<DIV>Harry,</DIV>
<DIV> </DIV>
<DIV>I tried reinstall ser-0.8.14 and rtpproxy in same box, i create two start script for ser and rtpproxy :</DIV>
<DIV> </DIV>
<DIV>for ser</DIV>
<DIV>/usr/local/bin/ser start</DIV>
<DIV> </DIV>
<DIV>for rtpproxy</DIV>
<DIV>cd /</DIV>
<DIV>./usr/local/bin/rtpproxy</DIV>
<DIV> </DIV>
<DIV>and the ser.cfg, i following the ser-0.9.0 nathelper.cfg, but i tried connect both softphone outside the internet and behind NAT, but "No Voice" and "auto hang-up" !</DIV>
<DIV> </DIV>
<DIV>Please help to fix the problem !</DIV>
<DIV> </DIV>
<DIV>for ser.cfg</DIV>
<DIV> </DIV>
<DIV>#<BR># $Id: nathelper.cfg,v 1.1 2003/11/10 14:15:36 janakj Exp $<BR>#<BR># simple quick-start config script including nathelper support</DIV>
<DIV># This default script includes nathelper support. To make it work<BR># you will also have to install Maxim's RTP proxy. The proxy is enforced<BR># if one of the parties is behind a NAT.<BR>#<BR># If you have an endpoing in the public internet which is known to<BR># support symmetric RTP (Cisco PSTN gateway or voicemail, for example),<BR># then you don't have to force RTP proxy. If you don't want to enforce<BR># RTP proxy for some destinations than simply use t_relay() instead of<BR># route(1)<BR>#<BR># Sections marked with !! Nathelper contain modifications for nathelper<BR>#<BR># NOTE !! This config is EXPERIMENTAL !<BR>#<BR># ----------- global configuration parameters ------------------------</DIV>
<DIV>debug=3 # debug level (cmd line: -dddddddddd)<BR>fork=yes<BR>log_stderror=no # (cmd line: -E)</DIV>
<DIV>/* Uncomment these lines to enter debugging mode <BR>fork=no<BR>log_stderror=yes<BR>*/</DIV>
<DIV>check_via=no # (cmd. line: -v)<BR>dns=no # (cmd. line: -r)<BR>rev_dns=no # (cmd. line: -R)<BR>port=5060<BR>children=4<BR>fifo="/tmp/ser_fifo"</DIV>
<DIV># ------------------ module loading ----------------------------------</DIV>
<DIV># Uncomment this if you want to use SQL database<BR>#loadmodule "/usr/local/lib/ser/modules/mysql.so"</DIV>
<DIV>loadmodule "/usr/local/lib/ser/modules/sl.so"<BR>loadmodule "/usr/local/lib/ser/modules/tm.so"<BR>loadmodule "/usr/local/lib/ser/modules/rr.so"<BR>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"<BR>loadmodule "/usr/local/lib/ser/modules/usrloc.so"<BR>loadmodule "/usr/local/lib/ser/modules/registrar.so"<BR>loadmodule "/usr/local/lib/ser/modules/textops.so"</DIV>
<DIV># Uncomment this if you want digest authentication<BR># mysql.so must be loaded !<BR>#loadmodule "/usr/local/lib/ser/modules/auth.so"<BR>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"</DIV>
<DIV># !! Nathelper<BR>loadmodule "/usr/local/lib/ser/modules/nathelper.so"</DIV>
<DIV># ----------------- setting module-specific parameters ---------------</DIV>
<DIV># -- usrloc params --</DIV>
<DIV>modparam("usrloc", "db_mode", 0)</DIV>
<DIV># Uncomment this if you want to use SQL database <BR># for persistent storage and comment the previous line<BR>#modparam("usrloc", "db_mode", 2)</DIV>
<DIV># -- auth params --<BR># Uncomment if you are using auth module<BR>#<BR>#modparam("auth_db", "calculate_ha1", yes)<BR>#<BR># If you set "calculate_ha1" parameter to yes (which true in this config), <BR># uncomment also the following parameter)<BR>#<BR>#modparam("auth_db", "password_column", "password")</DIV>
<DIV># -- rr params --<BR># add value to ;lr param to make some broken UAs happy<BR>modparam("rr", "enable_full_lr", 1)</DIV>
<DIV># !! Nathelper<BR>modparam("registrar", "nat_flag", 6)<BR>modparam("nathelper", "natping_interval", 30) # Ping interval 30 s<BR>modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT</DIV>
<DIV># ------------------------- request routing logic -------------------</DIV>
<DIV># main routing logic</DIV>
<DIV>route{</DIV>
<DIV> # initial sanity checks -- messages with<BR> # max_forwards==0, or excessively long requests<BR> if (!mf_process_maxfwd_header("10")) {<BR> sl_send_reply("483","Too Many Hops");<BR> break;<BR> };<BR> if (msg:len >= max_len ) {<BR> sl_send_reply("513", "Message too big");<BR> break;<BR> };</DIV>
<DIV> # !! Nathelper<BR> # Special handling for NATed clients; first, NAT test is<BR> # executed: it looks for via!=received and RFC1918 addresses<BR> # in Contact (may fail if line-folding is used); also,<BR> # the received test should, if completed, should check all<BR> # vias for rpesence of received<BR> if (nat_uac_test("3")) {<BR> # Allow RR-ed requests, as these may indicate that<BR> # a NAT-enabled proxy takes care of it; unless it is<BR> # a REGISTER</DIV>
<DIV> if (method == "REGISTER" || ! search("^Record-Route:")) {<BR> log("LOG: Someone trying to register from private IP, rewriting\n");</DIV>
<DIV> # This will work only for user agents that support symmetric<BR> # communication. We tested quite many of them and majority is<BR> # smart enough to be symmetric. In some phones it takes a configuration<BR> # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is<BR> # called "symmetric media" and "symmetric signalling".</DIV>
<DIV> fix_nated_contact(); # Rewrite contact with source IP of signalling<BR> if (method == "INVITE") {<BR> fix_nated_sdp("1"); # Add direction=active to SDP<BR> };<BR> force_rport(); # Add rport parameter to topmost Via<BR> setflag(6); # Mark as NATed<BR> };<BR> };</DIV>
<DIV> # we record-route all messages -- to make sure that<BR> # subsequent messages will go through our proxy; that's<BR> # particularly good if upstream and downstream entities<BR> # use different transport protocol<BR> if (!method=="REGISTER") record_route(); </DIV>
<DIV> # subsequent messages withing a dialog should take the<BR> # path determined by record-routing<BR> if (loose_route()) {<BR> # mark routing logic in request<BR> append_hf("P-hint: rr-enforced\r\n"); <BR> route(1);<BR> break;<BR> };</DIV>
<DIV> if (!uri==myself) {<BR> # mark routing logic in request<BR> append_hf("P-hint: outbound\r\n"); <BR> route(1);<BR> break;<BR> };</DIV>
<DIV> # if the request is for other domain use UsrLoc<BR> # (in case, it does not work, use the following command<BR> # with proper names and addresses in it)<BR> if (uri==myself) {</DIV>
<DIV> if (method=="REGISTER") {</DIV>
<DIV># Uncomment this if you want to use digest authentication<BR># if (!www_authorize("iptel.org", "subscriber")) {<BR># www_challenge("iptel.org", "0");<BR># break;<BR># };</DIV>
<DIV> save("location");<BR> break;<BR> };</DIV>
<DIV> lookup("aliases");<BR> if (!uri==myself) {<BR> append_hf("P-hint: outbound alias\r\n"); <BR> route(1);<BR> break;<BR> };</DIV>
<DIV> # native SIP destinations are handled using our USRLOC DB<BR> if (!lookup("location")) {<BR> sl_send_reply("404", "Not Found");<BR> break;<BR> };<BR> };<BR> append_hf("P-hint: usrloc applied\r\n"); <BR> route(1);<BR>}</DIV>
<DIV>route[1] <BR>{<BR> # !! Nathelper<BR> if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){<BR> sl_send_reply("479", "We don't forward to private IP addresses");<BR> break;<BR> };<BR> <BR> # if client or server know to be behind a NAT, enable relay<BR> if (isflagset(6)) {<BR> force_rtp_proxy();<BR> };</DIV>
<DIV> # NAT processing of replies; apply to all transactions (for example,<BR> # re-INVITEs from public to private UA are hard to identify as<BR> # NATed at the moment of request processing); look at replies<BR> t_on_reply("1");</DIV>
<DIV> # send it out now; use stateful forwarding as it works reliably<BR> # even for UDP2TCP<BR> if (!t_relay()) {<BR> sl_reply_error();<BR> };<BR>}</DIV>
<DIV># !! Nathelper<BR>onreply_route[1] {<BR> # NATed transaction ?<BR> if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {<BR> fix_nated_contact();<BR> force_rtp_proxy();<BR> # otherwise, is it a transaction behind a NAT and we did not<BR> # know at time of request processing ? (RFC1918 contacts)<BR> } else if (nat_uac_test("1")) {<BR> fix_nated_contact();<BR> };<BR>}<BR><BR><BR><B><I>harry gaillac <gaillacharry@yahoo.fr></I></B> 說:</DIV>
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid">hello,<BR><BR>rtpproxy is not documented unless you look at sources<BR><BR>it's a good idea but onsip.org need some fixings too<BR>many people waste time to ask for the same problems on<BR>mailing list.<BR><BR>documentation is not updated or missing.<BR>you can reply me: "do you want to write how-to ?"<BR><BR>onsip.org help me however i spent time (not waste<BR>time) to understand why i could not call others<BR>domains or get rtp streams with proxy rtp.<BR><BR>Regards<BR><BR>Harry<BR><BR><BR>--- "Greger V. Teigre" <GREGER@TEIGRE.COM>a 嶰rit :<BR><BR>> I have registered the following issue with a<BR>> suggestion for README text:<BR>> http://bugs.sip-router.org/browse/SER-45<BR>> <BR>> I encourage everybody to register documentation<BR>> needs!!<BR>> g-)<BR>> <BR>> harry gaillac wrote:<BR>> > look at rtpp_defines.h<BR>> > re-compile
rtpproxy.<BR>> > put a rtpproxy script in /etc/rc.d/init.d redhat<BR>> > you must add option in this script if ser run on<BR>> the<BR>> > same box.<BR>> > So look at your ser.cfg script if you want call<BR>> others<BR>> > domains or your own domain<BR>> ><BR>> > Harry<BR>> ><BR>> ><BR>> > --- Freeman <HYKH080@YAHOO.COM.HK>a 嶰rit :<BR>> ><BR>> >> How can i get more information about config port<BR>> >> range of rtpproxy,<BR>> >> because not found in onsip.org !<BR>> >><BR>> >> Tks a Lot !<BR>> >> Freeman<BR>> >><BR>> >><BR>> >> harry gaillac <GAILLACHARRY@YAHOO.FR>說:Hello,<BR>> >><BR>> >> If ser and rtpproxy run on the same box your<BR>> ser.cfg<BR>> >> is wrong.<BR>> >><BR>> >> you need to define rtp range ports when you<BR>> compile<BR>> >> rtpproxy according to the
rules of you fiwerall<BR>> >><BR>> >> Look at onsip.org for help !<BR>> >><BR>> >> Harry<BR>> >> --- Freeman a 嶰rit :<BR>> >><BR>> >>> Hi,<BR>> >>><BR>> >>> I installed "Ser-0.8.14" + "nathelper" +<BR>> >>> "rtpproxy" in RedHat 9.0, and add "./rtpproxy"<BR>> in<BR>> >>> startup script, when i tried both sipsoftphone<BR>> in<BR>> >>> the internet behind NAT that can connect but "no<BR>> >>> voice" and auto hang-up, but when both<BR>> >> sipsoftphone<BR>> >>> in local network that no problem !<BR>> >>><BR>> >>> Which port range i need release for rtpproxy in<BR>> >> the<BR>> >>> firewall ?<BR>> >>><BR>> >>> my ser.cfg config as below :<BR>> >>><BR>> >>> # ----------- global configuration parameters<BR>> >>>
------------------------<BR>> >>> #debug=3 # debug level (cmd line:<BR>> >>> -dddddddddd)<BR>> >>> #fork=yes<BR>> >>> #log_stderror=no # (cmd line: -E)<BR>> >>> /* Uncomment these lines to enter debugging mode<BR>> >>> fork=no<BR>> >>> */<BR>> >>> #log_stderror=yes<BR>> >>> #debug=4<BR>> >>> check_via=no # (cmd. line: -v)<BR>> >>> dns=no # (cmd. line: -r)<BR>> >>> rev_dns=no # (cmd. line: -R)<BR>> >>> #port=5060<BR>> >>> #children=4<BR>> >>> fifo="/tmp/ser_fifo"<BR>> >>> # ------------------ module loading<BR>> >>> ----------------------------------<BR>> >>><BR>> >>> loadmodule "/usr/local/lib/ser/modules/sl.so"<BR>> >>> loadmodule "/usr/local/lib/ser/modules/tm.so"<BR>> >>> loadmodule "/usr/local/lib/ser/modules/rr.so"<BR>>
>>> loadmodule<BR>> "/usr/local/lib/ser/modules/maxfwd.so"<BR>> >>> loadmodule<BR>> "/usr/local/lib/ser/modules/usrloc.so"<BR>> >>> loadmodule<BR>> >> "/usr/local/lib/ser/modules/registrar.so"<BR>> >>> loadmodule<BR>> "/usr/local/lib/ser/modules/textops.so"<BR>> >>> loadmodule<BR>> >> "/usr/local/lib/ser/modules/nathelper.so"<BR>> >>> # Uncomment this if you want digest<BR>> authentication<BR>> >>> # mysql.so must be loaded !<BR>> >>> #loadmodule<BR>> "/usr/local/lib/ser/modules/dbtext.so"<BR>> >>> #loadmodule "/usr/local/lib/ser/modules/auth.so"<BR>> >>> #loadmodule<BR>> >> "/usr/local/lib/ser/modules/auth_db.so"<BR>> >>> #loadmodule<BR>> "/usr/local/lib/ser/modules/mysql.so"<BR>> >>> # ----------------- setting module-specific<BR>> >>> parameters ---------------<BR>> >>> #
-- usrloc params --<BR>> >>> modparam("usrloc", "db_mode", 0)<BR>> >>> #modparam("auth_db", "db_url", "db:/var/dbtext")<BR>> >>> #modparam("auth_db", "user_column", "user")<BR>> >>> #modparam("auth_db", "domain_column", "domain")<BR>> >>> #modparam("auth_db", "password_column",<BR>> >> "password")<BR>> >>> #modparam("auth_db", "calculate_ha1", 1)<BR>> >>> #modparam("auth_db", "password_column_2",<BR>> "ha1_2")<BR>> >>> modparam("registrar", "nat_flag", 6)<BR>> >>> modparam("nathelper", "natping_interval", 30) #<BR>> >> Ping<BR>> >>> interval 30 s<BR>> >>> modparam("nathelper", "ping_nated_only", 1) #<BR>> Ping<BR>> >>> only clients behind NAT<BR>> >>> modparam("nathelper",<BR>> >>> "rtpproxy_sock","/var/run/rtpproxy.sock")<BR>> >>> # -- auth params --<BR>> >>> #
Uncomment if you are using auth module<BR>> >>> #<BR>> >>> #modparam("auth_db", "calculate_ha1", yes)<BR>> >>> #<BR>> >>> # If you set "calculate_ha1" parameter to yes<BR>> >> (which<BR>> >>> true in this config),<BR>> >>> # uncomment also the following parameter)<BR>> >>> #<BR>> >>> #modparam("auth_db", "password_column",<BR>> >> "password")<BR>> >>> # -- rr params --<BR>> >>> # add value to ;lr param to make some broken UAs<BR>> >>> happy<BR>> >>> modparam("rr", "enable_full_lr", 1)<BR>> >>> # ------------------------- request routing<BR>> logic<BR>> >>> -------------------<BR>> >>> # main routing logic<BR>> >>> #define NAT_UAC_TEST_C_1918 0x01<BR>> >>> /*<BR>> >>> * test for occurences of RFC1918 addresses in<BR>> >>> Contact<BR>>
>>> * header field<BR>> >>> */<BR>> >>> #define NAT_UAC_TEST_RCVD 0x02<BR>> >>> /*<BR>> >>> * test if source address of signaling is<BR>> different<BR>> >>> from<BR>> >>> * address advertised in Via<BR>> >>> */<BR>> >>> #define NAT_UAC_TEST_V_1918 0x04<BR>> >>> /*<BR>> >>> * test for occurences of RFC1918 addresses in<BR>> SDP<BR>> >>> body<BR>> >>> */<BR>> >>> #define NAT_UAC_TEST_S_1918 0x08<BR>> >>> /*<BR>> >>> * test for occurences of RFC1918 addresses top<BR>> Via<BR>> >>> */<BR>> >>> route{<BR>> >>> # initial sanity checks -- messages with<BR>> >>> # max_forwards==0, or excessively long requests<BR>> >>> if (!mf_process_maxfwd_header("10")) {<BR>> >>> sl_send_reply("483","Too Many Hops");<BR>> >>>
break;<BR>> >>> };<BR>> >>> if (msg:len >= max_len ) {<BR>> >>> sl_send_reply("513", "Message too big");<BR>> >>> break;<BR>> >>> };<BR>> >>> if (nat_uac_test("3")) {<BR>> >>> append_hf("Alex-hint: NAThelper\r\n");<BR>> >>> fix_nated_contact(); # Rewrite contact with<BR>> source<BR>> >>> IP of signalling<BR>> >>> if (method == "REGISTER" || !<BR>> >>> search("^Record-Route:")) {<BR>> >>> #if (www_authorize("iptel.org", "subscriber")) {<BR>> >>> # www_challenge("iptel.org", "1");<BR>> >>> # };<BR>> >>> if (method == "INVITE") {<BR>> >>> append_hf("Alex-hint: SDP rewritten\r\n");<BR>> >>> fix_nated_sdp("3"); # Add direction=active to<BR>> SDP<BR>> >>> };<BR>> >>> log("LOG: Someone trying to register from<BR>> private<BR>> <BR>=== message
truncated ===<BR><BR><BR><BR><BR><BR><BR><BR>___________________________________________________________________________ <BR>Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger <BR>T幨嶰hargez cette version sur http://fr.messenger.yahoo.com<BR><BR>_______________________________________________<BR>Serusers mailing list<BR>serusers@lists.iptel.org<BR>http://lists.iptel.org/mailman/listinfo/serusers<BR></BLOCKQUOTE><p>
有即時通知,收艂