RE: tcptrace Reg. new TCPTRACE "SIP " Module

From: Juan Francisco Torreblanca (juan.torreblanca@tartec.com)
Date: 01/21/04

• Next message: Brian Utterback: "Re: tcptrace Reg. new TCPTRACE "SIP " Module"
• Previous message: J Webb: "Re: tcptrace Reg. new TCPTRACE "SIP " Module"
• Maybe in reply to: Balaji Thoguluva: "tcptrace Reg. new TCPTRACE "SIP " Module"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Subject: RE: tcptrace Reg. new TCPTRACE "SIP " Module
Date: Wed, 21 Jan 2004 09:43:55 +0100
Message-ID: <CAC72BB3C3E1E245AB6084426EDCBCB829B87B@tartessos.tartec.local>
From: "Juan Francisco Torreblanca" <juan.torreblanca@tartec.com>

Hi,

Perhaps I'm missing something, as far as I know SIP can have as underlying layer both UDP and TCP.

Rgds,
Juan Torreblanca.

-----Original Message-----
From: J Webb [mailto:jon_webb@binary-one.com]
Sent: miércoles, 21 de enero de 2004 6:30
To: Balaji Thoguluva
Cc: tcptrace@tcptrace.org
Subject: Re: tcptrace Reg. new TCPTRACE "SIP " Module

Balaji,
I think you would be better off finding or writing a custom app. The
underlying capabilities that tcptrace gives you as far as parsing TCP
flows is going to be pretty much useless to understanding the behavior
of your SIP application since it is mostly UDP. I would probably start
by seeing if there is a SIP plugin for Ethereal and if there is, write
some graphing routines for it (ala its wannabe tcptrace plugin). If not,
Ethereal plugins are fairly easy to write. Otherwise, it wouldn't be too
difficult to parse what you need from a libpcap dump. Sounds like a good
project, SIP stuff is very interesting to me.

Regards,
Jon Webb

Computer Communications Research Group
University of California at Santa Cruz
http://www.soe.ucsc.edu/~jonwebb/

Balaji Thoguluva wrote:

>Hi all,
>
> I am Balaji Thoguluva, a computer science
>graduate student studying at University of Kentucky,
>Lexington. As part of my Master's project, I am
>involved in writing a software that would show
>detailed SIP connections/messages running in a
>network.
>
> My idea is to add a new "sip" module (like HTTP
>module) to tcptrace program. As of my knowledge, I
>know that SIP uses UDP as underlying transport
>protocol and tcptrace has minimal support for udp
>connections. In that case, It would be great if anyone
>could suggest if it is worth implementing this idea or
>any other better way of implementing it.
>
> If this idea is worth proceeding, then I would
>be glad if you could show me the right direction of
>implementing/adding the SIP module to tcptrace. Any
>suggestion would be of great help to me. Also I am
>wondering If anyone could give me a detailed
>documentation explaining tcptrace source code.
>
>Thanks in advance,
>Balaji
>
>__________________________________
>Do you Yahoo!?
>Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
>http://hotjobs.sweepstakes.yahoo.com/signingbonus
>----------------------------------------------------------------------------
>To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
>majordomo@tcptrace.org.
>
>
>

----------------------------------------------------------------------------
To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
majordomo@tcptrace.org.

----------------------------------------------------------------------------
To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
majordomo@tcptrace.org.

• Next message: Brian Utterback: "Re: tcptrace Reg. new TCPTRACE "SIP " Module"
• Previous message: J Webb: "Re: tcptrace Reg. new TCPTRACE "SIP " Module"
• Maybe in reply to: Balaji Thoguluva: "tcptrace Reg. new TCPTRACE "SIP " Module"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : 01/21/04 EST