zoukankan html css js c++ java

抓包分析SIP消息

I. 实验环境

SIP服务器: Yate服务器, IP:port=10.15.3.34:5060

SIP客户端: 移植Sipdroid的Android网络电话软件, IP: 10.15.3.73, Android设备型号: X16 Plus(D3A5)

抓包工具: Wireshark 1.10.0

II. 配置SIP服务器

http://blog.csdn.net/stdupanda/article/details/14165231

III. Wireshark使用

抓包和过滤

保存报文

VI. SIP消息分析

4.1 客户端注册请求(无认证信息)

No. Time Source Destination Protocol Length Info
648 38.155145000 10.15.3.73 10.15.3.34 SIP 408 Request: REGISTER sip:10.15.3.34 |

Session Initiation Protocol (REGISTER)

Request-Line: REGISTER sip:10.15.3.34 SIP/2.0

Message Header
Via: SIP/2.0/UDP 10.15.3.73:5060;rport;branch=z9hG4bK52751
Max-Forwards: 70
To: <sip:123@10.15.3.34>
From: <sip:123@10.15.3.34>;tag=z9hG4bK02183212
Call-ID: 508230833273@10.15.3.73
CSeq: 1 REGISTER
Contact: <sip:123@10.15.3.73:5060;transport=udp>
Expires: 3600
User-Agent: Sipdroid/1.0.0/X16 Plus(D3A5)

(无认证信息)Authorization: Digest username="987", realm="Yate", nonce="b05a6e1b63dcb24c83bf00d28ead4a22.1482820854", uri="sip:10.15.3.34", algorithm=MD5, response="21bcb75b30f1e75307d1e3338721fa87"

Content-Length: 0

4.2 注册异常, port错误

找到不到端口属于ICMP协议,不是SIP的内容, 但是包含了该SIP请求

No. Time Source Destination Protocol Length Info
663 38.286045000 10.15.3.34 10.15.3.73 ICMP 436 Destination unreachable (Port unreachable)

Internet Control Message Protocol

    Type: 3 (Destination unreachable)
    Code: 3 (Port unreachable)
    Checksum: 0x190d [correct]
    Internet Protocol Version 4, Src: 10.15.3.73 (10.15.3.73), Dst: 10.15.3.34 (10.15.3.34)
    User Datagram Protocol, Src Port: sip (5060), Dst Port: 50696 (50696)
    Session Initiation Protocol (REGISTER)
        Request-Line: REGISTER sip:10.15.3.34 SIP/2.0
        Message Header
            Via: SIP/2.0/UDP 10.15.3.73:5060;rport;branch=z9hG4bK52751
            Max-Forwards: 70
            To: <sip:123@10.15.3.34>
            From: <sip:123@10.15.3.34>;tag=z9hG4bK02183212
            Call-ID: 508230833273@10.15.3.73
            CSeq: 1 REGISTER
            Contact: <sip:123@10.15.3.73:5060;transport=udp>
            Expires: 3600
            User-Agent: Sipdroid/1.0.0/X16 Plus(D3A5)
            Content-Length: 0

4.3 注册失败, 未认证

No.     Time      Source       Destination   Protocol  Length Info
403 26.643950000   10.15.3.34   10.15.3.73    SIP      505    Status: 401 Unauthorized    (0 bindings) | 

Session Initiation Protocol (401)
    Status-Line: SIP/2.0 401 Unauthorized
    Message Header
        Via: SIP/2.0/UDP 10.15.3.73:5060;rport=5060;branch=z9hG4bK52571;received=10.15.3.73
        From: <sip:987@10.15.3.34>;tag=z9hG4bK59485601
        To: <sip:987@10.15.3.34>
        Call-ID: 421848292740@10.15.3.73
        CSeq: 1 REGISTER
        WWW-Authenticate: Digest realm="Yate", nonce="b05a6e1b63dcb24c83bf00d28ead4a22.1482820854", stale=FALSE, algorithm=MD5
        Server: YATE/5.5.0
        Allow: ACK, INVITE, BYE, CANCEL, REGISTER, REFER, OPTIONS, INFO
        Content-Length: 0

4.4 响应型应答1xx: 收到消息, 正在处理...

No.     Time         Source      Destination     Protocol Length Info
407 26.684087000   10.15.3.34    10.15.3.73       SIP      314    Status: 100 Trying    (0 bindings) | 

Session Initiation Protocol (100)
    Status-Line: SIP/2.0 100 Trying
    Message Header
        Via: SIP/2.0/UDP 10.15.3.73:5060;rport=5060;branch=z9hG4bK92670;received=10.15.3.73
        From: <sip:987@10.15.3.34>;tag=z9hG4bK59485601
        To: <sip:987@10.15.3.34>
        Call-ID: 421848292740@10.15.3.73
        CSeq: 2 REGISTER
        Server: YATE/5.5.0
        Content-Length: 0

4.5 确认型应答2xx: 添加认证后重新发送注册请求, 注册成功

No.     Time        Source        Destination     Protocol Length Info
409 26.689106000   10.15.3.34      10.15.3.73      SIP      468    Status: 200 OK    (1 bindings) | 

Session Initiation Protocol (200)
    Status-Line: SIP/2.0 200 OK
    Message Header
        Via: SIP/2.0/UDP 10.15.3.73:5060;rport=5060;branch=z9hG4bK92670;received=10.15.3.73
        From: <sip:987@10.15.3.34>;tag=z9hG4bK59485601
        To: <sip:987@10.15.3.34>;tag=1266873868
        Call-ID: 421848292740@10.15.3.73
        CSeq: 2 REGISTER
        Expires: 3600
        Contact: <sip:987@10.15.3.73:5060;transport=udp>;expires=3600
        Server: YATE/5.5.0
        Allow: ACK, INVITE, BYE, CANCEL, REGISTER, REFER, OPTIONS, INFO
        Content-Length: 0

V. UserAgent和SIP消息

/*SIP消息body相关*/
public String from_url = null;    //User的地址, 和From URL等价
public String contact_url = null; //联系人URL, 格式为: sip:local_user@host_address:host_port
public String realm = null;
public String passwd = null;

/*注册状态相关*/
public boolean do_register = false;       //是否注册到注册服务器
public boolean do_unregistered = false;   //是否注销了联系人地址
public boolean do_unregister_all = false; //向服务器注册前是否注销了所有联系人

/*注册超时和TCP连接保活(非应用层的心跳包)*/
public int expires = 3600;         //注册超时时间
public long keepalive_time = 0;    //默认为0, 使能客户端和注册服务器之间TCP连接的自动保活功能

/*通话控制相关*/
public int accept_time = -1;       //自动应答时间, <0为手动设置模式
public int hangup_time = -1;       //自动挂断时间, <0为手动设置模式
public int transfer_time = -1;     //呼叫无应答自动呼叫转移时间, <0为无自动呼叫转移

/*音视频相关*/
public int audio_prot = 21000;
public int[] audio_codecs = {3, 8, 0};
public int audio_sample_rate = 8000;
public int video_port = 21070;
public int video_avp = 103;

/*参数初始化相关方法*/
public UserAgentProfile(String file); //从file中初始化UserAgentProfile
public void init();                   //根据contact_url初始化realm, username, call_to等变量
//根据sip_provider初始化contact_url, 包括getViaAddress(), getPort(), getDefaultTransport()
public void initContactAddress(SipProvider sip_provider);

查看全文

相关阅读:
人工智能理解
 24个提高你的知识和技能极限的数据科学（机器学习）项目（免费）
5个优秀的计算机视觉应用与相关数据集
 5行代码使Scikit-Learn参数学习速度提高5倍
 如何在PyTorch和TensorFlow中训练图像分类模型
 六个月的机器学习 / 计算机视觉工程师
 NLP：不要重新造轮子
 用遗传算法优化垃圾收集策略
 使用Detectron2分6步进行目标检测
 五篇值得阅读的ECCV 2020 图像识别相关论文

原文地址：https://www.cnblogs.com/elsarong/p/6225981.html