search

sipcapture / heplify-server

HEP Capture Server for HOMER
https://sipcapture.org
GNU Affero General Public License v3.0
184 stars 85 forks source link

Custom chunk vendor id and/or types #356

Closed ghmj2417 closed 4 years ago

ghmj2417 commented 4 years ago

We have our own capture agent HEP implementation using this spec HEP3_Spec_REV_30.

We actually have our own chunk vendor id which we aren't using yet. Does heplify-server support using our vendor id and types? If heplify-server does not support a non generic vendor id, does heplify-server support setting custom chunk types? Example, we want to set chunk type 0x0030 to something.

Reviewing the source code, it doesn't appear heplify-server can do this. I think we would need to proxy with OpenSIPs and then send to heplify-server.

negbie commented 4 years ago

I never used vendor id so I did not implement this and it's not implemented in the UI either I guess. You can set your custom chunk type but it just won't be handled. Following are currently handled:

Version   = 1  // Chunk 0x0001 IP protocol family (0x02=IPv4, 0x0a=IPv6)
Protocol  = 2  // Chunk 0x0002 IP protocol ID (0x06=TCP, 0x11=UDP)
IP4SrcIP  = 3  // Chunk 0x0003 IPv4 source address
IP4DstIP  = 4  // Chunk 0x0004 IPv4 destination address
IP6SrcIP  = 5  // Chunk 0x0005 IPv6 source address
IP6DstIP  = 6  // Chunk 0x0006 IPv6 destination address
SrcPort   = 7  // Chunk 0x0007 Protocol source port
DstPort   = 8  // Chunk 0x0008 Protocol destination port
Tsec      = 9  // Chunk 0x0009 Unix timestamp, seconds
Tmsec     = 10 // Chunk 0x000a Unix timestamp, microseconds
ProtoType = 11 // Chunk 0x000b Protocol type (DNS, LOG, RTCP, SIP)
NodeID    = 12 // Chunk 0x000c Capture client ID
NodePW    = 14 // Chunk 0x000e Authentication key (plain text / TLS connection)
Payload   = 15 // Chunk 0x000f Captured packet payload
CID       = 17 // Chunk 0x0011 Correlation ID
Vlan      = 18 // Chunk 0x0012 VLAN
NodeName  = 19 // Chunk 0x0013 NodeName
lmangani commented 4 years ago

@ghmj2417 this would best discussed in the HEP repository or homer-developers mailing list.

ghmj2417 commented 4 years ago

This technically is a heplify-server ask. We specifically want to know if heplify-server can parse our custom types. I know with OpenSIPs we can do things within a hep_route. I couldn't find anything similar with heplify-server. I also know homer-app or the UI has to support searching this data. But if the data is not searchable because it's not in the Db then homer-app and UI won't matter just yet.

If you guys want to discuss this further I am up for it, but my question was answered. I am cool with closing this.

negbie commented 4 years ago

It's not supported and I have no plans to do it. You can go to the HEP repository and describe your use case or that particular chunk type. If it's usefull enough for others it can be included into the spec and implemented in heplify-server. If it's not I would recommend you to fork and just implement it yourself.