lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4B140129.2050907@trash.net>
Date:	Mon, 30 Nov 2009 18:30:17 +0100
From:	Patrick McHardy <kaber@...sh.net>
To:	Christoph Lameter <cl@...ux-foundation.org>
CC:	Christian Hentschel <chentschel@...et.com.ar>,
	netdev@...r.kernel.org
Subject: Re: SIP proxying: siproxd vs. Netfilter SIP nat

Christoph Lameter wrote:
> On Mon, 30 Nov 2009, Patrick McHardy wrote:
> 
>>> http://people.netfilter.org/chentschel/docs/sip-conntrack-nat.html
>> That documentation is horribly outdated.
> 
> Where do I find more recent documentation?

Below :)

>>> Isnt there a way to make the kernel module work in the same way siproxd
>>> works and able to support multiple phones? Right now configuring SIP
>>> connectivity is a messy thing that is not easily setup. Can we fix this?
>> It should work fine with multiple phones, it even recognizes calls
>> between two internal phones and makes the media stream go between
>> them directly. Depending on how your registrar/proxy works, you might
>> have to set one or both of these module options:
> 
> Loaded both sip modules without specifying any parameters. Resulted in one
> way audio problems which is what I also get without the modules.
> 
>> sip_direct_signalling: when set to zero, allows incoming signalling
>>  connections from other hosts than the registrar. Usually not needed.
>>
>> sip_direct_media: when set to zero, allows incoming media streams
>>  from other hosts than the registrar. This one is often required,
>>  some providers use server farms for handling the media streams,
>>  some set up media streams to go directly between the endpoints.
> 
> Ok will try setting that parameter to zero.

You of course also need to accept the packets marked RELATED by
the helper. If this is missing it might result in one-way audio.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ