Dear sirs, Originally, we use the module nathelper for NAT traversal. But it seems that it doesn't work so well. And now we turn to help for the module mediaproxy. We now have the mediaproxy run on our redhat linux9 and users can login in as usual. But they can't communicate with each other. I always get the 408 error. When I enter the debug mode. I got "8103" is not found in usrloc where "8103" is one of my legal user. The following is my config file: # fifo - FIFO special file path name fifo="/tmp/ser_fifo" # server_signature - should locally generated messages include server's # signature ? By default yes, it is good for trouble shooting. server_signature=yes # reply_to_via - A hint to reply modules whether they sould send reply to IP # advertised in Via. Turned off by default, which means that replies are sent # to IP address from which requests came. reply_to_via=no # user | uid - uid to be used by the server. 99 = nobody. uid="root" # group | gid - gid to be used by the server. 99 = nobody gid="root" # mhome -- enable calculation of outbound interface; useful on # multihome servers. mhomed=0 # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so" loadmodule "/usr/local/lib/ser/modules/domain.so" #loadmodule "/usr/local/lib/ser/modules/nathelper.so" loadmodule "/usr/local/lib/ser/modules/acc.so" loadmodule "/usr/local/lib/ser/modules/exec.so" loadmodule "/usr/local/lib/ser/modules/group.so" loadmodule "/usr/local/lib/ser/modules/print.so" loadmodule "/usr/local/lib/ser/modules/uri.so" loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! #loadmodule "/usr/local/lib/ser/modules/auth.so" #loadmodule "/usr/local/lib/ser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- tm parameters modparam("tm", "fr_timer", 12) modparam("tm", "fr_inv_timer", 24) # -- accounting parameters modparam("acc", "log_missed_flag", 3) modparam("acc", "log_level", 1) modparam("acc", "log_flag", 1) # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to minimize write back window -default is 60 # seconds modparam("usrloc", "timer_interval", 10) # Uncomment this if you want database location modparam("usrloc", "db_url", "mysql://ser:heslo@localhost/ser") # -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password") # Uncomment if you use database location #modparam("auth_db", "db_url", "mysql://ser:heslo@localhost/ser") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) modparam("registrar","nat_flag", 6) #modparam("nathelper","natping_interval", 30) #modparam("nathelper","ping_nated_only", 1) modparam("mediaproxy", "mediaproxy_socket", "/var/run/proxydispatcher.sock") modparam("mediaproxy", "sip_asymmetrics", "/usr/local/etc/ser/sip-asymmetrics-clients") modparam("mediaproxy", "rtp_asymmetrics", "/usr/local/etc/ser/rtp-asymmetrics-clients") modparam("mediaproxy", "natping_interval", 20) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; /*if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; };*/ # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if(!method=="REGISTER") record_route(); # loose-route processing if (loose_route()) { append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if(!uri==myself) { append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication #if (!www_authorize("routeronline.com.cn", "subscriber")) { # www_challenge("routeronline.com.cn", "0"); # break; #}; save("location"); break; }; lookup("aliases"); if(!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { #if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ # sl_send_reply("479", "We don't forward to private IP addresses"); # break; #}; # if client or server know to be behind a NAT, enable relay /*if (isflagset(6)) { force_rtp_proxy(); };*/ # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies #t_on_reply("1"); # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP /*if (!t_relay()) { sl_reply_error(); };*/ ; } # !! Nathelper /*onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; }*/