Subscribe by RSSSniffin’ the VOIP traffic part 2
Continuing the analysis…
Ian’s page is fantastic for diving deep into SIP call analysis. We covered some of the cool stuff you can do also with jitter graphs and latency in the asteriskblog forums.
I’d like to start diving into the asterisk codebase with help from Moises Silva from the asterisk-dev mailing list.
Refer to this diagram I made tonight from Wireshark sniffing a brief call.
It’s a little hard to read, but I think you can follow along.
Moises starts out:
1. A SIP call usually starts in sipsock_read(), that is a callback
function executed when the SIP socket has stuff to be read.
To start, refer to chan_sip.c in the asterisk source code.
Overview of the handling of SIP sessionsThe SIP channel handles several types of SIP sessions, or dialogs, not all of them being “telephone calls”.
- Incoming calls that will be sent to the PBX core
incoming packets Incoming packets are received in the monitoring thread, then handled by sipsock_read(). This function parses the packet and matches an existing dialog or starts a new SIP dialog.sipsock_read sends the packet to handle_request(), that parses a bit more. if it’s a response to an outbound request, it’s sent to handle_response(). If it is a request, handle_request sends it to one of a list of functions depending on the request type - INVITE, OPTIONS, REFER, BYE, CANCEL etc sipsock_read locks the ast_channel if it exists (an active call) and unlocks it after we have processed the SIP message.
I think that this function in chan_sip.c is constantly monitoring for incoming packets.
static void *do_monitor(void *data)
Mark tells us that do_monitor sends packets to sipsock_read. I believe that is accomplished by adding a callback function via ast_io_add:
14301 /* Add an I/O event to our SIP UDP socket */ 14302 if (sipsock > -1) 14303 ast_io_add(io, sipsock, sipsock_read, AST_IO_IN, NULL);
Parameters:
| ioc | which context to use | |
| fd | which fd to monitor | |
| callback | callback function to run | |
| events | event mask of events to wait for | |
| data | data to pass to the callback Watch for any of revents activites on fd, calling callback with data as callback data. Returns a pointer to ID of the IO event, or NULL on failure. |
Cool. So a function called sipsock_read was registered as a callback to handle sip events. We’ll continue from here next time.
Don't miss a post! Subscribe to the RSS feed or by email today!
Leave a Reply