Hello list. I'm finally using the mediaproxy for NAT'd users. I installed python2.3 in my Linux machine and i finally started the mediaproxy. I have been reading the mailing list and i found a ser.cfg in which i based my own ser.cfg file. However, i am not solve all the NAT'd problems. I was thinking that maybe there is a problem with my ser.cfg file and someone can help me. My test laboratory has the SER SIP Server, one NAT'd client, one NO-NAT'd client and a PSTN-GW. Regarding to the NAT i can succesfully make the next calls : 1. NAT'd client TO PSTN-GW 2. NO-NAT'd client TO NAT'd client
But i'm not able to make the NAT'd client to NO-NAT'd client. The only unusual thing for this call is the INVITE received by the NO-NAT'd client.
Received SIP PDU from ( xxx.xxx.148.246:5060 ) INVITE sip:5552408196@xxx.xxx.148.242 SIP/2.0 Record-Route: sip:5552408196@xxx.xxx.148.246;ftag=ea416805a4;lr=on Via: SIP/2.0/UDP xxx.xxx.148.246;branch=z9hG4bK0733.95756454.0 Via: SIP/2.0/UDP 192.168.0.157:5060;rport=64559;received=xxx.xxx.148.186;branch=z9hG4bKea4168 05a4152 From: sip:5552203290@xxx.xxx.148.246;tag=ea416805a4 To: sip:5552408196@xxx.xxx.148.246 Call-ID: eaed3e41-2e97-68cd-8105-0002a4011992@192.168.0.157 CSeq: 152 INVITE Supported: timer Min-SE: 1800 Date: Wed, 08 Sep 2004 11:32:58 GMT User-Agent: AddPac SIP Gateway Contact: sip:5552203290@xxx.xxx.148.186:64559 Proxy-Authorization: Digest username="ricardo", realm="xxx.xxx.148.246", nonce="4148c573d83c72c68c985e8b90d97d46700484bb", uri="sip:5552408196@xxx.xxx.148.246", qop=auth, nc=00000001, cnonce="131f3ca7", response="41b078f799e6de2e4b950e224df37477", algorithm=MD5 Content-Type: application/sdp Content-Length: 210 Max-Forwards: 69 P-hint: fixed NAT contact for request P-hint: request forced to media proxy
v=0 o=- 1094643178 1094643178 IN IP4 192.168.0.157 s=AddPac Gateway SDP c=IN IP4 xxx.xxx.148.246xxx.xxx.148.246 t=0 0 m=audio 3506635066 RTP/AVP 4 18 0 101 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15
As you can see i think the o= , c= and m= have duplicated parameters, maybe by the use_media_proxy() ?? i don't know. Here is part of the mediaproxydebug for that call.
3(4295) NAT: Request from RFC Private IP --> fixed contact 7(4299) NAT: Request from RFC Private IP --> fixed contact 7(4299) ROUTING: Reply processing (online user) enabled to handle NAT'd resonses 7(4299) NAT: Invite received --> enabling media proxy Sep 15 18:43:27 sipproxy mediaproxy[2323]: command request 32ef3e41-481c-0fa3-8108-0002a4011992@192.168.0.157 192.168.0.157:23180:audio 64.76.148.186 64.76.148.246 local 64.76.148.242 remote AddPac=20SIP=20Gateway info=from:5552203290@64.76.148.246,to:5552408196@64.76.148.246,fromtag:32410 f08a4,totag: Sep 15 18:43:27 sipproxy mediaproxy[2323]: session 32ef3e41-481c-0fa3-8108-0002a4011992@192.168.0.157: started. listening on 64.76.148.246:35068 Sep 15 18:43:27 sipproxy mediaproxy[2323]: command execution time: 2.31 ms Sep 15 18:43:27 sipproxy mediaproxy[2323]: command request 32ef3e41-481c-0fa3-8108-0002a4011992@192.168.0.157 192.168.0.157:23180:audio 64.76.148.186 64.76.148.246 local 64.76.148.242 remote AddPac=20SIP=20Gateway info=from:5552203290@64.76.148.246,to:5552408196@64.76.148.246,fromtag:32410 f08a4,totag: Sep 15 18:43:27 sipproxy mediaproxy[2323]: command execution time: 0.20 ms
Finally, here is my ser.cfg (a little bit edited)
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E)
#Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes
listen=64.76.148.246
check_via=yes # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" fifo_mode=0666 # ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database #loadmodule "/usr/local//lib/ser/modules/mysql.so"
loadmodule "/usr/local//lib/ser/modules/sl.so" loadmodule "/usr/local//lib/ser/modules/tm.so" loadmodule "/usr/local//lib/ser/modules/rr.so" loadmodule "/usr/local//lib/ser/modules/maxfwd.so" loadmodule "/usr/local//lib/ser/modules/usrloc.so" loadmodule "/usr/local//lib/ser/modules/registrar.so" loadmodule "/usr/local//lib/ser/modules/textops.so"
# Para trabajar con NAT loadmodule "/usr/local//lib/ser/modules/mediaproxy.so" loadmodule "/usr/local//lib/ser/modules/domain.so" loadmodule "/usr/local//lib/ser/modules/dbtext.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" #loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/auth_radius.so" loadmodule "/usr/local/lib/ser/modules/group_radius.so" loadmodule "/usr/local/lib/ser/modules/acc.so"
# ----------------- setting module-specific parameters ---------------
# ----------------- setting module-specific parameters --------------- # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
modparam("acc","log_level",1)
modparam("auth_radius","radius_config","/usr/local/etc/radiusclient/radiuscl ient.conf") modparam("auth_radius","service_type",15) modparam("acc","radius_config","/usr/local/etc/radiusclient/radiusclient.con f") modparam("acc", "service_type", 15) modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 3) modparam("acc", "failed_transactions", 1) modparam("acc", "report_ack", 0)
#group radius modparam("group_radius","radius_config","/usr/local/etc/radiusclient/radiusc lient.conf") modparam("group_radius", "use_domain", 1)
#module mediaproxy modparam("mediaproxy", "natping_interval", 60) modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy.sock") modparam("mediaproxy", "sip_asymmetrics", "/usr/local/etc/ser/sip-asymmetrics-clients") modparam("mediaproxy", "rtp_asymmetrics", "/usr/local/etc/ser/rtp-asymmetrics-clients") modparam("registrar", "nat_flag", 6)
#module domain modparam("domain", "db_url", "/usr/local/etc/ser/domaintables") modparam("domain", "domain_table", "domain") modparam("domain", "domain_col", "domain")
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; };
# subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { if (method=="BYE" || method=="CANCEL") { log(1, "NAT: Bye or Cancel recieved --> tearing down media session\n"); end_media_session(); setflag(1); }; t_relay(); break; }; # hacemos record_route de todas las llamadas record_route();
# Maracamos las llamadas para accounting setflag(1);
#Chequeamos si esta NATeado y lo maracamos (Ricardo Martinez) if (client_nat_test("1")) { log(1, "NAT: Request from RFC Private IP --> fixed contact\n"); setflag(5); force_rport(); fix_contact(); append_hf("P-hint: fixed NAT contact for request\r\n"); };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") {
# Challenge/Response if ( !radius_www_authorize("")) { www_challenge("", "1"); break; };
# Mandamos un mensaje de Log si es que un cliente NATEADO se registro. if (isflagset(5)) { log(1, "NAT: NAT'd client registered\n"); };
save("location"); break;
}; # FIN DE CHEQUEO DE REGISTRO
# CHEQUEO EL INVITE DE LA LLAMADA A REALIZARSE. if (!radius_proxy_authorize("")) { proxy_challenge("", "1"); log (1, "LOG: Autorizando INVITE de llamada\n"); break; };
#Chequeamos los destinos 00562 es enviado al gateway en caso contrario no ruteamos if (uri=~"^sip:0.*@.*") { if (method=="INVITE") { if (uri=~"^sip:00562[0-9]{7}@.*") { log(1, "FORWARDING: Llamada a traves de Gateway Externo\n"); } else { log(1, "FORWARDING: Unknown dialplan. Rejected\n"); break; }; route(3); break; } else { route(3); break; }; };
#Llamadas SIP locales if (!lookup("location")) { #Usuarios que no estan en "location" database. # Manejo de llamadas NATEADAS if (isflagset(5)) { log(1, "NAT: Caller is NAT'd (offline user) enabled reply processing\n"); t_on_reply("1"); if (method=="INVITE" || method=="ACK") { log(1, "NAT: Invite received --> enabling media proxy"); use_media_proxy(); append_hf("P-hint: request forced to media proxy\r\n"); }; }; # FIN DEL LOOKUP EN CASO QUE NO ESTE EN LA BASE DE DATOS } else { # Si el usuario esta en "location" database # Set Flag para accouting de Missed Calls setflag(3);
# Manejo para llamadas NAT'das if (method=="INVITE") { log(1, "ROUTING: Reply processing (online user) enabled to handle NAT'd resonses\n"); t_on_reply("1"); use_media_proxy(); if ( (isflagset(5)) && (method=="INVITE" || method=="ACK") ) { log(1, "NAT: Invite received --> enabling media proxy\n"); use_media_proxy(); append_hf("P-hint: request forced to media proxy\r\n"); }; }; }; # END "user is in location datasbase" }; # END "chequea if URI=myself"
#Do it ? (Ricardo Martinez) if (!t_relay()) { sl_reply_error(); };
} /* end of initial routing logic */
#------- Route 3 : Trafico de Internet hacia la PSTN -------------------
route[3] { setflag(1);
#Esta NETEADO?
if (isflagset(5)) { log(1, "NAT: At least one participant NAT'd --> enable reply processing\n"); t_on_reply("1"); if (method=="INVITE") { log(1, "NAT: Invite received --> enabling proxied media session\n"); setflag(1); use_media_proxy(); }; };
rewritehostport("xxx.xxx.xxx.50:5060"); append_hf("P-hint: GATEWAY\r\n");
t_relay(); break;
}
#------ Route 4 : Llamadas a usuarios Off-line ------------------------
route[4] {
if (!t_newtran()) { sl_reply_error(); };
if (!t_reply("404", "Not Found")) { sl_reply_error(); }; break; }
# ---------------------------- Begin On-Reply Routes --------------------------
onreply_route[1] { # If we've got here, it's because we've previously passed through a block # which handles NAT requests and has set a t_on_reply condition. DB 03-08-2004 if (status =~ "(183)|(2[0-9][0-9])") { if (client_nat_test("1")) { log(1, "NAT: Reply from NAT'd client --> fixing contact"); fix_contact(); }; log(1, "NAT: NAT'd transaction answered --> enabling media proxy"); use_media_proxy(); };
}
# ------------------------------ End On-Reply Routes --------------------------
I really hope that someone can help me. I'm stuck on this issue. Thanks in advance.
Best Regards
Ricardo Martinez
-
Ricardo Martinez