How to run a packet capture in Asterisk system

Owned by Merry Arpaia
Oct 15, 2024
1 min read

In order to collect a packet capture, you need to make sure that tcpump is installed on your system, most Linux implementation already have this tools installed by default, if you need to install it, please contact your system administrator. 

Steps 

  1. Please log into your system using SSH and use admin credentials (usually root)

  2. Execute  #tcpdump -i eth0 -s0 -w /tmp/pcap.pcap 

Note: Make sure that traffic from asterisk is going in and out from the correct interface, you can check the interfaces on your system by running the command ifconfig -a and then checking route to confirm how your operating system is routing the packets going out from your server. 

  1. Press Control + C to stop the capture

Other Examples

  • Run a packet capture on port 5060 only 

# tcpdump -i eth0 -s0 -w /tmp/pcap.pcap port 5060

  • Run a packet capture on a particular host

# tcpdump -i eth0 -s0 -w /tmp/pcap.pcap host 192.168.1.156

Unable to render {include} The included page could not be found.