[Serusers] nat test based on rfc1918 address in call-id field

Greger V. Teigre greger at teigre.com
Fri Dec 3 09:44:52 CET 2004


Sorry. I was a bit quick there.  Do you have any particular UAs/scenarios in 
mind where this test will be more appropriate than the existing?
g-)

Richard wrote:
> ________________________________________
> From: Greger V. Teigre [mailto:greger at teigre.com]
> Sent: Thursday, December 02, 2004 9:00 PM
> To: Richard; serusers at lists.iptel.org
> Subject: Re: [Serusers] nat test based on rfc1918 address in call-id
> field
>
>> If I understand you correctly, you are talking about test 16 found
>> in nathelper cvs. You may want to have a look at that test first.
>> You call nat_uac-test("19") to trigger the test.
>> g-)
>
> eh. test 16 is different. it tests if the source port is different
> from the port in Via.
>
> The proposed test checks the private ip in Call-ID field.
>
>>> Hi,
>>> I am thinking about having more NAT test on a sip packet. Just want
>>> to find out if it is useful.
>>> I run into some situations that some 'smart' UAs try to detect its
>>> external IP and put the external IP address into the sip packet.
>>> Depending on the network and NAT firewall setup, it may or may not
>>> set the right external IP and port in the packet. If it is not, but
>>> pretends to be on the public internet, then there is most likely a
>>> one-way voice or no voice issue. I'd like to be able to detect and
>>> force it to use a nat proxy. By checking these packets, I found that
>>> the only trace is the private IP address in the call-id header
>>> field. It will be useful to check if a RFC1918 address is used in
>>> the call-id. I understand that it is not a thorough test for NAT,
>>> well, just like any other NAT test.
>>> Can someone please comment if it is a good test? 




More information about the sr-users mailing list