<DIV>How can i get more information about config port range of rtpproxy, </DIV>
<DIV>because not found in onsip.org !</DIV>
<DIV> </DIV>
<DIV>Tks a Lot !</DIV>
<DIV>Freeman</DIV>
<DIV><BR><BR><B><I>harry gaillac <gaillacharry@yahoo.fr></I></B> 說:
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid">Hello,<BR><BR>If ser and rtpproxy run on the same box your ser.cfg<BR>is wrong.<BR><BR>you need to define rtp range ports when you compile<BR>rtpproxy according to the rules of you fiwerall<BR><BR>Look at onsip.org for help ! <BR><BR>Harry <BR>--- Freeman <HYKH080@YAHOO.COM.HK>a 嶰rit :<BR><BR>> Hi,<BR>> <BR>> I installed "Ser-0.8.14" + "nathelper" +<BR>> "rtpproxy" in RedHat 9.0, and add "./rtpproxy" in<BR>> startup script, when i tried both sipsoftphone in<BR>> the internet behind NAT that can connect but "no<BR>> voice" and auto hang-up, but when both sipsoftphone<BR>> in local network that no problem !<BR>> <BR>> Which port range i need release for rtpproxy in the<BR>> firewall ?<BR>> <BR>> my ser.cfg config as below :<BR>> <BR>> # ----------- global configuration parameters<BR>> ------------------------<BR>> #debug=3 # debug
level (cmd line:<BR>> -dddddddddd)<BR>> #fork=yes<BR>> #log_stderror=no # (cmd line: -E)<BR>> /* Uncomment these lines to enter debugging mode <BR>> fork=no<BR>> */<BR>> #log_stderror=yes<BR>> #debug=4<BR>> check_via=no # (cmd. line: -v)<BR>> dns=no # (cmd. line: -r)<BR>> rev_dns=no # (cmd. line: -R)<BR>> #port=5060<BR>> #children=4<BR>> fifo="/tmp/ser_fifo"<BR>> # ------------------ module loading<BR>> ----------------------------------<BR>> <BR>> loadmodule "/usr/local/lib/ser/modules/sl.so"<BR>> loadmodule "/usr/local/lib/ser/modules/tm.so"<BR>> loadmodule "/usr/local/lib/ser/modules/rr.so"<BR>> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"<BR>> loadmodule "/usr/local/lib/ser/modules/usrloc.so"<BR>> loadmodule "/usr/local/lib/ser/modules/registrar.so"<BR>> loadmodule "/usr/local/lib/ser/modules/textops.so"<BR>> loadmodule "/usr/local/lib/ser/modules/nathelper.so"<BR>> # Uncomment this if you want
digest authentication<BR>> # mysql.so must be loaded !<BR>> #loadmodule "/usr/local/lib/ser/modules/dbtext.so"<BR>> #loadmodule "/usr/local/lib/ser/modules/auth.so"<BR>> #loadmodule "/usr/local/lib/ser/modules/auth_db.so"<BR>> #loadmodule "/usr/local/lib/ser/modules/mysql.so"<BR>> # ----------------- setting module-specific<BR>> parameters ---------------<BR>> # -- usrloc params --<BR>> modparam("usrloc", "db_mode", 0)<BR>> #modparam("auth_db", "db_url", "db:/var/dbtext")<BR>> #modparam("auth_db", "user_column", "user")<BR>> #modparam("auth_db", "domain_column", "domain")<BR>> #modparam("auth_db", "password_column", "password")<BR>> #modparam("auth_db", "calculate_ha1", 1)<BR>> #modparam("auth_db", "password_column_2", "ha1_2")<BR>> modparam("registrar", "nat_flag", 6)<BR>> modparam("nathelper", "natping_interval", 30) # Ping<BR>> interval 30 s<BR>> modparam("nathelper", "ping_nated_only", 1) # Ping<BR>> only clients behind
NAT<BR>> modparam("nathelper",<BR>> "rtpproxy_sock","/var/run/rtpproxy.sock")<BR>> # -- auth params --<BR>> # Uncomment if you are using auth module<BR>> #<BR>> #modparam("auth_db", "calculate_ha1", yes)<BR>> #<BR>> # If you set "calculate_ha1" parameter to yes (which<BR>> true in this config), <BR>> # uncomment also the following parameter)<BR>> #<BR>> #modparam("auth_db", "password_column", "password")<BR>> # -- rr params --<BR>> # add value to ;lr param to make some broken UAs<BR>> happy<BR>> modparam("rr", "enable_full_lr", 1)<BR>> # ------------------------- request routing logic<BR>> -------------------<BR>> # main routing logic<BR>> #define NAT_UAC_TEST_C_1918 0x01<BR>> /*<BR>> * test for occurences of RFC1918 addresses in<BR>> Contact<BR>> * header field<BR>> */<BR>> #define NAT_UAC_TEST_RCVD 0x02<BR>> /*<BR>> * test if source address of signaling is different<BR>> from<BR>> * address
advertised in Via<BR>> */<BR>> #define NAT_UAC_TEST_V_1918 0x04<BR>> /*<BR>> * test for occurences of RFC1918 addresses in SDP<BR>> body<BR>> */<BR>> #define NAT_UAC_TEST_S_1918 0x08<BR>> /*<BR>> * test for occurences of RFC1918 addresses top Via<BR>> */<BR>> route{<BR>> # initial sanity checks -- messages with<BR>> # max_forwards==0, or excessively long requests<BR>> if (!mf_process_maxfwd_header("10")) {<BR>> sl_send_reply("483","Too Many Hops");<BR>> break;<BR>> };<BR>> if (msg:len >= max_len ) {<BR>> sl_send_reply("513", "Message too big");<BR>> break;<BR>> };<BR>> if (nat_uac_test("3")) {<BR>> append_hf("Alex-hint: NAThelper\r\n");<BR>> fix_nated_contact(); # Rewrite contact with source<BR>> IP of signalling<BR>> if (method == "REGISTER" || !<BR>> search("^Record-Route:")) {<BR>> #if (www_authorize("iptel.org", "subscriber")) {<BR>> # www_challenge("iptel.org", "1");<BR>> # };<BR>>
if (method == "INVITE") {<BR>> append_hf("Alex-hint: SDP rewritten\r\n");<BR>> fix_nated_sdp("3"); # Add direction=active to SDP<BR>> };<BR>> log("LOG: Someone trying to register from private<BR>> IP, rewriting\n");<BR>> force_rport(); # Add rport parameter to<BR>> topmost Via<BR>> setflag(6); # Mark as NATed<BR>> };<BR>> };<BR>> <BR>> if (!method=="REGISTER") record_route(); <BR>> # subsequent messages withing a dialog should take<BR>> the<BR>> # path determined by record-routing<BR>> if (loose_route()) {<BR>> # mark routing logic in request<BR>> append_hf("P-hint: rr-enforced\r\n"); <BR>> route(1);<BR>> break;<BR>> };<BR>> if (!uri==myself) {<BR>> # mark routing logic in request<BR>> append_hf("P-hint: outbound\r\n"); <BR>> route(1);<BR>> break;<BR>> };<BR>> # if the request is for other domain use UsrLoc<BR>> # (in case, it does not work, use the following<BR>> command<BR>> # with proper
names and addresses in it)<BR>> if (uri==myself) {<BR>> if (method=="REGISTER") {<BR>> save("location");<BR>> break;<BR>> };<BR>> lookup("aliases");<BR>> if (!uri==myself) {<BR>> append_hf("P-hint: outbound alias\r\n"); <BR>> route(1);<BR>> break;<BR>> };<BR>> # native SIP destinations are handled using our<BR>> USRLOC DB<BR>> if (!lookup("location")) {<BR>> sl_send_reply("404", "Not Found");<BR>> break;<BR>> };<BR>> };<BR>> append_hf("P-hint: usrloc applied\r\n"); <BR>> route(1);<BR>> }<BR>> route[1]<BR>> {<BR>> # !! Nathelper<BR>> if (isflagset(6)) {<BR>> force_rtp_proxy();<BR>> append_hf("NAT: ...\r\n");<BR>> };<BR>> # NAT processing of replies; apply to all<BR>> transactions (for example,<BR>> # re-INVITEs from public to private UA are<BR>> hard to identify as<BR>> # NATed at the moment of request<BR>> processing); look at replies<BR>> t_on_reply("1");<BR>> # send it out
now; use stateful forwarding<BR>> as it works reliably<BR>> # even for UDP2TCP<BR>> if (!t_relay()) {<BR>> sl_reply_error();<BR>> };<BR>> }<BR>> # !! Nathelper<BR>> onreply_route[1] {<BR>> # NATed transaction ?<BR>> append_hf("NAT: tes\r\n");<BR>> <BR>=== message truncated ===><BR>_______________________________________________<BR>> Serusers mailing list<BR>> serusers@lists.iptel.org<BR>> http://lists.iptel.org/mailman/listinfo/serusers<BR>> <BR><BR><BR><BR><BR><BR><BR><BR>___________________________________________________________________________ <BR>Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger <BR>T幨嶰hargez cette version sur http://fr.messenger.yahoo.com<BR></BLOCKQUOTE></DIV><p>
                相片電郵測試版一個郵件就可以傳送過百張相片!