[sr-dev] git:carstenbock/ims: - Fixed NAT-Traversal

Module: sip-router Branch: carstenbock/ims Commit: 90aab8f26a89bb3b23b9a0fd51065ade2be5f9e1 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=90aab8f… Author: Carsten Bock &lt;carsten(a)bock.info&gt; Committer: Carsten Bock &lt;carsten(a)bock.info&gt; Date: Wed Jan 26 21:52:31 2011 +0100 - Fixed NAT-Traversal --- modules/pcscf/pcscf.cfg | 49 +++++++++++++++++++++++++++++++++++++--------- 1 files changed, 39 insertions(+), 10 deletions(-) diff --git a/modules/pcscf/pcscf.cfg b/modules/pcscf/pcscf.cfg index 320c293..104e2ac 100644 --- a/modules/pcscf/pcscf.cfg +++ b/modules/pcscf/pcscf.cfg @@ -77,6 +77,7 @@ #!ifdef WITH_NAT #!define INVITE_SDP_FLAG 3 #!endif +#!define NAT_FLAG 4 ####### Defined Values ######### @@ -87,7 +88,7 @@ debug=4 log_stderror=yes #!else -debug=2 +debug=1 log_stderror=no #!endif @@ -151,6 +152,7 @@ loadmodule "mi_fifo.so" loadmodule "pv.so" loadmodule "xlog.so" loadmodule "textops.so" +loadmodule "path.so" #!ifdef K_TESTING loadmodule "sst.so" loadmodule "dialog.so" @@ -178,6 +180,10 @@ loadmodule "xmlrpc.so" # ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo") +# ----------------- Settings for Path --------------- +# Path Module: the "received" parameter of the first Route URI is evaluated and used as destination-URI if present. +modparam("path", "use_received", 1) + # ----- dialog params ----- #!ifdef K_TESTING #!ifdef WITH_DB @@ -323,6 +329,8 @@ modparam("tls", "config", "/etc/kamailio/tls.cfg") # main routing logic route { + xlog("L_ERR", "$rm $ru (From $fu to $tu)\n"); + # Basic checks for Sanity of the request and Request flooding. route(Sanity_Checks); @@ -349,7 +357,8 @@ route { route(NOTIFY); break; } - + + xlog("L_ERR", "$$route_uri = $route_uri\n"); if !($route_uri =~ "sip:term@"+HOSTNAME_ESC+"."+NETWORKNAME_ESC+".*") { # Request Initiated by the UE #!ifdef K_TESTING @@ -399,7 +408,7 @@ route { #!ifdef K_TESTING if (!is_in_profile("term") && is_method("INVITE|SUBSCRIBE")){ #!else - if (P_is_in_dialog("term") && is_method("INVITE|SUBSCRIBE")){ + if (!P_is_in_dialog("term") && is_method("INVITE|SUBSCRIBE")){ #!endif route(Term_Initial); break; @@ -436,9 +445,9 @@ route[NAT] { #!ifdef WITH_NAT force_rport(); if (nat_uac_test("19")) { + setflag(NAT_FLAG); if (is_method("INVITE")) { fix_nated_contact(); - } } #!endif @@ -450,10 +459,10 @@ route[RTPPROXY] { #!ifdef WITH_NAT if (is_method("BYE")) { unforce_rtp_proxy(); - } else if (is_method("INVITE") && !search("^Content-Length:[ ]*0")) { + } else if (isflagset(NAT_FLAG) && is_method("INVITE") && !search("^Content-Length:[ ]*0")) { setflag(INVITE_SDP_FLAG); rtpproxy_offer(); - } else if (is_method("ACK") && !search("^Content-Length:[ ]*0")) { + } else if (isflagset(NAT_FLAG) && is_method("ACK") && !search("^Content-Length:[ ]*0")) { rtpproxy_answer(); } #!endif @@ -462,7 +471,7 @@ route[RTPPROXY] { route[RTPPROXY_REPLY] { #!ifdef WITH_NAT - if (status=~"(183)|(2[0-9][0-9])" && !search("^Content-Length:[ ]*0")) { + if (isflagset(NAT_FLAG) && status=~"(183)|(2[0-9][0-9])" && !search("^Content-Length:[ ]*0")) { if (isflagset(INVITE_SDP_FLAG)) rtpproxy_answer(); else rtpproxy_offer(); } @@ -613,7 +622,14 @@ route[REGISTER] } remove_hf("Security-Verify"); # Add a term path-Header: - append_hf("Path: <sip:term@"+HOSTNAME+"."+NETWORKNAME+";lr>\r\n"); + if (isflagset(NAT_FLAG)) { + if ($pr == "udp") + append_hf("Path: <sip:term@"+HOSTNAME+"."+NETWORKNAME+";lr;received=sip:$si:$sp>\r\n"); + else + append_hf("Path: <sip:term@"+HOSTNAME+"."+NETWORKNAME+";lr;received=sip:$si:$sp;transport=$pr>\r\n"); + } else + append_hf("Path: <sip:term@"+HOSTNAME+"."+NETWORKNAME+";lr>\r\n"); + append_hf("Require: path\r\n"); # Add a charging vector: route(add_charging_vector); @@ -690,6 +706,7 @@ route[NOTIFY] ####### ORIGINATING route[Orig_Initial] { + xlog("L_ERR", "route[Orig_Initial]\n"); if (P_emergency_ruri()){ route(Orig_Initial_Emergency); break; @@ -705,6 +722,7 @@ route[Orig_Initial] }; # add IBCF/THIG route here if required loose_route(); + xlog("L_ERR", "1) $$du = $du\n"); if (!P_follows_service_routes()){ #Variant 1 - deny access to the network #send_reply("400","Bad Request - Not following indicated Service-Routes"); @@ -712,8 +730,10 @@ route[Orig_Initial] #Variant 2 - enforce routes and let the dialog continue P_enforce_service_routes(); } + xlog("L_ERR", "2) $$du = $du\n"); P_record_route("orig"); + xlog("L_ERR", "3) $$du = $du\n"); # Check for "sec-agree" in the Require header: if ($hdr(Require)) { @@ -745,11 +765,14 @@ route[Orig_Initial] send_reply("514","Originating dialog save failure - P-CSCF maximum dialog count reached!"); exit; } - + xlog("L_ERR", "10) $$du = $du\n"); + if (is_method("INVITE")){ #P_local_policy(); #check, if sdp is allowed, if not return with allowed sdp + P_NAT_relay(); route(RTPPROXY); } + xlog("L_ERR", "11) $$du = $du\n"); t_on_reply("Orig_Initial_reply"); t_on_failure("Orig_Initial_failure"); @@ -1091,6 +1114,7 @@ failure_route[Orig_Standalone_failure] route[Term_Initial] { + xlog("L_ERR", "Term_Initial\n"); P_record_route("term"); @@ -1100,8 +1124,10 @@ route[Term_Initial] send_reply("514","Terminating dialog save failure - P-CSCF maximum dialog count reached!"); exit; } + xlog("L_ERR", "Route: $hdr(Route)\n"); loose_route(); + xlog("L_ERR", "1) $$du = $du\n"); t_on_reply("Term_Initial_reply"); #t_on_failure("Term_Initial_failure"); @@ -1110,6 +1136,8 @@ route[Term_Initial] } if (!P_security_relay()) P_NAT_relay(); + + xlog("L_ERR", "2) $$du = $du\n"); t_on_reply("Term_Initial_reply"); t_on_failure("Term_Initial_failure"); if (!t_relay()) { @@ -1117,7 +1145,6 @@ route[Term_Initial] P_drop_dialog("term"); break; }; - } @@ -1222,6 +1249,7 @@ route[Term_Subsequent] #t_on_failure("Term_Subsequent_failure"); if (!P_security_relay()) P_NAT_relay(); + xlog("L_ERR", "$$du = $du\n"); if (!t_relay()) { send_reply("500","Error forwarding terminating subsequent request"); break; @@ -1272,6 +1300,7 @@ route[Term_Standalone] #t_on_failure("Term_Standalone_failure"); if (!P_security_relay()) P_NAT_relay(); + xlog("L_ERR", "$$du = $du\n"); if (!t_relay()) { send_reply("500","Error forwarding terminating standalone request"); break;