sipcapture/heplify sipcapture/heplify

  • Stars
    star
    182
  • Rank 211,154 (Top 5 %)
  • Language
    Go
  • License
    GNU Affero Genera...
  • Created over 7 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
sipcapture/heplify
github

sipcapture

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Portable and Lightweight HEP Capture Agent for HOMER

heplify is captagents little brother, optimized for speed and simplicity. It's a single binary which you can run on Linux, ARM, MIPS, Windows to capture IPv4 or IPv6 packets and send them to Homer. Heplify is able to send SIP, correlated RTCP, RTCPXR, DNS, Logs into homer. It's able to handle fragmented and duplicate packets out of the box.

Requirements

Linux

None if you use the binary from the releases

Windows

WinPcap

Installation

Linux

Download heplify and execute 'chmod +x heplify'

Windows

Download heplify.exe

Development build

If you have Go 1.11+ installed, build the latest heplify binary by running make.

You can also build a docker image:

docker build --no-cache -t sipcapture/heplify:latest -f docker/heplify/Dockerfile .

Usage

 -assembly_debug_log
	If true, the github.com/google/gopacket/tcpassembly library will log verbose debugging information (at least one line per packet)
  -assembly_memuse_log
	If true, the github.com/google/gopacket/tcpassembly library will log information regarding its memory use every once in a while.
  -b int
	Interface buffersize (MB) (default 32)
  -d string
	Enable certain debug selectors [defrag,layer,payload,rtp,rtcp,sdp]
  -dd
	Deduplicate packets
  -di string
	Discard uninteresting packets by any string
  -dim string
	Discard uninteresting SIP packets by CSeq [OPTIONS,NOTIFY]
  -diip string
	Discard uninteresting SIP packets by Source or Destination IP(s)
  -disip string
	Discard uninteresting SIP packets by Source IP(s)
  -didip string
	Discard uninteresting SIP packets by Destination IP(s)
  -e	
	Log to stderr and disable syslog/file output
  -erspan
	erspan
  -fg uint
	Fanout group ID for af_packet
  -fi string
	Filter interesting packets by any string
  -fw int
	Fanout worker count for af_packet (default 4)
  -hi uint
	HEP node ID (default 2002)
  -hin
	HEP collector listening protocol, address and port (example: "tcp:10.10.99.10:9060")
  -hn string
	HEP node Name
  -hp string
	HEP node PW
  -hs string
	HEP server destination address and port (default "127.0.0.1:9060")
  -i string
	Listen on interface (default "any")
  -l string
	Log level [debug, info, warning, error] (default "info")
  -lp int
	Loop count over ReadFile. Use 0 to loop forever (default 1)
  -m string
	Capture modes [SIP, SIPDNS, SIPLOG, SIPRTCP] (default "SIPRTCP")
  -n string
	Log filename (default "heplify.log")
  -nt string
	Network types are [udp, tcp, tls] (default "udp")
  -bpf string
	Custom bpf filter (default "")
  -o	
	Read packet for packet
  -p string
	Log filepath (default "./")
  -pr string
	Portrange to capture SIP (default "5060-5090")
  -protobuf
	Use Protobuf on wire
  -rf string
	Read pcap file
  -rs
	Use packet timestamps with maximum pcap read speed
  -rt int
	Pcap rotation time in minutes (default 60)
  -s int
	Snaplength (default 8192)
  -sl
	Log to syslog
  -t string
	Capture types are [pcap, af_packet] (default "pcap")
  -tcpassembly
	If true, tcpassembly will be enabled
  -tcpsendretries uint
	Number of retries for sending before giving up and reconnecting (default 64)
  -version
	Show heplify version
  -vlan
	vlan
  -wf string
	Path to write pcap file
  -zf
	Enable pcap compression

Examples

# Capture SIP and RTCP packets on any interface and send them to 127.0.0.1:9060
./heplify

# Capture SIP and RTCP packets on any interface and send them via TLS to 192.168.1.1:9060
./heplify -hs 192.168.1.1:9060 -nt tls

# Capture SIP and RTCP packets on any interface and send them to 192.168.1.1:9060. Use a someNodeName
./heplify -hs 192.168.1.1:9060 -hn someNodeName

# Capture SIP and RTCP packets on any interface and send them to 192.168.1.1:9060. Print info to stdout
./heplify -hs 192.168.1.1:9060 -e

# Capture SIP and RTCP packets on any interface and send them to 192.168.1.1:9060 and 192.168.2.2:9060
./heplify -hs "192.168.1.1:9060,192.168.2.2:9060"

# Capture SIP and RTCP packets on any interface and send them to 192.168.1.1:9060. Print debug selectors
./heplify -hs 192.168.1.1:9060 -e -d fragment,payload,rtcp

# Capture SIP and RTCP packets with custom SIP port range on eth2 and send them to 192.168.1.1:9060
./heplify -i eth2 -pr 6000-6010 -hs 192.168.1.1:9060

# Capture SIP and RTCP packets on eth2, send them to homer and compressed to /srv/pcapdumps/
./heplify -i eth2 -hs 192.168.1.1:9060 -wf /srv/pcapdumps/ -zf

# Read example/rtp_rtcp_sip.pcap and send SIP and correlated RTCP packets to 192.168.1.1:9060
./heplify -rf example/rtp_rtcp_sip.pcap -hs 192.168.1.1:9060

# Capture and send packets except SIP OPTIONS and NOTIFY to 192.168.1.1:9060
./heplify -hs 192.168.1.1:9060 -dim OPTIONS,NOTIFY

# Capture SIP packet with HPERM encapsulation on port 7932 and interface eth2, send to 192.168.1.1:9060 and print debug info on stdout
./heplify -i eth2 -bpf "port 7932" -hs 192.168.1.1:9060 -l debug -e

# Run heplify in "HEP Collector" mode in order to receive HEP input via TCP on port 9060 and fork (output) to two HEP servers listening on port 9063
./heplify -e -hs HEPServer1:9063,HEPserver2:9063 -hin tcp:1.2.3.4:9060

Made by Humans

This Open-Source project is made possible by actual Humans without corporate sponsors, angels or patreons.

If you use this software in production, please consider supporting its development with contributions or donations

Donate

More Repositories

1

homer

HOMER - 100% Open-Source SIP, VoIP, RTC Packet Capture & Monitoring
Shell
1,625
star
2

homer-app

HOMER 7.x Front-End and API Server
Go
204
star
3

heplify-server

HEP Capture Server for HOMER
Go
183
star
4

captagent

100% Open-Source Packet Capture Agent for HEP
C
167
star
5

sipgrep

SIPGREP: Display and Troubleshoot SIP signaling over IP networks in console
C
160
star
6

paStash

pastaʃ'ʃ = Spaghetti I/O Event Data Processing, Interpolation, Correlation and beyond 🍝
JavaScript
102
star
7

homer7-docker

HOMER 7 Docker Images
JavaScript
93
star
8

homer-ui

HOMER Front-End Application (UI)
TypeScript
62
star
9

HEP

HEP-EEP: Extensible Encapsulation Protocol (Specs & Technical Docs)
44
star
10

homer5-docker

HOMER 5 Docker Containers (OBSOLETE)
M4
40
star
11

homer-installer

HOMER Install Scripts and Install Packages
Shell
36
star
12

rtcagent

RTCAgent is an eBPF powered HEP Agent for HOMER/HEPIC
C
35
star
13

awesome-hep

A curated list of HEP / EEP enabled projects
27
star
14

hep-wireshark

HOMER HEP Wireshark Dissector
Lua
27
star
15

homer-api

HOMER 5: Back-End (API) DEPRICATED - use sipcapture/homer-app
PHP
27
star
16

hepipe.js

Pipe arbitrary data rows (logs, events, cdrs, esl, etc) to HEP Server (HOMER)
JavaScript
24
star
17

rtpbreakr

RTP Audio Juicer
C
23
star
18

HEPop

Multi-Protocol HEP Server & RTC Collector in NodeJS 🎈
JavaScript
22
star
19

hepipe

HEP-PIPE: Pipe arbitrary data (logs, events, cdrs, etc) to HEP server (HOMER)
C
16
star
20

homer-config

HOMER Project Configuration Repo
PHP
13
star
21

homer-docker

HOMER 10 Docker
JavaScript
13
star
22

hep-js

HEP: Javascript/Node implementation of HEP/EEP Encapsulation Protocol
JavaScript
11
star
23

hepsub-voipmonitor

HEP Pub-Sub Client for OSS Voipmonitor Sniffer
JavaScript
10
star
24

homer-view-react

Experimental React Viewer for HEP APIs
JavaScript
10
star
25

pastash_plugins

NPM Plugin Modules for Pastash
JavaScript
9
star
26

homer-view

Homer view interface for sharing
TypeScript
9
star
27

hepfix.js

IPFIX Gateway for HEP & HOMER
JavaScript
9
star
28

hepgen.js

Barebone HEP Generator for SIP-less Devs
JavaScript
9
star
29

HEPjack.js

Elegantly Sniff Forward-Secrecy TLS/SIP to HEP at the source using Frida
JavaScript
9
star
30

captagent-js

Captagent Sample implementation in NodeJS w/ HEP3 and ES Bulk API Support
JavaScript
9
star
31

hepagent

Next-Gen HEP Capture Agent in Rust
Rust
8
star
32

hepsub-rtpengine

HEPSub Middleware for RTPEngine Meta & Recordings
JavaScript
8
star
33

hepsub

HEP Pub-Sub API Example
JavaScript
8
star
34

hepsub-apiban

HOMER/HEPSUB Integration for APIban.org
JavaScript
7
star
35

hep-go

HEP: GO implementation of HEP/EEP Encapsulation Protocol
Go
7
star
36

hepsub-cgrates

HOMER HEPSub client example for CGRages
JavaScript
6
star
37

homer-snmp

HOMER SNMP Bridge
JavaScript
6
star
38

statstrmr

JSON-HEP Statistics Streamer for HOMER 5.x
JavaScript
6
star
39

cacheep

Real-Time Lookup Cache (LRU + API + DNS)
JavaScript
6
star
40

hep-c

HEP: C implementation of HEP/EEP Encapsulation Protocol
C
6
star
41

hepsub-elastic

HEP Subscibe Client for Elasticsearch
JavaScript
6
star
42

hep-java

HEP: JAVA implementation of HEP/EEP Encapsulation Protocol
Java
5
star
43

hep-erlang

HEP: Erlang implementation of HEP/EEP Encapsulation Protocol
Erlang
5
star
44

homer-puppet

HOMER Puppet Modules
Puppet
5
star
45

hepgen-bash

An HEP generator written in bash
Shell
4
star
46

docs

HOMER/HEP Documentation
4
star
47

libhep

HEP Library C/C++
C
4
star
48

helm-charts

HOMER helm charts
Smarty
3
star
49

hep-python

HEP: Python implementation of HEP/EEP Encapsulation Protocol
Python
3
star
50

sipcapture.github.io

sipcapture.github.io
HTML
2
star
51

teardown-js

Synthetic SIP Teardown Generator module for NodeJS
JavaScript
2
star
52

hsp-output-elasticsearch

ESP/HSP template for Elasticsearch
2
star
53

hep-perl

HEP Perl implementation. Provided by SipGate
Perl
1
star
54

builders

Package Builders for SIPCAPTURE/QXIP Projects
Shell
1
star