12 Feb
2004
12 Feb
'04
12:32 p.m.
Hey Guys,
Just another quick question. I'm sure that this is simple.
How do I forward all requests out using TCP rather than UDP? I have seen the mention of a
function called "t_relay_to_tcp" .. howeve, it does not exist in the latest
stable cvs version of ser? has it been removed? or is it only available in the unstable
version?
Or is there another way to forward all requests as TCP? Currently we are using the
t_relay function.
I have attached my current ser.cfg file.
Thanks for the help!
Darren Nay - dnay(a)libertyisp.com
12 Feb
12 Feb
12:44 p.m.
It exists in release 0_8_12, it is in the tm module.
Klaus
Darren Nay wrote:
Hey Guys,
Just another quick question. I'm sure that this is simple.
How do I forward all requests out using TCP rather than UDP? I have
seen the mention of a function called "t_relay_to_tcp" .. howeve, it
does not exist in the latest stable cvs version of ser? has it been
removed? or is it only available in the unstable version?
Or is there another way to forward all requests as TCP? Currently we
are using the t_relay function.
I have attached my current ser.cfg file.
Thanks for the help!
Darren Nay - dnay(a)libertyisp.com <mailto:dnay@libertyisp.com>
------------------------------------------------------------------------
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
## Uncomment these lines to enter debugging mode
#fork=no
#log_stderror=yes
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# !! Nathelper
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 2)
# -- auth params --
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "db_url",
"mysql://ser:heslo@localhost/ser")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# !! Nathelper
modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind NAT
# -- acc params --
modparam("acc", "log_level", 1)
modparam("acc", "db_flag", 3)
modparam("acc",
"db_url","mysql://ser:heslo@localhost/ser")
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
# if (!mf_process_maxfwd_header("10")) {
# sl_send_reply("483","Too Many Hops");
# break;
# };
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# !! Nathelper
# Special handling for NATed clients; first, NAT test is
# executed: it looks for via!=received and RFC1918 addresses
# in Contact (may fail if line-folding is used); also,
# the received test should, if completed, should check all
# vias for rpesence of received
if (nat_uac_test("3")) {
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (method == "REGISTER" || !
search("^Record-Route:")) {
log("LOG: Someone trying to register from private IP,
rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and majority is
# smart enough to be symmetric. In some phones it takes a
configuration
# option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone
it is
# called "symmetric media" and "symmetric
signalling".
fix_nated_contact(); # Rewrite contact with source IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
};
};
setflag(3);
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
# if (!www_authorize("iptel.org",
"subscriber")) {
# www_challenge("iptel.org", "0");
# break;
# };
save("location");
break;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
break;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
if (uri =~ "^sip:011.*") {
rewritehostport("ld.gw.here");
} else {
rewritehostport("pstn.gw.here");
};
route(1);
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# !! Nathelper
if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
sl_send_reply("479", "We don't forward to private IP
addresses");
break;
};
# if client or server know to be behind a NAT, enable relay
if (isflagset(6)) {
force_rtp_proxy();
};
# NAT processing of replies; apply to all transactions (for example,
# re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
setflag(3);
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
1:01 p.m.
Sorry, my mistake. I thought that I was using a recent CVS download, when
in fact, I was using a CVS download from December. I appologize.
Regards,
Darren Nay
----- Original Message -----
From: "Klaus Darilion" <klaus.mailinglists(a)pernau.at>
To: "Darren Nay" <dnay(a)libertyisp.com>
Cc: <serusers(a)lists.iptel.org>
Sent: Thursday, February 12, 2004 12:44 PM
Subject: Re: [Serusers] TCP vs UDP
It exists in release 0_8_12, it is in the tm module.
Klaus
Darren Nay wrote:
> Hey Guys,
>
> Just another quick question. I'm sure that this is simple.
>
> How do I forward all requests out using TCP rather than UDP? I have
> seen the mention of a function called "t_relay_to_tcp" .. howeve, it
> does not exist in the latest stable cvs version of ser? has it been
> removed? or is it only available in the unstable version?
>
> Or is there another way to forward all requests as TCP? Currently we
> are using the t_relay function.
>
> I have attached my current ser.cfg file.
>
> Thanks for the help!
>
> Darren Nay - dnay(a)libertyisp.com <mailto:dnay@libertyisp.com>
>
>
>
> ------------------------------------------------------------------------
>
>
> #
> # ----------- global configuration parameters ------------------------
>
> debug=3 # debug level (cmd line: -dddddddddd)
> fork=yes
> log_stderror=no # (cmd line: -E)
>
> ## Uncomment these lines to enter debugging mode
> #fork=no
> #log_stderror=yes
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> port=5060
> children=4
> fifo="/tmp/ser_fifo"
>
> # ------------------ module loading ----------------------------------
>
> loadmodule "/usr/local/lib/ser/modules/mysql.so"
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/acc.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
> loadmodule "/usr/local/lib/ser/modules/textops.so"
>
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>
> # !! Nathelper
> loadmodule "/usr/local/lib/ser/modules/nathelper.so"
>
> # ----------------- setting module-specific parameters ---------------
>
> # -- usrloc params --
>
> modparam("usrloc", "db_mode", 2)
>
> # -- auth params --
> modparam("auth_db", "calculate_ha1", yes)
> modparam("auth_db", "password_column", "password")
> modparam("auth_db", "db_url",
"mysql://ser:heslo@localhost/ser")
>
> # -- rr params --
> # add value to ;lr param to make some broken UAs happy
> modparam("rr", "enable_full_lr", 1)
>
> # !! Nathelper
> modparam("registrar", "nat_flag", 6)
> modparam("nathelper", "natping_interval", 30) # Ping interval 30
s
> modparam("nathelper", "ping_nated_only", 1) # Ping only
clients behind
NAT
>
> # -- acc params --
> modparam("acc", "log_level", 1)
> modparam("acc", "db_flag", 3)
> modparam("acc",
"db_url","mysql://ser:heslo@localhost/ser")
>
> # ------------------------- request routing logic -------------------
>
> # main routing logic
>
> route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> # if (!mf_process_maxfwd_header("10")) {
> # sl_send_reply("483","Too Many Hops");
> # break;
> # };
> if (msg:len >= max_len ) {
> sl_send_reply("513", "Message too big");
> break;
> };
>
> # !! Nathelper
> # Special handling for NATed clients; first, NAT test is
> # executed: it looks for via!=received and RFC1918 addresses
> # in Contact (may fail if line-folding is used); also,
> # the received test should, if completed, should check all
> # vias for rpesence of received
> if (nat_uac_test("3")) {
>
> # Allow RR-ed requests, as these may indicate that
> # a NAT-enabled proxy takes care of it; unless it is
> # a REGISTER
>
> if (method == "REGISTER" || !
search("^Record-Route:"))
{
> log("LOG: Someone trying
to register from private
IP, rewriting\n");
>
> # This will work only for user agents that support
symmetric
> # communication. We tested
quite many of them and
majority is
> # smart enough to be
symmetric. In some phones it
takes a configuration
> # option. With Cisco 7960, it
is called
NAT_Enable=Yes, with kphone it is
> # called "symmetric
media" and "symmetric
signalling".
>
> fix_nated_contact(); # Rewrite contact with source
IP of
signalling
> if (method ==
"INVITE") {
> fix_nated_sdp("1"); # Add direction=active to
SDP
> };
> force_rport(); # Add rport parameter to topmost Via
> setflag(6); # Mark as NATed
> };
> };
>
> setflag(3);
>
> # we record-route all messages -- to make sure that
> # subsequent messages will go through our proxy; that's
> # particularly good if upstream and downstream entities
> # use different transport protocol
> if (!method=="REGISTER") record_route();
>
> # subsequent messages withing a dialog should take the
> # path determined by record-routing
> if (loose_route()) {
> # mark routing logic in request
> append_hf("P-hint: rr-enforced\r\n");
> route(1);
> break;
> };
>
> if (!uri==myself) {
> # mark routing logic in request
> append_hf("P-hint: outbound\r\n");
> route(1);
> break;
> };
>
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following command
> # with proper names and addresses in it)
> if (uri==myself) {
>
> if (method=="REGISTER") {
>
> # Uncomment this if you want to use digest authentication
> # if (!www_authorize("iptel.org",
"subscriber")) {
> # www_challenge("iptel.org",
"0");
> # break;
> # };
>
> save("location");
> break;
> };
>
> lookup("aliases");
> if (!uri==myself) {
> append_hf("P-hint: outbound alias\r\n");
> route(1);
> break;
> };
>
> # native SIP destinations are handled using our USRLOC
DB
> if
(!lookup("location")) {
> if (uri =~ "^sip:011.*") {
> rewritehostport("ld.gw.here");
> } else {
> rewritehostport("pstn.gw.here");
> };
> route(1);
> break;
> };
> };
> append_hf("P-hint: usrloc applied\r\n");
> route(1);
> }
>
> route[1]
> {
> # !! Nathelper
> if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
> sl_send_reply("479",
"We don't forward to private IP
addresses");
> break;
> };
>
> # if client or server know to be behind a NAT, enable relay
> if (isflagset(6)) {
> force_rtp_proxy();
> };
>
> # NAT processing of replies; apply to all transactions (for
example,
#
re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
setflag(3);
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
3:18 p.m.
Hey All,
Are you sure that it's in the latest CVS stable release? I am using the
following cvs command to grab the CVS release from yesterday, but it doesn't
contain the t_relay_to_tcp function. It still contains the t_relay_to
function.
cvs co -r rel_0_8_12 -D 2004-02-11 sip_router
If I'm doing something wrong then please let me know. :) Thanks!
Darren Nay - dnay(a)libertyisp.com
----- Original Message -----
From: "Klaus Darilion" <klaus.mailinglists(a)pernau.at>
To: "Darren Nay" <dnay(a)libertyisp.com>
Cc: <serusers(a)lists.iptel.org>
Sent: Thursday, February 12, 2004 12:44 PM
Subject: Re: [Serusers] TCP vs UDP
It exists in release 0_8_12, it is in the tm module.
Klaus
Darren Nay wrote:
> Hey Guys,
>
> Just another quick question. I'm sure that this is simple.
>
> How do I forward all requests out using TCP rather than UDP? I have
> seen the mention of a function called "t_relay_to_tcp" .. howeve, it
> does not exist in the latest stable cvs version of ser? has it been
> removed? or is it only available in the unstable version?
>
> Or is there another way to forward all requests as TCP? Currently we
> are using the t_relay function.
>
> I have attached my current ser.cfg file.
>
> Thanks for the help!
>
> Darren Nay - dnay(a)libertyisp.com <mailto:dnay@libertyisp.com>
>
>
>
> ------------------------------------------------------------------------
>
>
> #
> # ----------- global configuration parameters ------------------------
>
> debug=3 # debug level (cmd line: -dddddddddd)
> fork=yes
> log_stderror=no # (cmd line: -E)
>
> ## Uncomment these lines to enter debugging mode
> #fork=no
> #log_stderror=yes
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> port=5060
> children=4
> fifo="/tmp/ser_fifo"
>
> # ------------------ module loading ----------------------------------
>
> loadmodule "/usr/local/lib/ser/modules/mysql.so"
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/acc.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
> loadmodule "/usr/local/lib/ser/modules/textops.so"
>
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>
> # !! Nathelper
> loadmodule "/usr/local/lib/ser/modules/nathelper.so"
>
> # ----------------- setting module-specific parameters ---------------
>
> # -- usrloc params --
>
> modparam("usrloc", "db_mode", 2)
>
> # -- auth params --
> modparam("auth_db", "calculate_ha1", yes)
> modparam("auth_db", "password_column", "password")
> modparam("auth_db", "db_url",
"mysql://ser:heslo@localhost/ser")
>
> # -- rr params --
> # add value to ;lr param to make some broken UAs happy
> modparam("rr", "enable_full_lr", 1)
>
> # !! Nathelper
> modparam("registrar", "nat_flag", 6)
> modparam("nathelper", "natping_interval", 30) # Ping interval 30
s
> modparam("nathelper", "ping_nated_only", 1) # Ping only
clients behind
NAT
>
> # -- acc params --
> modparam("acc", "log_level", 1)
> modparam("acc", "db_flag", 3)
> modparam("acc",
"db_url","mysql://ser:heslo@localhost/ser")
>
> # ------------------------- request routing logic -------------------
>
> # main routing logic
>
> route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> # if (!mf_process_maxfwd_header("10")) {
> # sl_send_reply("483","Too Many Hops");
> # break;
> # };
> if (msg:len >= max_len ) {
> sl_send_reply("513", "Message too big");
> break;
> };
>
> # !! Nathelper
> # Special handling for NATed clients; first, NAT test is
> # executed: it looks for via!=received and RFC1918 addresses
> # in Contact (may fail if line-folding is used); also,
> # the received test should, if completed, should check all
> # vias for rpesence of received
> if (nat_uac_test("3")) {
>
> # Allow RR-ed requests, as these may indicate that
> # a NAT-enabled proxy takes care of it; unless it is
> # a REGISTER
>
> if (method == "REGISTER" || !
search("^Record-Route:"))
{
> log("LOG: Someone trying
to register from private
IP, rewriting\n");
>
> # This will work only for user agents that support
symmetric
> # communication. We tested
quite many of them and
majority is
> # smart enough to be
symmetric. In some phones it
takes a configuration
> # option. With Cisco 7960, it
is called
NAT_Enable=Yes, with kphone it is
> # called "symmetric
media" and "symmetric
signalling".
>
> fix_nated_contact(); # Rewrite contact with source
IP of
signalling
> if (method ==
"INVITE") {
> fix_nated_sdp("1"); # Add direction=active to
SDP
> };
> force_rport(); # Add rport parameter to topmost Via
> setflag(6); # Mark as NATed
> };
> };
>
> setflag(3);
>
> # we record-route all messages -- to make sure that
> # subsequent messages will go through our proxy; that's
> # particularly good if upstream and downstream entities
> # use different transport protocol
> if (!method=="REGISTER") record_route();
>
> # subsequent messages withing a dialog should take the
> # path determined by record-routing
> if (loose_route()) {
> # mark routing logic in request
> append_hf("P-hint: rr-enforced\r\n");
> route(1);
> break;
> };
>
> if (!uri==myself) {
> # mark routing logic in request
> append_hf("P-hint: outbound\r\n");
> route(1);
> break;
> };
>
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following command
> # with proper names and addresses in it)
> if (uri==myself) {
>
> if (method=="REGISTER") {
>
> # Uncomment this if you want to use digest authentication
> # if (!www_authorize("iptel.org",
"subscriber")) {
> # www_challenge("iptel.org",
"0");
> # break;
> # };
>
> save("location");
> break;
> };
>
> lookup("aliases");
> if (!uri==myself) {
> append_hf("P-hint: outbound alias\r\n");
> route(1);
> break;
> };
>
> # native SIP destinations are handled using our USRLOC
DB
> if
(!lookup("location")) {
> if (uri =~ "^sip:011.*") {
> rewritehostport("ld.gw.here");
> } else {
> rewritehostport("pstn.gw.here");
> };
> route(1);
> break;
> };
> };
> append_hf("P-hint: usrloc applied\r\n");
> route(1);
> }
>
> route[1]
> {
> # !! Nathelper
> if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
> sl_send_reply("479",
"We don't forward to private IP
addresses");
> break;
> };
>
> # if client or server know to be behind a NAT, enable relay
> if (isflagset(6)) {
> force_rtp_proxy();
> };
>
> # NAT processing of replies; apply to all transactions (for
example,
#
re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
setflag(3);
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
3:41 p.m.
At 09:18 PM 2/12/2004, Darren Nay wrote:
Hey All,
Are you sure that it's in the latest CVS stable release?
yes. I gave it a try and it works. See the following fragment
for forcible TCP forwarding.
route{
t_relay_to_tcp("localhost", "5060");
break;
}
t_relay() uses automaticaly TCP transport if request URI is a TCP one.
-jiri
I am using the
following cvs command to grab the CVS release from yesterday, but it doesn't
contain the t_relay_to_tcp function. It still contains the t_relay_to
function.
cvs co -r rel_0_8_12 -D 2004-02-11 sip_router
If I'm doing something wrong then please let me know. :) Thanks!
Darren Nay - dnay(a)libertyisp.com
----- Original Message -----
From: "Klaus Darilion" <klaus.mailinglists(a)pernau.at>
To: "Darren Nay" <dnay(a)libertyisp.com>
Cc: <serusers(a)lists.iptel.org>
Sent: Thursday, February 12, 2004 12:44 PM
Subject: Re: [Serusers] TCP vs UDP
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
--
Jiri Kuthan http://iptel.org/~jiri/
It exists in release 0_8_12, it is in the tm
module.
Klaus
Darren Nay wrote:
> Hey Guys,
>
> Just another quick question. I'm sure that this is simple.
>
> How do I forward all requests out using TCP rather than UDP? I have
> seen the mention of a function called "t_relay_to_tcp" .. howeve, it
> does not exist in the latest stable cvs version of ser? has it been
> removed? or is it only available in the unstable version?
>
> Or is there another way to forward all requests as TCP? Currently we
> are using the t_relay function.
>
> I have attached my current ser.cfg file.
>
> Thanks for the help!
>
> Darren Nay - dnay(a)libertyisp.com <mailto:dnay@libertyisp.com>
>
>
>
> ------------------------------------------------------------------------
>
>
> #
> # ----------- global configuration parameters ------------------------
>
> debug=3 # debug level (cmd line: -dddddddddd)
> fork=yes
> log_stderror=no # (cmd line: -E)
>
> ## Uncomment these lines to enter debugging mode
> #fork=no
> #log_stderror=yes
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> port=5060
> children=4
> fifo="/tmp/ser_fifo"
>
> # ------------------ module loading ----------------------------------
>
> loadmodule "/usr/local/lib/ser/modules/mysql.so"
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/acc.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
> loadmodule "/usr/local/lib/ser/modules/textops.so"
>
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>
> # !! Nathelper
> loadmodule "/usr/local/lib/ser/modules/nathelper.so"
>
> # ----------------- setting module-specific parameters ---------------
>
> # -- usrloc params --
>
> modparam("usrloc", "db_mode", 2)
>
> # -- auth params --
> modparam("auth_db", "calculate_ha1", yes)
> modparam("auth_db", "password_column", "password")
> modparam("auth_db", "db_url",
"mysql://ser:heslo@localhost/ser")
>
> # -- rr params --
> # add value to ;lr param to make some broken UAs happy
> modparam("rr", "enable_full_lr", 1)
>
> # !! Nathelper
> modparam("registrar", "nat_flag", 6)
> modparam("nathelper", "natping_interval", 30) # Ping interval 30
s
> modparam("nathelper", "ping_nated_only", 1) # Ping only
clients behind
NAT
>
> # -- acc params --
> modparam("acc", "log_level", 1)
> modparam("acc", "db_flag", 3)
> modparam("acc",
"db_url","mysql://ser:heslo@localhost/ser")
>
> # ------------------------- request routing logic -------------------
>
> # main routing logic
>
> route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> # if (!mf_process_maxfwd_header("10")) {
> # sl_send_reply("483","Too Many Hops");
> # break;
> # };
> if (msg:len >= max_len ) {
> sl_send_reply("513", "Message too big");
> break;
> };
>
> # !! Nathelper
> # Special handling for NATed clients; first, NAT test is
> # executed: it looks for via!=received and RFC1918 addresses
> # in Contact (may fail if line-folding is used); also,
> # the received test should, if completed, should check all
> # vias for rpesence of received
> if (nat_uac_test("3")) {
>
> # Allow RR-ed requests, as these may indicate that
> # a NAT-enabled proxy takes care of it; unless it is
> # a REGISTER
>
> if (method == "REGISTER" || !
search("^Record-Route:"))
{
> log("LOG: Someone
trying to register from private
IP, rewriting\n");
>
> # This will work only for user agents that support
symmetric
> # communication. We
tested quite many of them and
majority is
> # smart enough to be
symmetric. In some phones it
takes a configuration
> # option. With Cisco
7960, it is called
NAT_Enable=Yes, with kphone it is
> # called "symmetric
media" and "symmetric
signalling".
>
> fix_nated_contact(); # Rewrite contact with source
IP of
signalling
> if (method ==
"INVITE") {
> fix_nated_sdp("1"); # Add direction=active to
SDP
> };
> force_rport(); # Add rport parameter to topmost Via
> setflag(6); # Mark as NATed
> };
> };
>
> setflag(3);
>
> # we record-route all messages -- to make sure that
> # subsequent messages will go through our proxy; that's
> # particularly good if upstream and downstream entities
> # use different transport protocol
> if (!method=="REGISTER") record_route();
>
> # subsequent messages withing a dialog should take the
> # path determined by record-routing
> if (loose_route()) {
> # mark routing logic in request
> append_hf("P-hint: rr-enforced\r\n");
> route(1);
> break;
> };
>
> if (!uri==myself) {
> # mark routing logic in request
> append_hf("P-hint: outbound\r\n");
> route(1);
> break;
> };
>
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following command
> # with proper names and addresses in it)
> if (uri==myself) {
>
> if (method=="REGISTER") {
>
> # Uncomment this if you want to use digest authentication
> # if (!www_authorize("iptel.org",
"subscriber")) {
> # www_challenge("iptel.org",
"0");
> # break;
> # };
>
> save("location");
> break;
> };
>
> lookup("aliases");
> if (!uri==myself) {
> append_hf("P-hint: outbound alias\r\n");
> route(1);
> break;
> };
>
> # native SIP destinations are handled using our USRLOC
DB
> if
(!lookup("location")) {
> if (uri =~ "^sip:011.*") {
> rewritehostport("ld.gw.here");
> } else {
> rewritehostport("pstn.gw.here");
> };
> route(1);
> break;
> };
> };
> append_hf("P-hint: usrloc applied\r\n");
> route(1);
> }
>
> route[1]
> {
> # !! Nathelper
> if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
> sl_send_reply("479",
"We don't forward to private IP
addresses");
> break;
> };
>
> # if client or server know to be behind a NAT, enable relay
> if (isflagset(6)) {
> force_rtp_proxy();
> };
>
> # NAT processing of replies; apply to all transactions (for
example,
#
re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
setflag(3);
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
13 Feb
13 Feb
3:13 a.m.
Maybe you have the old and the new version of ser installed at your
system and you start the old one instead of hte new one.
klaus
Darren Nay wrote:
Hey All,
Are you sure that it's in the latest CVS stable release? I am using the
following cvs command to grab the CVS release from yesterday, but it doesn't
contain the t_relay_to_tcp function. It still contains the t_relay_to
function.
cvs co -r rel_0_8_12 -D 2004-02-11 sip_router
If I'm doing something wrong then please let me know. :) Thanks!
Darren Nay - dnay(a)libertyisp.com
----- Original Message -----
From: "Klaus Darilion" <klaus.mailinglists(a)pernau.at>
To: "Darren Nay" <dnay(a)libertyisp.com>
Cc: <serusers(a)lists.iptel.org>
Sent: Thursday, February 12, 2004 12:44 PM
Subject: Re: [Serusers] TCP vs UDP
It exists in release 0_8_12, it is in the tm
module.
Klaus
Darren Nay wrote:
>Hey Guys,
>
>Just another quick question. I'm sure that this is simple.
>
>How do I forward all requests out using TCP rather than UDP? I have
>seen the mention of a function called "t_relay_to_tcp" .. howeve, it
>does not exist in the latest stable cvs version of ser? has it been
>removed? or is it only available in the unstable version?
>
>Or is there another way to forward all requests as TCP? Currently we
>are using the t_relay function.
>
>I have attached my current ser.cfg file.
>
>Thanks for the help!
>
>Darren Nay - dnay(a)libertyisp.com <mailto:dnay@libertyisp.com>
>
>
>
>------------------------------------------------------------------------
>
>
>#
># ----------- global configuration parameters ------------------------
>
>debug=3 # debug level (cmd line: -dddddddddd)
>fork=yes
>log_stderror=no # (cmd line: -E)
>
>## Uncomment these lines to enter debugging mode
>#fork=no
>#log_stderror=yes
>
>check_via=no # (cmd. line: -v)
>dns=no # (cmd. line: -r)
>rev_dns=no # (cmd. line: -R)
>port=5060
>children=4
>fifo="/tmp/ser_fifo"
>
># ------------------ module loading ----------------------------------
>
>loadmodule "/usr/local/lib/ser/modules/mysql.so"
>loadmodule "/usr/local/lib/ser/modules/sl.so"
>loadmodule "/usr/local/lib/ser/modules/tm.so"
>loadmodule "/usr/local/lib/ser/modules/rr.so"
>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>loadmodule "/usr/local/lib/ser/modules/acc.so"
>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>loadmodule "/usr/local/lib/ser/modules/textops.so"
>
>loadmodule "/usr/local/lib/ser/modules/auth.so"
>loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>
># !! Nathelper
>loadmodule "/usr/local/lib/ser/modules/nathelper.so"
>
># ----------------- setting module-specific parameters ---------------
>
># -- usrloc params --
>
>modparam("usrloc", "db_mode", 2)
>
># -- auth params --
>modparam("auth_db", "calculate_ha1", yes)
>modparam("auth_db", "password_column", "password")
>modparam("auth_db", "db_url",
"mysql://ser:heslo@localhost/ser")
>
># -- rr params --
># add value to ;lr param to make some broken UAs happy
>modparam("rr", "enable_full_lr", 1)
>
># !! Nathelper
>modparam("registrar", "nat_flag", 6)
>modparam("nathelper", "natping_interval", 30) # Ping interval 30
s
>modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind
NAT
># -- acc params --
>modparam("acc", "log_level", 1)
>modparam("acc", "db_flag", 3)
>modparam("acc",
"db_url","mysql://ser:heslo@localhost/ser")
>
># ------------------------- request routing logic -------------------
>
># main routing logic
>
>route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
># if (!mf_process_maxfwd_header("10")) {
># sl_send_reply("483","Too Many Hops");
># break;
># };
> if (msg:len >= max_len ) {
> sl_send_reply("513", "Message too big");
> break;
> };
>
> # !! Nathelper
> # Special handling for NATed clients; first, NAT test is
> # executed: it looks for via!=received and RFC1918 addresses
> # in Contact (may fail if line-folding is used); also,
> # the received test should, if completed, should check all
> # vias for rpesence of received
> if (nat_uac_test("3")) {
>
> # Allow RR-ed requests, as these may indicate that
> # a NAT-enabled proxy takes care of it; unless it is
> # a REGISTER
>
> if (method == "REGISTER" || !
search("^Record-Route:"))
{
> log("LOG: Someone
trying to register from private
IP, rewriting\n");
> # This will work only for
user agents that support
symmetric
> # communication. We tested
quite many of them and
majority is
> # smart enough to be
symmetric. In some phones it
takes a configuration
> # option. With Cisco 7960,
it is called
NAT_Enable=Yes, with kphone it is
> # called "symmetric
media" and "symmetric
signalling".
> fix_nated_contact(); #
Rewrite contact with source
IP of signalling
> if (method ==
"INVITE") {
> fix_nated_sdp("1"); # Add direction=active to
SDP
> };
> force_rport(); # Add rport parameter to topmost Via
> setflag(6); # Mark as NATed
> };
> };
>
> setflag(3);
>
> # we record-route all messages -- to make sure that
> # subsequent messages will go through our proxy; that's
> # particularly good if upstream and downstream entities
> # use different transport protocol
> if (!method=="REGISTER") record_route();
>
> # subsequent messages withing a dialog should take the
> # path determined by record-routing
> if (loose_route()) {
> # mark routing logic in request
> append_hf("P-hint: rr-enforced\r\n");
> route(1);
> break;
> };
>
> if (!uri==myself) {
> # mark routing logic in request
> append_hf("P-hint: outbound\r\n");
> route(1);
> break;
> };
>
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following command
> # with proper names and addresses in it)
> if (uri==myself) {
>
> if (method=="REGISTER") {
>
># Uncomment this if you want to use digest authentication
># if (!www_authorize("iptel.org",
"subscriber")) {
># www_challenge("iptel.org", "0");
># break;
># };
>
> save("location");
> break;
> };
>
> lookup("aliases");
> if (!uri==myself) {
> append_hf("P-hint: outbound alias\r\n");
> route(1);
> break;
> };
>
> # native SIP destinations are handled using our USRLOC
DB
> if
(!lookup("location")) {
> if (uri =~ "^sip:011.*") {
> rewritehostport("ld.gw.here");
> } else {
> rewritehostport("pstn.gw.here");
> };
> route(1);
> break;
> };
> };
> append_hf("P-hint: usrloc applied\r\n");
> route(1);
>}
>
>route[1]
>{
> # !! Nathelper
> if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
> sl_send_reply("479",
"We don't forward to private IP
addresses");
> break;
> };
>
> # if client or server know to be behind a NAT, enable relay
> if (isflagset(6)) {
> force_rtp_proxy();
> };
>
> # NAT processing of replies; apply to all transactions (for
example,
#
re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
setflag(3);
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
7675
days inactive
7676
days old
5 comments
3 participants
participants (3)
-
Darren Nay -
Jiri Kuthan -
Klaus Darilion