How can i get more information about config port range of rtpproxy,
because not found in
onsip.org !
Tks a Lot !
Freeman
harry gaillac <gaillacharry(a)yahoo.fr> 說:Hello,
If ser and rtpproxy run on the same box your ser.cfg
is wrong.
you need to define rtp range ports when you compile
rtpproxy according to the rules of you fiwerall
Look at
onsip.org for help !
Harry
--- Freeman a 嶰rit :
Hi,
I installed "Ser-0.8.14" + "nathelper" +
"rtpproxy" in RedHat 9.0, and add "./rtpproxy" in
startup script, when i tried both sipsoftphone in
the internet behind NAT that can connect but "no
voice" and auto hang-up, but when both sipsoftphone
in local network that no problem !
Which port range i need release for rtpproxy in the
firewall ?
my ser.cfg config as below :
# ----------- global configuration parameters
------------------------
#debug=3 # debug level (cmd line:
-dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
fork=no
*/
#log_stderror=yes
#debug=4
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading
----------------------------------
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
#loadmodule "/usr/local/lib/ser/modules/dbtext.so"
#loadmodule "/usr/local/lib/ser/modules/auth.so"
#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
#loadmodule "/usr/local/lib/ser/modules/mysql.so"
# ----------------- setting module-specific
parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
#modparam("auth_db", "db_url", "db:/var/dbtext")
#modparam("auth_db", "user_column", "user")
#modparam("auth_db", "domain_column", "domain")
#modparam("auth_db", "password_column", "password")
#modparam("auth_db", "calculate_ha1", 1)
#modparam("auth_db", "password_column_2", "ha1_2")
modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping
interval 30 s
modparam("nathelper", "ping_nated_only", 1) # Ping
only clients behind NAT
modparam("nathelper",
"rtpproxy_sock","/var/run/rtpproxy.sock")
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which
true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs
happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic
-------------------
# main routing logic
#define NAT_UAC_TEST_C_1918 0x01
/*
* test for occurences of RFC1918 addresses in
Contact
* header field
*/
#define NAT_UAC_TEST_RCVD 0x02
/*
* test if source address of signaling is different
from
* address advertised in Via
*/
#define NAT_UAC_TEST_V_1918 0x04
/*
* test for occurences of RFC1918 addresses in SDP
body
*/
#define NAT_UAC_TEST_S_1918 0x08
/*
* test for occurences of RFC1918 addresses top Via
*/
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
if (nat_uac_test("3")) {
append_hf("Alex-hint: NAThelper\r\n");
fix_nated_contact(); # Rewrite contact with source
IP of signalling
if (method == "REGISTER" || !
search("^Record-Route:")) {
#if (www_authorize("iptel.org", "subscriber")) {
# www_challenge("iptel.org", "1");
# };
if (method == "INVITE") {
append_hf("Alex-hint: SDP rewritten\r\n");
fix_nated_sdp("3"); # Add direction=active to SDP
};
log("LOG: Someone trying to register from private
IP, rewriting\n");
force_rport(); # Add rport parameter to
topmost Via
setflag(6); # Mark as NATed
};
};
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take
the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following
command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
save("location");
break;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
break;
};
# native SIP destinations are handled using our
USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# !! Nathelper
if (isflagset(6)) {
force_rtp_proxy();
append_hf("NAT: ...\r\n");
};
# NAT processing of replies; apply to all
transactions (for example,
# re-INVITEs from public to private UA are
hard to identify as
# NATed at the moment of request
processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding
as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
append_hf("NAT: tes\r\n");
=== message truncated ===>
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
___________________________________________________________________________
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
T幨嶰hargez cette version sur
http://fr.messenger.yahoo.com
相片電郵測試版一個郵件就可以傳送過百張相片!