Thanks Alan,
Ser to asterisk works now. It was quit easy indeed.
According to your subtle remark NAT penetration is not so easy?
I saw this in the cookbook that made me think:
# prevents private ip space from being used if (search("^(Contact|m): .*@(192.168.|10.|172.16)")) { if (method=="REGISTER") { log(1, "LOG: Someone trying to register from private IP\n"); sl_send_reply("479", "Please don't use private IP addresses" ); break; }; }
If you can filter a nated endpoint like this than i should be able to also activate a proxy mechanism that penetrates the nated environment like nathelper or something. Is that a correct suggestion assuming that we are not discussing firewalls or other port blocking mechanisms.
Tjapko.
On Tue, 2004-05-11 at 13:43, Alan Litster wrote:
Hi Tjapko,
The second point is quite easy.
if (uri=~"^sip:00) { # Match on two leading zero's rewritehost("asterisk.com"); # Change the destination host forward(uri:host, uri:port); # Forward the call break; };
See also http://www.mit.edu/afs/athena/project/sip/sip.edu/ser.shtml
Regards,
Alan
-----Original Message----- From: serusers-bounces@iptel.org [mailto:serusers-bounces@lists.iptel.org]On Behalf Of Tjapko ITS Consult@ncy Sent: 11 May 2004 12:36 To: serusers@lists.iptel.org Subject: [Serusers] ser to asterisk
Hello list,
I am new at ser :-) and have 2 questions and wonder if somebody can hint me in the correct direction.
Some of my endpoints are behind nat. I understood that I can activate nathelper (or mangler??) to overcome this problem. What I don't understand is how i can activate (write the lines) this mecahnism for just the nated endpoints. All my endpoints are similar 1 port and 4 port gateways.
Secondly I wonder if there are any more advanced ser.cfg examples at hand that describe the way of forwarding calls beginning with for example 00 to an asterisk box and examples of routing traffic to PSTN gateways would be more than welcome for me to study. Any example will do. Or can somebody hint me where to find this. The scripts that i have found sofar do not reveal what i like to establish.
Kindest Regards,
Tjapko Smits
Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.679 / Virus Database: 441 - Release Date: 07/05/2004
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
This email, and any files transmitted with it, is copyright and may contain confidential information. The contents are intended for the use of the addressee(s) only. Unauthorized use may be unlawful. If you receive this email by mistake, please advise sender immediately. The views of the author may not necessarily constitute the views of Telco Electronics Limited. Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation.
Telco Electronics Limited 6-8 Oxford Court Brackley Northants NN13 7XY
Tel 07000 701999 Fax 07000 701777
On 11-05 08:48, Tjapko Smits wrote:
Thanks Alan,
Ser to asterisk works now. It was quit easy indeed.
According to your subtle remark NAT penetration is not so easy?
I saw this in the cookbook that made me think:
# prevents private ip space from being used if (search("^(Contact|m): .*@(192.168.|10.|172.16)")) { if (method=="REGISTER") { log(1, "LOG: Someone trying to register from private IP\n"); sl_send_reply("479", "Please don't use private IP addresses" ); break; }; }
If you can filter a nated endpoint like this than i should be able to also activate a proxy mechanism that penetrates the nated environment like nathelper or something. Is that a correct suggestion assuming that we are not discussing firewalls or other port blocking mechanisms.
Yes, but it might be better to use nat_uac_test which checks if the IP the request is coming from is different from the IP in Via header field.
Jan.
Thanks Jan,
Forgive me my question. Since I am new in this scene I would like to know where i can find information on nat_uac_test with examples :-) like you mentioned so I can implement this.
Is nathelper the correct mechanism to implement here or are there other routines?
Tjapko.
On Tue, 2004-05-11 at 15:42, Jan Janak wrote:
On 11-05 08:48, Tjapko Smits wrote:
Thanks Alan,
Ser to asterisk works now. It was quit easy indeed.
According to your subtle remark NAT penetration is not so easy?
I saw this in the cookbook that made me think:
# prevents private ip space from being used if (search("^(Contact|m): .*@(192.168.|10.|172.16)")) { if (method=="REGISTER") { log(1, "LOG: Someone trying to register from private IP\n"); sl_send_reply("479", "Please don't use private IP addresses" ); break; }; }
If you can filter a nated endpoint like this than i should be able to also activate a proxy mechanism that penetrates the nated environment like nathelper or something. Is that a correct suggestion assuming that we are not discussing firewalls or other port blocking mechanisms.
Yes, but it might be better to use nat_uac_test which checks if the IP the request is coming from is different from the IP in Via header field.
Jan.
-
Jan Janak -
Tjapko Smits