[Serusers] nat_uac_test

Dinesh feedbak at imelhk.com
Wed Mar 3 14:35:02 CET 2004


It appears your setup is very similar to what we are trying to achive.
1. Group with permission to use the proxy
2. Group that does not need proxy or Nat Help.
Is it possible for you to post or email me your cfg to study.

One more question using the groups as you suggest: would it avoid the
unnecessery pining of the UA with fort forwarding set up.

Thanks,
Dinesh


-----Original Message-----
From: Andres [mailto:andres at telesip.net] 
Sent: Tuesday, March 02, 2004 12:00 PM
To: Dinesh
Cc: serusers at lists.iptel.org
Subject: Re: [Serusers] nat_uac_test


We ran into this same issue.

Test #2 :  #define NAT_UAC_TEST_RCVD       0x02

This should test for:

        /*
         * test if source address of signaling is different from
         * address advertised in Via
         */

So if the ATA is port forwarded then it will give a positive result
since
the IP in the Via Header is different from the source IP.  Maybe you
could
do just Test#1 which is for the Contact Header.  Or you can do as we do
which is to define a special "group" called "port_forwarded", put those
port
forwarded UACs in it, and just do a test logic for it like this:

 if (!(is_user_in("From", "port_forwarded"))  {
...do not do RTP Proxy
}

----- Original Message ----- 
From: "Dinesh" <feedbak at imelhk.com>
To: <serusers at lists.iptel.org>
Sent: Monday, March 01, 2004 5:24 PM
Subject: [Serusers] nat_uac_test


> I am using nat_uac_test("2") to only select UAs behind NAT that may
need
> NAThelper assistance.
> However I find that natt_uac_test("2") is also giving a positive on
some
> ATA's that we have setup with port forwarding or DMZ.  These ATA have
> also been set to determine the external IP of the routers they are on
> using VIA - They function without the nathelper module.
>
> These UA do not need any help from NAT helper but because they are
> flaged they are pinged to keeps ports alive and they are forced
through
> the RTPProxy.
>
> Any Ideas.  We know in advance which UA are setup with Port
> Forwarding/DMZ.  Can a flag be set in the subscriber table which is
also
> tested at the time of Registration if so, how?
>
> if (nat_uac_test("2")) {
> if (method == "REGISTER" || ! search("^Record-Route:")) {
>     fix_nated_contact(); # Rewrite contact with source IP of
> signalling
>     if (method == "INVITE") {
>         fix_nated_sdp("1"); # Add direction=active to SDP
>     };
>     force_rport(); # Add rport parameter to topmost Via
>     setflag(6);    # Mark as NATed
> };
> };
>
> Thanks,
> Dinesh
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>






More information about the sr-users mailing list