<div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div>HI,</div><div>I have a opensips servers in a private network, IP address: 10.34.14.24, now I'm going to this private network address 1: 1 NAT to public networks, and modify the opensips.cfg profile. Register now through the public network clients can conduct video and audio communications, and work very well.</div><div><br></div><div>Now I need to add a network card (IP: 192.168.100.100) on opensips server, and directly connected to a sip client (IP: 192.168.100.200) through this card.</div><div><br></div><div>How should I modify opensips.cfg, make public sip client the private network sip client to communicate it?</div><div><br></div><div>Attach opensips.cfg I now use:</div><div><br></div><div><br></div><div><br></div><div><div>#</div><div># $Id$</div><div>#</div><div># OpenSIPS residential configuration script</div><div># by OpenSIPS Solutions <<a href="mailto:team@opensips-solutions.com" target="_blank">team@opensips-solutions.com</a>></div><div>#</div><div># This script was generated via "make menuconfig", from</div><div># the "Residential" scenario.</div><div># You can enable / disable more features / functionalities by</div><div># re-generating the scenario with different options.#</div><div>#</div><div># Please refer to the Core CookBook at:</div><div># <a href="http://www.opensips.org/Resources/DocsCookbooks" target="_blank">http://www.opensips.org/Resources/DocsCookbooks</a></div><div># for a explanation of possible statements, functions and parameters.</div><div>#</div><div><br></div><div><br></div><div>####### Global Parameters #########</div><div><br></div><div>debug=3</div><div>log_stderror=no</div><div>log_facility=LOG_LOCAL0</div><div><br></div><div>fork=yes</div><div>children=4</div><div><br></div><div>/* uncomment the following lines to enable debugging */</div><div>#debug=6</div><div>#fork=no</div><div>#log_stderror=yes</div><div><br></div><div>/* uncomment the next line to enable the auto temporary blacklisting of </div><div> not available destinations (default disabled) */</div><div>#disable_dns_blacklist=no</div><div><br></div><div>/* uncomment the next line to enable IPv6 lookup after IPv4 dns </div><div> lookup failures (default disabled) */</div><div>#dns_try_ipv6=yes</div><div><br></div><div>/* comment the next line to enable the auto discovery of local aliases</div><div> based on revers DNS on IPs */</div><div>auto_aliases=no</div><div><br></div><div>advertised_address=61.132.137.100</div><div>alias=61.132.137.100</div><div><br></div><div>listen=udp:<a href="http://10.34.14.24:5060" target="_blank">10.34.14.24:5060</a> # CUSTOMIZE ME</div><div>#listen=udp:<a href="http://10.34.240.150:5060" target="_blank">10.34.240.150:5060</a></div><div><br></div><div>disable_tcp=yes</div><div><br></div><div>disable_tls=yes</div><div><br></div><div><br></div><div>####### Modules Section ########</div><div><br></div><div>#set module path</div><div>mpath="/usr/local/opensips/lib64/opensips/modules"</div><div><br></div><div>#### SIGNALING module</div><div>loadmodule "signaling.so"</div><div><br></div><div>#### StateLess module</div><div>loadmodule "sl.so"</div><div><br></div><div>#### Transaction Module</div><div>loadmodule "tm.so"</div><div>modparam("tm", "fr_timer", 5)</div><div>modparam("tm", "fr_inv_timer", 30)</div><div>modparam("tm", "restart_fr_on_each_reply", 0)</div><div>modparam("tm", "onreply_avp_mode", 1)</div><div><br></div><div>#### Record Route Module</div><div>loadmodule "rr.so"</div><div>/* do not append from tag to the RR (no need for this script) */</div><div>modparam("rr", "append_fromtag", 0)</div><div><br></div><div>#### MAX ForWarD module</div><div>loadmodule "maxfwd.so"</div><div><br></div><div>#### SIP MSG OPerationS module</div><div>loadmodule "sipmsgops.so"</div><div><br></div><div>#### FIFO Management Interface</div><div>loadmodule "mi_fifo.so"</div><div>modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")</div><div><br></div><div><br></div><div>#### URI module</div><div>loadmodule "uri.so"</div><div>modparam("uri", "use_uri_table", 0)</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div>#### USeR LOCation module</div><div>loadmodule "usrloc.so"</div><div>modparam("usrloc", "nat_bflag", 10)</div><div>modparam("usrloc", "db_mode", 0)</div><div><br></div><div>#### REGISTRAR module</div><div>loadmodule "registrar.so"</div><div>modparam("registrar", "tcp_persistent_flag", 7)</div><div><br></div><div>/* uncomment the next line not to allow more than 10 contacts per AOR */</div><div>#modparam("registrar", "max_contacts", 10)</div><div><br></div><div>#### ACCounting module</div><div>loadmodule "acc.so"</div><div>/* what special events should be accounted ? */</div><div>modparam("acc", "early_media", 0)</div><div>modparam("acc", "report_cancels", 0)</div><div>/* by default we do not adjust the direct of the sequential requests.</div><div> if you enable this parameter, be sure the enable "append_fromtag"</div><div> in "rr" module */</div><div>modparam("acc", "detect_direction", 0)</div><div>modparam("acc", "failed_transaction_flag", 3)</div><div>/* account triggers (flags) */</div><div>modparam("acc", "log_flag", 1)</div><div>modparam("acc", "log_missed_flag", 2)</div><div><br></div><div>### Authenticated by MySQL ###</div><div>loadmodule "db_mysql.so"</div><div>loadmodule "auth.so"</div><div>loadmodule "auth_db.so"</div><div><br></div><div>modparam("usrloc", "db_mode", 2)</div><div>modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")</div><div>modparam("auth_db", "calculate_ha1", yes)</div><div>modparam("auth_db", "password_column", "password")</div><div>modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")</div><div>modparam("auth_db", "load_credentials", "")</div><div>### End Authentivated by MySQL ###</div><div><br></div><div>loadmodule "domain.so"</div><div>modparam("domain", "db_url","mysql://opensips:opensipsrw@localhost/opensips")</div><div>modparam("domain", "db_mode", 1) # Use caching</div><div><br></div><div>loadmodule "nat_traversal.so"</div><div>modparam("nat_traversal", "keepalive_interval", 90)</div><div><br></div><div>#### nathelper module</div><div>loadmodule "nathelper.so"</div><div>modparam("nathelper", "natping_interval", 30)</div><div>modparam("nathelper", "sipping_from", "<a href="mailto:sip%3Apinger@opensips.org" target="_blank">sip:pinger@opensips.org</a>")</div><div>modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")</div><div><br></div><div>#### Modulo rtpproxy (forcar o audio atraves do opensips)</div><div>loadmodule "rtpproxy.so"</div><div>modparam("rtpproxy", "rtpproxy_sock", "udp:<a href="http://127.0.0.1:7890" target="_blank">127.0.0.1:7890</a>")</div><div>modparam("nathelper", "force_socket", "udp:<a href="http://127.0.0.1:7890" target="_blank">127.0.0.1:7890</a>")</div><div>modparam("rtpproxy", "rtpproxy_autobridge", 1)</div><div><br></div><div><br></div><div>####### Routing Logic ########</div><div><br></div><div># main request routing logic</div><div><br></div><div>route{</div><div><span style="white-space:pre-wrap"> </span></div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (!mf_process_maxfwd_header("10")) {</div><div><span style="white-space:pre-wrap"> </span>sl_send_reply("483","Too Many Hops");</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (has_totag()) {</div><div><span style="white-space:pre-wrap"> </span># sequential requests within a dialog should</div><div><span style="white-space:pre-wrap"> </span># take the path determined by record-routing</div><div><span style="white-space:pre-wrap"> </span>if (loose_route()) {</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if (is_method("BYE")) {</div><div><span style="white-space:pre-wrap"> </span>setflag(1); # do accounting ...</div><div><span style="white-space:pre-wrap"> </span>setflag(3); # ... even if the transaction fails</div><div><span style="white-space:pre-wrap"> </span>} else if (is_method("INVITE")) {</div><div><span style="white-space:pre-wrap"> </span># even if in most of the cases is useless, do RR for</div><div><span style="white-space:pre-wrap"> </span># re-INVITEs alos, as some buggy clients do change route set</div><div><span style="white-space:pre-wrap"> </span># during the dialog.</div><div><span style="white-space:pre-wrap"> </span>record_route();</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span></div><div><br></div><div><span style="white-space:pre-wrap"> </span># route it out to whatever destination was set by loose_route()</div><div><span style="white-space:pre-wrap"> </span># in $du (destination URI).</div><div><span style="white-space:pre-wrap"> </span>route(1);</div><div><span style="white-space:pre-wrap"> </span>} else {</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if ( is_method("ACK") ) {</div><div><span style="white-space:pre-wrap"> </span>if ( t_check_trans() ) {</div><div><span style="white-space:pre-wrap"> </span># non loose-route, but stateful ACK; must be an ACK after </div><div><span style="white-space:pre-wrap"> </span># a 487 or e.g. 404 from upstream server</div><div><span style="white-space:pre-wrap"> </span>t_relay();</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>} else {</div><div><span style="white-space:pre-wrap"> </span># ACK without matching transaction -></div><div><span style="white-space:pre-wrap"> </span># ignore and discard</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><span style="white-space:pre-wrap"> </span>}</div><div><span style="white-space:pre-wrap"> </span> #t_on_failure("1");</div><div><span style="white-space:pre-wrap"> </span>sl_send_reply("404","Not here");</div><div><span style="white-space:pre-wrap"> </span>}</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span># CANCEL processing</div><div><span style="white-space:pre-wrap"> </span>if (is_method("CANCEL"))</div><div><span style="white-space:pre-wrap"> </span>{</div><div><span style="white-space:pre-wrap"> </span>if (t_check_trans())</div><div><span style="white-space:pre-wrap"> </span>t_relay();</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span>t_check_trans();</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if ( !(is_method("REGISTER") ) ) {</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if (from_uri==myself)</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>{</div><div><br></div><div><span style="white-space:pre-wrap"> </span> ### Authenticated by MySQL ###</div><div> if(!proxy_authorize("", "subscriber")) {</div><div> <span style="white-space:pre-wrap"> </span> if (!registered("location","$fu")) {</div><div><span style="white-space:pre-wrap"> </span> xlog("L_NOTICE","Auth_error for $fU@$fd from $si cause proxy authentication required");</div><div><span style="white-space:pre-wrap"> </span> } </div><div><span style="white-space:pre-wrap"> </span> <span style="white-space:pre-wrap"> </span> proxy_challenge("", "0");</div><div> <span style="white-space:pre-wrap"> </span> exit;</div><div> <span style="white-space:pre-wrap"> </span> }</div><div><span style="white-space:pre-wrap"> </span> if(!db_check_from()) {</div><div><span style="white-space:pre-wrap"> </span> xlog("L_NOTICE","Auth_error for $fU@$fd from $si cause Forbidden auth ID");</div><div> <span style="white-space:pre-wrap"> </span> sl_send_reply("403", "Forbidden auth ID");</div><div><span style="white-space:pre-wrap"> </span> exit;</div><div> <span style="white-space:pre-wrap"> </span> }</div><div> </div><div><span style="white-space:pre-wrap"> </span> consume_credentials();</div><div> # caller authenticated</div><div><br></div><div> <span style="white-space:pre-wrap"> </span> ### End Autheticated by MySQL ### </div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>} else {</div><div><span style="white-space:pre-wrap"> </span># if caller is not local, then called number must be local</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if (!uri==myself) {</div><div><span style="white-space:pre-wrap"> </span>xlog("L_NOTICE","Auth_error for $fU@$fd from $si cause Rely forbidden");</div><div><span style="white-space:pre-wrap"> </span>send_reply("403","Rely forbidden");</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span># preloaded route checking</div><div><span style="white-space:pre-wrap"> </span>if (loose_route()) {</div><div><span style="white-space:pre-wrap"> </span>xlog("L_ERR",</div><div><span style="white-space:pre-wrap"> </span>"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");</div><div><span style="white-space:pre-wrap"> </span>if (!is_method("ACK"))</div><div><span style="white-space:pre-wrap"> </span>sl_send_reply("403","Preload Route denied");</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span># record routing</div><div><span style="white-space:pre-wrap"> </span>if (!is_method("REGISTER|MESSAGE"))</div><div><span style="white-space:pre-wrap"> </span>record_route();</div><div><br></div><div><span style="white-space:pre-wrap"> </span># account only INVITEs</div><div><span style="white-space:pre-wrap"> </span>if (is_method("INVITE")) {</div><div><span style="white-space:pre-wrap"> </span> sl_send_reply("180","ringing");<span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span> </div><div><span style="white-space:pre-wrap"> </span> #SIP trunk to PSTN</div><div> # if(((uri=~"^sip:[055199999]@*") || (uri=~"^sip:[1]@*")) && !lookup("location","m")) {</div><div> <span style="white-space:pre-wrap"> </span>if(((uri=~"^sip:[055199999]@*") ) ) {</div><div> xlog("sip trunk");</div><div><span style="white-space:pre-wrap"> </span> rewritehostport("<a href="http://10.34.240.131:5060" target="_blank">10.34.240.131:5060</a>"); # outbound </div><div> route(1);</div><div> }</div><div><br></div><div><span style="white-space:pre-wrap"> </span>setflag(1); # do accounting</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if (!uri==myself) {</div><div><span style="white-space:pre-wrap"> </span>append_hf("P-hint: outbound\r\n"); </div><div><span style="white-space:pre-wrap"> </span>route(1);</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span># requests for my domain</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if (is_method("PUBLISH|SUBSCRIBE"))</div><div><span style="white-space:pre-wrap"> </span>{</div><div><span style="white-space:pre-wrap"> </span>sl_send_reply("503", "Service Unavailable");</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (is_method("REGISTER"))</div><div><span style="white-space:pre-wrap"> </span>{</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span> ### Authenticated by MySQL ###</div><div> if (!www_authorize("", "subscriber")) {</div><div> www_challenge("", "0");</div><div> exit;</div><div> }</div><div> if (!db_check_to()) {</div><div> sl_send_reply("403", "Forbidden auth ID");</div><div> exit;</div><div> } </div><div> ### End Authenticate by MySQL ###</div><div><br></div><div> # we receive a register request</div><div> # we will execute fix_nated_register nad fix_nated_contact</div><div> fix_nated_register();</div><div> fix_nated_contact();</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if ( 0 ) setflag(7);</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (!save("location"))</div><div><span style="white-space:pre-wrap"> </span> sl_reply_error();</div><div><span style="white-space:pre-wrap"> </span> </div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if ($rU==NULL) {</div><div><span style="white-space:pre-wrap"> </span># request with no Username in RURI</div><div><span style="white-space:pre-wrap"> </span>sl_send_reply("484","Address Incomplete");</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div><br></div><div><span style="white-space:pre-wrap"> </span># do lookup with method filtering</div><div><span style="white-space:pre-wrap"> </span>if (!lookup("location","m")) {</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span># voicemail</div><div><span style="white-space:pre-wrap"> </span>#<span style="white-space:pre-wrap"> </span>xlog("voicemail service\n");</div><div><span style="white-space:pre-wrap"> </span>#<span style="white-space:pre-wrap"> </span>rewritehostport("<a href="http://10.34.240.129:5080" target="_blank">10.34.240.129:5080</a>");</div><div><br></div><div><span style="white-space:pre-wrap"> </span>} </div><div><br></div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span># when routing via usrloc, log the missed calls also</div><div><span style="white-space:pre-wrap"> </span>setflag(2);</div><div><span style="white-space:pre-wrap"> </span>route(1);</div><div>}</div><div><br></div><div><br></div><div>route[1] {</div><div><span style="white-space:pre-wrap"> </span># for INVITEs enable some additional helper routes</div><div><span style="white-space:pre-wrap"> </span>if (is_method("INVITE")) {</div><div><br></div><div><span style="white-space:pre-wrap"> </span>t_on_branch("2");</div><div><span style="white-space:pre-wrap"> </span>t_on_reply("2");</div><div><span style="white-space:pre-wrap"> </span>t_on_failure("1");</div><div><br></div><div> if(nat_uac_test("127")){</div><div> # user identified as behing a nat</div><div> xlog("we are on route relay, user behind nat");</div><div> fix_nated_contact();</div><div> }</div><div><br></div><div> # if we have an application/sdp on our body, so we execute</div><div> # the rtpproxy_offer</div><div> if(has_body("application/sdp")){</div><div> xlog("we have sdp on this $rm");</div><div> rtpproxy_offer("c","61.132.137.100");</div><div> }</div><div><br></div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div> # removing the rtpproxy session</div><div> if(is_method("CANCEL|BYE")){</div><div> unforce_rtp_proxy();</div><div> }</div><div><br></div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (!t_relay()) {</div><div><span style="white-space:pre-wrap"> </span>send_reply("500","Internal Error");</div><div><span style="white-space:pre-wrap"> </span>};</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div>}</div><div><br></div><div><br></div><div>branch_route[2] {</div><div><span style="white-space:pre-wrap"> </span>xlog("new branch at $ru\n");</div><div>}</div><div><br></div><div><br></div><div>onreply_route[2] {</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>xlog("incoming reply\n");</div><div><br></div><div> # we receive a reply, we need to check about application/sdp</div><div> # on our body, if we have, we answer that</div><div> if(is_method("ACK") && has_body("application/sdp")){</div><div> rtpproxy_answer();</div><div> }else if(has_body("application/sdp")){</div><div> # offering rtpproxy on a non ack message</div><div> rtpproxy_offer("c","61.132.137.100");</div><div> }</div><div><br></div><div><br></div><div> # here we try to identify if the user is behind a nat again</div><div> # but now is the second user (the called user)</div><div> if(nat_uac_test("127")){</div><div> </div><div> xlog("we are on nat handle , user behind nat, fixing contact");</div><div> fix_nated_contact();</div><div> }</div><div><br></div><div>}</div><div><br></div><div><br></div><div>failure_route[1] {</div><div><br></div><div> if(is_method("INVITE")) {</div><div> # call failed - relay to voice mail</div><div><span style="white-space:pre-wrap"> </span> #append_branch();</div><div><span style="white-space:pre-wrap"> </span> #t_relay("udp:<a href="http://10.34.240.131:5080" target="_blank">10.34.240.131:5080</a>");</div><div> }</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (t_was_cancelled()) {</div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div>}</div></div><div><br></div></div>
</div><br></div>