[OpenSIPS-Users] RTPProxy to link two networks
Jeryes .
jeryes at voicetechnology.com.br
Fri Oct 18 16:11:05 CEST 2013
Michele,
I am not sure that the flags "ro" are enough to run in bridge mode on
rtpproxy_offer and rtpproxy_answer , take a look to the flags i and e on
rtpproxy module:
http://www.opensips.org/html/docs/modules/devel/rtpproxy.html#id293867
Em 18/10/2013 10:52, "Jeryes ." <jeryes at voicetechnology.com.br> escreveu:
> Hi Michele!
>
> Is your rtpproxy running on bridge mode?
> Em 18/10/2013 10:02, "Michele Pinassi" <michele.pinassi at unisi.it>
> escreveu:
>
>> Hi all,
>>
>> i have Opensips on a server with two interfaces, PUBLIC and PRIVATE
>> (172.20.x.x).
>>
>> This is my opensips.cfg:
>>
>> ####### Routing Logic ########
>> route {
>> force_rport();
>>
>> if (is_method("INVITE")) {
>> if (!get_source_group("$var(group)") ) {
>> $var(group) = 3; /* Default value */
>> }
>>
>> # User group:
>> # 1 = Internal VoIP subnet 172.20
>> # 2 = External VoIP subnet but inside Unisi context 172.16 |
>> 10.0.0
>> # 3 = Outside/foreign (not allowed)
>>
>> xlog("L_INFO", "User group is $var(group)
>> [$fd/$fu/$rd/$ru/$si]\n");
>>
>> if ($var(group) == 2) { # Outside VoIP LAN
>> if (is_method("REGISTER")) {
>> fix_nated_register();
>> setbflag(NAT);
>> } else {
>> fix_nated_contact();
>> setflag(NAT);
>> }
>> }
>> }
>>
>> if (!mf_process_maxfwd_header("10")) {
>> sl_send_reply("483","Too Many Hops");
>> exit;
>> }
>>
>> # Verifica che l'IP provenga da una rete abilitata (address table)
>> if (!check_address("0","$si","$sp","$proto")) {
>> xlog("L_INFO","IP $si Forbidden");
>> sl_send_reply("403", "Forbidden");
>> }
>>
>> if (has_totag()) {
>> # sequential request withing a dialog should
>> # take the path determined by record-routing
>> if (loose_route()) {
>>
>> # validate the sequential request against dialog
>> if ( $DLG_status!=NULL && !validate_dialog() ) {
>> xlog("In-Dialog $rm from $si (callid=$ci) is not valid
>> according to dialog\n");
>> ## exit;
>> }
>>
>> if (is_method("BYE")) {
>> setflag(ACC_DO); # do accounting ...
>> setflag(ACC_FAILED); # ... even if the transaction fails
>> } else if (is_method("INVITE")) {
>> # even if in most of the cases is useless, do RR for
>> # re-INVITEs alos, as some buggy clients do change route
>> set
>> # during the dialog.
>> record_route();
>> }
>>
>> if (check_route_param("nat=yes"))
>> setflag(NAT);
>>
>> # route it out to whatever destination was set by
>> loose_route()
>> # in $du (destination URI).
>> route(relay);
>> } else {
>> if (is_method("SUBSCRIBE") && $rd == "127.0.0.1:5060") { #
>> CUSTOMIZE ME
>> # in-dialog subscribe requests
>> route(handle_presence);
>> exit;
>> }
>> if ( is_method("ACK") ) {
>> if ( t_check_trans() ) {
>> # non loose-route, but stateful ACK; must be an ACK
>> after
>> # a 487 or e.g. 404 from upstream server
>> t_relay();
>> exit;
>> } else {
>> # ACK without matching transaction ->
>> # ignore and discard
>> exit;
>> }
>> }
>> sl_send_reply("404","Not here");
>> }
>> exit;
>> }
>>
>> # CANCEL processing
>> if (is_method("CANCEL"))
>> {
>> if (t_check_trans())
>> t_relay();
>> exit;
>> }
>>
>> t_check_trans();
>>
>> if ( !(is_method("REGISTER") || is_from_gw() ) ) {
>> if (is_from_local()) {
>> if (!proxy_authorize("", "subscriber")) {
>> proxy_challenge("", "0");
>> exit;
>> }
>> if (!db_check_from()) {
>> sl_send_reply("403","Forbidden auth ID");
>> exit;
>> }
>>
>> consume_credentials();
>> } else {
>> if (!is_uri_host_local()) {
>> send_reply("403","Rely forbidden");
>> exit;
>> }
>> }
>>
>> }
>>
>> # preloaded route checking
>> if (loose_route()) {
>> xlog("L_ERR", "Attempt to route with preloaded Route's
>> [$fu/$tu/$ru/$ci]");
>> if (!is_method("ACK"))
>> sl_send_reply("403","Preload Route denied");
>> exit;
>> }
>>
>> # record routing
>> if (!is_method("REGISTER|MESSAGE"))
>> record_route();
>>
>> # account only INVITEs
>> if (is_method("INVITE")) {
>> # create dialog with timeout
>> if ( !create_dialog("B") ) {
>> send_reply("500","Internal Server Error");
>> exit;
>> }
>>
>> setflag(ACC_DO); # do accounting
>> }
>>
>>
>> if (!is_uri_host_local()) {
>> append_hf("P-hint: outbound\r\n");
>>
>> route(relay);
>> }
>>
>> # requests for my domain
>>
>> if( is_method("PUBLISH|SUBSCRIBE"))
>> route(handle_presence);
>>
>> if (is_method("REGISTER"))
>> {
>>
>> # authenticate the REGISTER requests
>> if (!www_authorize("", "subscriber"))
>> {
>> www_challenge("", "0");
>> exit;
>> }
>>
>> if (!db_check_to())
>> {
>> sl_send_reply("403","Forbidden auth ID");
>> exit;
>> }
>>
>> if ( 0 ) setflag(TCP_PERSISTENT);
>>
>> if (!save("location"))
>> sl_reply_error();
>>
>> exit;
>> }
>>
>> if ($rU==NULL) {
>> # request with no Username in RURI
>> sl_send_reply("484","Address Incomplete");
>> exit;
>> }
>>
>>
>> # apply DB based aliases
>> alias_db_lookup("dbaliases");
>>
>> # do lookup with method filtering
>> if (!lookup("location","m")) {
>> switch ($retcode) {
>> case -1: # Note here: check for blacklist numbers
>> if (!check_blacklist("globalblacklist")) {
>> sl_send_reply("403", "Forbidden");
>> exit;
>> }
>>
>> # Check for user ACLs
>> if($rU=~"^\0") {
>> if(!db_is_user_in("Credentials","extern")) {
>> xlog("L_INFO","403 - Forbidden
>> [$fd/$fu/$rd/$ru/$si]\n");
>> sl_send_reply("403", "Forbidden - No permission for
>> external calls");
>> exit;
>> }
>> }
>>
>> # Then route it !
>> cr_user_carrier("$fU", "$fd", "$avp(carrier)");
>> if($avp(carrier)==0) {
>> xlog("L_INFO","Not here: default route
>> [$fd/$fu/$rd/$ru/$si]\n");
>>
>> if($(rU{s.len}) < 4) {
>> xlog("L_ERR", "Number incomplete/failure for $rU\n");
>> prefix("FAIL_");
>> route(vmbox);
>> }
>>
>> if(!cr_route("default", "$fd", "$rU", "$rU",
>> "call_id", "$avp(host)")) {
>> xlog("L_ERR", "Number not found for $rU\n");
>> prefix("FAIL_");
>> route(vmbox);
>> }
>> } else {
>> xlog("L_INFO","Not here: user route
>> [$fd/$fu/$rd/$ru/$si/$avp(carrier)]\n");
>>
>> $avp(domain)="voip.unisi.it";
>> if (!cr_route("$avp(carrier)", "$avp(domain)",
>> "$rU", "$rU","call_id", "$avp(host)")) {
>> sl_send_reply("404", "Not found");
>> xlog("L_ERR", "cr_route failed\n");
>> exit;
>> }
>> }
>>
>> t_on_failure("missed_call");
>>
>> if (!t_relay()) {
>> sl_reply_error();
>> };
>> exit;
>> case -3: # internal error
>> t_newtran();
>> t_reply("404", "Not Found");
>> exit;
>> case -2: # method not supported
>> sl_send_reply("405", "Method Not Allowed");
>> exit;
>> }
>> }
>>
>> if (isbflagset(NAT)) setflag(NAT);
>>
>> # when routing via usrloc, log the missed calls also
>> setflag(ACC_MISSED);
>> route(relay);
>> }
>>
>>
>> route[relay] {
>> # for INVITEs enable some additional helper routes
>> if (is_method("INVITE")) {
>>
>> if (isflagset(NAT)) {
>> rtpproxy_offer("ro");
>> }
>>
>> t_on_branch("per_branch_ops");
>> t_on_reply("handle_nat");
>> t_on_failure("missed_call");
>> }
>>
>> if (isflagset(NAT)) {
>> add_rr_param(";nat=yes");
>> }
>>
>> if (!t_relay()) {
>> send_reply("500","Internal Error");
>> };
>> exit;
>> }
>>
>>
>> # Presence route
>> route[handle_presence]
>> {
>> if (!t_newtran())
>> {
>> sl_reply_error();
>> exit;
>> }
>>
>> if(is_method("PUBLISH"))
>> {
>> handle_publish();
>> }
>> else
>> if( is_method("SUBSCRIBE"))
>> {
>> handle_subscribe();
>> }
>>
>> exit;
>> }
>>
>>
>> branch_route[per_branch_ops] {
>> xlog("new branch at $ru\n");
>> }
>>
>>
>> onreply_route[handle_nat] {
>> if (nat_uac_test("1"))
>> fix_nated_contact();
>> if ( isflagset(NAT) )
>> rtpproxy_answer("ro");
>> # xlog("incoming reply\n");
>> }
>>
>>
>> failure_route[missed_call] {
>> if (t_was_cancelled()) {
>> exit;
>> }
>>
>> if (t_check_status("408|5[0-9][0-9]")) {
>> if(!cr_route("default", "$fd", "$rU", "$rU", "call_id",
>> "$avp(host)")){
>> t_reply("403", "Not allowed");
>> } else {
>> revert_uri();
>> prefix("FAILURE_");
>> rewritehostport("172.20.1.5:5060");
>> t_relay();
>> }
>> }
>> }
>>
>> route[vmbox] {
>> xlog("L_INFO","Route VMBOX [$fd/$fu/$rd/$ru/$si/]\n");
>>
>> rewritehostport("172.20.1.5:5060");
>>
>> route(relay);
>> }
>>
>>
>> local_route {
>> if (is_method("BYE") && $DLG_dir=="UPSTREAM") {
>>
>> acc_db_request("200 Dialog Timeout", "acc");
>>
>> }
>> }
>>
>> SIP Signaling works but RTP (Voice) not. If i register a device like
>> "sip:5001 at 10.1.65.117" call signalling works but voice not.
>>
>> Any hint ?
>>
>> Thanks, Michele
>>
>> --
>> Michele Pinassi
>> Responsabile Telefonia di Ateneo
>> Servizio Reti, Sistemi e Sicurezza Informatica - Università degli Studi
>> di Siena
>> tel: 0577.(23)2169 - fax: 0577.(23)2053
>>
>> Per trovare una soluzione rapida ai tuoi problemi tecnici
>> consulta le FAQ di Ateneo, http://www.faq.unisi.it
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20131018/e2a08161/attachment-0001.htm>
More information about the Users
mailing list