Explore other articles and discussions on this topic.
How to run a packet capture in an Asterisk system (tcpdump)
commands requires to collect a packet capture from a system that is running open source Asterisk
Answer
How to run a packet capture in Asterisk system
In order to collect a packet capture, you need to make sure that tcpump is installed on your system, most Linux implementation already have this tools installed by default, if you need to install it, please contact your system administrator.Steps
Please log into your system using SSH and use admin credentials (usually root)
Execute #tcpdump -i eth0 -s0 -w /tmp/pcap.pcap
Note: Make sure that traffic from asterisk is going in and out from the correct interface, you can check the interfaces on your system by running the command ifconfig -a and then checking route to confirm how your operating system is routing the packets going out from your server.
Press Control + C to stop the capture
Other Examples
- Run a packet capture on port 5060 only
# tcpdump -i eth0 -s0 -w /tmp/pcap.pcap port 5060
- Run a packet capture on a particular host
# tcpdump -i eth0 -s0 -w /tmp/pcap.pcap host 192.168.1.156
