Hi, I would like to know if any tool (a script or whatever) exists that identifies all the SIP messages, from a pcap file, which were send to a specific IP Address that where not replied. For example, for SIP protocol, this script would check all the INVITE messages that were not replying back. For this case, the tool will check if any '100 Trying' message was send back for each INVITE message. This would help when analyzing huge wireshark traces with hundreds of thousands packets. I could develop my own script but if a similar solution already exists I would use it. Thank you in advance. BR, Catarina asked 21 Apr '14, 10:00  Catarina |
2 Answers:
This sounds like (Yet Another) job for MATE. That's a pain to set up and use, but I'd guess you could do something like:
answered 22 Apr '14, 18:00  JeffMorriss ♦ |
I believe the following tool could be interesting for you. However: This is not just a small scripted solution. So, it's probably only worth trying if you have to analyze a lot of SIP calls day by day. Regards answered 23 Apr '14, 12:17  Kurt Knochner ♦ |
Hi,
Thank you. I didn't know MATE. It's an incredible tool. It helped to solve my problem. Just followed the steps you mentioned above.
Regards.
Great, you're welcome!
As this is a Q&A site it's useful if you can "accept" an answer by clicking on the checkbox next to it (assuming it answered your question). See the FAQ for details.