[Serusers] symmetric nat/ broadband routers

Martin Anderberg martin at namnupplysaren.net
Thu Dec 4 17:25:37 CET 2003


Howdy!

I'm having some trouble with the nathelper module and certain types of 
broadband routers (ie d-link 604 & d-link 624). I'll try to explain the 
situation below and hope that someone is willing to help me out, because 
  i'm stuck.

In short, the setup is a ata-186 box (which is symmetric) behind a 
d-link 604 (which isn't symmetric at all times).

The nathelper module included in the distribution (both 0.8.11 and 
0.8.12) has a function called fix_nated_contact(). fix_nated_contact() 
rewrites the contact-header with the source-ip & source-port of the packet.

However, in some cases (ie non-symmetric d-link router between the 
ata-box and the internet) this is a problem since the d-link router 
sometimes rewrites the source-port which is then used as a location in 
ser. When the session has timed out on the d-link (doesn't really seem 
to help with the natping) the location-information in ser is no longer 
valid.

Is there any reason why the nathelper rewrites the port in the 
contact-header? If the client is symmetric the source-port and the port 
in the contact-header shouldn't differ anyway? I trust there is a 
reason, i just dont see it ;)

On a side-note, when glancing at nathelper.c it looks as if the int len 
is calculated with the original values of the header, then filled 
through snprintf with values which are not 100% positively the same 
length (msg->rcv.src_port). Isn't it for example possible that the port 
in the header is 5060 but the source_port is 22444 (which is one 
character longer than the length of len is calculated to).

I hope someone can shed some light over the matter.

/Martin







More information about the sr-users mailing list