Provided by: sngrep_1.4.5-1_amd64 bug

NAME
       sngrep - SIP Messages flow viewer


SYNOPSIS
       sngrep  [-hVcivlkNq] [ -IO pcap_dump ] [ -d dev ] [ -l limit ] [ -k keyfile ] [-LH capture_url ] [ <match
       expression> ] [ <bpf filter> ]


DESCRIPTION
       sngrep is a terminal tool that groups SIP (Session Initiation Protocol) Messages by Call-Id, and displays
       them  in  arrow flows similar to the used in SIP RFCs. The aim of this tool is to make easier the process
       of learnig or debugging SIP. It recognizes UDP, TCP and partially TLS SIP  packets  and  understands  bpf
       filter logic in the same way ngrep (8) and tcpdump (1) does.


OPTIONS
       -h     Display help and usage information.

       -V     Display version information.

       -c     Only capture dialogs starting with an INVITE request.

       -i     Make match expression case insensitive.

       -v     Invert match expression.

       -I pcap_dump
              Read packets from pcap file instead of network devices. This option can be used with bpf filters.

       -O pcap_dump
              Save all captured packets to a pcap file. This option can be used with bpf filters.

       -d dev Use this capture device instead of default (any).

       -k keyfile
              Use private keyfile to decrypt TLS packets.

       -l limit
              Change  default capture limit (20000 dialogs) Limit must be a numeric value above 1 and can not be
              disabled. This is both security measure to avoid unlimited memory usage and also  used  internally
              in sngrep to manage hash table sizes.

       -R     Remove oldest dialog when the capture limit has reached Although not recommended, this can be used
              to keep sngrep running during long times with some control over consumed memory.

       -N     Don't display sngrep interface, just capture

       -q     Don't print captured dialogs in no interface mode

       -H     Send captured packets to a HEP server (like Homer or  another  sngrep)  Argument  must  be  an  IP
              address and port in the format: udp:A.B.C.D:PORT

       -L     Start  a  HEP  server listening for packets Argument must be an IP address and port in the format:
              udp:A.B.C.D:PORT

       match expression
              Match given expression in Messages' payload. If one request message matches the given  expression,
              the following messages within the same dialog will be also captured.

       bpf filter
              Selects  a  filter that specifies what packets will be parsed.  If no bpf filter is given, all SIP
              packets seen on the selected interface or pcap file will be displayed.   Otherwise,  only  packets
              for which bpf filter is `true' will be displayed.


Interface
       There  are  multiple  windows  to  provide different information. Most of the program windows have a help
       dialog with a brief description and useful keybindings.

    Call List Window
       The first window that sngrep shows is Call List window and display the different SIP  Call-Ids  found  in
       messages.  The  displayed  columns depends on your terminal width and your custom configuration.  You can
       move between dialogs with arrow keys and selected them using Spacebar. Selecting  multiple  dialogs  will
       display  all  them  in  Call  flow  window  and Call Raw window, and will allow to save only the selected
       message dialogs to a PCAP file.

    Call Flow Window
       This window will a flow diagram of the selected dialogs' messages. The selected message payload  will  be
       displayed in the right side of the window. You can move between messages using arrow keys and select them
       using Spacebar. Selecting multiple messages will display the Message Diff Window.

    Call Raw Window
       This window will display the selected dialog messages in plain text. It was designed to allow copying the
       messages payload easily. You can also save the displayed information to a text file from this screen.

    Column selection Window
       Columns  displayed  in  Call  List can be updated in this window. You can add or remove columns or change
       their order in the list. Additionally, you can save column state to be use in next sngrep execution.

    Message Diff Window
       This window will compare two messages. Right now the comparison is done searching each line in the  other
       message, highlighting those not found exactly.  You can reach this window by selecting two messages using
       Spacebar in Call Flow window


FILES
       Full paths below may vary between installations.

       /etc/sngreprc

              System-wide configuration file. Some sngrep options can be overridden using this file.

       ~/.sngreprc

              User's configuration file.  If  this  file  is  present,  options  will  be  override  system-wide
              configurations.


BUGS
       Please report bugs to the sngrep github project at

           http://github.com/irontec/sngrep

       Non-bug, non-feature-request general feedback should be sent to the author directly by email.


AUTHOR
       Written by Ivan Alonso [a.k.a. Kaian] <kaian@irontec.com>.