lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Nov 2009 11:13:55 -0600 (CST) From: Christoph Lameter <cl@...ux-foundation.org> To: Patrick McHardy <kaber@...sh.net> cc: Christian Hentschel <chentschel@...et.com.ar>, netdev@...r.kernel.org Subject: SIP proxying: siproxd vs. Netfilter SIP nat It seems that the current sip nat module in the kernel has only limited functionality. According to http://people.netfilter.org/chentschel/docs/sip-conntrack-nat.html one has to point the firewall at the target host for the SIP proxying to work. Therefore the kernel will only support a single inside phone connecting via SIP to the outside. For a network that has a series of phones inside the NAT zones this means that the firewall sip nat is not useful. siproxd http://siproxd.sourceforge.net/ seems to be able to handle multiple outgoing SIP connections but one needs to specify an outbound proxy for each inside SIP phone. Isnt there a way to make the kernel module work in the same way siproxd works and able to support multiple phones? Right now configuring SIP connectivity is a messy thing that is not easily setup. Can we fix this? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists