Hi, If you want the signaling that is encrypted see in plaintext you can use Kamailio module siptrace. sipdump and sipcapture maybe also good for that, I didn't use these.
Krzysztof Drewicz <[email protected]> schrieb am Mi., 25. Jan. 2023, 16:33: > pt., 20 sty 2023 o 18:13 Richard Fuchs <[email protected]> napisaĆ(a): > > > > > > You just need one invocation each: one for the offer, one for the > > answer. (Assuming single offer/answer exchange and no branches.) > > > > You can use rtpengine_manage() for either of them if you want to let the > > module figure out whether the message is an offer or an answer. But you > > will want to use different flags for the two cases, mostly depending on > > where the message is going to. > > > > Thanks! > > you were right (obviously) > > > > > If the message is going to a plain RTP (non-SRTP, non-ICE, etc) client, > > use "RTP/AVP ICE=remove" etc. If the message is going to an SRTP, > > ICE-enabled client, use "RTP/SAVPF ICE=force" etc. > > That is 100% true, also pad-crypto. > > > > If you want to manually distinguish between offers and answers instead > > of using rtpengine_manage(), > > Nope, no need for that, just doing simple POC that - it could work. > > Still - my encrypted party plays tricks with, me, is there a way - to > see unencrypted traffic towards TLS endpoint (maybe a simple pcap > before encryption or dumping in plain text somewhere), > > my party needs a R-URI - blahblahblah.byoc.mypurecloud.de, so i do this: > > if(proto != TLS) { > xlog("L_INFO", "[R-MAIN] from my ciamajda to > my gienio non tls $ru from $si\n"); > if (!ds_select_dst("19", "0")) { > xwarn("I:$var(i) DROP(DOWN!) FWD:$rm > [$fU->$tU] [SBCVIP] to $du\n"); > sl_send_reply("503", "Destination down"); > exit; > } > xlog("L_INFO","Request URI was -> [$ou] [$ru] [$rU]\n"); > > rewritehostporttrans("blahblahblah.byoc.mypurecloud.de:5061 > ;transport=tls"); > xlog("L_INFO","Request URI changed MAM [$ou] [$ru] > [$rU]\n"); > > > > in dispach.list: > > > 17 SIP:blahblahblah.byoc.mypurecloud.de:5061;transport=tls 0 > 1 socket=tls:1.2.3.24:5061 > 18 SIP:blahblahblah.byoc.mypurecloud.de:5061;transport=tls > 19 SIP:blahblahblah.byoc.mypurecloud.de:5061;transport=tls 0 1 > socket=tls:1.2.3.24:5061;ping_from=sip:myfqdnsbc.realhostname.gq > > (mod dispatcher - as I believe can and whould give options via TLS - > right ?) > > Any hints? Maybe someone has already tried and succeeded with > mypurecloud ? (not so popular like o365/ms-teams trunking but still) > > thanks, > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: >
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
