Wanpipe Wireshark PCAP: PRI/BRI/MTP2/WAN Tracing
- Wireshark Tracing Sangoma PRI/BRI D-Channel
- Wireshark Tracing Sangoma SS7/MTP2 Channel
- Wireshark Tracing Sangoma WAN Protocols.
- Wireshark Tracing when using Sangoma card for tapping an existing line.
WireShark application can decode any protocol in a graphical format. Using wanpipemon utility one can capture pcap/wireshark trace files that can be later opened and analyzed through Wireshark.
PCAP/Wireshark Tracing Sangoma PRI/BRI D-Channel
Sangoma PRI/BRI port configured for CPE Mode
-> wanpipemon -i w1g1 -pcap -pcap_file isdn.pcap -prot ISDN -full -systime -c trd
Sangoma PRI/BRI port configured for NET Mode
-> wanpipemon -i w1g1 -pcap -pcap_file isdn.pcap -prot ISDN -pcap_isdn_network -full -systime -c trd
After successful capture open the ispn.pcap file using wireshark program
PCAP/Wireshark Tracing Sangoma ss7box/XMTP2 Channel
Sangoma SS7/XMTP2-API : trace mtp2 msu only
-> wanpipemon -i w1g1 -pcap -pcap_file mtp2.pcap -mtp2-msu -prot MTP2 -full -systime -c trd
Sangoma SS7/XMTP2-API : trace full mtp2 fisu/lssu/msu
-> wanpipemon -i w1g1 -pcap -pcap_file mtp2.pcap -prot MTP2 -full -systime -c trd
Sangoma SS7/XMTP2-API : trace with 7bit hdlc
-> wanpipemon -i w1g1 -pcap -pcap_file mtp2.pcap -prot MTP2 -7bit-hdlc -full -systime -c trd
After successful capture open the mtp2.pcap file using wireshark program
PCAP Tracing when using Sangoma card as a router
wanpipemon -i p1fr1 -pcap -systime -full -prot FR -c tr
PCAP Tracing when using Sangoma card for tapping an existing line.
Advanced Line Trace Options
===========================
Advanced trace options include protocol decoding
and parsing, system timestamping as well as
packet filtering.
The Advanced trace command is: 'tri'
wanpipemon -i <ifname> -c tri { trace options }
trace options:
-------------
-prot [FR|LAPB|X25] #Filter packets based on
#protocol. Multiple protocols can
#be selected:
# <prot>-<prot>...
# eg: -prot LAPB-X25
#Default: All frames
[FR|PPP|CHDLC|IP|ETH|LAPB|X25]
#Also used by -pcap option to
#specify what protocol we are
#capturing. By default protocol is
#autodetected, but in datascoping
#this option is a must.
-pcap
#Trace to a pcap type file
#that can be read by Ethereal
#By default file name is wp_trace_pcap.bin
#writen in current/local directory
-pcap_file <filename>
#Specify your own pcap file name
-x25opt [DATA|PROT] #Filter x25 packets based on
#protcol or information frames
#Default: All frames
-lcn <number> #Filter x25 packets based on
#specific lcn number
#Default: All lcns
-hex #Display packet info in HEX
#Default: Hex
-ascii #Display packet info in ASCII
-ebcdic #Display packet info in EBCDIC
-systime #Display timestamp as system time
#instead of absolute number
-full #Display packet data in full.
Examples:
---------
#Trace and decode all frames, and display packets
#in full with timestampe decoded into system time.
wanpipemon -i wp1mp -c tri -full -systime
#Trace LAPB and X25 protocol frames. Futhtermore,
#only decode x25 frames with LCN=1
wanpipemon -i wp1mp -c tri -prot LAPB-X25 -lcn 1
#Trace X25 protocol frames and display x25 data
#in ASCII.
wanpipemon -i wp1mp -c tri -prot X25 -ascii -full -systime
#Trace data to a pcap type file
wanpipemon -i wan0 -pcap -c tr
wanpipemon -i wan0 -pcap -pcap_file myfile.bin -c tr
wanpipemon -i wan0 -pcap -prot FR -c tr
| 
