實作案例
通用語法
條件語法:
==
!=
>
<
>=
<=
in
邏輯語法:
&& # AND
|| # OR
! # NOT
常用篩選:
- type: host, port
- dir: src, dst
- proto: tcp, udp, ftp, http
SIP 相關
tcpdump
timeout 6m tcpdump -i eth0 host <sip-trunk-ip> -n -s 0 -vvvv -w carrier.pcap
Wireshark
- 更多與 sip 有關的 filter 語法:https://www.wireshark.org/docs/dfref/s/sip.html
只顯示 REGISTER 行,Filter: sip.CSeq.method == REGISTER