Live signalling capture by tbsigtrace

From TBwiki
(Difference between revisions)
Jump to: navigation, search
(Added the warning information, and added adapter in the command line to do capture on a specific Tmedia only at a time.)
Line 1: Line 1:
 
You can now activate tbsigtrace and pipe it directly in wireshark through SSH to get a live capture SS7, ISDN or IP (not all in the same wireshark window).  
 
You can now activate tbsigtrace and pipe it directly in wireshark through SSH to get a live capture SS7, ISDN or IP (not all in the same wireshark window).  
  
'''WARNING: tbsigtrace application should not be used all the time, otherwise it might reduce performance and fill completely your hard drive. Also we suggest to do the live capture on one Tmedia only at a time'''.
+
'''WARNING: tbsigtrace application should not be used all the time, otherwise it might reduce performance and fill completely your hard drive. Also we suggest to do the live capture on only one Tmedia at a time'''.
  
 
The procedure is as following:
 
The procedure is as following:

Revision as of 11:06, 3 December 2012

You can now activate tbsigtrace and pipe it directly in wireshark through SSH to get a live capture SS7, ISDN or IP (not all in the same wireshark window).

WARNING: tbsigtrace application should not be used all the time, otherwise it might reduce performance and fill completely your hard drive. Also we suggest to do the live capture on only one Tmedia at a time.

The procedure is as following:


Contents

Download plink

  Download plink - http://the.earth.li/~sgtatham/putty/latest/x86/plink.exe
  Place it in  C:\Program Files\Putty directory

Download tbsigtrace version 2.7

If not using version 2.7, download the attached tbsigtrace on unit (/root directory or any other valid directory)

CentOS version ppc version

Note: Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc.

Upload tbsigtrace to toolpack server

Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7_10" and upload it to the toolpack server /root directory or any other valid directory.

Execute the command to capture the signalling accordingly

For SS7 capture

 plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
 
 ex. 
 plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i -

For ISDN capture

 plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i - 
 ex.
 plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i -

For SIP or SIGTRAN capture

 plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
 ex.
 plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
Personal tools