I've started mediaproxy as writen in Readme, but when i try to start ser I can see this.
any idea?
0(0) DEBUG: FIFO created @ /tmp/ser_fifo 0(0) DEBUG: fifo /tmp/ser_fifo opened, mode=432 0(0) init_unixsock_socket: No unix domain socket will be opened 1(0) DEBUG: init_mod_child (-1): tm 1(0) DEBUG: callid: '5d3ffff7-0@127.0.0.1' 1(0) DEBUG: init_mod_child (-1): usrloc 1(0) get_connection(): Connection not found in the pool 1(0) DEBUG: init_mod_child (-1): auth_db 1(0) get_connection(): Connection not found in the pool 1(0) DEBUG: init_mod_child (-1): domain 1(0) DEBUG: init_mod_child (-1): nathelper 1(0) ERROR: send_rtpp_command: can't connect to RTP proxy 1(0) WARNING: rtpp_test: can't get version of the RTP proxy 1(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 2(0) INFO: fifo process starting: 17183 2(0) DEBUG: init_mod_child (-2): tm 2(0) DEBUG: callid: '5d3ffff7-0@127.0.0.1' 2(0) DEBUG: init_mod_child (-2): usrloc 2(0) get_connection(): Connection not found in the pool 2(0) DEBUG: init_mod_child (-2): auth_db 2(0) get_connection(): Connection not found in the pool 2(0) DEBUG: init_mod_child (-2): domain 2(0) DEBUG: init_mod_child (-2): nathelper 2(0) ERROR: send_rtpp_command: can't connect to RTP proxy 2(0) WARNING: rtpp_test: can't get version of the RTP proxy 2(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 2(0) SER: open_uac_fifo: fifo server up at /tmp/ser_fifo... 2(0) DEBUG: register_fifo_cmd: new command (print) registered 2(0) DEBUG: register_fifo_cmd: new command (uptime) registered 2(0) DEBUG: register_fifo_cmd: new command (version) registered 2(0) DEBUG: register_fifo_cmd: new command (pwd) registered 2(0) DEBUG: register_fifo_cmd: new command (arg) registered 2(0) DEBUG: register_fifo_cmd: new command (which) registered 2(0) DEBUG: register_fifo_cmd: new command (ps) registered 2(0) DEBUG: register_fifo_cmd: new command (kill) registered 2(0) WARNING: no fifo_db_url given - fifo DB commands disabled! 0(17177) DEBUG: init_mod_child (1): tm 0(17177) DEBUG: callid: '5d3ffff7-17177@127.0.0.1' 0(17177) DEBUG: init_mod_child (1): usrloc 0(17177) get_connection(): Connection not found in the pool 0(17177) DEBUG: init_mod_child (1): auth_db 0(17177) get_connection(): Connection not found in the pool 0(17177) DEBUG: init_mod_child (1): domain 0(17177) get_connection(): Connection found in the pool 0(17177) DEBUG: init_mod_child (1): nathelper 0(17177) ERROR: send_rtpp_command: can't connect to RTP proxy 0(17177) WARNING: rtpp_test: can't get version of the RTP proxy 0(17177) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 0(17177) NOTICE:init_avp_child: no avp_db_url specified -> feature disabled
MediaProxy is called only by the mediaproxy.so functions used by SER. Implementation of mediaproxy is totally incompatible with nathelper an rtpproxy.
----- Original Message ----- From: "giAndrea" news@giandrea.com To: serusers@lists.iptel.org Sent: Wednesday, May 26, 2004 12:08 PM Subject: [Serusers] Mediaproxy
I've started mediaproxy as writen in Readme, but when i try to start ser I can see this.
any idea?
0(0) DEBUG: FIFO created @ /tmp/ser_fifo 0(0) DEBUG: fifo /tmp/ser_fifo opened, mode=432 0(0) init_unixsock_socket: No unix domain socket will be opened 1(0) DEBUG: init_mod_child (-1): tm 1(0) DEBUG: callid: '5d3ffff7-0@127.0.0.1' 1(0) DEBUG: init_mod_child (-1): usrloc 1(0) get_connection(): Connection not found in the pool 1(0) DEBUG: init_mod_child (-1): auth_db 1(0) get_connection(): Connection not found in the pool 1(0) DEBUG: init_mod_child (-1): domain 1(0) DEBUG: init_mod_child (-1): nathelper 1(0) ERROR: send_rtpp_command: can't connect to RTP proxy 1(0) WARNING: rtpp_test: can't get version of the RTP proxy 1(0) WARNING: rtpp_test: support for RTP proxyhas been disabled
temporarily
2(0) INFO: fifo process starting: 17183 2(0) DEBUG: init_mod_child (-2): tm 2(0) DEBUG: callid: '5d3ffff7-0@127.0.0.1' 2(0) DEBUG: init_mod_child (-2): usrloc 2(0) get_connection(): Connection not found in the pool 2(0) DEBUG: init_mod_child (-2): auth_db 2(0) get_connection(): Connection not found in the pool 2(0) DEBUG: init_mod_child (-2): domain 2(0) DEBUG: init_mod_child (-2): nathelper 2(0) ERROR: send_rtpp_command: can't connect to RTP proxy 2(0) WARNING: rtpp_test: can't get version of the RTP proxy 2(0) WARNING: rtpp_test: support for RTP proxyhas been disabled
temporarily
2(0) SER: open_uac_fifo: fifo server up at /tmp/ser_fifo... 2(0) DEBUG: register_fifo_cmd: new command (print) registered 2(0) DEBUG: register_fifo_cmd: new command (uptime) registered 2(0) DEBUG: register_fifo_cmd: new command (version) registered 2(0) DEBUG: register_fifo_cmd: new command (pwd) registered 2(0) DEBUG: register_fifo_cmd: new command (arg) registered 2(0) DEBUG: register_fifo_cmd: new command (which) registered 2(0) DEBUG: register_fifo_cmd: new command (ps) registered 2(0) DEBUG: register_fifo_cmd: new command (kill) registered 2(0) WARNING: no fifo_db_url given - fifo DB commands disabled! 0(17177) DEBUG: init_mod_child (1): tm 0(17177) DEBUG: callid: '5d3ffff7-17177@127.0.0.1' 0(17177) DEBUG: init_mod_child (1): usrloc 0(17177) get_connection(): Connection not found in the pool 0(17177) DEBUG: init_mod_child (1): auth_db 0(17177) get_connection(): Connection not found in the pool 0(17177) DEBUG: init_mod_child (1): domain 0(17177) get_connection(): Connection found in the pool 0(17177) DEBUG: init_mod_child (1): nathelper 0(17177) ERROR: send_rtpp_command: can't connect to RTP proxy 0(17177) WARNING: rtpp_test: can't get version of the RTP proxy 0(17177) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 0(17177) NOTICE:init_avp_child: no avp_db_url specified -> feature
disabled
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
ser uses a unix socket to talk to mediaproxy. You can specify socket file as a parameter --socket when starting mediaproxy (the default is /var/run/ser/mediaproxy.sock). And inside ser.cfg you should specify the file for the mediaproxy module, for example:
modparam("mediaproxy", "mediaproxy_socket", "/var/run/ser/mediaproxy.sock")
giAndrea wrote:
I've started mediaproxy as writen in Readme, but when i try to start ser I can see this.
any idea?
0(0) DEBUG: FIFO created @ /tmp/ser_fifo 0(0) DEBUG: fifo /tmp/ser_fifo opened, mode=432 0(0) init_unixsock_socket: No unix domain socket will be opened 1(0) DEBUG: init_mod_child (-1): tm 1(0) DEBUG: callid: '5d3ffff7-0@127.0.0.1' 1(0) DEBUG: init_mod_child (-1): usrloc 1(0) get_connection(): Connection not found in the pool 1(0) DEBUG: init_mod_child (-1): auth_db 1(0) get_connection(): Connection not found in the pool 1(0) DEBUG: init_mod_child (-1): domain 1(0) DEBUG: init_mod_child (-1): nathelper 1(0) ERROR: send_rtpp_command: can't connect to RTP proxy 1(0) WARNING: rtpp_test: can't get version of the RTP proxy 1(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 2(0) INFO: fifo process starting: 17183 2(0) DEBUG: init_mod_child (-2): tm 2(0) DEBUG: callid: '5d3ffff7-0@127.0.0.1' 2(0) DEBUG: init_mod_child (-2): usrloc 2(0) get_connection(): Connection not found in the pool 2(0) DEBUG: init_mod_child (-2): auth_db 2(0) get_connection(): Connection not found in the pool 2(0) DEBUG: init_mod_child (-2): domain 2(0) DEBUG: init_mod_child (-2): nathelper 2(0) ERROR: send_rtpp_command: can't connect to RTP proxy 2(0) WARNING: rtpp_test: can't get version of the RTP proxy 2(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 2(0) SER: open_uac_fifo: fifo server up at /tmp/ser_fifo... 2(0) DEBUG: register_fifo_cmd: new command (print) registered 2(0) DEBUG: register_fifo_cmd: new command (uptime) registered 2(0) DEBUG: register_fifo_cmd: new command (version) registered 2(0) DEBUG: register_fifo_cmd: new command (pwd) registered 2(0) DEBUG: register_fifo_cmd: new command (arg) registered 2(0) DEBUG: register_fifo_cmd: new command (which) registered 2(0) DEBUG: register_fifo_cmd: new command (ps) registered 2(0) DEBUG: register_fifo_cmd: new command (kill) registered 2(0) WARNING: no fifo_db_url given - fifo DB commands disabled! 0(17177) DEBUG: init_mod_child (1): tm 0(17177) DEBUG: callid: '5d3ffff7-17177@127.0.0.1' 0(17177) DEBUG: init_mod_child (1): usrloc 0(17177) get_connection(): Connection not found in the pool 0(17177) DEBUG: init_mod_child (1): auth_db 0(17177) get_connection(): Connection not found in the pool 0(17177) DEBUG: init_mod_child (1): domain 0(17177) get_connection(): Connection found in the pool 0(17177) DEBUG: init_mod_child (1): nathelper 0(17177) ERROR: send_rtpp_command: can't connect to RTP proxy 0(17177) WARNING: rtpp_test: can't get version of the RTP proxy 0(17177) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 0(17177) NOTICE:init_avp_child: no avp_db_url specified -> feature disabled _______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
At 17.22 26/05/2004 +0200, Martin Rusnak wrote:
ser uses a unix socket to talk to mediaproxy. You can specify socket file as a parameter --socket when starting mediaproxy (the default is /var/run/ser/mediaproxy.sock). And inside ser.cfg you should specify the file for the mediaproxy module, for example:
modparam("mediaproxy", "mediaproxy_socket", "/var/run/ser/mediaproxy.sock")
i've already inserted this row on my ser.cfg.
# ----------- global configuration parameters ------------------------
debug=9 fork=no log_stderror=yes
check_via=no dns=no rev_dns=no port=5060 children=4 fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/textops.so"
# mysql.so must be loaded ! loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so"
# !! MediaProxy loadmodule "/usr/lib/ser/modules/domain.so" loadmodule "/usr/lib/ser/modules/mediaproxy.so"
# !! Nathelper loadmodule "/usr/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params -- modparam("usrloc", "db_mode", 2)
# -- auth params -- modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
# !! MediaProxy modparam("mediaproxy", "mediaproxy_socket", "/var/run/proxydispatcher.sock") modparam("mediaproxy", "sip_asymmetrics", "/etc/ser/sip-asymmetrics-clients") modparam("mediaproxy", "rtp_asymmetrics", "/etc/ser/rtp-asymmetrics-clients") modparam("mediaproxy", "natping_interval", 20)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; };
# !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (client_nat_test("3")) { #nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER
if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling".
fix_contact(); # fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; };
# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; };
if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") {
if (!www_authorize("webby.spidlink.com", "subscriber")) { www_challenge("webby.spidlink.com", "0"); break; };
save("location"); break; };
# lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; };
# native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); }
route[1] { # !! Nathelper if (uri=~"[@:](192.168.|10.|172.(1[6-9]|2[0-9]|3[0-1]).)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; };
# if client or server know to be behind a NAT, enable relay if (isflagset(6)) { use_media_proxy(); # sostituisce force_rtp_proxy(); };
# NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; }
# !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_contact(); # sostituisce fix_nated_contact(); use_media_proxy(); # sostituisce force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (client_nat_test("1")) { # sostituisce (nat_uac_test("1")) { fix_contact(); # sostituisce fix_nated_contact(); }; }
Comment out everything realted to nathelper: loading nathelper module function fix_nated_sdp() is from nathelper too
Have you installed and run mediaproxy? It is available from: http://mediaproxy.ag-projects.com/ After starting media proxy check if the socket file exist an if it has proper user rights.
giAndrea wrote:
At 17.22 26/05/2004 +0200, Martin Rusnak wrote:
ser uses a unix socket to talk to mediaproxy. You can specify socket file as a parameter --socket when starting mediaproxy (the default is /var/run/ser/mediaproxy.sock). And inside ser.cfg you should specify the file for the mediaproxy module, for example:
modparam("mediaproxy", "mediaproxy_socket", "/var/run/ser/mediaproxy.sock")
i've already inserted this row on my ser.cfg.
# ----------- global configuration parameters ------------------------
debug=9 fork=no log_stderror=yes
check_via=no dns=no rev_dns=no port=5060 children=4 fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/textops.so"
# mysql.so must be loaded ! loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so"
# !! MediaProxy loadmodule "/usr/lib/ser/modules/domain.so" loadmodule "/usr/lib/ser/modules/mediaproxy.so"
# !! Nathelper loadmodule "/usr/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params -- modparam("usrloc", "db_mode", 2)
# -- auth params -- modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
# !! MediaProxy modparam("mediaproxy", "mediaproxy_socket", "/var/run/proxydispatcher.sock") modparam("mediaproxy", "sip_asymmetrics", "/etc/ser/sip-asymmetrics-clients") modparam("mediaproxy", "rtp_asymmetrics", "/etc/ser/rtp-asymmetrics-clients") modparam("mediaproxy", "natping_interval", 20)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (client_nat_test("3")) { #nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from privateIP, rewriting\n");
# This will work only for user agents that supportsymmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling".
fix_contact(); # fix_nated_contact(); # Rewritecontact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; };
# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { if (!www_authorize("webby.spidlink.com","subscriber")) { www_challenge("webby.spidlink.com", "0"); break; };
save("location"); break; }; # lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1);}
route[1] { # !! Nathelper if (uri=~"[@:](192.168.|10.|172.(1[6-9]|2[0-9]|3[0-1]).)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; };
# if client or server know to be behind a NAT, enable relay if (isflagset(6)) { use_media_proxy(); # sostituisce force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (forexample, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); };}
# !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_contact(); # sostituisce fix_nated_contact(); use_media_proxy(); # sostituisce force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (client_nat_test("1")) { # sostituisce (nat_uac_test("1")) { fix_contact(); # sostituisce fix_nated_contact(); }; }
Martin,
I have a question. After you run the ser mediaproxy and start up SER do you see the subprocesses of SER with ps -A ? Does a ser -ddd -c returns OK? If you agree with the default values for de mediaproxy modparam values you don't have to specify them. And i still see some nathelper related stuff in your ser.cfg Tjapko.
-----Original Message----- From: serusers-bounces@iptel.org [mailto:serusers-bounces@lists.iptel.org]On Behalf Of Martin Rusnak Sent: Jueves, 27 de Mayo de 2004 04:37 a.m. To: serusers@lists.iptel.org Subject: Re: [Serusers] Mediaproxy
Comment out everything realted to nathelper: loading nathelper module function fix_nated_sdp() is from nathelper too
Have you installed and run mediaproxy? It is available from: http://mediaproxy.ag-projects.com/ After starting media proxy check if the socket file exist an if it has proper user rights.
giAndrea wrote:
At 17.22 26/05/2004 +0200, Martin Rusnak wrote:
ser uses a unix socket to talk to mediaproxy. You can specify socket file as a parameter --socket when starting mediaproxy (the default is /var/run/ser/mediaproxy.sock). And inside ser.cfg you should specify the file for the mediaproxy module, for example:
modparam("mediaproxy", "mediaproxy_socket", "/var/run/ser/mediaproxy.sock")
i've already inserted this row on my ser.cfg.
# ----------- global configuration parameters ------------------------
debug=9 fork=no log_stderror=yes
check_via=no dns=no rev_dns=no port=5060 children=4 fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/textops.so"
# mysql.so must be loaded ! loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so"
# !! MediaProxy loadmodule "/usr/lib/ser/modules/domain.so" loadmodule "/usr/lib/ser/modules/mediaproxy.so"
# !! Nathelper loadmodule "/usr/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params -- modparam("usrloc", "db_mode", 2)
# -- auth params -- modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
# !! MediaProxy modparam("mediaproxy", "mediaproxy_socket", "/var/run/proxydispatcher.sock") modparam("mediaproxy", "sip_asymmetrics", "/etc/ser/sip-asymmetrics-clients") modparam("mediaproxy", "rtp_asymmetrics", "/etc/ser/rtp-asymmetrics-clients") modparam("mediaproxy", "natping_interval", 20)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (client_nat_test("3")) { #nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from privateIP, rewriting\n");
# This will work only for user agents that supportsymmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling".
fix_contact(); # fix_nated_contact(); # Rewritecontact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; };
# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { if (!www_authorize("webby.spidlink.com","subscriber")) { www_challenge("webby.spidlink.com", "0"); break; };
save("location"); break; }; # lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1);}
route[1] { # !! Nathelper if (uri=~"[@:](192.168.|10.|172.(1[6-9]|2[0-9]|3[0-1]).)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; };
# if client or server know to be behind a NAT, enable relay if (isflagset(6)) { use_media_proxy(); # sostituisce force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (forexample, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); };}
# !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_contact(); # sostituisce fix_nated_contact(); use_media_proxy(); # sostituisce force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (client_nat_test("1")) { # sostituisce (nat_uac_test("1")) { fix_contact(); # sostituisce fix_nated_contact(); }; }
_______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.690 / Virus Database: 451 - Release Date: 22/05/2004
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.690 / Virus Database: 451 - Release Date: 22/05/2004
-
Ezequiel Colombo -
giAndrea -
Martin Rusnak -
Tjapko ITS Consult@ncy