From: Patrick McHardy <kaber@trash.net>
To: Christoph Lameter <cl@linux-foundation.org>
Cc: Christian Hentschel <chentschel@arnet.com.ar>, netdev@vger.kernel.org
Subject: Re: SIP proxying: siproxd vs. Netfilter SIP nat
Date: Mon, 30 Nov 2009 18:21:09 +0100 [thread overview]
Message-ID: <4B13FF05.5060005@trash.net> (raw)
In-Reply-To: <alpine.DEB.2.00.0911301104520.16713@router.home>
Christoph Lameter wrote:
> It seems that the current sip nat module in the kernel has only limited
> functionality. According to
>
> http://people.netfilter.org/chentschel/docs/sip-conntrack-nat.html
>
> one has to point the firewall at the target host for the SIP proxying to
> work. Therefore the kernel will only support a single inside phone
> connecting via SIP to the outside. For a network that has a series of
> phones inside the NAT zones this means that the firewall sip nat is not
> useful.
That documentation is horribly outdated.
> siproxd http://siproxd.sourceforge.net/ seems to be able to handle
> multiple outgoing SIP connections but one needs to specify an outbound
> proxy for each inside SIP phone.
>
> Isnt there a way to make the kernel module work in the same way siproxd
> works and able to support multiple phones? Right now configuring SIP
> connectivity is a messy thing that is not easily setup. Can we fix this?
It should work fine with multiple phones, it even recognizes calls
between two internal phones and makes the media stream go between
them directly. Depending on how your registrar/proxy works, you might
have to set one or both of these module options:
sip_direct_signalling: when set to zero, allows incoming signalling
connections from other hosts than the registrar. Usually not needed.
sip_direct_media: when set to zero, allows incoming media streams
from other hosts than the registrar. This one is often required,
some providers use server farms for handling the media streams,
some set up media streams to go directly between the endpoints.
next prev parent reply other threads:[~2009-11-30 17:21 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-30 17:13 SIP proxying: siproxd vs. Netfilter SIP nat Christoph Lameter
2009-11-30 17:21 ` Patrick McHardy [this message]
2009-11-30 17:27 ` Christoph Lameter
2009-11-30 17:30 ` Patrick McHardy
2009-11-30 17:35 ` Christoph Lameter
2009-11-30 17:46 ` Patrick McHardy
2009-11-30 17:55 ` Christoph Lameter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B13FF05.5060005@trash.net \
--to=kaber@trash.net \
--cc=chentschel@arnet.com.ar \
--cc=cl@linux-foundation.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).