I am trying to get SER and rtpproxy to run together on my OpenBSD 3.5
firewall. My intention is to have SER act as a SIP proxy for incoming SIP
calls that reach me by IP address or domain name. I also have an Asterisk
PBX behind my firewall. My problem is that SER can't find a running RTP
proxy and I am not sure why. I run rtpproxy without any switches. SER is
run as a non-root user and in an chroot directory. My ser.cfg is below:
#
# $Id: ser.cfg,v 1.12 2002/10/21 02:40:06 jiri Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=no
log_stderror=yes # (cmd line: -E)
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=2
fifo="/tmp/ser_fifo"
alias="my.domainname.com"
listen=204.118.177.213
#listen=192.168.3.1
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
#loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
#loadmodule "/usr/local/lib/ser/modules/auth.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
#modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth", "secret", "alsdkhglaksdhfkloiwr")
#modparam("auth", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
#modparam("auth", "password_column", "password")
#modparam("rr", "enable_full_lr", 1)
modparam("registrar", "nat_flag", 6)
#nathelper
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind NAT
# ------------------------- request routing logic -------------------
# main routing logic
route{
# compulsory processing of Route header fields and adding RR
loose_route();
# ATA's are symmetric but don't advertise it -- force use of rport
if (search("User-Agent: Cisco ATA.*")) {
setflag(1); # remember this is ATA
force_rport();
fix_nated_contact();
};
/* registration (uses rewritten contacts) */
if (method=="REGISTER") {
save("my.domainname.com");
break;
};
if (method=="INVITE") {
record_route();
if (isflagset(1)) { # ATA ?
force_rtp_proxy();
};
/* set up reply processing */
t_on_reply("1");
};
if (method == "INVITE" || method == "CANCEL") {
if (!lookup("my.domainname.com")) {
sl_send_reply("404", "Not Found");
break;
};
};
/* set up reply processing and forward statefuly */
t_relay();
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
if (status=~"2[0-9][0-9]" && search("Server: Cisco ATA.*"))
fix_nated_contact();
force_rtp_proxy();
}