Hi Geger,
Thank you for your reply. My rtpproxy is not behind NAT. how can I make the c=IP4 not to be rewritten by the nathelper? I do my rtpproxy commands like this :~ rtpproxy -2fv -l public_ip public_ip....is this correct?
Regards, Nicky ----- Original Message ----- From: "Greger V. Teigre" greger@teigre.com To: "Nicky" nicky@caliber.com.sg; "Kapil Dhawan" sersavvy@hotmail.com; zeus.ng@isquare.com.au Cc: serusers@lists.iptel.org Sent: Tuesday, November 30, 2004 8:40 PM Subject: Re: [Serusers] PSTN
Nicky, You have your rtp proxy behind a NAT? If so, no wonders you have problems making the RTP streams flow. The IP address in the c=IP4 is rewritten by nathelper, but it is received from the rtpproxy. I attach a small patch that adds -i parameter to rtpproxy where you can define your public IP address of rtpproxy: rtpproxy -l internal_address -i public_ip. It is against the cvs version at http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/rtpproxy/
Hope it helps, Greger
Nicky wrote:
Hi ,
i am facing the same problem, can advice where you add the t_on_reply("1") to make the PSTN have audio. I have another problem I want to send public address instead of NAT address in the c=IP4 function in the SDP message, anyone done this before, i am a newbie I am problem in trying to code it. Please help. Thanks in advance.....
Regards, nicky ----- Original Message ----- From: "Kapil Dhawan" sersavvy@hotmail.com To: zeus.ng@isquare.com.au Cc: serusers@lists.iptel.org Sent: Wednesday, June 02, 2004 12:19 PM Subject: RE: [Serusers] PSTN
exactly...you are right...i was skipping it somehow and now working ok....
From: "Zeus Ng" zeus.ng@isquare.com.au To: "Kapil Dhawan" sersavvy@hotmail.com CC: serusers@lists.iptel.org Subject: RE: [Serusers] PSTN Date: Wed, 2 Jun 2004 11:42:07 +1000 (EST)
You should do the t_on_reply("1") for PSTN call as well. I hope the other thread you mentioned about solving the problem is what I said here.
Zeus
Hi List
I am still unable to solve this issue why the my NAT user is unable to hear when he makes a PSTn call..
# ----------- global configuration parameters
debug=8 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E)
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo"
# ------------------ module loading
# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# !! Nathelper loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# !! Accounting loadmodule "/usr/local/lib/ser/modules/acc.so"
# ----------------- setting module-specific parameters
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# !! Nathelper # -- nathelper params -- modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
# !! Accounting # -- acc params -- # set the reporting log level modparam("acc", "log_level", 2) # Set log_level to 2 # number of flag, which will be used for accounting; if a message is # labeled with this flag, its completion status will be reported modparam("acc", "log_flag", 1 ) modparam("acc", "log_missed_flag", 2) modparam("acc", "failed_transactions", 1) modparam("acc", "report_cancels", 1) modparam("acc", "db_url", "mysql://ser:heslo@localhost/ser") modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2)
# ------------------------- request routing logic
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; };
# !! Nathelper# Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER
if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes aconfiguration # option. With Cisco 7960, it is called NAT_Enable=Yes, with
kphone
it is # called "symmetric media" and "symmetric signalling".
fix_nated_contact(); # Rewrite contact with source IP ofsignalling
if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed}; };
# labeled all transaction for accounting setflag(1); setflag(2);# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; };
if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication if (!www_authorize("1.1.1.1","subscriber")) { www_challenge("1.1.1.1", "0"); break; };
save("location"); break; };
if(uri=~"^sip:00*"){ append_hf("P-hint: PSTN call\r\n"); route(1); break; };
lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; };
# native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); }
route[1] { # !! Nathelper if (uri=~"[@:](192.168.|10.|172.(1[6-9]|2[0-9]|3[0-1]).)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; };
# if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); };
if(uri=~"^sip:00*"){ rewritehost("2.2.2.2"); t_relay_to_udp("2.2.2.2","5060"); break; };
# NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; }
# !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; }
From: "Kapil Dhawan" sersavvy@hotmail.com To: sersavvy@hotmail.com CC: serusers@lists.iptel.org Subject: RE: [Serusers] PSTN Date: Tue, 01 Jun 2004 05:02:54 +0000
Hi my second part is done...i have used t_relay_to_udp rather than forward for pstn calls and now logs are coming....for pstn as well
but first is till not done.
From: "Kapil Dhawan" sersavvy@hotmail.com To: serusers@lists.iptel.org Subject: [Serusers] PSTN Date: Tue, 01 Jun 2004 00:59:07 +0000
Hi List
I am running rtpproxy and nathelper which is fine for me...but when i
transfer all calls starting with 00 to my SIP gateway...then person calling from public IP is able to hear properly the pstn call and person calling behind NAT can not hear but the pstn callee can hear that behind NAT guy...
and second is i am storing logs in acc table...there is i make a
SIP-SIP call, i get proper logs but if i make PSTN call whether from public or private IP, i only get BYE record..
below is my ser.cfg
# # $Id: nathelper.cfg,v 1.1.2.1 2003/11/24 14:47:18 janakj Exp $ # # simple quick-start config script including nathelper support
# This default script includes nathelper support. To make it work # you will also have to install Maxim's RTP proxy. The proxy is enforced # if one of the parties is behind a NAT. # # If you have an endpoing in the public internet which is known to # support symmetric RTP (Cisco PSTN gateway or voicemail, for example), # then you don't have to force RTP proxy. If you don't want to enforce # RTP proxy for some destinations than simply use t_relay() instead of # route(1) # # Sections marked with !! Nathelper contain modifications for nathelper # # NOTE !! This config is EXPERIMENTAL ! #
# ----------- global configuration parameters
debug=8 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E)
/* Uncomment these lines to enter debugging mode fork=no log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo"
# ------------------ module loading
# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# !! Nathelper loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# !! Accounting loadmodule "/usr/local/lib/ser/modules/acc.so"
# !! Voicemail And Conference loadmodule "/usr/local/lib/ser/modules/vm.so"
# ----------------- setting module-specific parameters
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# !! Nathelper # -- nathelper params -- modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind NAT
# !! Accounting # -- acc params -- # set the reporting log level modparam("acc", "log_level", 2) # Set log_level to 2 # number of flag, which will be used for accounting; if a message is # labeled with this flag, its completion status will be reported modparam("acc", "log_flag", 1 ) modparam("acc", "log_missed_flag", 2) modparam("acc", "failed_transactions", 1) modparam("acc", "report_cancels", 1) modparam("acc", "db_url", "mysql://ser:heslo@localhost/ser") modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2)
# !! Transaction # -- tm params -- modparam("tm", "fr_inv_timer", 200)
# ------------------------- request routing logic
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; };
# !! Nathelper# Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER
if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is calledNAT_Enable=Yes, with
kphone it is
# called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed}; };
# labeled all transaction for accounting setflag(1); setflag(2);# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; };
if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication if (!www_authorize("220.226.42.185","subscriber")) { www_challenge("220.226.42.185", "0"); break; };
save("location"); break; };
lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; };
# native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); }
route[1] { # !! Nathelper if (uri=~"[@:](192.168.|10.|172.(1[6-9]|2[0-9]|3[0-1]).)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; };
# if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); };
# NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1");
if(uri=~"^sip:00*") { rewritehost(); forward() break; };
# send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; }
# !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; }
Post Classifieds on MSN classifieds.
http://go.msnserver.com/IN/44045.asp Buy and Sell on MSN Classifieds.
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Marriage? http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?74 Join BharatMatrimony.com for free.
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Get ready to dream with Citibank Ready Cash. http://go.msnserver.com/IN/49355.asp The Next Generation Personal Loan!
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers