Vlad1983 писал(а):tcpdump-ом снять трафик и глянуть в wireshark что может сервер и что хочет клиент
Снял с момента нажатия регистрации. Пробовал двумя клиентами - SIP-клиент(Телефон) на MacOS и Bria на iOS.
После softphone-ip идет NAT роутера и pbx уже с внешним адресом и открытым только SIP-TLS 5061:
Код: Выделить всё
[root@ooeweb20 /]# tcpdump -vvv -nn -i enp5s0.2801 src host [softphone-ip]
tcpdump: listening on enp5s0.2801, link-type EN10MB (Ethernet), capture size 262144 bytes
23:24:58.053496 IP (tos 0x0, ttl 53, id 0, offset 0, flags [DF], proto TCP (6), length 64)
[softphone-ip].50578 > [pbx-ip].5061: Flags [S], cksum 0xf8f8 (correct), seq 3248289585, win 65535, options [mss 1400,nop,wscale 5,nop,nop,TS val 115313495 ecr 0,sackOK,eol], length 0
23:24:58.073906 IP (tos 0x0, ttl 53, id 0, offset 0, flags [DF], proto TCP (6), length 52)
[softphone-ip].50578 > [pbx-ip].5061: Flags [.], cksum 0xc688 (correct), seq 3248289586, ack 3924046983, win 4120, options [nop,nop,TS val 115313514 ecr 1715985684], length 0
23:24:58.082551 IP (tos 0x0, ttl 53, id 0, offset 0, flags [DF], proto TCP (6), length 257)
[softphone-ip].50578 > [pbx-ip].5061: Flags [P.], cksum 0x2061 (correct), seq 0:205, ack 1, win 4120, options [nop,nop,TS val 115313522 ecr 1715985684], length 205
23:24:58.102933 IP (tos 0x0, ttl 53, id 0, offset 0, flags [DF], proto TCP (6), length 52)
[softphone-ip].50578 > [pbx-ip].5061: Flags [.], cksum 0xc57c (correct), seq 205, ack 8, win 4120, options [nop,nop,TS val 115313541 ecr 1715985713], length 0
23:24:58.102992 IP (tos 0x0, ttl 53, id 0, offset 0, flags [DF], proto TCP (6), length 52)
[softphone-ip].50578 > [pbx-ip].5061: Flags [.], cksum 0xc57a (correct), seq 205, ack 9, win 4120, options [nop,nop,TS val 115313541 ecr 1715985714], length 0
23:24:58.103071 IP (tos 0x0, ttl 53, id 0, offset 0, flags [DF], proto TCP (6), length 52)
[softphone-ip].50578 > [pbx-ip].5061: Flags [F.], cksum 0xc579 (correct), seq 205, ack 9, win 4120, options [nop,nop,TS val 115313541 ecr 1715985714], length 0
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel
[root@ooeweb20 /]#
По локальной сети:
Код: Выделить всё
[root@ooeweb20 /]# tcpdump -vvv -nn -i enp6s0 src host 10.120.15.42
tcpdump: listening on enp6s0, link-type EN10MB (Ethernet), capture size 262144 bytes
23:23:57.724378 IP (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 64)
10.120.15.42.54224 > 10.0.0.5.5061: Flags [S], cksum 0x545b (correct), seq 649363345, win 65535, options [mss 1418,nop,wscale 6,nop,nop,TS val 598347167 ecr 0,sackOK,eol], length 0
23:23:57.732699 IP (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.120.15.42.54224 > 10.0.0.5.5061: Flags [.], cksum 0x289d (correct), seq 649363346, ack 3427909858, win 2065, options [nop,nop,TS val 598347195 ecr 1720414055], length 0
23:23:57.737735 IP (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 268)
10.120.15.42.54224 > 10.0.0.5.5061: Flags [P.], cksum 0x5062 (correct), seq 0:216, ack 1, win 2065, options [nop,nop,TS val 598347196 ecr 1720414055], length 216
23:23:57.741752 IP (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.120.15.42.54224 > 10.0.0.5.5061: Flags [.], cksum 0x27a9 (correct), seq 216, ack 8, win 2064, options [nop,nop,TS val 598347202 ecr 1720414070], length 0
23:23:57.741784 IP (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.120.15.42.54224 > 10.0.0.5.5061: Flags [.], cksum 0x27a8 (correct), seq 216, ack 9, win 2064, options [nop,nop,TS val 598347202 ecr 1720414070], length 0
23:23:57.742938 IP (tos 0x0, ttl 62, id 0, offset 0, flags [DF], proto TCP (6), length 52)
10.120.15.42.54224 > 10.0.0.5.5061: Flags [F.], cksum 0x27a6 (correct), seq 216, ack 9, win 2064, options [nop,nop,TS val 598347203 ecr 1720414070], length 0
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel
[root@ooeweb20 /]#