From owner-freebsd-questions@FreeBSD.ORG  Tue Jan 25 10:44:10 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CB9F71065670
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jan 2011 10:44:10 +0000 (UTC)
	(envelope-from freebsd-questions@herveybayaustralia.com.au)
Received: from mail.unitedinsong.com.au (mail.unitedinsong.com.au
	[150.101.178.33])
	by mx1.freebsd.org (Postfix) with ESMTP id 834818FC08
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jan 2011 10:44:10 +0000 (UTC)
Received: from laptop1.herveybayaustralia.com.au (unknown [192.168.0.186])
	by mail.unitedinsong.com.au (Postfix) with ESMTP id 105E55C44
	for <freebsd-questions@freebsd.org>;
	Tue, 25 Jan 2011 20:51:13 +1000 (EST)
Message-ID: <4D3EA8C4.2030204@herveybayaustralia.com.au>
Date: Tue, 25 Jan 2011 20:41:08 +1000
From: Da Rock <freebsd-questions@herveybayaustralia.com.au>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US;
	rv:1.9.1.16) Gecko/20101227 Thunderbird/3.0.11 ThunderBrowse/3.3.4
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <4D3E782F.5040203@herveybayaustralia.com.au>
	<4D3E8DCA.1020304@baywinds.org>
In-Reply-To: <4D3E8DCA.1020304@baywinds.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: Tracing packets - asterisk issues
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jan 2011 10:44:10 -0000

On 01/25/11 18:46, Bruce Ferrell wrote:
> On 01/24/2011 11:13 PM, Da Rock wrote:
>    
>> I have been trying to get some pointers on my asterisk issues and I've
>> only been hearing crickets chirping (Asterisk list and here). I need a
>> pointer or two so I can fix this issue, so I'll try another angle.
>>
>> How do I trace IP packets across the network (pf firewall included)?
>> And would it be possible to read it visually (human readable)?
>>
>> Cheers
>>      
> Use tcpdump to do a capture file.  something like this:
>
> tcpdump -i eth0 -n -s 1500 -w sip.cap
>
> then feed sip.cap to wireshark
>
> filter for SIP and observe the SIP conversation
>
> It's also possible to decode the RTP stream
>    
I've been using tcpdump on the asterisk server and both interfaces of 
the firewall as well as the log interface. Unfortunately, its not giving 
me the answers I want so far. Follow a stream from beginning to end, so 
to speak, but I've been having trouble matching it up; especially with 
the log.

Is it possible with wireshark to do this kind of matching if I capture 
on all these interfaces?

Thx