Hi,
On 12/4/11 3:11 PM, Stylianos Papanastasiou wrote:
Hi Saúl,
and thanks for taking the time to reply - I have since made some
progress into understanding the terminal behaviour with respect to
what I am trying to achieve but have not got to a solution to my
problem of having permanently redirected traffic.
Here is what happened in my scenario:
After inserting the iptables rule above all packets coming from
terminal 10.0.0.2 were redirected to my machine on port 40000. so
assume that communications between media proxy and the terminal are as
so:
terminal media proxy iptables redirection
10.0.0.2:9078 ----> 10.0.0.1:50002 ----> 10.0.0.1:40000
Now, as I intercept all traffic from 10.0.0.3 (that is the other
terminal), I add some effect and repackage it with gstreamer, and sent
it to 10.0.0.2
Since the port 50002 is bound in media proxy, however, I send traffic
from a different local port, say 30006. So we have
terminal media proxy
10.0.0.2:9078<---- 10.0.0.1:30006
My terminal clients are linphone clients and they send video traffic
back to the new port (not 50002 anymore but 30006 instead) - so we
have:
terminal
10.0.0.2:9078------> 10.0.0.1:30006
At this point, the client switched the port because it is receiving
traffic from another place, right? Because no re-INVITE happened,
MediaProxy is not aware of this.
I cannot understand, hard though I might try, why the rule
iptables -t nat -A PREROUTING -i eth0 -p udp -s 10.0.0.2 --sport 9078
-j REDIRECT --to-port 40000
does not keep working in that case and does not keep redirecting
traffic to port 40000. I see traffic on port 30006 instead (and I can,
of course, decode and manipulate it).
If anyone has an idea why that happens please consider dropping a hint.
Another way to solve my problems would be to alter mediaproxy to place
conntrack rules that forward traffic to a local port instead of what
is on the other side in the session description. Again if someone
could point to the right place in the source code, I would be very
grateful.
I think this should be the way to go in your very specific situation.
Mangling iptables rules will definitely affect how MediaProxy works or
actually does not work.
I guess you'll want to hack MediaProxy to create conntrack rules
differently. Have a look at the check_create_conntrack function on
mediaproxy/mediacontrol.py file, conntrack rules are created there as
soon as 1 RTP packet is received from both sides.
Regards,
--
Saúl Ibarra Corretgé
AG Projects
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
