Live signalling capture by tbsigtrace
(→Execute the command to capture the signalling accordingly) |
(→Execute the command to capture the signalling accordingly) |
||
| Line 33: | Line 33: | ||
For SS7 capture | For SS7 capture | ||
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | ||
| − | |||
ex. | ex. | ||
plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i - | ||
Revision as of 14:13, 29 January 2013
You can now activate tbsigtrace and pipe it directly in wireshark through SSH to get a live capture SS7, ISDN or IP (not all in the same wireshark window).
WARNING: tbsigtrace application should not be used all the time, otherwise it might reduce performance and fill completely your hard drive. Also we suggest to do the live capture on only one Tmedia at a time.
The procedure is as following:
Contents |
Download plink
Download plink - http://the.earth.li/~sgtatham/putty/latest/x86/plink.exe Place it in C:\Program Files\Putty directory
Download tbsigtrace version 2.7
If not using version 2.7, download the attached tbsigtrace on unit (/root directory or any other valid directory)
| CentOS version | ppc version |
|---|---|
Note: Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc.
Upload tbsigtrace to toolpack server
Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7_10" and upload it to the toolpack server /root directory or any other valid directory.
Execute the command to capture the signalling accordingly
For SS7 capture
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i - ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
For ISDN capture
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
For SIP or SIGTRAN capture
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i - ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
For Radius, SNMP or H.248 capture
plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] tcpdump -i mgmt0 -s 0 -w - | "C:\Program Files\Wireshark\wireshark.exe" -k -i - ex. plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword tcpdump -i mgmt0 -s 0 -w - | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
