Re: [SR-Users] Called with SDP without DTLS fingerprint from WebRTC to SIP

Hello Zhan, thanks for your Input. I got it to work. The code of the config is probably still not nice to look at, but it works for now. This is the most important thing for me. WEB to SIP, SIP to WEB and SIP to SIP encrypted (TLS) works. Below is my current NATMANAGE-Config. I will gladly accept further suggestions. The important point was that I had to delete the flag " via-branch=extra"; and the flags "SDES-off" and "RTP/AVP". As I said, I am still pretty new to the topic and there was a lot of try and error in the end. Thanks, Benny route[NATMANAGE] { if (is_request()) { if(has_totag()) { if (check_route_param("nat=yes")) { xlog("FLB_NATB is set"); setbflag(FLB_NATB); } if (check_route_param("rtp=bridge")) { xlog("FLB_BRIDGE is set"); setbflag(FLB_BRIDGE); } if (check_route_param("rtp=ws")) { xlog("FLB_RTPWS is set"); setbflag(FLB_RTPWS); } } } if (!isbflagset(FLB_BRIDGE)) { xlog("FLB_BRIDGE is not set"); #return; } if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB) || isbflagset(FLB_RTPWS))) { xlog("All flags are not set"); return; } $xavp(r=>$T_branch_idx) = "replace-origin replace-session-connection"; if (!nat_uac_test("8")) { xlog("IS TRUSTED"); $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " trust-address"; } if (is_request()) { if (!has_totag()) { if (!t_is_failure_route()) { $avp(extra_id) = @via[1].branch + $T_branch_idx; $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx); xlog("BRANCH: $T_branch_idx"); } } } if (is_reply()) { $avp(extra_id) = @via[2].branch + $T_branch_idx; $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx); xlog("BRANCH: $T_branch_idx"); } if(isbflagset(FLB_RTPWS)){ xlog("IS WS"); if(is_request()){ xlog("IS REQUEST"); if ($proto =~ "ws") { xlog("WEB --> SIP"); if (route(FROMASTERISK)) { xlog("FROM INTERNAL"); $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " rtcp-mux-demux DTLS=off ICE=remove direction=external direction=internal loop-protect"; rtpengine_manage($xavp(r=>$T_branch_idx)); } else { xlog("FROM EXTERNAL"); $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " rtcp-mux-demux DTLS=off ICE=remove direction=external direction=internal loop-protect"; rtpengine_manage($xavp(r=>$T_branch_idx)); } } else { xlog("SIP --> WEB"); $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " rtcp-mux-offer generate-mid DTLS=passive ICE=force SDES-off RTP/SAVPF direction=internal direction=external loop-protect"; rtpengine_manage($xavp(r=>$T_branch_idx)); } } else { xlog("IS RESPONSE"); if ($proto =~ "ws") { xlog("WEB --> SIP"); $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " rtcp-mux-demux DTLS=off ICE=remove direction=external direction=internal loop-protect"; } else { xlog("SIP --> WEB"); $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " rtcp-mux-offer generate-mid DTLS=passive ICE=force RTP/SAVPF direction=internal direction=external loop-protect"; } rtpengine_manage($xavp(r=>$T_branch_idx)); } } else { xlog("SIP --> SIP"); if (route(FROMASTERISK)) { xlog("FROM INTERNAL"); rtpengine_manage("replace-origin replace-session-connection trust-address direction=internal direction=external ICE=remove loop-protect"); } else { xlog("FROM EXTERNAL"); rtpengine_manage("replace-origin replace-session-connection trust-address direction=external direction=internal ICE=remove loop-protect"); } } xlog("NATMANAGE branch_id:$T_branch_idx ruri: $ru, method:$rm, status:$rs, extra_id: $avp(extra_id), rtpengine_manage: $xavp(r=>$T_branch_idx)\n"); if (is_request()) { if (!has_totag()) { if (t_is_branch_route()) { if (isbflagset(FLB_NATB)) { add_rr_param(";nat=yes"); } if (isbflagset(FLB_BRIDGE)) { add_rr_param(";rtp=bridge"); } if (isbflagset(FLB_RTPWS)) { add_rr_param(";rtp=ws"); } } } } if (is_reply()) { if (isbflagset(FLB_NATB)) { if (is_first_hop()) { if (af == INET) { set_contact_alias(); } } } } return; }