Hi guys, I have some problems with ser. When trying to call from internal ip (nat) I can hear user that is behind nat but he can't hear me. Same problem exist when to users behind nat call each other. The main problem comes when I forward calls - all calls starting with 1-9 are forwarded to pstn provider (quintum gw). Whatever - internal or external ip is used I cannot hear user at the other side but he hears me! Here is my configuration:
debug=9 # debug level (cmd line: -dddddddddd) #fork=yes log_stderror=yes # (cmd line: -E) check_via=no # (cmd. line: -v) dns=yes # (cmd. line: -r) rev_dns=yes # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" fifo_mode=0777 # ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/textops.so" loadmodule "/usr/local/lib/ser/modules/domain.so" #loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" loadmodule "/usr/local/lib/ser/modules/acc.so" loadmodule "/usr/local/lib/ser/modules/msilo.so" loadmodule "/usr/local/lib/ser/modules/nathelper.so" # ----------------- setting module-specific parameters ---------------
# -- usrloc params -- modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://ser:heslo@192.168.2.15/ser") modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("rr", "enable_full_lr", 1) modparam("acc", "db_url", "mysql://ser:heslo@192.168.2.15/ser") modparam("acc", "log_level", 2) modparam("acc", "log_flag", 3) modparam("acc", "log_level", 1) # number of flag, which will be used for accounting; if a message is # labeled with this flag, its completion status will be reported modparam("acc", "log_flag", 1) modparam("acc", "log_fmt", "cdfimorstup") modparam("acc", "db_url", "mysql://ser:heslo@192.168.2.15/ser") modparam("acc", "db_flag", 1) modparam("acc", "log_missed_flag", 1) modparam("msilo", "db_url", "mysql://ser:heslo@80.72.68.187/ser") modparam("msilo", "db_table", "silo") #modparam("msilo", "registrar", "sip:registrar@iptel.org") modparam("msilo", "expire_time", 259200) modparam("msilo", "check_time", 10) #modparam("msilo", "clean_period", "3") modparam("msilo", "use_contact", 1) #modparam("rtpproxy", "rtpproxy_socket", "/var/run/rtpproxy.sock") #modparam("nathelper", "rtpproxy_socket", "/var/run/rtpproxy.sock") modparam("nathelper","rtpproxy_sock", "/var/run/rtpproxy.sock") modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1)
listen=83.74.45.87 # ------------------------- request routing logic ------------------- # main routing logic route{ if (!mf_process_maxfwd_header("70")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; record_route(); if (loose_route()) { t_relay(); break; };
if (nat_uac_test("3")) { # Allow RR-ed requests, as there may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; };
if (uri==myself) { if (method=="REGISTER") { if (!www_authorize("83.74.45.87", "subscriber")) { www_challenge("83.74.45.87", "0"); break; }; force_rtp_proxy(); save("aliases"); save("location"); if (m_dump()) { log("MSILO: offline messages dumped - if they were\n"); }else{ log("MSILO: no offline messages dumped\n"); }; break; }; };
if (uri=~"^sip:[1-9]*@83.74.45.87") { rewritehost("122.44.75.176"); forward( 122.44.75.176, 5060 ); break; } setflag(1); lookup("aliases");
if (uri==myself) { if (method=="INVITE") { record_route(); if (isflagset(6)) { force_rtp_proxy(); }; }; };
if(!lookup("location")) { if (! t_newtran()) { sl_reply_error(); break; }; if (!method=="MESSAGE") { if (!t_reply("404", "Not found")) { sl_reply_error(); }; break; }; log("MESSAGE received -> storing using MSILO\n"); if (m_store("0")) { log("MSILO: offline message stored\n"); if (!t_reply("202", "Accepted")) { sl_reply_error(); }; }else{ log("MSILO: offline message NOT stored\n"); if (!t_reply("503", "Service Unavailable")) { sl_reply_error(); }; }; break; };
if (!t_relay()) { sl_reply_error(); };
} #route[1] { # if (!t_relay()) { # sl_reply_error(); # }; #}
route[1] { if (uri=~"[@:](192.168.|10.|172.(1[6-9]|2[0-9]|3[0-1]).)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; };
if (isflagset(6)) { force_rtp_proxy(); t_on_reply("1"); append_hf("P-Behind-NAT: Yes\r\n"); };
# send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); break; }; }
onreply_route[1] { # NATed transaction ? if (status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time or request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; }
failure_route[1] { # forwarding failed -- check if the request was a MESSAGE if (!method=="MESSAGE") { break; };
log(1,"MSILO:the downstream UA doesn't support MESSAGEs\n"); # we have changed the R-URI with the contact address, ignore it now if (m_store("1")) { log("MSILO: offline message stored\n"); t_reply("202", "Accepted"); }else{ log("MSILO: offline message NOT stored\n"); t_reply("503", "Service Unavailable"); };
}
Thanks in advance :)
Pavel
-
Pavel Siderov