This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 18 and 19
Revision 18 as of 2006-03-02 17:42:14
Size: 2865
Editor: no-dns-yet
Comment: Add preferences
Revision 19 as of 2006-06-05 03:19:25
Size: 2868
Editor: localhost
Comment:
Deletions are marked like this. Additions are marked like this.
Line 25: Line 25:
== Ethereal == == Wireshark ==
Line 27: Line 27:
The SIP dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Ethereal features where appropriate, like special statistics of this protocol. The SIP dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Wireshark features where appropriate, like special statistics of this protocol.
Line 42: Line 42:
A complete list of SIP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/s/sip.html display filter reference] A complete list of SIP display filter fields can be found in the [http://www.wireshark.org/docs/dfref/s/sip.html display filter reference]

Session Initiation Protocol (SIP)

The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol for sessions.

These sessions include Internet telephone calls, multimedia distribution, and multimedia conferences. SIP can create, modify, and terminate sessions with one or more participants.

The SIP protocol is a member of the ["VOIPProtocolFamily"].

History

XXX - add a brief description of SIP history

Protocol dependencies

Example traffic

attachment:SIP.jpg

Wireshark

The SIP dissector is (fully functional, partially functional, not existing, ... whatever the current state is). Also add info of additional Wireshark features where appropriate, like special statistics of this protocol.

Preference Settings

  • Display raw text for SIP message. Default OFF
  • Enforce strict SIP version check (SIP/2.0). Default ON
  • Reassemble SIP headers spanning multiple TCP segments. Default ON
  • Reassemble SIP bodies spanning multiple TCP segments. Default ON

Example capture file

attachment:SampleCaptures/aaa.pcap Sample SIP and RTP traffic.

Display Filter

A complete list of SIP display filter fields can be found in the [http://www.wireshark.org/docs/dfref/s/sip.html display filter reference]

  • Show only the SIP based traffic:

     sip 

Capture Filter

You cannot directly filter SIP protocols while capturing. However, if you know the ["UDP"] or ["TCP"] or port used (see above), you can filter on that one.

["IETF"] Charters:

RFC:

Implementations:

Discussion

SIP (last edited 2008-08-14 18:52:55 by GeraldCombs)