[Serusers] Contact Header and SDP not rewritten
Greger V. Teigre
greger at teigre.com
Tue Apr 5 14:38:23 CEST 2005
Yes, you can use fix_nated_contact instead. It is not entirely RFC-compliant, but that's what you have in 0.8.14.
The has_totag() only tests to see if the INVITE has a To header, which means that it is in-dialog and thus is a re-INVITE. An INVITE will normally not have loose routing unless you have another SIP proxy forwarding an INVITE to you (in which case you should assume that the other proxy handles NAT and thus not trigger NAT-related code). You can safely remove the has_totag() if you use force_rtp_proxy("l")
g-)
---- Original Message ----
From: Vivienne Curran
To: Greger V. Teigre ; serusers at lists.iptel.org
Sent: Tuesday, April 05, 2005 02:25 PM
Subject: Re: [Serusers] Contact Header and SDP not rewritten
> Greger,
>
> Since fix_nated_register does not exist with 0.8.14, will
> fix_nated_contact do instead? Also if I am leaving out the
> has_totag() at the start of the script, will this greatly effect its
> functionality?
>
> Thank you,
> Vivienne
>
> "Greger V. Teigre" <greger at teigre.com> wrote:
> Vivienne,
>
> This is the first INVITE going from SER to your public phone. I have
> prefixed my comments with *==>
>
> U 84.203.148.146:5060 -> 157.190.74.151:5060
> INVITE sip:2092 at 157.190.74.151 SIP/2.0..Via: SIP/2.0/UDP
> 84.203.148.146;branch=z9hG4bK77bc.b54ca216.0..
> Via: SIP/2.0/UDP
> 172.16.3.31;rport=5060;received=84.203.148.14;branch=z9hG4bK1a48edc121f5bc1f..
> From: "2093" <sip:2093 at 84.203.148.146>;tag=2dc376dcd4655094..
> To: <sip:2092 at 84.203.148.146>..
> Contact: <sip:2093 at 84.203.148.14:5060>..
> *==> Correctly changed to the public address and port of 2093
> Supported: replaces..Call-ID: 44e1ae63c476fbff at 172.16.3.31..CSeq:
> 10327 INVITE..
> User-Agent: Grandstream BT100 1.0.5.18..
> Max-Forwards: 69..Allow:
> INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE..
> Content-Type: application/sdp..
> Content-Length: 443....v=0..
> o=2093 8000 0 IN IP4 172.16.3.31..
> s=SIP Call..
> c=IN IP4 84.203.148.1484.203.148.146..
> *==> Here it seems that first fix_nated_sdp("3") is called (replace
> private IP with public IP), then force_rtp_proxy() (replace with
> proxy IP). You must only call one of them (fix_nated_sdp("1") is ok)
> t=0 0..
> m=audio 35006 RTP/AVP 0 8 4 18 2 15 99 9..
> a=sendrecv..
> a=rtpmap:0 PCMU/8000/3..
> a=rtpmap:8 PCMA/8000/3..
> a=rtpmap:4 G723/8000/3..a=rtpmap:18 G729/8000/3..
> a=rtpmap:2 G726-32/8000/3..
> a=rtpmap:15 G728/8000/3..
> a=rtpmap:99 iLBC/8000/3..
> a=fmtp:99 mode=20..
> a=rtpmap:9 G722/8000/3..
> a=ptime:20..
> a=direction:active..
> *==> Added by fix_nated_sdp("1") (and "3")
> a=oldmediaip:172.16.3.31..
> *==> Added by fix_nated_sdp("3")
> a=nortpproxy:yes..
> *==> Added by force_rtp_proxy()
>
> So, your call is proxied. Try using fix_nated_sdp("1"). It should
> make the INVITE correct. You have not posted the OK, so I don't know
> what is happening there. If you have followed the rtpproxy ONsip.org
> example in your onreply_route, you should be fine.
>
> Good luck!
> g-)
>
> ---- Original Message ----
> From: Vivienne Curran
> To: serusers at lists.iptel.org
> Sent: Tuesday, April 05, 2005 01:23 PM
> Subject: [Serusers] Contact Header and SDP not rewritten
>
>> Hello,
>>
>> I have a problem whereby when a private client rings a public client
>> only the public user can hear voice and when the public user rings
>> the private user, no audio is transmitted. After looking at the
>> messages I have have determined that the contact header and sdp part
>> of the invite contains the private address of the natted client. This
>> would lead me to believe that the registration process is incorrect.
>> My problem is that I believe my script should handle the registration
>> process correctly and I suspect that the following code is being
>> skipped: I tried changing it to nat_uac_test("19") and
>> fix_nated_sdp("3") but that didnt help.
>>> if (nat_uac_test("3")){
>> if (method == "REGISTER" || ! search("^Record-Route:")){
>> log("Log: Someone trying to register from private
>> IP,rewriting\n"); fix_nated_contact(); #Rewrite contact with
>> source IP if (method == "INVITE"){
>> fix_nated_sdp("1"); #Add direction=active to SDP
>> force_rtp_proxy();
>> };
>> force_rport(); # Add rport parameter to topmost Via
>> setflag(6); # Mark as Nated
>> };
>> };
>>
>> I have included the log message below and my ser.cfg as an
>> attachment. Please let me know where I could be going wrong.
>>
>> Thank you,
>> Vivienne.
>>
>> 2093 (private) ringing 2092 (public)
>>
>> U 84.203.148.14:5060 -> 84.203.148.146:5060
>> ! INVITE sip:2092 at 84.203.148.146 SIP/2.0..Via: SIP/2.0/UDP
>> 172.16.3.31;branch
>> =z9hG4bK1a48edc121f5bc1f..From: "2093"
>> <sip:2093 at 84.203.148.146>;tag=2dc376
>> dcd4655094..To: <sip:2092 at 84.203.148.146>..Contact:
>> <sip:2093 at 172.16.3.31>.
>> .Supported: replaces..Call-ID: 44e1ae63c476fbff at 172.16.3.31..CSeq:
>> 10327 IN
>> VITE..User-Agent: Grandstream BT100 1.0.5.18..Max-Forwards:
>> 70..Allow: INVI
>>
>> TE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE..Content-Type:
>> applic
>> ation/sdp..Content-Length: 362....v=0..o=2093 8000 0 IN IP4
>> 172.16.3.31..s=
>> SIP Call..c=IN IP4 172.16.3.31..t=0 0..m=audio 5004 RTP/AVP 0 8 4
>> 18 2 15 9
>> 9 9..a=sendrecv..a=rtpmap:0 PCMU/8000/3..a=rtpmap:8
>> PCMA/8000/3..a=rtpmap:4
>> G723/8000/3..a=rt! pmap:18 G729/8000/3..a=rtpmap:2
>> G726-32/8000/3..a=rtpmap:
>> 15 G728/8000/3..a=rtpmap:99 iLBC/8000/3..a=fmtp:99
>> mode=20..a=rtpmap:9 G722
>> /8000/3..a=ptime:20..
>>
>> U 84.203.148.146:5060 -> 84.203.148.14:5060
>> SIP/2.0 100 trying -- your call is important to us..Via:
>> SIP/2.0/UDP 172.16
>>
>> .3.31;branch=z9hG4bK1a48edc121f5bc1f;rport=5060;received=84.203.148.14..Fro
>> m: "2093" <sip:2093 at 84.203.148.146>;tag=2dc376dcd4655094..To:
>> <sip:2092 at 84.
>> 203.148.146>..Call-ID: 44e1ae63c476fbff at 172.16.3.31..CSeq: 10327
>> INVITE..Se
>> rver: Sip EXpress router (0.8.14 (i386/linux))..Content-Length:
>> 0..Warning:
>> 392 84.203.148.146:5060 "Noisy feedback tells: pid=4732
>> req_src_ip=84.203
>> .148.14 req_src_port=5060 in_uri=sip:2092 at 84.203.148.146
>> out_uri=sip:2092 at 1
>> 57.190.74.151 via_cnt==1"....
>>
>> U 84.203.148.146:5060 -> 157.190.74.151:5060
>> INVITE sip:2092 at 157.190.74.151 SIP/2.0..Via: SIP/2.0/UDP
>> 84.203.148.146;bra
>> nch=z9hG4bK77bc.b54ca216.0..Via: SIP/2.0/UDP
>> 172.16.3.31;rport=5060;receive
>> d=84.203.148.14;branch=z9hG4bK1a48edc121f5bc1f..From: "2093"
>> <sip:2093 at 84.2
>> 03.148.146>;tag=2dc376dcd4655094..To:
>> <sip:2092 at 84.203.148.146>..Contact: <
>> sip:2093 at 84.203.148.14:5060>..Supported: replaces..Call-ID:
>> 44e1ae63c476fbf
>> f at 172.16.3.31..CSeq: 10327 INVITE..User-Agent: Grandstream BT100
>> 1.0.5.18..
>> Max-Forwards: 69..Allow:
>> INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SU
>> BSCRIBE..Content-Type: application/sdp..Content-Length:
>> 443....v=0..o=2093
>> 8000 0 IN IP4 172.16.3.31..s=SIP Call..c=IN IP4
>> 84.203.148.1484.203.148.146
>> ..t=0 0..m=audio 35006 RTP/AVP 0 8 4 18 2 15 99
>> 9..a=sendrecv..a=rtpmap:0 P
>> CMU/8000/3..a=rtpmap:8 PCMA/8000/3..a=rtpmap:4
>> G723/8000/3..a=rtpmap:18 G72
>> 9/8000/3..a=rtpmap:2 G726-32/8000/3..a=rtpmap:15
>> G728/8000/3..a=rtpmap:99 i
>> LBC/8000/3..a=fmtp:99 mode=20..a=rtpmap:9
>> G722/8000/3..a=ptime:20..a=direct
>> ion:active..a=oldmediaip:172.16.3.31..a=nortpproxy:yes..
>>
>> U 84.203.148.146:5060 -> 157.190.74.150:5060
>> INVITE sip:2092 at 157.190.74.150 SIP/2.0..Via: SIP/2.0/UDP
>> 84.203.148.146;bra
>> nch=z9hG4bK77bc.b54ca216.1..Via: SIP/2.0/UDP
>> 172.16.3.31;rport=5060;receive
>> d=84.203.148.14;branch=z9hG4bK1a48edc121f5bc1f..From: "2093"
>> <sip:2093 at 84.2
>> 03.148.146>;tag=2dc376dcd4655094..To:
>> <sip:2092 at 84.203.148.146>..Contact: <
>> sip:2093 at 84.203.148.14:5060>..Supported: replaces..Call-ID:
>> 44e1ae63c476fbf
>> f at 172.16.3.31..CSeq: 10327 INVITE..User-Agent: Grandstream BT100
>> 1.0.5.18..
>> Max-Forwards: 69..Allow:
>> INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SU
>> BSCRIBE..Content-Type: application/sdp..Content-Length:
>> 443....v=0..o=2093
>> 8000 0 IN IP4 172.16.3.31..s=SIP Call..c=IN IP4
>> 84.203.148.1484.203.148.146
>> ..t=0 0..m=audio 35006 RTP/AVP 0 8 4 18 2 15 99
>> 9..a=sendrecv..a=rtpmap:0 P
>> CMU/8000/3..a=rtpmap:8 PCMA/8000/3..a=rtpmap:4
>> G723/8000/3..a=rtpmap:18 G72
>> 9/8000/3..a=rtpmap:2 G726-32/8000/3..a=rtpmap:15
>> G728/8000/3..a=rtpmap:99 i
>> LBC/8000/3..a=fmtp:99 mode=20..a=rtpmap:9
>> G722/8000/3..a=ptime:20..a=direct
>> ion:active..a=oldmediaip:172.16.3.31..a=nortpproxy:yes..
>>
>> U 157.190.74.151:5060 -> 84.203.148.146:5060
>> SIP/2.0 100 Trying..Via: SIP/2.0/UDP
>> 84.203.148.146;branch=z9hG4bK77bc.b54c
>> a216.0..Via: SIP/2.0/UDP
>> 172.16.3.31;rport=5060;received=84.203.148.14;bran
>> ch=z9hG4bK1a48edc121f5bc1f..From: "2093"
>> <sip:2093 at 84.203.148.146>;tag=2dc3
>> 76dcd4655094..To: <sip:2092 at 84.203.148.146>..Call-ID:
>> 44e1ae63c476fbff at 172.
>> 16.3.31..CSeq: 10327 INVITE..User-Agent: Grandstream BT100
>> 1.0.5.18..Conten
>> t-Length: 0....
>>
>> U 157.190.74.151:5060 -> 84.203.148.146:5060
>> SIP/2.0 180 Ringing! ..Via: SIP/2.0/UDP
>> 84.203.148.146;branch=z9hG4bK77bc.b54
>> ca216.0..Via: SIP/2.0/UDP
>> 172.16.3.31;rport=5060;received=84.203.148.14;bra
>> nch=z9hG4bK1a48edc121f5bc1f..From: "2093"
>> <sip:2093 at 84.203.148.146>;tag=2dc
>> 376dcd4655094..To:
>> <sip:2092 at 84.203.148.146>;tag=10bdf2044401a257..Call-ID:
>> 44e1ae63c476fbff at 172.16.3.31..CSeq: 10327 INVITE..User-Agent:
>> Grandstream
>> BT100 1.0.5.18..Content-Length: 0....
>>
>> Send instant messages to your online friends
>> http://uk.messenger.yahoo.com
>>
>>
>>
>> #
>> # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
>> #
>> # simple quick-start config script
>> #
>>
>> # ----------- global configuration parameters
>> ------------------------
>>
>> #debug=3 # deb! ug level (cmd line: -dddddddddd)
>> #fork=yes
>> #log_stderror=no # (cmd line: -E)
>>
>> /* Uncomment these lines to enter debugging mode
>> debug=7
>> fork=no
>> log_stderror=yes
>> */
>>
>> check_via=no # (cmd. line: -v)
>> dns=no # (cmd. line: -r)
>> rev_dns=no # (cmd. line: -R)
>> #port=5060
>> #children=4
>> fifo="/tmp/ser_fifo"
>>
>> alias="157.190.74.152:5060"
>>
>> # ------------------ module loading
>> ----------------------------------
>>
>> # Uncomment this if you want to use SQL database
>> loadmodule "/usr/lib/ser/modules/mysql.so"
>>
>> loadmodule "/usr/lib/ser/modules/sl.so"
>> loadmodule "/usr/lib/ser/modules/tm.so"
>> loadmodule "/usr/lib/ser/modules/rr.so"
>> loadmodule "/usr/lib/ser/modules/maxfwd.so"
>> loadmodule "/usr/lib/ser/modules/usrloc.so"
>> loadmodule "/usr/lib/ser/modules/registrar.so"
>> loadmodule "/usr/lib/ser/modules/textops.so"
>> loadmodule "/usr/lib/ser/modules/nathelper.so"
>> #loadmodule "/usr/lib/ser/modules/pa.so"
>> loadmodule "/usr/lib/ser/modules/cpl-c.so"
>>
>> # Uncomment this if you want digest authentication
>> # mysql.so must be loaded !
>> loadmodule "/usr/lib/ser/modules/auth.so"
>> loadmodule "/usr/lib/ser/modules/auth_db.so"
>>
>> # ----------------- setting module-specific parameters
>> ---------------
>>
>> # -- usrloc params --
>>
>> #modparam("usrloc", "db_mode", 0)
>>
>> # Uncomment this if you want to use SQL database
>> # for persistent storage and comment the previous line
>> modparam("usrloc", "db_mode", 2)
>>
>> # -- auth params --
>> # Uncomment if you are using auth module
>> #
>> modparam("auth_db", "calculate_ha1", yes)
>> #
>> # If you set "calculate_ha1" parameter to yes (which true in this
>> config),
>> # uncomment also the following parameter)
>> #
>> modparam("auth_db", "password_column", "password")
>>
>> # -- rr params --
>> # add value to ;lr param to make some broken UAs happy
>> #NB Had to up this value from 1 to 11 because reinvites were
>> bombarding called phone
>> modparam("rr", "enable_full_lr", 11)
>>
>> #!! Nathelper
>> modparam("registrar", "nat_flag", 60)
>> modparam("nathelper", "natping_interval", 30) #Ping interval 30 s
>> modparam("nathelper", "ping_nated_only", 1) #Ping only clients
>> behind NAT
>> modparam("nathelper", "rtpproxy_sock", "/var/run/rtpproxy.sock")
>>
>> modparam("tm", "fr_inv_timer", 20)
>>
>> #modparam("pa", "default_expires", 3600)
>>
>> modparam("usrloc", "db_url", "sql://root:1alfa156@localhost/ser")
>>
>> #modparam("cpl-c", "cpl_db", "mysql://root:1alfa156@localhost/ser")
>> #modparam("cpl-c", "cpl_table", "cpl")
>> #modparam("cpl-c", "cpl_dtd_file",
>> "/work/sip_router/modules/cpl-ccpl-06.dtd")
>>
>> # ------------------------- request routing logic
>> -------------------
>>
>> # main routing logic
>>
>> route{
>>
>> # initial sanity checks -- messages with
>> # max_forwards==0, or excessively long requests
>> if (!mf_process_maxfwd_header("10")) {
>> sl_send_reply("483","Too Many Hops");
>> break;
>> };
>> if ( msg:len > max_len ) {
>> sl_send_reply("513", "Message too big");
>> break;
>> };
>>
>> #######################################################################################
>> if (nat_uac_test("3")){
>> if (method == "REGISTER" || ! search("^Record-Route:")){
>> log("Log: So! meone trying to register from private IP,rewriting\n");
>> fix_nated_contact(); #Rewrite contact with source IP
>> if (method == "INVITE"){
>> fix_nated_sdp("1"); #Add direction=active to SDP
>> force_rtp_proxy();
>> };
>> force_rport(); # Add rport parameter to topmost Via
>> setflag(6); # Mark as Nated
>> };
>> };
>> ########################################################################################
>>
>> # we record-route all messages -- to make sure that
>> # subsequent messages will go through our proxy; that's
>> # particularly good if upstream and downstream entities
>> # use different transport protocol
>>
>> if (method =="REGISTER") record_route();
>>
>> # loose-route processing
>> if (loose_route()) {
>> #commented 11/02/05
>> #t_relay();
>> route(1);
>> break;
>> };
>>
>> # if the request is for other domain use UsrLoc
>> ! # (in case, it does not work, use the following command
>> # with proper names and addresses in it)
>> if (uri==myself) {
>>
>> log(1,"into loop");
>> if (method=="REGISTER") {
>>
>> # Uncomment this if you want to use digest authentication
>> # if (!www_authorize("157.190.74.152", "subscriber")) {
>> # www_challenge("157.190.74.152", "0");
>> # break;
>> # };
>>
>> #cpl_process_register();
>>
>> save("location");
>> break;
>> };
>>
>> # if (method=="SUBSCRIBE")
>> # {
>> # log(1, "Subscribe\n");
>> # if(t_newtran())
>> # {
>> # log(1, "Registrar\n");
>> # handle_subscription("registrar");
>> # };
>> # break;
>> # };
>>
>> lookup("aliases");
>> if (!uri==myself) {
>> append_hf("P-hint: outbound alias\r\n");
>> route(1);
>> break;
>> };
>>
>> if (method=="INVITE"){
>>
>> log(1,"in ! invite loop");
>> #break; #no 100 trying
>> #if (!cpl_run_script("incoming","is_stateless"))
>> #{
>> # #script execution failed
>> # t_reply("500", "CPL script execution failed");
>> #};
>>
>> t_on_failure("1");
>> };
>>
>> # native SIP destinations are handled using our USRLOC DB
>> if (!lookup("location")) {
>> #sl_send_reply("404", "Not Found");
>> route(2);
>> break;
>> };
>> };
>>
>> # forward to current uri now; use stateful forwarding; that
>> # works reliably even if we forward from TCP to UDP
>> #commented 11/02/05#######################
>> if (!t_relay()) {
>> sl_reply_error();
>> };
>>
>> #route(1);
>> }
>>
>> ######################################entered
>> 11/02/05############################################################
>> route[1]
>> {
>> #!!Nathelper
>> if(uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" &&
>> !search("^Route:")){
>> sl_send_reply("479", "We don't forward to private IP addresses");
>> break;
>> };
>>
>> if (isflagset(6)){
>> force_rtp_proxy();
>> }
>>
>> t_on_reply("1");
>>
>> if(!t_relay()){
>> sl_reply_error();
>> break;
>> };
>>
>> }
>>
>> ######################################entered
>> 11/02/05############################################################
>> #!! Nathelper
>> onreply_route[1] {
>> if(isflagset(6) && status =~ "(183)|2[0-9][0-9]"){
>> fix_nated_contact();
>> force_rtp_proxy();
>> }else if (nat_uac_test("1")){
>> fix_nated_contact();
>> };
>> }
>> #################################################################################################################
>>
>> # ------------- handling of unavai! lable user ------------------
>> route[2] {
>>
>> # non-Voip -- just send "off-line"
>> if (!(method == "INVITE" || method == "ACK" || method ==
>> "CANCEL")) {
>> sl_send_reply("404", "Not Found");
>> break;
>> };
>>
>> # forward to voicemail now
>> rewritehostport("157.190.74.152:5062");
>> t_relay_to_udp("157.190.74.152", "5062");
>> }
>>
>> # if forwarding downstream did not succeed, try voicemail running
>> # at 172.16.2.120:5062
>>
>> failure_route[1] {
>> revert_uri();
>> rewritehostport("157.190.74.152:5062");
>> append_branch();
>> t_relay_to_udp("157.190.74.152", "5062");
>> }
>>
>>
>>
>>
>>
>> _______________________________________________
>> Serusers mailing list
>> serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
> Send instant messages to your online friends
> http://uk.messenger.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20050405/68dfe8da/attachment.htm>
More information about the sr-users
mailing list