Edgewater Debug

Edgewater debug commands {| class="toc" id="toc" summary="Contents"

Contents
How do I see SIP messages using tcpdump?

-capture and view live traffic. Decode SIP traffic from the LAN interface (VLANs not in use)
 * }
 * 1) tcpdump -ni eth0 -s 0 port 5060

-capture and output file to ramdisk: Captures all traffic except port 22 (ssh traffic)
 * 1) mkdir /var/ramdisk
 * 2) mount -t tmpfs tmpfs -o size=12M /var/ramdisk
 * 3) cd /var/ramdisk
 * 4) tcpdump -ni any -s 0 not port 22 -w filename.pcap [where filename is what you want to call the file]

Interfaces options eth1 - ethernet interface labeled WAN

eth0 - ethernet interface labeled LAN

lo - loopback interface used for tracing fxo and fxs

additional options &nbsp -s 0 decode the entire packet, not just the first 64 bytes

-n = print host addresses numercally (skip DNS lookup) makes traces easier to read

Specific traces &nbsp tcpdump -s 0 -ni eth1 udp -w trace-outside.pcap

this will capture udp traffic on the wan interface and write to a pcap file labeled trace-outside

tcpdump -s 0 -ni eth0 udp -w trace-inside.pcap

this will capture udp traffic on the lan interface and write to a pcap file labeled trace-inside

tcpdump -s 0 -ni eth0.69 udp -w trace-inside.pcap

this will capture udp traffic on the lan interface with the phones on vlan 69 and write to a pcap file labeled trace-inside

tcpdump -s 0 -ni lo udp -w trace-unknown.pcap

this will capture udp traffic on the loopback interface for fxs and fxo and write to a pcap file labeled trace-unknown