<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=big5">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2>Hi all,<BR>I am trying ser + rtpproxy like this</FONT></DIV>
<DIV> </DIV><FONT size=2>
<DIV><BR>
Internet
UA3<BR>
|
|<BR>
------------------------------------<BR>
| NAT + ser + rtpproxy
|<BR>
------------------------------------<BR>
|
|
Intranet<BR>
UA1 UA2</DIV>
<DIV> </DIV>
<DIV>Now UA3 <-> UA1 , UA1 <-> UA2 can make call
successfuly via rtpproxy in bridge mode<BR>but now when UA1 <-> UA2 , i
want the call can be made not via rtpproxy ,<BR>I think it should do some
modification in ser.cfg to make this,<BR>I have try some modification, but
it doesn't works</DIV>
<DIV> </DIV>
<DIV>could anyone give me any suggestion?</DIV>
<DIV> </DIV>
<DIV>this is my ser.cfg</DIV>
<DIV> </DIV>
<DIV><BR>#debug=4 # debug level
(cmd line: -dddddddddd)<BR>fork=yes<BR>#log_stderror=yes # (cmd line: -E)</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>check_via=no # (cmd. line:
-v)<BR>dns=no #
(cmd. line: -r)<BR>rev_dns=no # (cmd. line:
-R)<BR>port=5060<BR>children=1<BR>fifo="/tmp/ser_fifo"</DIV>
<DIV> </DIV>
<DIV># ------------------ module loading
----------------------------------</DIV>
<DIV> </DIV>
<DIV># Uncomment this if you want to use SQL database<BR>#loadmodule
"/lib/ser/modules/mysql.so"</DIV>
<DIV> </DIV>
<DIV>loadmodule "/lib/ser/modules/sl.so"<BR>loadmodule
"/lib/ser/modules/tm.so"<BR>loadmodule "/lib/ser/modules/rr.so"<BR>loadmodule
"/lib/ser/modules/maxfwd.so"<BR>loadmodule
"/lib/ser/modules/usrloc.so"<BR>loadmodule
"/lib/ser/modules/registrar.so"<BR>loadmodule
"/lib/ser/modules/textops.so"</DIV>
<DIV> </DIV>
<DIV># Uncomment this if you want digest authentication<BR># mysql.so must be
loaded !<BR>#loadmodule "/lib/ser/modules/auth.so"<BR>#loadmodule
"/lib/ser/modules/auth_db.so"</DIV>
<DIV> </DIV>
<DIV># !! Nathelper<BR>loadmodule "/lib/ser/modules/nathelper.so"</DIV>
<DIV> </DIV>
<DIV># ----------------- setting module-specific parameters
---------------</DIV>
<DIV> </DIV>
<DIV># -- usrloc params --</DIV>
<DIV> </DIV>
<DIV>modparam("usrloc", "db_mode", 0)</DIV>
<DIV> </DIV>
<DIV># Uncomment this if you want to use SQL database <BR># for persistent
storage and comment the previous line<BR>#modparam("usrloc", "db_mode", 2)</DIV>
<DIV> </DIV>
<DIV># -- auth params --<BR># Uncomment if you are using auth
module<BR>#<BR>#modparam("auth_db", "calculate_ha1", yes)<BR>#<BR># If you set
"calculate_ha1" parameter to yes (which true in this config), <BR># uncomment
also the following parameter)<BR>#<BR>#modparam("auth_db", "password_column",
"password")</DIV>
<DIV> </DIV>
<DIV># -- rr params --<BR># add value to ;lr param to make some broken UAs
happy<BR>modparam("rr", "enable_full_lr", 1)</DIV>
<DIV> </DIV>
<DIV># !! Nathelper<BR>modparam("registrar", "nat_flag",
6)<BR>modparam("nathelper", "natping_interval", 5) # Ping interval 30
s<BR>modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind NAT</DIV>
<DIV> </DIV>
<DIV># ------------------------- request routing logic
-------------------</DIV>
<DIV> </DIV>
<DIV># main routing logic</DIV>
<DIV> </DIV>
<DIV>route{</DIV>
<DIV> </DIV>
<DIV> # initial sanity checks -- messages with<BR> # max_forwards==0,
or excessively long requests<BR> if (!mf_process_maxfwd_header("10"))
{<BR> sl_send_reply("483","Too Many Hops");<BR>
break;<BR> };<BR> if (msg:len >= max_len ) {<BR>
sl_send_reply("513", "Message too big");<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> # !! Nathelper<BR> #
Special handling for NATed clients; first, NAT test is<BR> # executed: it
looks for via!=received and RFC1918 addresses<BR> # in Contact (may fail if
line-folding is used); also,<BR> # the received test should, if completed,
should check all<BR> # vias for rpesence of received<BR> if
(nat_uac_test("3")) {<BR> # Allow RR-ed requests, as these may indicate
that<BR> # a NAT-enabled proxy takes care of it; unless it is<BR> #
a REGISTER</DIV>
<DIV> </DIV>
<DIV> if (method == "REGISTER" || ! search("^Record-Route:"))
{<BR> log("LOG: Someone trying to register from
private IP, rewriting\n");<BR> # This will work
only for user agents that support symmetric<BR> #
communication. We tested quite many of them and majority
is<BR> # smart enough to be symmetric. In some
phones it takes a configuration<BR> # option. With
Cisco 7960, it is called NAT_Enable=Yes, with kphone it
is<BR> # called "symmetric media" and "symmetric
signalling".</DIV>
<DIV> </DIV>
<DIV> fix_nated_contact(); # Rewrite contact with
source IP of signalling<BR> if (method ==
"INVITE") <BR> {<BR># jimmy added for test
++++++++++++++++++++++++++++++++<BR>
if(src_ip=~"192.168.5.*")<BR> {<BR>
;<BR> }else{<BR>#
-----------------------------------------------------<BR>
fix_nated_sdp("1"); # Add direction=active to SDP<BR>
}<BR> <BR>
};<BR> force_rport(); # Add rport parameter to
topmost Via<BR> setflag(6); #
Mark as NATed<BR> };<BR> };</DIV>
<DIV> </DIV>
<DIV> # we record-route all messages -- to make sure that<BR> #
subsequent messages will go through our proxy; that's<BR> # particularly
good if upstream and downstream entities<BR> # use different transport
protocol<BR> if (!method=="REGISTER") record_route(); </DIV>
<DIV> </DIV>
<DIV> # subsequent messages withing a dialog should take the<BR> #
path determined by record-routing<BR> if (loose_route()) {<BR> # mark
routing logic in request<BR> append_hf("P-hint: rr-enforced\r\n");
<BR> route(1);<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> if (!uri==myself) {<BR> # mark routing logic in
request<BR> append_hf("P-hint: outbound\r\n"); <BR>
route(1);<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> # if the request is for other domain use UsrLoc<BR> # (in case,
it does not work, use the following command<BR> # with proper names and
addresses in it)<BR> if (uri==myself) {</DIV>
<DIV> </DIV>
<DIV> if (method=="REGISTER") {</DIV>
<DIV> </DIV>
<DIV># Uncomment this if you want to use digest authentication<BR>#
if (!www_authorize("iptel.org", "subscriber")) {<BR>#
www_challenge("iptel.org", "0");<BR># break;<BR>#
};</DIV>
<DIV> </DIV>
<DIV> save("location");<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> lookup("aliases");<BR> if (!uri==myself) {<BR>
append_hf("P-hint: outbound alias\r\n"); <BR>
route(1);<BR> break;<BR> };</DIV>
<DIV> </DIV>
<DIV> # native SIP destinations are handled using our USRLOC DB<BR>
if (!lookup("location")) {<BR> sl_send_reply("404", "Not
Found");<BR> break;<BR>
};<BR> };<BR> append_hf("P-hint: usrloc applied\r\n");
<BR> route(1);<BR>}</DIV>
<DIV> </DIV>
<DIV>route[1] <BR>{<BR> # !! Nathelper</DIV>
<DIV> </DIV>
<DIV> # if client or server know to be behind a NAT, enable
relay<BR> if (isflagset(6)) {<BR># jimmy added for test
++++++++++++++++++++++++++++++++++++++++++++++<BR>
if(search("^(Contact|m): <A
href="mailto:.*@(192\.168\">.*@(192\.168\</A>.)"))<BR>
#if(src_ip=~"192.168.5.*")<BR> {<BR> ;<BR> }else{<BR>#
-------------------------------------------------------------------<BR>
force_rtp_proxy();<BR> }<BR> <BR> };</DIV>
<DIV> </DIV>
<DIV> # NAT processing of replies; apply to all transactions (for
example,<BR> # re-INVITEs from public to private UA are hard to identify
as<BR> # NATed at the moment of request processing); look at
replies<BR> t_on_reply("1");</DIV>
<DIV> </DIV>
<DIV> # send it out now; use stateful forwarding as it works
reliably<BR> # even for UDP2TCP<BR> if (!t_relay()) {<BR>
sl_reply_error();<BR> };<BR>}</DIV>
<DIV> </DIV>
<DIV># !! Nathelper<BR>onreply_route[1] {<BR> # NATed
transaction ?<BR> if (isflagset(6) && status =~
"(183)|2[0-9][0-9]") {<BR># jimmy added for test
++++++++++++++++++++++++++++++++++++++++++++++<BR> if(src_ip=~"192.168.5.*")<BR> {<BR>
;<BR> }else<BR> {<BR>
fix_nated_contact();<BR> }<BR> force_rtp_proxy();<BR>#
-------------------------------------------------------------------<BR>
# otherwise, is it a transaction behind a NAT and we did
not<BR> # know at time of request processing ? (RFC1918
contacts)<BR> } else if (nat_uac_test("1"))
{<BR>
fix_nated_contact();<BR> };<BR>}</DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>Thanks in advance<BR>Jimmy</FONT></DIV></BODY></HTML>