Thanks !
czw., 26 sty 2023 o 16:01 Ovidiu Sas <[email protected]> napisał(a): > > Here's a quick guide on how to capture and decrypt encrypted traffic: > https://voipembedded.wordpress.com/2021/03/22/troubleshooting-kamailio-encrypted-sip-traffic/ Now i see my mistake - │SIP/2.0 200 OK 172.23.210.210:5060 172.23.9.70:5060 1.2.3.22:5061 │Via: SIP/2.0/UDP 172.23.210.210;received1 8.197.58.44:57301───┬───────── ──────────┬───────── ──────────┬───────── │72.23.210.210;rport=5060;branch=z9hG4bKm─ ▒ 10:22:15.656278 │ INVITE (SDP) │ │ │a4jBUK71BH ▒ +0.000730 │ ──────────────────────────> │ │ │Record-Route: <sip:10.72.42.1:5060;r2=on ▒ 10:22:15.657008 │ 100 trying -- your call is │ │ │tag=KmZjt3Fr4HgZB;lr>,<sip:18.197.58.44: ▒ +0.004722 │ <────────────────────────── │ │ │61;r2=on;transport=tls;ftag=KmZjt3Fr4HgZ ▒ 10:22:15.661730 │ │ │ IN│lr>,<sip:1.2.3.22:5061;transport=tl ▒ +0.027368 │ │ │ ─────────│r2=on;lr=on;ftag=KmZjt3Fr4HgZB>,<sip:172 ▒ 10:22:15.689098 │ │ │ 1│3.9.70;r2=on;lr=on;ftag=KmZjt3Fr4HgZB> ▒ +0.267998 │ │ │ <────────│To: <sip:[email protected] ▒ 10:22:15.957096 │ │ │ 20│cloud.de>;tag=mDL0l1E ▒ +0.003231 │ │ │ <────────│From: "221223977" <sip:[email protected] ▒ 10:22:15.960327 │ 200 OK (SDP) │ │ │;tag=KmZjt3Fr4HgZB ▒ +0.001268 │ <────────────────────────── │ │ │Contact: <sip:[email protected]:5 ▒ 10:22:15.961595 │ ACK │ │ │0;alias=18.197.58.44~5061~3> ▒ +0.000164 │ ──────────────────────────> │ │ │Call-ID: c565792b-1cb4-123c-708c-001851b ▒ 10:22:15.961759 │ ACK │ │ │1ff ▒ +0.020839 │ ──────────────────────────> │ │ │CSeq: 63067878 INVITE ▒ 10:22:15.982598 │ BYE │ │ │Allow: INVITE, ACK, CANCEL, BYE, OPTIONS │ +0.003088 │ ──────────────────────────> │ │ │INFO │ 10:22:15.985686 │ │ │ │Supported: norefersub, timer │ +0.471166 │ │ │ ─────────│Accept: application/sdp │ 10:22:16.456852 │ │ │ 20│x-inin-cnv: b8c9493d-0b01-4f57-b0b6-673d │ +0.001765 │ │ │ <<<──────│788f5a │ 10:22:16.458617 │ ACK │ │ │Session-Expires: 3600;refresher=uac │ +0.000088 │ ──────────────────────────> │ │ │Require: timer │ 10:22:16.458705 │ ACK │ │ ACKs from - plain RTP don't travel from kamailio and rtpengien to sRTP part there are two ACKs and they don't go to TLS+sRTP party. what i do: (..) # Wrapper for relaying requests route[RELAY] { handle_ruri_alias(); record_route(); if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { if (!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH"); xlog("L_ERR","ACK I:$var(i) branch_route \n"); } (..) and # Handle requests within SIP dialogs route[WITHINDLG] { if (!has_totag()) return; if ($si=="PBXIP" && $(ru{param.value,alias})!=$null) { xlog("L_INFO","[R-WINDLG_INPBX]: jestem w srodku $si:$sp $ru\n"); route(RTPMANAGE); route(RELAY); exit; } if (loose_route()) { if ( is_method("NOTIFY") ) { record_route(); } route(RTPMANAGE); route(RELAY); exit; } if ( is_method("ACK|BYE") ) { route(RTPMANAGE); route(RELAY); } simply copy and paste from many examples lying in the internet - but well - i'm stuck here. The sRTP and TLS part - work as dedigned :) scenario when call comes from TLS/sRTP party - towards the unencrytped part - also works. BR __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
