Closed chapmanw closed 1 year ago
Hello @chapmanw
Easy and no need for BPF. Heplify will do exactly that by using the the following parameter to only capture SIP
-m string
Capture modes [SIP, SIPDNS, SIPLOG, SIPRTCP] (default "SIPRTCP")
As a side note I'm not 100% sure if all the RTCP info on calls is original RTCP or if Heplify is creating RTCP based on SDP
Our agents just capture, reassemble, encapsulate and forward original packets. Nothing is created :)
Hi @chapmanw
If you see the options in https://github.com/sipcapture/heplify#usage
you can see -m
option
-m string
Capture modes [SIP, SIPDNS, SIPLOG, SIPRTCP] (default "SIPRTCP")
so try to use the -m SIP
.
In case of problem let us know
Hi
I've trying to deploy the Heplify docker container along with Heplify server and Homer 7. This is working great however due to the level of traffic storage becomes an issue quite quickly. To cut down on this I want Heplify to only send SIP to the Heplify server and ignore any RTP/RTCP. (As a side note I'm not 100% sure if all the RTCP info on calls is original RTCP or if Heplify is creating RTCP based on SDP. Would be nice to know :) )
In the docker-compose command for Heplify I have: -i em4 -bpf \"port 5060\"
and I can see this applying when Heplify starts:
2022-10-28T13:42:56Z INFO &config.InterfacesConfig{Device:"em4", Type:"pcap", ReadFile:"", WriteFile:"", RotationTime:60, PortRange:"5060-5090", WithVlan:false, WithErspan:false, Snaplen:8192, BufferSizeMb:32, ReadSpeed:false, OneAtATimetWorker:4, CustomBPF:"port 5060"}
However I still see SRTP on every call that had RTP. I'm unsure if there's a bug with the BPF filters or if I'm doing something wrong.
Thanks