Everything you want to do is possible with the default configuration. Just enable all configuration parts with "fix_nated_contact" and fix_nated_register". This will enable NAT traversal for SIP. Depeing if you want to relay media or not just enable/disable the "force_rtpproxy" calls.
regards klaus Am 12.06.2010 04:58, schrieb JinKevin: > Hi All, > > I'm building a video conference system with the kamailio and the video > AS. The network is as below: > > UAC(behind NAT) ------ kamailio(public IP) ------ AS (public IP) > > I have setup the basic kamailio and the SIP signaling can reach the AS > and the call can be established. Now the time to setup the NAT traveral > since the UACs are behind the NAT. > > Since it's video scenario, I don't want the kamailio as the RTPproxy so > try to use the NAT_Traversal module. > > From the module doc, NAT_Traversal needs the Dialog module as well. > Have no idea on how to load these two modules and the route config > required although have readed the module docs. Wondering if someone can > help on the config for this scenario? > > All call with $rU=="0216666" is forwarded to the video AS as the > route[CONF]. > > Thanks in advance! > > Thanks, > Kevin > > Below is the current config of the kamailio server: > > ==============CFG============= > AppSer01:root@/usr/local/kamailio-3.0/etc/kamailio$ cat kamailio.cfg > #!KAMAILIO > #!define WITH_DEBUG > #!define WITH_MYSQL > #!define WITH_AUTH > #!define WITH_USRLOCDB > # $Id$ > # > # Kamailio (OpenSER) SIP Server v3.0 - basic configuration script > # - web: http://www.kamailio.org > # - git: http://sip-router.org > # > # Direct your questions about this file to: <us...@lists.kamailio.org > <mailto:us...@lists.kamailio.org>> > # > # Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php > # for an explanation of possible statements, functions and parameters. > # > # Several features can be enabled using '#!define WITH_FEATURE' directives: > # > # *** To run in debug mode: > # - define WITH_DEBUG > # > # *** To enable mysql: > # - define WITH_MYSQL > # > # *** To enable authentication execute: > # - enable mysql > # - define WITH_AUTH > # - add users using 'kamctl' > # > # *** To enable persistent user location execute: > # - enable mysql > # - define WITH_USRLOCDB > # > # *** To enable presence server execute: > # - enable mysql > # - define WITH_PRESENCE > # > # *** To enable nat traversal execute: > # - define WITH_NAT > # - install RTPProxy: http://www.rtpproxy.org > # - start RTPProxy: > # rtpproxy -l _your_public_ip_ -s udp:localhost:7722 > # > # *** To enable PSTN gateway routing execute: > # - define WITH_PSTN > # - set the value of pstn.gw_ip > # - check route[PSTN] for regexp routing condition > # > # *** To enhance accounting execute: > # - enable mysql > # - define WITH_ACCDB > # - add following columns to database > #!ifdef ACCDB_COMMENT > ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; > ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; > ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; > ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; > ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; > ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL > DEFAULT ''; > ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL > DEFAULT ''; > ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL > DEFAULT ''; > ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL > DEFAULT ''; > ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL > DEFAULT ''; > #!endif > > ####### Global Parameters ######### > #!ifdef WITH_DEBUG > debug=4 > log_stderror=no > #!else > debug=2 > log_stderror=no > #!endif > memdbg=5 > memlog=5 > log_facility=LOG_LOCAL0 > fork=yes > children=4 > /* uncomment the next line to disable TCP (default on) */ > #disable_tcp=yes > /* uncomment the next line to disable the auto discovery of local aliases > based on revers DNS on IPs (default on) */ > #auto_aliases=no > port=5060 > /* uncomment and configure the following line if you want Kamailio to > bind on a specific interface/port/proto (default bind on all available) */ > listen=udp:210.13.124.15:5060 > > ####### Custom Parameters ######### > # These parameters can be modified runtime via RPC interface > # - see the documentation of 'cfg_rpc' module. > # > # Format: group.id = value 'desc' description > # Access: $sel(cfg_get.group.id) or @cfg_get.group.id > # > #!ifdef WITH_PSTN > # PSTN GW Routing > # > # - pstn.gw_ip: valid IP or hostname as string value, example: > # pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" > # > # - by default is empty to avoid misrouting > pstn.gw_ip = "" desc "PSTN GW Address" > #!endif > > ####### Modules Section ######## > #set module path > mpath="/usr/local/kamailio-3.0/lib/kamailio/modules_k/:/usr/local/kamailio-3.0/lib/kamailio/modules/" > /* uncomment next line for MySQL DB support */ > #!ifdef WITH_MYSQL > loadmodule "db_mysql.so" > #!endif > loadmodule "mi_fifo.so" > loadmodule "kex.so" > loadmodule "tm.so" > loadmodule "tmx.so" > loadmodule "sl.so" > loadmodule "rr.so" > loadmodule "pv.so" > loadmodule "maxfwd.so" > loadmodule "usrloc.so" > loadmodule "registrar.so" > loadmodule "textops.so" > loadmodule "uri_db.so" > loadmodule "siputils.so" > loadmodule "xlog.so" > loadmodule "sanity.so" > loadmodule "ctl.so" > loadmodule "mi_rpc.so" > loadmodule "acc.so" > #!ifdef WITH_AUTH > loadmodule "auth.so" > loadmodule "auth_db.so" > #!endif > /* uncomment next line for aliases support > NOTE: a DB (like db_mysql) module must be also loaded */ > #loadmodule "alias_db.so" > /* uncomment next line for multi-domain support > NOTE: a DB (like db_mysql) module must be also loaded > NOTE: be sure and enable multi-domain support in all used modules > (see "multi-module params" section ) */ > #loadmodule "domain.so" > #!ifdef WITH_PRESENCE > loadmodule "presence.so" > loadmodule "presence_xml.so" > #!endif > #!ifdef WITH_NAT > loadmodule "nathelper.so" > #!endif > # ----------------- setting module-specific parameters --------------- > > # ----- mi_fifo params ----- > modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo") > > # ----- rr params ----- > # add value to ;lr param to cope with most of the UAs > modparam("rr", "enable_full_lr", 1) > # do not append from tag to the RR (no need for this script) > modparam("rr", "append_fromtag", 0) > > # ----- rr params ----- > modparam("registrar", "method_filtering", 1) > /* uncomment the next line to disable parallel forking via location */ > # modparam("registrar", "append_branches", 0) > /* uncomment the next line not to allow more than 10 contacts per AOR */ > #modparam("registrar", "max_contacts", 10) > > # ----- uri_db params ----- > /* by default we disable the DB support in the module as we do not need it > in this configuration */ > modparam("uri_db", "use_uri_table", 0) > modparam("uri_db", "db_url", "") > > # ----- acc params ----- > /* what sepcial events should be accounted ? */ > modparam("acc", "early_media", 1) > modparam("acc", "report_ack", 1) > modparam("acc", "report_cancels", 1) > /* by default ww do not adjust the direct of the sequential requests. > if you enable this parameter, be sure the enable "append_fromtag" > in "rr" module */ > modparam("acc", "detect_direction", 0) > /* account triggers (flags) */ > modparam("acc", "failed_transaction_flag", 3) > modparam("acc", "log_flag", 1) > modparam("acc", "log_missed_flag", 2) > modparam("acc", "log_extra", > "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") > /* enhanced DB accounting */ > #!ifdef WITH_ACCDB > modparam("acc", "db_flag", 1) > modparam("acc", "db_missed_flag", 2) > modparam("acc", "db_url", > "mysql://openser:openk2mr...@localhost/openser") > modparam("acc", "db_extra", > "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") > #!endif > # ----- usrloc params ----- > /* enable DB persistency for location entries */ > #!ifdef WITH_USRLOCDB > modparam("usrloc", "db_mode", 2) > modparam("usrloc", "db_url", > "mysql://openser:openk2mr...@localhost/openser") > #!endif > # ----- auth_db params ----- > /* enable the DB based authentication */ > #!ifdef WITH_AUTH > modparam("auth_db", "calculate_ha1", yes) > modparam("auth_db", "password_column", "password") > modparam("auth_db", "db_url", > "mysql://openser:openk2mr...@localhost/openser") > modparam("auth_db", "load_credentials", "") > #!endif > # ----- alias_db params ----- > /* uncomment the following lines if you want to enable the DB based > aliases */ > #modparam("alias_db", "db_url", > # "mysql://openser:openk2mr...@localhost/openser") > > # ----- domain params ----- > /* uncomment the following lines to enable multi-domain detection > support */ > #modparam("domain", "db_url", > # "mysql://openser:openk2mr...@localhost/openser") > #modparam("domain", "db_mode", 1) # Use caching > > # ----- multi-module params ----- > /* uncomment the following line if you want to enable multi-domain support > in the modules (dafault off) */ > #modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1) > > # ----- presence params ----- > /* enable presence server support */ > #!ifdef WITH_PRESENCE > modparam("presence|presence_xml", "db_url", > "mysql://openser:openk2mr...@localhost/openser") > modparam("presence_xml", "force_active", 1) > modparam("presence", "server_address", "sip:10.0.0.10:5060") > #!endif > # ----- nathelper ----- > #!ifdef WITH_NAT > modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722") > modparam("nathelper", "natping_interval", 30) > modparam("nathelper", "ping_nated_only", 1) > modparam("nathelper", "sipping_bflag", 7) > modparam("nathelper", "sipping_from", "sip:pin...@kamailio.org") > modparam("registrar|nathelper", "received_avp", "$avp(i:80)") > modparam("usrloc", "nat_bflag", 6) > #!endif > ####### Routing Logic ######## > > # main request routing logic > route{ > if (!mf_process_maxfwd_header("10")) { > sl_send_reply("483","Too Many Hops"); > exit; > } > if(!sanity_check("1511", "7")) > { > xlog("Malformed SIP message from $si:$sp\n"); > exit; > } > # NAT detection > route(NAT); > if (has_totag()) { > # sequential request withing a dialog should > # take the path determined by record-routing > if (loose_route()) { > if (is_method("BYE")) { > setflag(1); # do accounting ... > setflag(3); # ... even if the transaction fails > } > route(RELAY); > } else { > if (is_method("SUBSCRIBE") && uri == myself) { > # in-dialog subscribe requests > route(PRESENCE); > exit; > } > if ( is_method("ACK") ) { > if ( t_check_trans() ) { > # non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. > 404 from upstream server > t_relay(); > exit; > } else { > # ACK without matching transaction ... ignore and discard.\n"); > exit; > } > } > sl_send_reply("404","Not here"); > } > exit; > } > #initial requests > # CANCEL processing > if (is_method("CANCEL")) > { > if (t_check_trans()) > t_relay(); > exit; > } > t_check_trans(); > # authentication > route(AUTH); > # record routing for dialog forming requests (in case they are routed) > # - remove preloaded route headers > remove_hf("Route"); > if (is_method("INVITE|SUBSCRIBE")) > record_route(); > # account only INVITEs > if (is_method("INVITE")) { > setflag(1); # do accounting > } > if (!uri==myself) > /* replace with following line if multi-domain support is used */ > ##if (!is_uri_host_local()) > { > append_hf("P-hint: outbound\r\n"); > route(RELAY); > } > # requests for my domain > if( is_method("PUBLISH|SUBSCRIBE")) > route(PRESENCE); > if (is_method("REGISTER")) > { > if(isflagset(5)) > { > setbflag("6"); > # uncomment next line to do SIP NAT pinging > ## setbflag("7"); > } > if (!save("location")) > sl_reply_error(); > exit; > } > if ($rU==$null) { > # request with no Username in RURI > sl_send_reply("484","Address Incomplete"); > exit; > } > route(PSTN); > > route(CONF); > # apply DB based aliases (uncomment to enable) > ##alias_db_lookup("dbaliases"); > if (!lookup("location")) { > switch ($rc) { > case -1: > case -3: > t_newtran(); > t_reply("404", "Not Found"); > exit; > case -2: > sl_send_reply("405", "Method Not Allowed"); > exit; > } > } > # when routing via usrloc, log the missed calls also > setflag(2); > route(RELAY); > } > > route[RELAY] { > #!ifdef WITH_NAT > if (check_route_param("nat=yes")) { > setbflag("6"); > } > if (isflagset(5) || isbflagset("6")) { > route(RTPPROXY); > } > #!endif > /* example how to enable some additional event routes */ > if (is_method("INVITE")) { > #t_on_branch("BRANCH_ONE"); > t_on_reply("REPLY_ONE"); > t_on_failure("FAIL_ONE"); > } > if (!t_relay()) { > sl_reply_error(); > } > exit; > } > > # Presence server route > route[PRESENCE] > { > #!ifdef WITH_PRESENCE > if (!t_newtran()) > { > sl_reply_error(); > exit; > }; > if(is_method("PUBLISH")) > { > handle_publish(); > t_release(); > } > else > if( is_method("SUBSCRIBE")) > { > handle_subscribe(); > t_release(); > } > exit; > #!endif > > # if presence enabled, this part will not be executed > if (is_method("PUBLISH") || $rU==$null) > { > sl_send_reply("404", "Not here"); > exit; > } > return; > } > # Authentication route > route[AUTH] { > #!ifdef WITH_AUTH > if (is_method("REGISTER")) > { > # authenticate the REGISTER requests (uncomment to enable auth) > if (!www_authorize("", "subscriber")) > { > www_challenge("", "0"); > exit; > } > if ($au!=$tU) > { > sl_send_reply("403","Forbidden auth ID"); > exit; > } > } else { > # authenticate if from local subscriber (uncomment to enable auth) > if (from_uri==myself) > { > if (!proxy_authorize("", "subscriber")) { > proxy_challenge("", "0"); > exit; > } > if (is_method("PUBLISH")) > { > if ($au!=$tU) { > sl_send_reply("403","Forbidden auth ID"); > exit; > } > } else { > if ($au!=$fU) { > sl_send_reply("403","Forbidden auth ID"); > exit; > } > } > consume_credentials(); > # caller authenticated > } > } > #!endif > return; > } > # Caller NAT detection route > route[NAT]{ > #!ifdef WITH_NAT > force_rport(); > if (nat_uac_test("19")) { > if (method=="REGISTER") { > fix_nated_register(); > } else { > fix_nated_contact(); > } > setflag(5); > } > #!endif > return; > } > # RTPProxy control > route[RTPPROXY] { > #!ifdef WITH_NAT > if (is_method("BYE")) { > unforce_rtp_proxy(); > } else if (is_method("INVITE")){ > force_rtp_proxy(); > } > if (!has_totag()) add_rr_param(";nat=yes"); > #!endif > return; > } > # PSTN GW routing > route[PSTN] { > #!ifdef WITH_PSTN > # check if PSTN GW IP is defined > if (strempty($sel(cfg_get.pstn.gw_ip))) { > xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n"); > return; > } > # route to PSTN dialed numbers starting with '+' or '00' > # (international format) > # - update the condition to match your dialing rules for PSTN routing > if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$")) > return; > # only local users allowed to call > if(from_uri!=myself) { > sl_send_reply("403", "Not Allowed"); > exit; > } > $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip); > route(RELAY); > exit; > #!endif > return; > } > # add by KJ --start > route[CONF] { > if(is_method("INVITE") && $rU=="0216666") { > rewritehostport("210.x.y.z:5060"); > } > route(RELAY); > exit; > } > # add by KJ --end > # Sample branch router > branch_route[BRANCH_ONE] { > xdbg("new branch at $ru\n"); > } > # Sample onreply route > onreply_route[REPLY_ONE] { > xdbg("incoming reply\n"); > #!ifdef WITH_NAT > if ((isflagset(5) || isbflagset("6")) && status=~"(183)|(2[0-9][0-9])") { > force_rtp_proxy(); > } > if (isbflagset("6")) { > fix_nated_contact(); > } > #!endif > } > # Sample failure route > failure_route[FAIL_ONE] { > #!ifdef WITH_NAT > if (is_method("INVITE") > && (isbflagset("6") || isflagset(5))) { > unforce_rtp_proxy(); > } > #!endif > if (t_is_canceled()) { > exit; > } > # uncomment the following lines if you want to block client > # redirect based on 3xx replies. > ##if (t_check_status("3[0-9][0-9]")) { > ##t_reply("404","Not found"); > ## exit; > ##} > # uncomment the following lines if you want to redirect the failed > # calls to a different new destination > ##if (t_check_status("486|408")) { > ## sethostport("192.168.2.100:5060"); > ## append_branch(); > ## # do not set the missed call flag again > ## t_relay(); > ##} > } > AppSer01:root@/usr/local/kamailio-3.0/etc/kamailio$ > > > > > ------------------------------------------------------------------------ > 使用新一代 Windows Live Messenger 轻松交流和共享! 立刻下载! > <http://www.windowslive.cn/messenger/> > > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list > sr-users@lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
