Hi Saúl, and thanks for taking the time to reply - I have since made some progress into understanding the terminal behaviour with respect to what I am trying to achieve but have not got to a solution to my problem of having permanently redirected traffic.
Here is what happened in my scenario: After inserting the iptables rule above all packets coming from terminal 10.0.0.2 were redirected to my machine on port 40000. so assume that communications between media proxy and the terminal are as so: terminal media proxy iptables redirection 10.0.0.2:9078 ----> 10.0.0.1:50002 ----> 10.0.0.1:40000 Now, as I intercept all traffic from 10.0.0.3 (that is the other terminal), I add some effect and repackage it with gstreamer, and sent it to 10.0.0.2 Since the port 50002 is bound in media proxy, however, I send traffic from a different local port, say 30006. So we have terminal media proxy 10.0.0.2:9078 <---- 10.0.0.1:30006 My terminal clients are linphone clients and they send video traffic back to the new port (not 50002 anymore but 30006 instead) - so we have: terminal 10.0.0.2:9078------> 10.0.0.1:30006 I cannot understand, hard though I might try, why the rule iptables -t nat -A PREROUTING -i eth0 -p udp -s 10.0.0.2 --sport 9078 -j REDIRECT --to-port 40000 does not keep working in that case and does not keep redirecting traffic to port 40000. I see traffic on port 30006 instead (and I can, of course, decode and manipulate it). If anyone has an idea why that happens please consider dropping a hint. Another way to solve my problems would be to alter mediaproxy to place conntrack rules that forward traffic to a local port instead of what is on the other side in the session description. Again if someone could point to the right place in the source code, I would be very grateful. Having said that, even having received this much help went beyond my expectations. Thanks again, Stylianos On 12 April 2011 09:21, Saúl Ibarra Corretgé <[email protected]> wrote: > Hi, > > On 5/4/11 9:54 PM, Stylianos Papanastasiou wrote: >> >> Hi everyone, >> >> I am running opensips with mediaproxy and so the media traffic from my >> two SIP terminals runs through an intermediate machine. Now, I want to >> do some media traffic manipulation so I redirect the incoming traffic to >> some port on the intermediate machine using iptables. Assuming my >> terminals are 10.0.0.2 and 10.0.0.3 and the media-proxy is 10.0.0.1 - >> and the video traffic comes from port 9078 from both terminals I give: >> >> iptables -t nat -A PREROUTING -i eth0 -p udp -s 10.0.0.2 --sport 9078 >> -j REDIRECT --to-port 40000 >> iptables -t nat -A PREROUTING -i eth0 -p udp -s 10.0.0.3 --sport 9078 >> -j REDIRECT --to-port 40001 >> > > MediaProxy does insert contrack rules to direct the traffic, as you know, > and the fact that you are altering the routing with iptables may have > serious implications on what happens from that point on. MediaProxy told the > kernel to redirect packets coming from 10.0.0.2 and port X to 10.0.0.3 port > Y, but you introduced another routing rule I don't expect packets to 'fork'. > > > -- > Saúl Ibarra Corretgé > AG Projects > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
