Live signalling capture by tbsigtrace

From TBwiki
(Difference between revisions)
Jump to: navigation, search
(Split code into multiple 'pre' + layout)
(Change the tbsigtrace_2_7_10 to use the default tbsigtrace command on all new units)
Line 12: Line 12:
  
 
==== Download tbsigtrace version 2.7  ====
 
==== Download tbsigtrace version 2.7  ====
If not using version 2.7, download the attached tbsigtrace on unit (/root directory or any other valid directory)
+
If not using at least version 2.7, download the attached tbsigtrace on unit (/root directory or any other valid directory)
 
{| cellpadding="5" border="1" class="wikitable"
 
{| cellpadding="5" border="1" class="wikitable"
 
|-
 
|-
Line 25: Line 25:
 
'''Note:''' Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc.  
 
'''Note:''' Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc.  
  
==== Upload tbsigtrace to toolpack server  ====
+
===== Upload tbsigtrace to toolpack server  =====
  
Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7_10" and upload it to the toolpack server /root directory or any other valid directory.
+
Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7" and upload it to the toolpack server /root directory or any other valid directory. In the command below, replace ''tbsigtrace'' by ''/root/tbsigtrace_2_7''
  
==== Execute the command to capture the signalling accordingly  ====
+
 
 +
 
 +
=== Execute the command to capture the signalling accordingly  ===
 
===== For SS7 capture =====
 
===== For SS7 capture =====
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
+
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tbsigtrace -adapter TB00xxxx -stdout -ss7" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
  
 
ex.  
 
ex.  
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ss7 | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
+
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tbsigtrace -adapter TB005052 -stdout -ss7" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
  
  
 
===== For ISDN capture =====
 
===== For ISDN capture =====
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i -  
+
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tbsigtrace -adapter TB00xxxx -stdout -isdn" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -  
  
 
ex.
 
ex.
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -isdn | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
+
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tbsigtrace -adapter TB005052 -stdout -isdn" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
  
  
 
===== For SIP or SIGTRAN capture =====
 
===== For SIP or SIGTRAN capture =====
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] [dir]/tbsigtrace_2_7_10 -adapter TB00xxxx -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
+
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tbsigtrace -adapter TB00xxxx -stdout -ip" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
  
 
ex.
 
ex.
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword /root/tbsigtrace_2_7_10 -adapter TB005052 -stdout -ip | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
+
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tbsigtrace -adapter TB005052 -stdout -ip" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
  
  
 
===== For Radius, SNMP or H.248 capture =====
 
===== For Radius, SNMP or H.248 capture =====
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] tcpdump -i mgmt0 -s 0 -w - | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
+
   plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tcpdump -i mgmt0 -s 0 -w -" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
  
 
ex.
 
ex.
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword tcpdump -i mgmt0 -s 0 -w - | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
+
   plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tcpdump -i mgmt0 -s 0 -w -" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -

Revision as of 12:37, 2 September 2014

You can now activate tbsigtrace and pipe it directly in wireshark through SSH to get a live capture SS7, ISDN or IP (not all in the same wireshark window).

WARNING: tbsigtrace application should not be used all the time, otherwise it might reduce performance. Also we suggest to do the live capture on only one Tmedia at a time.

The procedure is as following:


Contents

Download plink 

  Download plink - http://the.earth.li/~sgtatham/putty/latest/x86/plink.exe
  Place it in  C:\Program Files\Putty directory

Download tbsigtrace version 2.7

If not using at least version 2.7, download the attached tbsigtrace on unit (/root directory or any other valid directory)

CentOS version ppc version

Note: Unzip the file so that it gives you the executable file tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc.

Upload tbsigtrace to toolpack server

Rename tbsigtrace_2_7_10_centos or tbsigtrace_2_7_10_ppc to "tbsigtrace_2_7" and upload it to the toolpack server /root directory or any other valid directory. In the command below, replace tbsigtrace by /root/tbsigtrace_2_7


Execute the command to capture the signalling accordingly

For SS7 capture 
 plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tbsigtrace -adapter TB00xxxx -stdout -ss7" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -

ex. 

 plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tbsigtrace -adapter TB005052 -stdout -ss7" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -


For ISDN capture 
 plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tbsigtrace -adapter TB00xxxx -stdout -isdn" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -

ex. 

 plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tbsigtrace -adapter TB005052 -stdout -isdn" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -


For SIP or SIGTRAN capture 
 plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tbsigtrace -adapter TB00xxxx -stdout -ip" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -

ex. 

 plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tbsigtrace -adapter TB005052 -stdout -ip" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -


For Radius, SNMP or H.248 capture 
 plink.exe -ssh root@[IP_of_management_port] -P [ssh_port] -pw [ssh_password] "tcpdump -i mgmt0 -s 0 -w -" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -

ex. 

 plink.exe -ssh root@10.10.10.10 -P 22 -pw mypassword "tcpdump -i mgmt0 -s 0 -w -" | "C:\Program Files\Wireshark\wireshark.exe" -k -i -
Retrieved from "https://docs.telcobridges.com/mediawiki/index.php?title=Live_signalling_capture_by_tbsigtrace&oldid=15964"
Personal tools