Ok, I've roughly used the examples that are included in the modules/mediaproxy/ser.cfg file to use mediaproxy. The initial call is set up very nicely. However reinvites don't seem to be processsed right.

When I place the call on hold, I can see that mediaproxy sees the call on hold (with the sessions tool). However, when I return to the call from hold, the reinvite just sets the devices up to each other direct without the mediaproxy. Mediaproxy will for about 1 second show the call come back to "ACTIVE" and then to "IDLE". I'm sure the rtp isn't being proxied because 1. I can kill the proxy, and still pass audio 2. the sessions tool doesn't show packets being transmitted 3. the SDP isn't pointing to the mediaproxy.

I can't figure out what I'm doing wrong. However, mediaproxy sees to be very sensitive on how it's called. Per the example, use_media_proxy() will be called TWICE for a new call. This works for the initial call.. However, I removed the initial call to use_media_proxy and only left the one in the on_reply route. Doing this totally broke it and routed the calls without media proxy.

**** Oh, something that is worth mentioning. In the example file, there is an end_media_session() at the begining of the on_reply block. If this is in there, no calls will goto the mediaproxy ever. I get an error message: 3(3114) error: use_media_proxy(): empty response from mediaproxy

So I removed it to get where I am now.

Here are the relevant parts of my config: # $Id: openser.cfg,v 1.6 2006/02/15 18:23:46 bogdan_iancu Exp $ # # simple quick-start config script #

# ----------- global configuration parameters ------------------------

debug=2 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E)

/* Uncomment these lines to enter debugging mode fork=no log_stderror=yes */

check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/openser_fifo" fifo_db_url="mysql://ser:xxxxx@172.16.10.103:3306/ser" # # uncomment the following lines for TLS support #disable_tls = 0 #listen = tls:your_IP:5061 listen=192.168.1.10:5060 #tls_verify = 1 #tls_require_certificate = 0 #tls_method = TLSv1 #tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem" #tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem" #tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"

# ------------------ module loading ----------------------------------

# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/openser/modules/mysql.so"

loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/uri.so" loadmodule "/usr/local/lib/openser/modules/uri_db.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/mediaproxy.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/domain.so"

# ----------------- setting module-specific parameters ---------------

# -- usrloc params --

modparam("auth_db","db_url","mysql://ser:xxxxx@172.16.10.103:3306/ser") modparam("uri_db","db_url","mysql://ser:xxxxx@172.16.10.103:3306/ser") modparam("domain","db_url","mysql://ser:xxxxx@172.16.10.103:3306/ser") modparam("dip","db_url","mysql://ser:xxxxx@172.16.10.103:3306/ser") modparam("usrloc","db_url","mysql://ser:xxxxx@172.16.10.103:3306/ser")

modparam("domain","domain_table","domain") modparam("domain","domain_col","domain") modparam("domain","db_mode",0) modparam("auth_db","use_domain",1) # modparam("usrloc", "db_mode", 2)

# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2)

# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "load_credentials", "rpid,vm_timer") modparam("tm", "fr_inv_timer_avp", "vm_timer") # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password")

# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)

modparam("mediaproxy", "natping_interval", 60) modparam("registrar" , "nat_flag", 2) # ------------------------- request routing logic -------------------

# main routing logic

route{

# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); return; };

if (msg:len >= 2048 ) { sl_send_reply("513", "Message too big"); return; };

# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol

### Fix natted requests if (client_nat_test("3")) { log(1,"***** PERFORMING NAT FIXUP\n"); setflag(2); force_rport(); fix_contact(); }; record_route(); if (client_nat_test("3") && !search("^Record-Route:")) { # Mark call as being natted force_rport(); fix_contact(); };

#### Process registrations if (method=="REGISTER") { log(1,"***** REGISTERING\n"); if (is_from_local()) { log(1,"**** IS FROM LOCAL\n"); # Mark as NAT'ed if (client_nat_test("3")) { log(1,"***** PERFORMING NAT FIXUP\n"); setflag(2); force_rport(); fix_contact(); };

if (!www_authorize("", "subscriber")) { log(1,"**** ASKING FOR CREDS\n"); www_challenge("", "0"); return; } else if (!check_to()) { sl_send_reply("403", "Username!=To not allowed"); return; }; log(1,"*** ATTEMPTING TO SAVE CONTACT\n"); if (!save("location")) { sl_reply_error(); }; } else { sl_send_reply("403", "This domain is not served here"); };

return; };

### All invites must be authenticated.. do this first if (method=="INVITE") { if(!www_authorize("","subscriber")) { log(1,"**** ASKING FOR CREDS\n"); www_challenge("","0"); return; } else if (!check_from()) { sl_send_reply("403", "Username must equal the from address"); return; }; log(1,"**** APPENDING RPID\n"); append_rpid_hf("<sip:", "@192.168.1.10>;privacy=off"); }

# make sure a leg is local somewhere if (method=="INVITE") { if (!(is_from_local() || is_uri_host_local())) { sl_send_reply("403", "Relaying is forbidden"); return; } t_on_failure("1"); } else if (method == "BYE" || method == "CANCEL") { log(1,"Ending session sec-1\n"); end_media_session(); };

# resolve aliases if (!lookup("aliases")) { log(1,"*** Call is not in aliases table\n"); }

# subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { log(2,"**** PERFORMING LOOSE ROUTE\n"); if (method=="INVITE" || method=="ACK"){ use_media_proxy(); }; append_hf("P-hint: rr-enforced\r\n"); log(1," *** USE MEDIA PROXY\n"); t_relay(); return; };

if (method == "INVITE") { t_on_reply("1"); }; if (is_uri_host_local()) { if (!lookup("location")) { log(1," **** location lookup failed\n"); # lookup failed.. probably a pstn call use_media_proxy(); rewritehostport("voip_gw"); if (!t_relay()) { sl_reply_error(); return; } return; } }

if (method=="INVITE" || method =="ACK") { log(1," *** USE MEDIA PROXY\n"); use_media_proxy(); } if (method=="OPTIONS") { sl_send_reply("404", "Pong - Go away"); return; } if (!t_relay()) { if (method=="INVITE" || method=="ACK") { end_media_session(); log (1," Ending session sec-2\n"); }; sl_reply_error(); return; } }

failure_route[1] { end_media_session(); log(1,"Ending session sec-3\n"); }

onreply_route[1] { end_media_session(); log(1,"******* In onreply route block\n"); if (status=~"(183)|(2[09][09])") { if (client_nat_test("1")) { fix_contact(); };

use_media_proxy(); } }