[sip-clf] FW: I-D Action:draft-kaplan-sipping-clf-pcap-00.txt
Hadriel Kaplan <HKaplan@acmepacket.com> Wed, 17 June 2009 18:29 UTC
Return-Path: <HKaplan@acmepacket.com>
X-Original-To: sip-clf@core3.amsl.com
Delivered-To: sip-clf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A26C228C1B2; Wed, 17 Jun 2009 11:29:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.412
X-Spam-Level:
X-Spam-Status: No, score=-2.412 tagged_above=-999 required=5 tests=[AWL=0.188, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0vrP-Vd6vO5V; Wed, 17 Jun 2009 11:29:47 -0700 (PDT)
Received: from etmail.acmepacket.com (etmail.acmepacket.com [216.41.24.6]) by core3.amsl.com (Postfix) with ESMTP id ADCD028C278; Wed, 17 Jun 2009 11:29:47 -0700 (PDT)
Received: from mail.acmepacket.com (216.41.24.7) by etmail.acmepacket.com (216.41.24.6) with Microsoft SMTP Server (TLS) id 8.1.340.0; Wed, 17 Jun 2009 14:29:58 -0400
Received: from mail.acmepacket.com ([127.0.0.1]) by mail ([127.0.0.1]) with mapi; Wed, 17 Jun 2009 14:29:58 -0400
From: Hadriel Kaplan <HKaplan@acmepacket.com>
To: "sip-clf@ietf.org" <sip-clf@ietf.org>
Date: Wed, 17 Jun 2009 14:29:47 -0400
Thread-Topic: I-D Action:draft-kaplan-sipping-clf-pcap-00.txt
Thread-Index: AcnvADVbRjylz/iUR3uTiC6eLPbhbQAd2SIg
Message-ID: <E6C2E8958BA59A4FB960963D475F7AC31941848484@mail>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/mixed; boundary="_002_E6C2E8958BA59A4FB960963D475F7AC31941848484mail_"
MIME-Version: 1.0
Cc: "dispatch@ietf.org" <dispatch@ietf.org>
Subject: [sip-clf] FW: I-D Action:draft-kaplan-sipping-clf-pcap-00.txt
X-BeenThere: sip-clf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Common Log File format discussion list <sip-clf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-clf>
List-Post: <mailto:sip-clf@ietf.org>
List-Help: <mailto:sip-clf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jun 2009 18:29:48 -0000
Howdy, I have submitted an I-D for Yet Another SIP-CLF Format. This one is pure binary, and follows the libpcap/PCAP file format, encoding the fields into a format which just happens to be decode-able as RADIUS messages by PCAP decoders. One of the advantages to this format is off-line decoders such as Wireshark can decode it right now, with only a dictionary for the VSA used for SIP-CLF. For wireshark, for example, this can be done without re-compiling/upgrading wireshark. Just a 30-second procedure and restarting Wireshark enables one to view, filter, and search through the SIP-CLF fields as is. The I-D's link is below, and there's a sample CLF file and dictionary file and Wireshark instructions (and even screenshot!) available on: https://sourceforge.net/projects/sip-clf/ There's also an open-source C-code library implementation available there. -hadriel > -----Original Message----- > From: i-d-announce-bounces@ietf.org [mailto:i-d-announce-bounces@ietf.org] > On Behalf Of Internet-Drafts@ietf.org > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > Title : PCAP-compatible Binary Syntax for SIP Common Log > File Format > Author(s) : H. Kaplan > Filename : draft-kaplan-sipping-clf-pcap-00.txt > Pages : 20 > Date : 2009-06-16 > > This document proposes a libpcap/PCAP-compatible binary syntax for > the SIP common log format (CLF). It does not cover semantic > issues, and is meant to be evaluated in the context of the other > efforts discussing SIP CLF. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-kaplan-sipping-clf-pcap-00.txt
- [sip-clf] FW: I-D Action:draft-kaplan-sipping-clf… Hadriel Kaplan