-24 19:07:47
Message-ID: 0406C0BE09314DF8A5D5053B71016731 () NELSON3
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Your client and SIP server are on the same machine, right? If so, the packets are \
managed directly by the TCP/IP stack i.e. they do not go to the network interface, so \
WinPcap (hence Wireshark) will not capture them.
You need to run client and server on separate machines (or eventually with virtual \
machines).
Have a nice day
GV
----- Original Message -----
From: Ido Feins
To: wireshark-users@wireshark.org
Sent: Friday, July 24, 2009 11:32 AM
Subject: [Wireshark-users] Wireshark 1.2.1 doesn't capture SIP on Intel(R)PRO/1000 \
GT Desktop Adapter
Hi, for some reason Wireshark doesn't capture SIP messages even when I'm leaving \
the filter empty. It is also configured to capture packets in promiscuous mode.
I am using SIPp (version 3.1.1) to generate the SIP messages.
SIPp is a program that can generates SIP messages and check that they are being \
received.
I'm running SIPp in two separate shells, one that runs a default client scenario \
(uac) that generates INVITE messages, and in another shell a default server scenario \
(uas) that receives the INVITE and confirms them with 200 OK responses.
Here is the screenshoot of the client:
http://img231.imageshack.us/i/sippuac.jpg/
Here is the screenshoot of the server:
http://img207.imageshack.us/i/sippuas.jpg/
As you can see, the client sends INVITE messages and receives 200 OK responses from \
the server, and the server receives INVITE messages and sends 200 OK to the client.
So the problem is not with the sending/receiving of the messages but with \
wireshark.
Do you know what could be the problem and how to fix it?
Thanks
------------------------------------------------------------------------------
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@wireshark.org?subject=unsubscribe
[Attachment #5 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.5726" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>Your client and SIP server are on the same machine, right? If
so, the packets are managed directly by the TCP/IP stack i.e. they do not go to
the network interface, so WinPcap (hence Wireshark) will not capture
them.</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>You need to run client and server on separate machines (or
eventually with virtual machines).</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>Have a nice day</FONT></DIV>
<DIV><FONT size=2>GV</FONT></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 \
2px solid; MARGIN-RIGHT: 0px"> <DIV style="FONT: 10pt arial">----- Original Message \
----- </DIV> <DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=ifeins@gmail.com href="mailto:ifeins@gmail.com">Ido Feins</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A
title=wireshark-users@wireshark.org
href="mailto:wireshark-users@wireshark.org">wireshark-users@wireshark.org</A>
</DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, July 24, 2009 11:32
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> [Wireshark-users] Wireshark
1.2.1 doesn't capture SIP on Intel(R)PRO/1000 GT Desktop Adapter</DIV>
<DIV><BR></DIV>
<DIV dir=ltr>Hi, for some reason Wireshark doesn't capture SIP messages even
when I'm leaving the filter empty.<BR>It is also configured to capture packets
in promiscuous mode.<BR><BR>I am using <A
href="http://sipp.sourceforge.net">SIPp</A> (version 3.1.1) to generate the
SIP messages.<BR>SIPp is a program that can generates SIP messages and check
that they are being received.<BR><BR>I'm running SIPp in two separate shells,
one that runs a default client scenario (uac) that generates INVITE
messages,<BR>and in another shell a default server scenario (uas) that
receives the INVITE and confirms them with 200 OK responses.<BR><BR>Here is
the screenshoot of the client:<BR><A
href="http://img231.imageshack.us/i/sippuac.jpg/">http://img231.imageshack.us/i/sippuac.jpg/</A><BR><BR>Here \
is the screenshoot of the server:<BR><A
href="http://img207.imageshack.us/i/sippuas.jpg/">http://img207.imageshack.us/i/sippuas.jpg/</A><BR><BR>As \
you can see, the client sends INVITE messages and receives 200 OK responses
from the server,<BR>and the server receives INVITE messages and sends 200 OK
to the client.<BR>So the problem is not with the sending/receiving of the
messages but with wireshark.<BR><BR>Do you know what could be the problem and
how to fix it?<BR>Thanks<BR></DIV>
<P>
<HR>
<P></P>___________________________________________________________________________<BR>Sent \
via: Wireshark-users mailing list
<wireshark-users@wireshark.org><BR>Archives:
http://www.wireshark.org/lists/wireshark-users<BR>Unsubscribe:
https://wireshark.org/mailman/options/wireshark-users<BR> \
mailto:wireshark-users-request@wireshark.org?subject=unsubscribe</BLOCKQUOTE></BODY></HTML>
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@wireshark.org?subject=unsubscribe
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic