<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=big5">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>Hi all</FONT></DIV>
<DIV><FONT size=2>I am trying nathelper with rtpproxy to let client behind
nat/firewall can make a call ,</FONT></DIV>
<DIV><FONT size=2>I have some questions...</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>(1)</FONT></DIV>
<DIV><FONT size=2>Client A (kphone
3.14)------------------iptel.org-----------------------------NAT-------------------------Client
B (kphone 3.14)</FONT></DIV>
<DIV><FONT
size=2>61.217.126.64
195.37.77.101 61.217.xxx.xxx
77.77.77.17</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>B call A , and the call has setup , also , both
A and B send rtp packet to 195.37.77.101 , and receive in the port which
describe in SDP</FONT></DIV>
<DIV><FONT size=2>but both client can't receive any voice ... maybe it's
something wrong in client ...</FONT></DIV>
<DIV><FONT size=2>so is anyone have try if this scenario can work ? or iptel.org
not support client behind NAT/ firewall ??</FONT></DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2></FONT> </DIV>
<DIV><FONT size=2>(2)</FONT></DIV>
<DIV><FONT size=2>before trying (1) , i have build the environment</FONT></DIV>
<DIV><FONT size=2>
<DIV><FONT size=2>Client A (kphone 3.14)-------------SIP server SER + Rtpproxy
---------------------NAT/Firewall-------------------------Client B (kphone
3.14)</FONT></DIV>
<DIV>private
IP
public
IP
public
IP
private IP</DIV>
<DIV> </DIV>
<DIV>whatever A call B , or B call A , the call can setup , but after forwarding
by SER</DIV>
<DIV>the SDP didn't modify correctly , all the same as client send </DIV>
<DIV>it should modify to Ser server's ip and port , but it seems not...</DIV>
<DIV> </DIV>
<DIV>i think maybe is my ser.cfg has some mistake</DIV>
<DIV>could anyone give some idea where should i add or modify something ?</DIV>
<DIV> </DIV>
<DIV>here is my ser.cfg which refered to (<A
href="http://www.informatik.uni-bremen.de/~prelle/terena/cookbook/main/ch04s07.html">http://www.informatik.uni-bremen.de/~prelle/terena/cookbook/main/ch04s07.html</A>)</DIV>
<DIV> </DIV>
<DIV>regards</DIV>
<DIV>jimmy</DIV>
<DIV> </DIV>
<DIV>============================================================================================</DIV>
<DIV>#<BR># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $<BR>#<BR>#
simple quick-start config script<BR>#</DIV>
<DIV> </DIV>
<DIV># ----------- global configuration parameters
------------------------</DIV>
<DIV> </DIV>
<DIV>#debug=3 # debug level (cmd
line: -dddddddddd)<BR>#fork=yes<BR>#log_stderror=no # (cmd line: -E)</DIV>
<DIV> </DIV>
<DIV>#/* Uncomment these lines to enter debugging mode
<BR>debug=7<BR>#fork=no<BR>log_stderror=yes<BR>#*/</DIV>
<DIV> </DIV>
<DIV>check_via=no # (cmd. line:
-v)<BR>dns=no #
(cmd. line: -r)<BR>rev_dns=no # (cmd. line:
-R)<BR>#port=5060<BR>#children=4<BR>fifo="/tmp/ser_fifo"</DIV>
<DIV> </DIV>
<DIV># ------------------ module loading
----------------------------------</DIV>
<DIV> </DIV>
<DIV># Uncomment this if you want to use SQL database<BR>#loadmodule
"/usr/local/lib/ser/modules/mysql.so"</DIV>
<DIV> </DIV>
<DIV>loadmodule "/usr/local/lib/ser/modules/sl.so"<BR>loadmodule
"/usr/local/lib/ser/modules/tm.so"<BR>loadmodule
"/usr/local/lib/ser/modules/rr.so"<BR>loadmodule
"/usr/local/lib/ser/modules/maxfwd.so"<BR>loadmodule
"/usr/local/lib/ser/modules/usrloc.so"<BR>loadmodule
"/usr/local/lib/ser/modules/registrar.so"<BR>#++++++++++ jimmy
added ++++++++++++++++++<BR>loadmodule
"/usr/local/lib/ser/modules/textops.so"<BR>loadmodule
"/usr/local/lib/ser/modules/nathelper.so"<BR>#----------------------------------------------------<BR>#
Uncomment this if you want digest authentication<BR># mysql.so must be loaded
!<BR>#loadmodule "/usr/local/lib/ser/modules/auth.so"<BR>#loadmodule
"/usr/local/lib/ser/modules/auth_db.so"</DIV>
<DIV> </DIV>
<DIV># ----------------- setting module-specific parameters
---------------</DIV>
<DIV> </DIV>
<DIV>#++++++++++ jimmy added
++++++++++++++++++<BR>#we will you flag 6 to mark NATed
contacts<BR>modparam("registrar","nat_flag",6)<BR>#Enable NAT
pinging<BR>modparam("nathelper","natping_interval",3)<BR>#ping only contacts
that are known to be behind
NAT<BR>modparam("nathelper","ping_nated_only",1)<BR>#----------------------------------------------------</DIV>
<DIV> </DIV>
<DIV># -- usrloc params --</DIV>
<DIV> </DIV>
<DIV>modparam("usrloc", "db_mode", 0)</DIV>
<DIV> </DIV>
<DIV># Uncomment this if you want to use SQL database <BR># for persistent
storage and comment the previous line<BR>#modparam("usrloc", "db_mode", 2)</DIV>
<DIV> </DIV>
<DIV># -- auth params --<BR># Uncomment if you are using auth
module<BR>#<BR>#modparam("auth_db", "calculate_ha1", yes)<BR>#<BR># If you set
"calculate_ha1" parameter to yes (which true in this config), <BR># uncomment
also the following parameter)<BR>#<BR>#modparam("auth_db", "password_column",
"password")</DIV>
<DIV> </DIV>
<DIV># -- rr params --<BR># add value to ;lr param to make some broken UAs
happy<BR>modparam("rr", "enable_full_lr", 1)</DIV>
<DIV> </DIV>
<DIV># ------------------------- request routing logic
-------------------</DIV>
<DIV> </DIV>
<DIV># main routing logic</DIV>
<DIV> </DIV>
<DIV>route{</DIV>
<DIV> </DIV>
<DIV>#++++++++++ jimmy added
++++++++++++++++++<BR> if(nat_uac_test("3"))<BR> {<BR> if((method
== "REGISTER") ||
!(search("^Record-Route:")))<BR> {<BR> log("LOG:Someone
trying to register from private IP,
rewriting\n");<BR> <BR> fix_nated_contact();<BR> if(method
== "INVITE")<BR> {<BR>
fix_nated_sdp("3");<BR> };<BR> force_rport();<BR> setflag(6);<BR> };<BR> };<BR>#----------------------------------------------------</DIV>
<DIV> </DIV>
<DIV> # initial sanity checks -- messages with<BR> # max_forwards==0,
or excessively long requests<BR> if (!mf_process_maxfwd_header("10"))
{<BR> sl_send_reply("483","Too Many
Hops");<BR> break;<BR> };<BR> if ( msg:len > max_len )
{<BR> sl_send_reply("513", "Message too
big");<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> # we record-route all messages -- to make sure that<BR> #
subsequent messages will go through our proxy; that's<BR> # particularly
good if upstream and downstream entities<BR> # use different transport
protocol<BR> record_route(); <BR> # loose-route
processing<BR> if (loose_route())
{<BR> t_relay();<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> # if the request is for other domain use UsrLoc<BR> # (in case,
it does not work, use the following command<BR> # with proper names and
addresses in it)<BR> if (uri==myself) {</DIV>
<DIV> </DIV>
<DIV> if (method=="REGISTER") {</DIV>
<DIV> </DIV>
<DIV># Uncomment this if you want to use digest
authentication<BR># if (!www_authorize("iptel.org",
"subscriber")) {<BR># www_challenge("iptel.org",
"0");<BR># break;<BR># };</DIV>
<DIV> </DIV>
<DIV> save("location");<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> # native SIP destinations are handled using our USRLOC
DB<BR> if (!lookup("location"))
{<BR> sl_send_reply("404", "Not
Found");<BR> break;<BR> };<BR> };<BR> #
forward to current uri now; use stateful forwarding; that<BR> # works
reliably even if we forward from TCP to UDP<BR> if (!t_relay())
{<BR> sl_reply_error();<BR> };</DIV>
<DIV> </DIV>
<DIV>}</DIV>
<DIV> </DIV>
<DIV><BR>#++++++++++ jimmy added
+++++++++++++++++++++<BR>route[1]<BR>{<BR> if(uri=~"[@:](192\.168\.|10\.|172\.16)"
&& !search("^Route:"))<BR> {<BR> sl_send_reply("479","we
don't forward to private IP
address");<BR> break;<BR> };<BR> if(isflagset(6))<BR> {<BR> force_rtp_proxy();<BR> t_on_reply("1");<BR> append_hf("P-Behind-NAT:
Yes\r\n");<BR> }<BR> <BR> if(!t_relay())<BR> {<BR> sl_reply_error();<BR> break;<BR> }<BR>}</DIV>
<DIV> </DIV>
<DIV>onreply_route[1]<BR>{<BR> if(status =~
"(183)|2[0-9][0-9]")<BR> {<BR> fix_nated_contact();<BR> force_rtp_proxy();<BR> };<BR>}<BR>#----------------------------------------------------<BR></DIV>
<DIV>
<DIV>============================================================================================</DIV></DIV>
<DIV> </DIV></FONT></DIV></BODY></HTML>