HI, I have a opensips servers in a private network, IP address: 10.34.14.24, now I'm going to this private network address 1: 1 NAT to public networks, and modify the opensips.cfg profile. Register now through the public network clients can conduct video and audio communications, and work very well.
Now I need to add a network card (IP: 192.168.100.100) on opensips server, and directly connected to a sip client (IP: 192.168.100.200) through this card. How should I modify opensips.cfg, make public sip client the private network sip client to communicate it? Attach opensips.cfg I now use: # # $Id$ # # OpenSIPS residential configuration script # by OpenSIPS Solutions <[email protected]> # # This script was generated via "make menuconfig", from # the "Residential" scenario. # You can enable / disable more features / functionalities by # re-generating the scenario with different options.# # # Please refer to the Core CookBook at: # http://www.opensips.org/Resources/DocsCookbooks # for a explanation of possible statements, functions and parameters. # ####### Global Parameters ######### debug=3 log_stderror=no log_facility=LOG_LOCAL0 fork=yes children=4 /* uncomment the following lines to enable debugging */ #debug=6 #fork=no #log_stderror=yes /* uncomment the next line to enable the auto temporary blacklisting of not available destinations (default disabled) */ #disable_dns_blacklist=no /* uncomment the next line to enable IPv6 lookup after IPv4 dns lookup failures (default disabled) */ #dns_try_ipv6=yes /* comment the next line to enable the auto discovery of local aliases based on revers DNS on IPs */ auto_aliases=no advertised_address=61.132.137.100 alias=61.132.137.100 listen=udp:10.34.14.24:5060 # CUSTOMIZE ME #listen=udp:10.34.240.150:5060 disable_tcp=yes disable_tls=yes ####### Modules Section ######## #set module path mpath="/usr/local/opensips/lib64/opensips/modules" #### SIGNALING module loadmodule "signaling.so" #### StateLess module loadmodule "sl.so" #### Transaction Module loadmodule "tm.so" modparam("tm", "fr_timer", 5) modparam("tm", "fr_inv_timer", 30) modparam("tm", "restart_fr_on_each_reply", 0) modparam("tm", "onreply_avp_mode", 1) #### Record Route Module loadmodule "rr.so" /* do not append from tag to the RR (no need for this script) */ modparam("rr", "append_fromtag", 0) #### MAX ForWarD module loadmodule "maxfwd.so" #### SIP MSG OPerationS module loadmodule "sipmsgops.so" #### FIFO Management Interface loadmodule "mi_fifo.so" modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") #### URI module loadmodule "uri.so" modparam("uri", "use_uri_table", 0) #### USeR LOCation module loadmodule "usrloc.so" modparam("usrloc", "nat_bflag", 10) modparam("usrloc", "db_mode", 0) #### REGISTRAR module loadmodule "registrar.so" modparam("registrar", "tcp_persistent_flag", 7) /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10) #### ACCounting module loadmodule "acc.so" /* what special events should be accounted ? */ modparam("acc", "early_media", 0) modparam("acc", "report_cancels", 0) /* by default we do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) modparam("acc", "failed_transaction_flag", 3) /* account triggers (flags) */ modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) ### Authenticated by MySQL ### loadmodule "db_mysql.so" loadmodule "auth.so" loadmodule "auth_db.so" modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost /opensips") modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost /opensips") modparam("auth_db", "load_credentials", "") ### End Authentivated by MySQL ### loadmodule "domain.so" modparam("domain", "db_url","mysql://opensips:opensipsrw@localhost /opensips") modparam("domain", "db_mode", 1) # Use caching loadmodule "nat_traversal.so" modparam("nat_traversal", "keepalive_interval", 90) #### nathelper module loadmodule "nathelper.so" modparam("nathelper", "natping_interval", 30) modparam("nathelper", "sipping_from", "sip:[email protected]") modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") #### Modulo rtpproxy (forcar o audio atraves do opensips) loadmodule "rtpproxy.so" modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7890") modparam("nathelper", "force_socket", "udp:127.0.0.1:7890") modparam("rtpproxy", "rtpproxy_autobridge", 1) ####### Routing Logic ######## # main request routing logic route{ if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } if (has_totag()) { # sequential requests within a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } else if (is_method("INVITE")) { # even if in most of the cases is useless, do RR for # re-INVITEs alos, as some buggy clients do change route set # during the dialog. record_route(); } # route it out to whatever destination was set by loose_route() # in $du (destination URI). route(1); } else { if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after # a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction -> # ignore and discard exit; } } #t_on_failure("1"); sl_send_reply("404","Not here"); } exit; } # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; } t_check_trans(); if ( !(is_method("REGISTER") ) ) { if (from_uri==myself) { ### Authenticated by MySQL ### if(!proxy_authorize("", "subscriber")) { if (!registered("location","$fu")) { xlog("L_NOTICE","Auth_error for $fU@$fd from $si cause proxy authentication required"); } proxy_challenge("", "0"); exit; } if(!db_check_from()) { xlog("L_NOTICE","Auth_error for $fU@$fd from $si cause Forbidden auth ID"); sl_send_reply("403", "Forbidden auth ID"); exit; } consume_credentials(); # caller authenticated ### End Autheticated by MySQL ### } else { # if caller is not local, then called number must be local if (!uri==myself) { xlog("L_NOTICE","Auth_error for $fU@$fd from $si cause Rely forbidden"); send_reply("403","Rely forbidden"); exit; } } } # preloaded route checking if (loose_route()) { xlog("L_ERR", "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]"); if (!is_method("ACK")) sl_send_reply("403","Preload Route denied"); exit; } # record routing if (!is_method("REGISTER|MESSAGE")) record_route(); # account only INVITEs if (is_method("INVITE")) { sl_send_reply("180","ringing"); #SIP trunk to PSTN # if(((uri=~"^sip:[055199999]@*") || (uri=~"^sip:[1]@*")) && !lookup("location","m")) { if(((uri=~"^sip:[055199999]@*") ) ) { xlog("sip trunk"); rewritehostport("10.34.240.131:5060"); # outbound route(1); } setflag(1); # do accounting } if (!uri==myself) { append_hf("P-hint: outbound\r\n"); route(1); } # requests for my domain if (is_method("PUBLISH|SUBSCRIBE")) { sl_send_reply("503", "Service Unavailable"); exit; } if (is_method("REGISTER")) { ### Authenticated by MySQL ### if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; } if (!db_check_to()) { sl_send_reply("403", "Forbidden auth ID"); exit; } ### End Authenticate by MySQL ### # we receive a register request # we will execute fix_nated_register nad fix_nated_contact fix_nated_register(); fix_nated_contact(); if ( 0 ) setflag(7); if (!save("location")) sl_reply_error(); exit; } if ($rU==NULL) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # do lookup with method filtering if (!lookup("location","m")) { # voicemail # xlog("voicemail service\n"); # rewritehostport("10.34.240.129:5080"); } # when routing via usrloc, log the missed calls also setflag(2); route(1); } route[1] { # for INVITEs enable some additional helper routes if (is_method("INVITE")) { t_on_branch("2"); t_on_reply("2"); t_on_failure("1"); if(nat_uac_test("127")){ # user identified as behing a nat xlog("we are on route relay, user behind nat"); fix_nated_contact(); } # if we have an application/sdp on our body, so we execute # the rtpproxy_offer if(has_body("application/sdp")){ xlog("we have sdp on this $rm"); rtpproxy_offer("c","61.132.137.100"); } } # removing the rtpproxy session if(is_method("CANCEL|BYE")){ unforce_rtp_proxy(); } if (!t_relay()) { send_reply("500","Internal Error"); }; exit; } branch_route[2] { xlog("new branch at $ru\n"); } onreply_route[2] { xlog("incoming reply\n"); # we receive a reply, we need to check about application/sdp # on our body, if we have, we answer that if(is_method("ACK") && has_body("application/sdp")){ rtpproxy_answer(); }else if(has_body("application/sdp")){ # offering rtpproxy on a non ack message rtpproxy_offer("c","61.132.137.100"); } # here we try to identify if the user is behind a nat again # but now is the second user (the called user) if(nat_uac_test("127")){ xlog("we are on nat handle , user behind nat, fixing contact"); fix_nated_contact(); } } failure_route[1] { if(is_method("INVITE")) { # call failed - relay to voice mail #append_branch(); #t_relay("udp:10.34.240.131:5080"); } if (t_was_cancelled()) { exit; } }
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
