[OpenSIPS-Users] Packet analysis using wireshark

Prathibha B prathibhab.tvm at gmail.com
Mon Apr 8 10:32:18 UTC 2024


Thank you.

On Mon, 8 Apr 2024 at 15:44, Liviu Chircu <liviu at opensips.org> wrote:

> If you are not able to decode the WebRTC TLS connection in Wireshark, it's
> possible you are dealing with a TLS 1.3 connection.
>
> In TLS 1.3, there is an extra "secrets" file which must be plugged into
> Wireshark before it can decode the communication, which contains transient
> data (per connection!).  It is no longer sufficient to go to Edit ->
> Preferences -> Protocols -> TLS / SSL -> *RSA keys list* and plug in your
> private key.  In that same dialog box, the field *(Pre)-Master-Secret log
> filename* also becomes mandatory.
>
> Now, how to obtain the Master-Secret file?  In Chrome/Firefox as well as
> in cURL, you should find support for the *SSLKEYLOGFILE=* environment
> variable.  Just make sure to set this variable to the desired filepath
> before running the WebRTC client and it *should* dump the secrets there.
> Which will ultimately get picked up by Wireshark and the traffic will
> decode.
>
> Good luck! :)
>
> Liviu Chircuwww.twitter.com/liviuchircu | www.opensips-solutions.com
> OpenSIPS Summit 2024 Valencia, May 14-17 | www.opensips.org/events
>
> On 06.04.2024 17:39, Prathibha B wrote:
>
> I am unable to see the Voip calls in wireshark. For signaling opensips is
> used. The calls are encrypted and it is webrtc communication.
>
>

-- 
Regards,
B.Prathibha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20240408/98f85147/attachment.html>


More information about the Users mailing list