hello i have ser 0.8.14 working, some clients are behind nat others not.
i have setup pstn gateway - asterisk a try to route some call here, but
there is some problem with audio, from both clients - with real ip
address and clients behind nat. Called party hear everything what caller
say, but caller hear nothing.
calling between client with real address and other behind nat works fine.
ser and pstn-gateway have real ip addresses, they are no same subnet.
Can anybody help me to solve this problem ?
below is my sr.cfg
best regards Marian
#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
alias=mdk10.sunteq.sk
alias=sunteq.sk
#alias=atlas.sunteq.sk
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/lib/ser/modules/mysql.so"
loadmodule "/lib/ser/modules/sl.so"
loadmodule "/lib/ser/modules/tm.so"
loadmodule "/lib/ser/modules/rr.so"
loadmodule "/lib/ser/modules/maxfwd.so"
loadmodule "/lib/ser/modules/usrloc.so"
loadmodule "/lib/ser/modules/registrar.so"
loadmodule "/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/lib/ser/modules/auth.so"
loadmodule "/lib/ser/modules/auth_db.so"
# load the voicemail module
#loadmodule "/lib/ser/modules/vm.so"
# load the enum module
loadmodule "/lib/ser/modules/enum.so"
# load the group module, to verify if a user forwards to voicemail
loadmodule "/lib/ser/modules/group.so"
# load the nathelper module
loadmodule "/lib/ser/modules/nathelper.so"
loadmodule "/lib/ser/modules/acc.so"
# ----------------- setting module-specific parameters ---------------
# -- registrar parameter
# special NAT flag indicates that a registered client is behind NAT
modparam("registrar", "nat_flag", 6)
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
#modparam("usrloc", "db_url",
"mysql://ser:heslo@localhost/ser")
modparam("usrloc|auth_db|acc|group|msilo|uri","db_url","mysql://ser:heslo@localhost/ser")
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
#modparam("auth_db", "db_url",
"mysql://ser:heslo@localhost/ser")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- voicemail params --
#modparam("voicemail",
"db_url","mysql://ser:heslo@localhost/ser")
# -- voicemail params --
#modparam("group",
"db_url","mysql://serro:heslo@localhost/ser")
# -- nathelper params --
modparam("nathelper", "natping_interval", 3)
modparam("nathelper", "ping_nated_only", 1)
modparam("tm", "fr_inv_timer", 30 )
#modparam("tm", "fr_inv_timer", 8 )
# ------------------------- request routing logic -------------------
# main routing logic
route{
log(1, "-------------------------------------------\n");
log(1, "entering main loop\n");
if (nat_uac_test("2")) {
log(1, "src address different than via header->NAT
detected\n");
log(1, "force_rport and fix_nated_contact and
setflag(5)\n");
#try NAT traversal, works only if the client is symmetrical
force_rport();
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for request\r\n");
# flag 5 indicates that incoming request is from NATed
client
setflag(5);
};
if (method=="REGISTER")
log(1, "REGISTER message received\n");
if (method=="INVITE")
log(1, "INVITE message received\n");
if (method=="ACK")
log(1, "ACK message received\n");
if (method=="BYE")
log(1, "BYE message received\n");
if (method=="CANCEL")
log(1, "CANCEL message received\n");
if (method=="SUBSCRIBE")
log(1, "SUBSCRIBE message received\n");
if (method=="NOTIFY")
log(1, "NOTIFY message received\n");
if (method=="OPTIONS")
log(1, "OPTIONS message received\n");
if (method=="INFO")
log(1, "INFO message received\n");
if (method=="MESSAGE")
log(1, "MESSAGE message received\n");
if (method=="REFER")
log(1, "REFER message received\n");
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len > max_len) {
#if (len_gt( max_len )) {
sl_send_reply("513", "Message too big");
break;
};
# loose-route processing
if (loose_route()) {
log(1, "loose_route processing\n");
t_relay();
break;
};
# Check for PSTN access
if (uri=~"^sip:0[0-9]*@.*") {
log(1, "going to PSTN route3\n");
route(3);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
log(1, "analyzing REGISTER request\n");
# Uncomment this if you want to use digest authentication
if (!www_authorize("mdk10.sunteq.sk",
"subscriber")) {
www_challenge("mdk10.sunteq.sk",
"0");
break;
};
if (isflagset(5)) {
#register from nated client, save
nat_flag=6
#in location table
setflag(6);
};
if (!save("location")) {
log(1, "save location error\n");
sl_reply_error();
};
break;
};
lookup("aliases");
#mark transaction for voicemail
#if (is_user_in("Request-URI", "voicemail\n")) {
# log(1, "requested user is in voicemail group");
# setflag(4);
#};
# Process Aliases
lookup("aliases");
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
# handle user which was not found
log(1, "requested user not found\n");
route(4);
break;
};
};
#add failure route which should be performed if response code >=300
if (method=="INVITE" && isflagset(4)) {
log(1, "invite for voicemail user->initiate
failureroute[1]\n");
t_on_failure("1");
};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
route(1);
}
route[1]{
log(1, "-------------------------------------------\n");
log(1, "entering route[1] - relaying SIP message\n");
if ((isflagset(5)) || (isflagset(6))) {
log(1, "at least one of the participants is
NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy,
set NATED-INVITE flag(7)");
force_rtp_proxy();
append_hf("P-hint: request forced to rtp
proxy\r\n");
setflag(7);
};
};
log(1, "relaying message ...\n");
if (!t_relay()) {
log(1, "t_relay error occured\n");
sl_reply_error();
};
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
log(1, "-------------------------------------------\n");
log(1, "onreply_route[1] entered\n");
if (isflagset(6)) {
log(1, "transaction was sent to a NATED client -> fix
nated contact\n");
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for response\r\n");
}
if ( (status=~"100") ) {
log(1, "status 100 received\n");
};
if ( (status=~"180") ) {
log(1, "status 180 received\n");
};
if ( (status=~"202") ) {
log(1, "status 202 received\n");
};
if ( (status=~"200" || status=~"183") ) {
log(1, "status 2xx or 183");
if ( isflagset(7) ) {
log(1, "marked(7) as NATED-INVITE ->
force_rtp_proxy \n");
force_rtp_proxy();
append_hf("P-hint: response forced to rtp
proxy\r\n");
};
};
}
route[3] {
if (method=="INVITE" && (!src_ip==194.1.222.26)) {
log(1, "method is invite\n");
if (!proxy_authorize( "mdk10.sunteq.sk","subscriber")) {
proxy_challenge( "mdk10.sunteq.sk", "0");
break;
};
# let's check from=id ... avoids accounting confusion
if(!is_user_in("credentials", "local")) {
sl_send_reply("403", "NO PSTN Privileges...");
break;
};
consume_credentials();
}; # INVITE to authorized PSTN
log(1, "authorized to PSTN\n");
# if you have passed through all the checks, let your call go to GW!
force_rtp_proxy();
record_route();
t_on_reply("1");
# snom conditioner
if (method=="INVITE" && search("User-Agent: snom")) {
replace("100rel, ", "");
};
append_hf("P-hint: GATEWAY\r\n");
# use UDP to guarantee well-known sender port (TCP ephemeral)
t_relay_to_udp("194.1.222.26","5060");
}
route[4]{
log(1, "-------------------------------------------\n");
log(1, "entering route[4] = requested user not online\n");
# non-Voip -- just send "off-line"
if (!(method == "INVITE" || method == "ACK" || method ==
"CANCEL" || method == "REFER" || method == "BYE")) {
log(1, "no invite,ack,cancel,refer->return 404\n");
sl_send_reply("404", "Not Found");
break;
};
# not voicemail subscriber and no echo/conference call
if ( isflagset(4)) {
log(1, "flag(4) active\n");
};
if (uri =~ "conference") {
log(1, "conference call\n");
};
if (uri =~ "echo") {
log(1, "echo call\n");
};
if ( !( isflagset(4) || (uri =~ "conference") || (uri =~
"echo") ) ) {
log(1, "no voicemail subscriber->return 404");
sl_send_reply("404", "Not Found and no voicemail turned
on");
break;
};
if ( isflagset(5) ) {
log(1, "caller is NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy");
force_rtp_proxy();
};
};
# forward to voicemail now
rewritehostport("192.168.1.253:5060");
log(1, "forward to voicemail\n");
t_relay_to_udp("192.168.1.253", "5060");
}
failure_route[1] {
/* XX: note: unsafe if preloaded routes without username used */
log(1, "-------------------------------------------\n");
log(1, "failureroute[1] entered\");
revert_uri();
rewritehostport("212.17.35.184:5060");
append_branch();
t_relay_to_udp("212.17.35.184", "5060");
}