ruhnet
/
kazoo-configs-kamailio
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 183 Wiki Activity
Browse Source

rework nat

update-rsyslog-config
lazedo 7 years ago
parent
ff179e8b6e
commit
c2a1b07de1
3 changed files with 80 additions and 60 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +32
    -21
      kamailio/default.cfg
  2. +43
    -20
      kamailio/nat-traversal-role.cfg
  3. +5
    -19
      kamailio/websockets-role.cfg

+ 32
- 21
kamailio/default.cfg View File

@ -345,7 +345,7 @@ route
#!endif
#!ifdef NAT_TRAVERSAL_ROLE
route(NAT_INITIAL_TEST);
route(NAT_DETECT);
#!endif
route(HANDLE_OPTIONS);
@ -548,11 +548,20 @@ route[HANDLE_IN_DIALOG_REQUESTS]
if (is_method("INVITE")) {
setflag(FLAG_SESSION_PROGRESS);
# record_route();
}
if (loose_route()) {
#!ifdef NAT_TRAVERSAL_ROLE
if(!isdsturiset()) {
handle_ruri_alias();
}
if ( is_method("ACK") ) {
# ACK is forwarded statelessly
route(NAT_MANAGE);
}
#!endif
#!ifdef ACCOUNTING_ROLE
if (is_method("BYE")) {
setflag(FLAG_ACC);
@ -560,12 +569,6 @@ route[HANDLE_IN_DIALOG_REQUESTS]
}
#!endif
#!ifdef NAT_TRAVERSAL_ROLE
if(!isdsturiset()) {
handle_ruri_alias();
}
#!endif
xlog("L_INFO", "$ci|log|loose_route in-dialog message\n");
# Called on in-dialog requests
# If the request in an Invite for on hold from external to internal,
@ -576,10 +579,10 @@ route[HANDLE_IN_DIALOG_REQUESTS]
}
# If the request in an Invite for t38 from internal,
# mark the request with FLAG_T38
# mark the request with FLT_T38
if (is_method("INVITE") && isflagset(FLAG_INTERNALLY_SOURCED) && sdp_with_media("image")) {
xlog("L_DEBUG", "$ci|log|T38 RE-INVITE\n");
setflag(FLAG_T38);
setflag(FLT_T38);
}
if ( is_method("NOTIFY") ) {
@ -646,12 +649,24 @@ route[PREPARE_INITIAL_REQUESTS]
record_route();
}
# Manage outgoing branches
branch_route[MANAGE_BRANCH] {
xlog("L_DEBUG", "$ci|branch|new branch [$T_branch_idx] to $ru\n");
#!ifdef NAT_TRAVERSAL_ROLE
route(NAT_MANAGE);
#!endif
}
route[RELAY]
{
#!ifdef SIP_TRACE_ROLE
route(SEND_SIP_TRACE);
#!endif
if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
}
if (isflagset(FLAG_INTERNALLY_SOURCED)) {
route(INTERNAL_TO_EXTERNAL_RELAY);
#!ifdef MESSAGE_ROLE
@ -717,12 +732,10 @@ onreply_route[EXTERNAL_REPLY]
{
xlog("L_INFO", "$ci|log|external reply $T_reply_code\n");
#!ifdef WEBSOCKETS_ROLE
route(NAT_WEBSOCKETS_CORRECT);
#!endif
#!ifdef NAT_TRAVERSAL_ROLE
route(NAT_REPLY_TEST);
if(status=~"[12][0-9][0-9]") {
route(NAT_MANAGE);
}
#!endif
#!ifdef ACL_ROLE
@ -748,12 +761,10 @@ onreply_route[INTERNAL_REPLY]
xlog("L_INFO", "$ci|start|received internal reply $T_reply_code $T_reply_reason\n");
xlog("L_INFO", "$ci|log|source $si:$sp\n");
#!ifdef WEBSOCKETS_ROLE
route(NAT_WEBSOCKETS_CORRECT);
#!endif
#!ifdef NAT_TRAVERSAL_ROLE
route(NAT_REPLY_TEST);
if(status=~"[12][0-9][0-9]") {
route(NAT_MANAGE);
}
#!endif
#!ifdef ACL_ROLE


+ 43
- 20
kamailio/nat-traversal-role.cfg View File

@ -6,17 +6,27 @@ loadmodule "nathelper.so"
modparam("nathelper", "received_avp", "$avp(AVP_RECV_PARAM)")
modparam("nathelper", "sipping_from", "sip:sipcheck@MY_HOSTNAME")
#!trydef KZ_NAT_DETECT "19"
#!ifdef WEBSOCKETS_ROLE
#!trydef KZ_NAT_DETECT 83
#!else
#!trydef KZ_NAT_DETECT 19
#!endif
####### NAT Traversal Logic ########
route[NAT_INITIAL_TEST]
{
if(nat_uac_test(64)) return();
#!trydef KZ_NAT_FIX_SDP_REQUEST 1
#!trydef KZ_NAT_FIX_SDP_REPLY 1
#!trydef KZ_NAT_SDP_TEST 8
#!trydef KZ_NAT_SDP_FIX 10
if(!is_method("INVITE|REGISTER|SUBSCRIBE")) return();
kazoo.nat_fix_sdp_request = KZ_NAT_FIX_SDP_REQUEST descr "performs request sdp replacement of private addresses"
kazoo.nat_fix_sdp_reply = KZ_NAT_FIX_SDP_REPLY descr "performs reply sdp replacement of private addresses"
####### NAT Traversal Logic ########
route[NAT_DETECT]
{
if ($Rp == "5080") {
setflag(FLAG_SKIP_NAT_CORRECTION);
xlog("L_DEBUG", "$ci|log|skipping nat correction on PORT 5080\n");
} else {
if (is_present_hf("Record-Route")) {
$var(i) = 0;
@ -42,34 +52,47 @@ route[NAT_INITIAL_TEST]
return();
}
force_rport();
if(nat_uac_test(KZ_NAT_DETECT)) {
force_rport();
setflag(FLAG_NAT);
setflag(FLT_NATS);
if (!is_method("REGISTER")) {
if(is_first_hop()) set_contact_alias();
}
}
if (has_body("application/sdp") && nat_uac_test("8")) {
fix_nated_sdp("10");
if($sel(cfg_get.kazoo.nat_fix_sdp_request) == 1) {
if (has_body("application/sdp") && nat_uac_test(KZ_NAT_SDP_TEST)) {
fix_nated_sdp(KZ_NAT_SDP_FIX);
}
}
}
route[NAT_REPLY_TEST]
route[NAT_MANAGE]
{
if(nat_uac_test(64)) return();
if ( is_request() && isflagset(FLAG_INTERNALLY_SOURCED) && isflagset(FLT_AOR)) {
setbflag(FLB_NATB);
}
if(nat_uac_test(KZ_NAT_DETECT)) {
setflag(FLAG_NAT);
force_rport();
set_contact_alias();
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) {
return;
}
if (has_body("application/sdp") && nat_uac_test("8")) {
fix_nated_sdp("10");
if (is_reply()) {
if(isflagset(FLT_NATS) || isbflagset(FLB_NATB)) {
if(is_first_hop()) {
set_contact_alias();
}
}
}
if($sel(cfg_get.kazoo.nat_fix_sdp_reply) == 1) {
if (has_body("application/sdp") && nat_uac_test(KZ_NAT_SDP_TEST)) {
fix_nated_sdp(KZ_NAT_SDP_FIX);
}
}
}
# vim: tabstop=4 softtabstop=4 shiftwidth=4 expandtab

+ 5
- 19
kamailio/websockets-role.cfg View File

@ -33,21 +33,9 @@ route[HANDLE_WEBSOCKETS]
# connection - even if it is not behind a NAT!
# This won't be needed in the future if Kamailio and the
# WebSocket client support Outbound and Path.
return();
if(!is_method("INVITE|REGISTER|PUBLISH|SUBSCRIBE")) return();
if (nat_uac_test(64)) {
setflag(FLAG_NAT);
xlog("L_INFO", "$ci|log|this is a websocket request\n");
force_rport();
if (!is_method("REGISTER")) {
if (is_first_hop() && !set_contact_alias()) {
xlog("L_INFO", "$ci|stop|error aliasing contact <$ct>\n");
sl_send_reply("400", "Bad Request");
exit;
}
}
}
}
route[NAT_WEBSOCKETS_CORRECT]
@ -56,11 +44,9 @@ route[NAT_WEBSOCKETS_CORRECT]
# - even if it is not behind a NAT!
# This won't be needed in the future if Kamailio and the
# WebSocket client support Outbound and Path.
if (nat_uac_test(64)) {
xlog("L_INFO", "$ci|log|this is a websocket request\n");
setflag(FLAG_NAT);
set_contact_alias();
}
return();
}
event_route[xhttp:request]


Write Preview
Loading…
Cancel
Save