API tools faq
paste
Advertisement
Guest User

incoming SIP wireshark

a guest
Feb 1st, 2015
301
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.70 KB | None | 0 0
raw download clone embed print report
  1. # tshark -V -n -i eth1 -f "port 5060 and host 195.211.120.9" 14:45
  2. Running as user "root" and group "root". This could be dangerous.
  3.  
  4. Capturing on eth1
  5.  
  6. Frame 1: 1083 bytes on wire (8664 bits), 1083 bytes captured (8664 bits) on interface 0
  7. Interface id: 0
  8. WTAP_ENCAP: 1
  9. Arrival Time: Feb 1, 2015 14:45:40.973666000 MSK
  10. [Time shift for this packet: 0.000000000 seconds]
  11. Epoch Time: 1422791140.973666000 seconds
  12. [Time delta from previous captured frame: 0.000000000 seconds]
  13. [Time delta from previous displayed frame: 0.000000000 seconds]
  14. [Time since reference or first frame: 0.000000000 seconds]
  15. Frame Number: 1
  16. Frame Length: 1083 bytes (8664 bits)
  17. Capture Length: 1083 bytes (8664 bits)
  18. [Frame is marked: False]
  19. [Frame is ignored: False]
  20. [Protocols in frame: eth:ip:udp:sip:sdp]
  21. Ethernet II, Src: 64:87:88:fe:36:f6 (64:87:88:fe:36:f6), Dst: 00:50:56:85:5b:eb (00:50:56:85:5b:eb)
  22. Destination: 00:50:56:85:5b:eb (00:50:56:85:5b:eb)
  23. Address: 00:50:56:85:5b:eb (00:50:56:85:5b:eb)
  24. .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
  25. .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
  26. Source: 64:87:88:fe:36:f6 (64:87:88:fe:36:f6)
  27. Address: 64:87:88:fe:36:f6 (64:87:88:fe:36:f6)
  28. .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
  29. .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
  30. Type: IP (0x0800)
  31. Internet Protocol Version 4, Src: 195.211.120.9 (195.211.120.9), Dst: 195.16.98.68 (195.16.98.68)
  32. Version: 4
  33. Header length: 20 bytes
  34. Differentiated Services Field: 0x28 (DSCP 0x0a: Assured Forwarding 11; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
  35. 0010 10.. = Differentiated Services Codepoint: Assured Forwarding 11 (0x0a)
  36. .... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
  37. Total Length: 1069
  38. Identification: 0x0000 (0)
  39. Flags: 0x02 (Don't Fragment)
  40. 0... .... = Reserved bit: Not set
  41. .1.. .... = Don't fragment: Set
  42. ..0. .... = More fragments: Not set
  43. Fragment offset: 0
  44. Time to live: 53
  45. Protocol: UDP (17)
  46. Header checksum: 0xe066 [correct]
  47. [Good: True]
  48. [Bad: False]
  49. Source: 195.211.120.9 (195.211.120.9)
  50. Destination: 195.16.98.68 (195.16.98.68)
  51. User Datagram Protocol, Src Port: 9060 (9060), Dst Port: 5060 (5060)
  52. Source port: 9060 (9060)
  53. Destination port: 5060 (5060)
  54. Length: 1049
  55. Checksum: 0x757c [validation disabled]
  56. [Good Checksum: False]
  57. [Bad Checksum: False]
  58. Session Initiation Protocol (INVITE)
  59. Request-Line: INVITE sip:014716@195.16.98.68:5060 SIP/2.0
  60. Method: INVITE
  61. Request-URI: sip:014716@195.16.98.68:5060
  62. Request-URI User Part: 014716
  63. Request-URI Host Part: 195.16.98.68
  64. Request-URI Host Port: 5060
  65. [Resent Packet: False]
  66. Message Header
  67. Via: SIP/2.0/UDP 195.211.120.9:9060;rport;branch=z9hG4bK-2250159064-3826321322-503332789-34251810311
  68. Transport: UDP
  69. Sent-by Address: 195.211.120.9
  70. Sent-by port: 9060
  71. RPort: rport
  72. Branch: z9hG4bK-2250159064-3826321322-503332789-34251810311
  73. Via: SIP/2.0/UDP 195.211.120.9:5061;rport=5061;branch=z9hG4bK-2250159064-3826321322-503332789-3425181031;received=195.211.120.9
  74. Transport: UDP
  75. Sent-by Address: 195.211.120.9
  76. Sent-by port: 5061
  77. RPort: 5061
  78. Branch: z9hG4bK-2250159064-3826321322-503332789-3425181031
  79. Received: 195.211.120.9
  80. From: <sip:79037729533@195.211.120.9:5061;user=phone>;tag=1752804824-3826321322-503332789-3425181031
  81. SIP from address: sip:79037729533@195.211.120.9:5061;user=phone
  82. SIP from address User Part: 79037729533
  83. SIP from address Host Part: 195.211.120.9
  84. SIP from address Host Port: 5061
  85. SIP From URI parameter: user=phone
  86. SIP from tag: 1752804824-3826321322-503332789-3425181031
  87. To: <sip:014716@195.211.120.9:9060;user=phone>
  88. SIP to address: sip:014716@195.211.120.9:9060;user=phone
  89. SIP to address User Part: 014716
  90. SIP to address Host Part: 195.211.120.9
  91. SIP to address Host Port: 9060
  92. SIP To URI parameter: user=phone
  93. Call-ID: B25634E5DE64BAFE44A67ECBDFD85F90
  94. CSeq: 1 INVITE
  95. Sequence Number: 1
  96. Method: INVITE
  97. Contact: <sip:79037729533@195.211.120.9:9060>
  98. Contact URI: sip:79037729533@195.211.120.9:9060
  99. Contact URI User Part: 79037729533
  100. Contact URI Host Part: 195.211.120.9
  101. Contact URI Host Port: 9060
  102. Content-Type: application/sdp
  103. Allow: ACK, BYE, CANCEL, INFO, INVITE, OPTIONS, REFER, REGISTER, SUBSCRIBE, UPDATE
  104. Max-Forwards: 70
  105. User-Agent: TS-v4.5.1-17a
  106. Cisco-Guid: 3634107034-2852590052-3040804894-1729964236
  107. [Expert Info (Note/Undecoded): Unrecognised SIP header (Cisco-Guid)]
  108. [Message: Unrecognised SIP header (Cisco-Guid)]
  109. [Severity level: Note]
  110. [Group: Undecoded]
  111. Content-Length: 267
  112. Message Body
  113. Session Description Protocol
  114. Session Description Protocol Version (v): 0
  115. Owner/Creator, Session Id (o): - 1422791140 1422791140 IN IP4 195.211.120.9
  116. Owner Username: -
  117. Session ID: 1422791140
  118. Session Version: 1422791140
  119. Owner Network Type: IN
  120. Owner Address Type: IP4
  121. Owner Address: 195.211.120.9
  122. Session Name (s): -
  123. Connection Information (c): IN IP4 195.211.120.9
  124. Connection Network Type: IN
  125. Connection Address Type: IP4
  126. Connection Address: 195.211.120.9
  127. Time Description, active time (t): 0 0
  128. Session Start Time: 0
  129. Session Stop Time: 0
  130. Media Description, name and address (m): audio 10954 RTP/AVP 8 0 101
  131. Media Type: audio
  132. Media Port: 10954
  133. Media Protocol: RTP/AVP
  134. Media Format: ITU-T G.711 PCMA
  135. Media Format: ITU-T G.711 PCMU
  136. Media Format: DynamicRTP-Type-101
  137. Media Attribute (a): rtpmap:8 PCMA/8000
  138. Media Attribute Fieldname: rtpmap
  139. Media Format: 8
  140. MIME Type: PCMA
  141. Sample Rate: 8000
  142. Media Attribute (a): rtpmap:0 PCMU/8000
  143. Media Attribute Fieldname: rtpmap
  144. Media Format: 0
  145. MIME Type: PCMU
  146. Sample Rate: 8000
  147. Media Attribute (a): rtpmap:101 telephone-event/8000
  148. Media Attribute Fieldname: rtpmap
  149. Media Format: 101
  150. MIME Type: telephone-event
  151. Sample Rate: 8000
  152. Media Attribute (a): fmtp:101 0-15
  153. Media Attribute Fieldname: fmtp
  154. Media Format: 101 [telephone-event]
  155. Media format specific parameters: 0-15
  156. Media Attribute (a): ptime:20
  157. Media Attribute Fieldname: ptime
  158. Media Attribute Value: 20
  159. Media Attribute (a): sendrecv
  160. Media Attribute (a): silenceSupp:off - - - -
  161. Media Attribute Fieldname: silenceSupp
  162. Media Attribute Value: off - - - -
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!