[Serusers] RTPProxy Problem !
harry gaillac
gaillacharry at yahoo.fr
Wed Jun 22 11:49:10 CEST 2005
Hello,
If ser and rtpproxy run on the same box your ser.cfg
is wrong.
you need to define rtp range ports when you compile
rtpproxy according to the rules of you fiwerall
Look at onsip.org for help !
Harry
--- Freeman <hykh080 at yahoo.com.hk> a écrit :
> Hi,
>
> I installed "Ser-0.8.14" + "nathelper" +
> "rtpproxy" in RedHat 9.0, and add "./rtpproxy" in
> startup script, when i tried both sipsoftphone in
> the internet behind NAT that can connect but "no
> voice" and auto hang-up, but when both sipsoftphone
> in local network that no problem !
>
> Which port range i need release for rtpproxy in the
> firewall ?
>
> my ser.cfg config as below :
>
> # ----------- global configuration parameters
> ------------------------
> #debug=3 # debug level (cmd line:
> -dddddddddd)
> #fork=yes
> #log_stderror=no # (cmd line: -E)
> /* Uncomment these lines to enter debugging mode
> fork=no
> */
> #log_stderror=yes
> #debug=4
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> #port=5060
> #children=4
> fifo="/tmp/ser_fifo"
> # ------------------ module loading
> ----------------------------------
>
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
> loadmodule "/usr/local/lib/ser/modules/textops.so"
> loadmodule "/usr/local/lib/ser/modules/nathelper.so"
> # Uncomment this if you want digest authentication
> # mysql.so must be loaded !
> #loadmodule "/usr/local/lib/ser/modules/dbtext.so"
> #loadmodule "/usr/local/lib/ser/modules/auth.so"
> #loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> #loadmodule "/usr/local/lib/ser/modules/mysql.so"
> # ----------------- setting module-specific
> parameters ---------------
> # -- usrloc params --
> modparam("usrloc", "db_mode", 0)
> #modparam("auth_db", "db_url", "db:/var/dbtext")
> #modparam("auth_db", "user_column", "user")
> #modparam("auth_db", "domain_column", "domain")
> #modparam("auth_db", "password_column", "password")
> #modparam("auth_db", "calculate_ha1", 1)
> #modparam("auth_db", "password_column_2", "ha1_2")
> modparam("registrar", "nat_flag", 6)
> modparam("nathelper", "natping_interval", 30) # Ping
> interval 30 s
> modparam("nathelper", "ping_nated_only", 1) # Ping
> only clients behind NAT
> modparam("nathelper",
> "rtpproxy_sock","/var/run/rtpproxy.sock")
> # -- auth params --
> # Uncomment if you are using auth module
> #
> #modparam("auth_db", "calculate_ha1", yes)
> #
> # If you set "calculate_ha1" parameter to yes (which
> true in this config),
> # uncomment also the following parameter)
> #
> #modparam("auth_db", "password_column", "password")
> # -- rr params --
> # add value to ;lr param to make some broken UAs
> happy
> modparam("rr", "enable_full_lr", 1)
> # ------------------------- request routing logic
> -------------------
> # main routing logic
> #define NAT_UAC_TEST_C_1918 0x01
> /*
> * test for occurences of RFC1918 addresses in
> Contact
> * header field
> */
> #define NAT_UAC_TEST_RCVD 0x02
> /*
> * test if source address of signaling is different
> from
> * address advertised in Via
> */
> #define NAT_UAC_TEST_V_1918 0x04
> /*
> * test for occurences of RFC1918 addresses in SDP
> body
> */
> #define NAT_UAC_TEST_S_1918 0x08
> /*
> * test for occurences of RFC1918 addresses top Via
> */
> route{
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> break;
> };
> if (msg:len >= max_len ) {
> sl_send_reply("513", "Message too big");
> break;
> };
> if (nat_uac_test("3")) {
> append_hf("Alex-hint: NAThelper\r\n");
> fix_nated_contact(); # Rewrite contact with source
> IP of signalling
> if (method == "REGISTER" || !
> search("^Record-Route:")) {
> #if (www_authorize("iptel.org", "subscriber")) {
> # www_challenge("iptel.org", "1");
> # };
> if (method == "INVITE") {
> append_hf("Alex-hint: SDP rewritten\r\n");
> fix_nated_sdp("3"); # Add direction=active to SDP
> };
> log("LOG: Someone trying to register from private
> IP, rewriting\n");
> force_rport(); # Add rport parameter to
> topmost Via
> setflag(6); # Mark as NATed
> };
> };
>
> if (!method=="REGISTER") record_route();
> # subsequent messages withing a dialog should take
> the
> # path determined by record-routing
> if (loose_route()) {
> # mark routing logic in request
> append_hf("P-hint: rr-enforced\r\n");
> route(1);
> break;
> };
> if (!uri==myself) {
> # mark routing logic in request
> append_hf("P-hint: outbound\r\n");
> route(1);
> break;
> };
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following
> command
> # with proper names and addresses in it)
> if (uri==myself) {
> if (method=="REGISTER") {
> save("location");
> break;
> };
> lookup("aliases");
> if (!uri==myself) {
> append_hf("P-hint: outbound alias\r\n");
> route(1);
> break;
> };
> # native SIP destinations are handled using our
> USRLOC DB
> if (!lookup("location")) {
> sl_send_reply("404", "Not Found");
> break;
> };
> };
> append_hf("P-hint: usrloc applied\r\n");
> route(1);
> }
> route[1]
> {
> # !! Nathelper
> if (isflagset(6)) {
> force_rtp_proxy();
> append_hf("NAT: ...\r\n");
> };
> # NAT processing of replies; apply to all
> transactions (for example,
> # re-INVITEs from public to private UA are
> hard to identify as
> # NATed at the moment of request
> processing); look at replies
> t_on_reply("1");
> # send it out now; use stateful forwarding
> as it works reliably
> # even for UDP2TCP
> if (!t_relay()) {
> sl_reply_error();
> };
> }
> # !! Nathelper
> onreply_route[1] {
> # NATed transaction ?
> append_hf("NAT: tes\r\n");
>
=== message truncated ===>
_______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
___________________________________________________________________________
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez cette version sur http://fr.messenger.yahoo.com
More information about the sr-users
mailing list