<div dir="ltr"><div><div><div><div>Hello Daniel,<br><br></div>I would suggest this:<br><br></div>test it with latest master git code, add to your jira all relevant traces etc with latest (eg, today&#39;s) git master code.<br><br></div>This will bump attention to it.<br><br></div>-giovanni<br><br></div><div class="gmail_extra"><br><div class="gmail_quote">On 12 May 2017 at 20:37, Daniel Greenwald <span dir="ltr">&lt;<a href="mailto:dig1234@gmail.com" target="_blank">dig1234@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Giovanni- I personally experience this issue on three different systems. I&#39;ve tried all hep versions, and confirmed not a homer issue via wireshark. ie the HEP is not being sent for Inbound TLS messages. I did report it to Jira in Oct 2016 but got little attention. I still find HEP useful for outbound messages but it would be really nice to have two way SIP conversation in cleartext...<div><br></div><div><a href="https://freeswitch.org/jira/browse/FS-9657" target="_blank">https://freeswitch.org/jira/<wbr>browse/FS-9657</a><br></div><div><br></div><div><br></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Thu, May 11, 2017 at 11:45 AM, Tamas Jalsovszky <span dir="ltr">&lt;<a href="mailto:jalsot@gmail.com" target="_blank">jalsot@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Does HEP send verto signaling info to Homer too?<br></div><div class="gmail_extra"><br><div class="gmail_quote"><span>On 10 May 2017 at 21:38, Daniel Greenwald <span dir="ltr">&lt;<a href="mailto:dig1234@gmail.com" target="_blank">dig1234@gmail.com</a>&gt;</span> wrote:<br></span><div><div class="m_-7406706363769418368h5"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Thanks for this script! <div>Theoretically it is possible to see TLS SIP traffic with freeswitch sending HEP to Homer. But there seems to be a bug in FS that only sends one side of SIP conversation (ie the FS side, not inbound messages)..</div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="m_-7406706363769418368m_1181583448692051114h5">On Tue, May 9, 2017 at 11:10 AM, Giovanni Maruzzelli <span dir="ltr">&lt;<a href="mailto:gmaruzz@gmail.com" target="_blank">gmaruzz@gmail.com</a>&gt;</span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="m_-7406706363769418368m_1181583448692051114h5"><div dir="ltr"><span>On 9 May 2017 at 15:18, Bogdan-Andrei Iancu <span dir="ltr">&lt;<a href="mailto:bogdan@opensips.org" target="_blank">bogdan@opensips.org</a>&gt;</span> wrote:<br></span><div class="gmail_extra"><div class="gmail_quote"><span><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
  
    
  
  <div>
    <tt>Thank you Giovanni, that is a useful tool - we will document it
      in the OpenSIPS TLS tutorial, so other can benefit ;)<br>
      </tt><br></div></blockquote></span><div><br><span class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-im"><div><br></div></span><div>Glad about it!<br>Be sure to get it from <a href="https://freeswitch.org/confluence/display/FREESWITCH/Packet+Capture#PacketCapture-TLSwithsharka" target="_blank">https://freeswitch.org/conflue<wbr>nce/display/FREESWITCH/Packet+<wbr>Capture#PacketCapture-TLSwiths<wbr>harka</a> , is the latest version with a couple fixes.<div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-yj6qo m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-ajU"><div><img class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-ajT"><span class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665HOEnZb"><font color="#888888"><br></font></span></div><span class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665HOEnZb"><font color="#888888"><div>-giovanni<br><br></div><div><br> </div></font></span></div></div></div><div><div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665h5"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div bgcolor="#FFFFFF"><tt>
      Many thanks,<br>
    </tt>
    <pre class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154moz-signature" cols="72">Bogdan-Andrei Iancu
  OpenSIPS Founder and Developer
  <a class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154moz-txt-link-freetext" href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.<wbr>com</a>

OpenSIPS Summit May 2017 Amsterdam
  <a class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154moz-txt-link-freetext" href="http://www.opensips.org/events/Summit-2017Amsterdam.html" target="_blank">http://www.opensips.org/events<wbr>/Summit-2017Amsterdam.html</a>
</pre><div><div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-h5">
    <div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154moz-cite-prefix">On 05/02/2017 05:52 PM, Giovanni
      Maruzzelli wrote:<br>
    </div>
    </div></div><blockquote type="cite"><div><div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-h5">
      <div dir="ltr">
        <div>For a cut and paste ready version, that has the correct
          carriage returns (mangled by mail), check it in FreeSWITCH
          documentation:<br>
          <br>
          <a href="https://freeswitch.org/confluence/display/FREESWITCH/Packet+Capture#PacketCapture-TLSwithsharka" target="_blank">https://freeswitch.org/conflue<wbr>nce/display/FREESWITCH/Packet+<wbr>Capture#PacketCapture-TLSwiths<wbr>harka</a><br>
          <br>
        </div>
        -giovanni<br>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On 2 May 2017 at 16:26, Giovanni
          Maruzzelli <span dir="ltr">&lt;<a href="mailto:gmaruzz@gmail.com" target="_blank">gmaruzz@gmail.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
            <div dir="ltr">
              <div>
                <div>Hello fellows,<br>
                  <br>
                </div>
                after some experimentation with various tools, I come
                out with a little shell tool that maybe can be useful to
                you too.<br>
                <br>
              </div>
              <div>It can only work with non-forward secrecy ciphers,
                obviously, and only if is started before the client do
                the initial TLS handshake (eg, just restart the client).
                Forward secrecy cannot be decrypted after fact, so don&#39;t
                waste effort.<br>
                <br>
              </div>
              <div>An example of ciphers that can be decrypted are the
                &quot;AES256-SHA&quot; openssl cipher group. You can use ssldump
                to check what cipher is used by serverhello.<br>
              </div>
              <div><br>
              </div>
              Enjoy, make it better, and share it :)<br>
              <br>
              <br>
              #!/bin/bash <br>
              # brought to you by Giovanni Maruzzelli<br>
              # <br>
              SERVERIP=&quot;192.168.1.150&quot;<br>
              SERVERPORT=&quot;5061&quot;<br>
              PRIVKEY=&quot;/etc/certs/<a href="http://privkey.pe" target="_blank">privkey.pe</a><wbr>m&quot;<br>
              STDERR2DEVNULL=&quot; 2&gt;/dev/null &quot;<br>
              REGEX=&quot;notyet&quot;<br>
              <br>
              if [ -z &quot;$1&quot; ]; then<br>
                      REGEX=&quot;\\\.*&quot;<br>
              else<br>
                      REGEX=&quot;$1&quot;<br>
              fi<br>
              FILTER=&quot;ssl.app_data and sip matches&quot;<br>
              FILTER2=&quot;$FILTER \&quot;$REGEX\&quot;&quot;<br>
              FILTER3=&quot;&#39;$FILTER2&#39;&quot;<br>
              ARGUMENT=&quot;-i 1 -Y $FILTER3 -E header=y -T fields -e
              frame.number -e frame.time -e frame.time_delta_displayed
              -e ip.src -e ip.dst -e sip.Status-Line -e sip.Request-Line
              -e sip.msg_hdr -l -d tcp.port\=\=5061,sip  -o
              \&quot;ssl.keys_list: $SERVERIP,$SERVERPORT,sip,$PRI<wbr>VKEY\&quot;
              $STDERR2DEVNULL | sed -u &#39;s/\t/\n/g&#39; | sed -u &#39;/^$/d&#39; |
              sed -u &#39;s/^[0-9]*$/\n==&amp;=============<wbr>=================/g&#39;&quot;<br>
              <br>
              echo &quot;&quot;<br>
              echo &quot;NB: if it do not works, edit script so that
              STDERR2DEVNULL=\&quot; \&quot; and try again&quot;<br>
              echo &quot;&quot;<br>
              echo &quot;NB: remember to quote and escape match patterns,
              using triple slash&quot;<br>
              echo &quot;    eg, for matching <a href="mailto:1010@pbx.example.com" target="_blank">1010@pbx.example.com</a>,
              use \&quot;<a href="mailto:1010@pbx.example.com" target="_blank">1010@pbx.example.com</a>\&quot;&quot;<br>
              echo &quot;    eg, for matching anything, use \&quot;\\\\\\.*\&quot;&quot;<br>
              echo &quot;    eg, for matching *98, use \&quot;\\\\\\*98\&quot;&quot;<br>
              echo &quot;USAGE: $0 \&quot;\\\\\\*<a href="mailto:98@pbx.example.com" target="_blank">98@pbx.example.com</a>\&quot;&quot;<br>
              echo &quot;&quot;<br>
              <br>
              <br>
              case &quot;$1&quot; in<br>
                      -help|--help|?)<br>
                      exit 0<br>
                      ;;<br>
              *)<br>
                      echo &quot;THIS TIME WE&#39;RE DOING:&quot;<br>
                      echo &quot;tshark $ARGUMENT&quot;<br>
                      echo &quot;&quot;<br>
                      bash -c &quot;tshark $ARGUMENT&quot;<br>
                      ;;<br>
              esac<span class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154HOEnZb"><font color="#888888"><br>
                  <br>
                  <br clear="all">
                  <div>
                    <div>
                      <div>
                        <div><br>
                          -- <br>
                          <div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154m_6849756425851343551gmail_signature">
                            <div dir="ltr">
                              <div><span><span><br>
                                    Sincerely,<br>
                                  </span><span><font color="#888888"><br>
                                      Giovanni Maruzzelli<br>
                                      OpenTelecom.IT</font></span><br>
                                  <span>cell: +39 347 266 56 18<span><font color="#888888"><br>
                                      </font></span></span></span></div>
                            </div>
                          </div>
                        </div>
                      </div>
                    </div>
                  </div>
                </font></span></div>
          </blockquote>
        </div>
        <br>
        <br clear="all">
        <br>
        -- <br>
        <div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154gmail_signature">
          <div dir="ltr">
            <div><span><span><br>
                  Sincerely,<br>
                </span><span><font color="#888888"><br>
                    Giovanni Maruzzelli<br>
                    OpenTelecom.IT</font></span><br>
                <span>cell: +39 347 266 56 18<span><font color="#888888"><br>
                    </font></span></span></span></div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154mimeAttachmentHeader"></fieldset>
      <br>
      </div></div><pre>______________________________<wbr>_________________
Users mailing list
<a class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail-m_4777636906112541154moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-<wbr>bin/mailman/listinfo/users</a>
</pre>
    </blockquote>
    <br>
  </div>

</blockquote></div></div></div><div><div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665h5"><br><br clear="all"><br>-- <br><div class="m_-7406706363769418368m_1181583448692051114m_6162466015159202665m_5880141268979080209gmail_signature"><div dir="ltr"><div><span><span><br>Sincerely,<br></span><span><font color="#888888"><br>
Giovanni Maruzzelli<br>
OpenTelecom.IT</font></span><br><span>cell: +39 347 266 56 18<span><font color="#888888"><br></font></span></span></span></div></div></div>
</div></div></div></div>
<br></div></div>______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.freeswitchsolutions<wbr>.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.o<wbr>rg</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswi<wbr>tch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/ma<wbr>ilman/listinfo/freeswitch-user<wbr>s</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.frees<wbr>witch.org/mailman/options/free<wbr>switch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div>
<br>______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.freeswitchsolutions<wbr>.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.o<wbr>rg</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswi<wbr>tch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/ma<wbr>ilman/listinfo/freeswitch-user<wbr>s</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.frees<wbr>witch.org/mailman/options/free<wbr>switch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div></div></div><br></div>
<br>______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.freeswitchsolutions<wbr>.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.o<wbr>rg</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswi<wbr>tch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/ma<wbr>ilman/listinfo/freeswitch-user<wbr>s</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.frees<wbr>witch.org/mailman/options/<wbr>freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div>
</div></div><br>______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.<wbr>freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.<wbr>org</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.<wbr>freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/<wbr>mailman/listinfo/freeswitch-<wbr>users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.<wbr>freeswitch.org/mailman/<wbr>options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><span><span><br>Sincerely,<br></span><span><font color="#888888"><br>
Giovanni Maruzzelli<br>
OpenTelecom.IT</font></span><br><span>cell: +39 347 266 56 18<span><font color="#888888"><br></font></span></span></span></div></div></div>
</div>