{"id":20066309,"url":"https://github.com/ossobv/sipzamine","last_synced_at":"2025-07-10T13:35:52.926Z","repository":{"id":57467921,"uuid":"11785425","full_name":"ossobv/sipzamine","owner":"ossobv","description":"Command line SIP dialog search/display of offline PCAP contents (formerly sipcaparseye)","archived":false,"fork":false,"pushed_at":"2024-02-26T07:56:05.000Z","size":9314,"stargazers_count":9,"open_issues_count":2,"forks_count":4,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-10-04T07:48:29.386Z","etag":null,"topics":["cli","pcap","protocol-analyser","sip"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ossobv.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-07-31T07:41:10.000Z","updated_at":"2022-05-26T12:55:19.000Z","dependencies_parsed_at":"2022-09-19T08:51:19.467Z","dependency_job_id":null,"html_url":"https://github.com/ossobv/sipzamine","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossobv%2Fsipzamine","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossobv%2Fsipzamine/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossobv%2Fsipzamine/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ossobv%2Fsipzamine/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ossobv","download_url":"https://codeload.github.com/ossobv/sipzamine/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224461886,"owners_count":17315116,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","pcap","protocol-analyser","sip"],"created_at":"2024-11-13T13:56:02.683Z","updated_at":"2024-11-13T13:56:03.291Z","avatar_url":"https://github.com/ossobv.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"sipzamine (previously sipcaparseye)\n===================================\n\nCommand line SIP dialog matching and searching through offline PCAPs.\n\n|pypi_version|\n\n\n\nInstalling\n----------\n\n.. code-block:: console\n\n    $ sudo apt-get install python-libpcap  # or yum install..\n    $ sudo pip install sipzamine\n\n\n\nExample\n-------\n\nA basic example, finding all dialogs that last shorter than 1.5 seconds:\n\n.. code-block:: console\n\n    $ sipzamine -m ^BYE -H ^BYE --maxdur 1.5 --pcap 'host 22.22.22.22' stored.pcap\n    [ 179978155f707e3622c0886752336210@22.22.22.22 ]\n    2011-11-23 22:27:20.746782 22.22.22.22:5060 \u003e 123.123.123.123:5060 102 INVITE\n    2011-11-23 22:27:20.747508 123.123.123.123:5060 \u003e 22.22.22.22:5060 102 INVITE(100)\n    2011-11-23 22:27:20.783424 123.123.123.123:5060 \u003e 22.22.22.22:5060 102 INVITE(200)\n    2011-11-23 22:27:20.783956 22.22.22.22:5060 \u003e 123.123.123.123:5060 102 ACK\n    2011-11-23 22:27:21.665581 22.22.22.22:5060 \u003e 123.123.123.123:5060 103 BYE \u003c--\n    2011-11-23 22:27:21.665721 123.123.123.123:5060 \u003e 22.22.22.22:5060 103 BYE(200)\n\n\n\nCommand options\n---------------\n\nNormally you use ``-m`` to match a dialog by regular expression. And ``-p``\nto filter by IP.\n\nTo highlight a particular text string in the concise output, use ``-H``.\n\nBasic matching options:\n\n.. code-block::\n\n    --pcap filter, -p filter\n        pcap filter expression\n    --pmatch regex, -m regex\n        any packet in dialog must match regex (can be used\n        multiple times), e.g. ^INVITE to match calls\n    --amatch regex, -M regex\n        all packets in dialog must match regex (can be used\n        multiple times), e.g. ^(SIP/2.0|INVITE|BYE) to match\n        calls without an ACK\n\nOutput options:\n\n.. code-block::\n\n    --contents\n        show complete packet contents\n    --dateskew seconds\n        offset added to all dates, can be negative (use when\n        pcap clock was off)\n    --highlight regex, -H regex\n        highlight first matchgroup in packets (multiple\n        highlights are identified by letters a..z)\n\nSpecial dialog/packet matching options:\n\n.. code-block::\n\n    --mindate date\n        packets must be younger than specified date\n    --maxdate date\n        packets must be older than specified date\n    --mindur seconds\n        dialogs/transactions must be shorter than duration\n    --maxdur seconds\n        dialogs/transactions must be longer than duration\n    --retransmits count\n        at least count retransmits must be involved\n\n\n\nTODO\n----\n\n- Add tests: begin with a smallish pcap.\n- Add the ability to write pcaps from the filter. Combine capability\n  with sipscrub?\n- Compare this to sipgrep (and other tools?). And homer?\n\n\n\nQ \u0026 A\n-----\n\nHow do I get ``pcap`` files?\n\n  You're encouraged to always write SIP pcaps on your VoIP machine.\n  tcpdump_ allows you easy rotation of pcaps so you won't run out of disk space.\n  You can use the tcpdump247_ init script if you like.\n\n\n.. _tcpdump: http://www.tcpdump.org/\n.. _tcpdump247: https://github.com/ossobv/vcutil/blob/master/tcpdump247\n\n.. |pypi_version| image:: https://img.shields.io/pypi/v/sipzamine.svg\n    :target: https://pypi.python.org/pypi/sipzamine\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossobv%2Fsipzamine","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fossobv%2Fsipzamine","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fossobv%2Fsipzamine/lists"}