<div dir="ltr">There is a console version of wireshark available for debian at least, it is called "tshark". Install it on remote server, do something like this,<div><br></div><div style>tshark -i <ethernet-interface-to-listen-on> -w <dump-file>.pcap</div>
<div style><br></div><div style>you can read its man page or "tshark -h" to see all available options, e.g. you can specify capture filters to dump only interesting traffic to the file. Also you can read a captured call from console too. However, it won't be as easily and neat as GUI version.</div>
<div style><br></div><div style>Thank you.</div><div style><br></div><div style><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jun 6, 2013 at 11:44 PM, Davide Dal Frà <span dir="ltr"><<a href="mailto:lab@dalfra.com" target="_blank">lab@dalfra.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
Hi Nick,<br>
<br>
No problem for this. You could do a live dump on remote server using
tcpdump over ssh.<br>
Something like :<br>
<ul>
<li>first: make a fifo with mkfifo /tmp/capture<br>
</li>
<li>ssh user@host tcpdump -i yourethinterface -U -s0 -w - 'udp
5060' > /tmp/capture (you could personalize the filter on
tcpdump delimited between ->'<- )</li>
<li>Open wireshark->Capture->Interface->Options</li>
<li>Mange Interface->new-> browse or digit directly the path
of the fifo begin created</li>
<li>Save</li>
<li>Start dumping & enjoy!</li>
</ul>
<p>If you have Signaling on a server and media on another one there
are no problem. You could dump signaling as described before, and
make another fifo and dump in the same way the media from the
other server.</p>
<p>On Wireshark side add both fifo interface (make sure that after
you have saved the interface you have both selected into the menu)
and start the live dump!<br>
</p>
<p>Maybe coul seem complicated, but you can automate all in a bash
script!<br>
</p>
<p>Khaled, sorry again!<br>
</p>
<p>BR<span class="HOEnZb"><font color="#888888"><br>
Davide<br>
</font></span></p><div class="im">
<br>
<div>On 06/06/13 22:24, Nick Khamis wrote:<br>
</div>
</div><blockquote type="cite"><div class="im">
<div dir="ltr">The problem is, wireshark is running on my
computer, but the voip traffic is on the servers, also within
the network. Khaled, sorry for the hijack!
<div><br>
</div>
<div>N.</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div><div class="im"><pre>_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</div></blockquote>
<br>
<pre cols="72"></pre>
</div>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Mit freundlichen Grüßen</span></div>
<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Muhammad Shahzad</span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">------------------------------</span><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">-----</span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">CISCO Rich Media Communication Specialist (CRMCS)</span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">CISCO Certified Network Associate (CCNA)</span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Cell: +49 176 99 83 10 85</span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">MSN: </span><a href="mailto:shari_786pk@hotmail.com" style="color:rgb(17,85,204);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)" target="_blank">shari_786pk@hotmail.com</a><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Email: </span><a href="mailto:shaheryarkh@googlemail.com" style="color:rgb(17,85,204);font-family:arial,sans-serif;font-size:13px;background-color:rgb(255,255,255)" target="_blank">shaheryarkh@googlemail.com</a>
</div>