git clone https://github.com/SIPp/sipp
cd sipp
git checkout v3.7.2
cmake -B build -DUSE_PCAP=1
cmake --build build -jcmake -B build -DUSE_TRACE=ON -DCMAKE_C_FLAGS="-DJBUF_TRACE -DAUBUF_TRACE -DTRACE_BUFFER_SIZE=10000000 -DRE_RTP_PCAP"
cmake --build build -jsudo sipp/build/sipp -sf scenarios/uac_pcap_opus.xml [BARESIP IP] -m 1 -key pcap pcap/opus_audio_500hz_linux_qdisc_delay_50ms.pcap
./jbuf.sh ./path/to/re_trace.json
./jbuf_video.sh ./path/to/re_trace.jsoneditcap -r g711a.pcap tmp1 2-3 # dump packets 2-3
editcap -r -t 0.07 g711a.pcap tmp2 1 # dump packet 1 and manipulate timestamp
editcap g711a.pcap tmp3 1-3 # exclude packets 1-3
mergecap -w out.pcap -a tmp1 tmp2 tmp3editcap g711a.pcap out.pcap 2-3 # drop packets 2-3editcap -L -C42:4 in.pcap tmp.pcap ./pcap_fix_udp_len.py tmp.pcap out.pcap 4
text2pcap is useful for debugging encrypted connections like DTLS_SRTP from application context.
See: https://blog.mozilla.org/webrtc/debugging-encrypted-rtp-is-more-fun-than-it-used-to-be/
Needs at least baresip v3.10.0 (current main)
cmake -B build -DUSE_TRACE=ON -DCMAKE_C_FLAGS="-DRE_RTP_PCAP"
cmake --build buildStart baresip and connections normally. Traces are written to re_trace.json after exit you can extract the pcap traces with jq and text2pcap:
jq -r ".traceEvents[] | select (.cat == \"pcap\") | .args.pcap" re_trace.json | text2pcap -D -n -l1 -i17 -u 1000,2000 -t '%H:%M:%S.%f' - dump.pcapng
Big re_trace.json files can be streamed like this
jq -r --stream "select(.[0][3] == \"pcap\" and .[1] != null) | .[1]" re_trace.json | text2pcap -D -n -l1 -i17 -u 1000,2000 -t '%H:%M:%S.%f' - dump.pcapngThe dump can now be opened with wireshark:
wireshark dump.pcapng