diff --git a/ChangeLog b/ChangeLog index 541c798..b0b436b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,10 +1,18 @@ +0.2.3 +===== +- 2-Nov-2002: - 'make install' install now a templace config file + (/etc/siproxd.conf.example) +- 24-Oct-2002: - small docu updates in README +- 17-Oct-2002: - fix in ./configure - abort on missing libraries + 0.2.2 ===== -- 12-Oct-2002: - '-d' commandline option supersedes condig file setting +- 12-Oct-2002: - Released version 0.2.2 + - '-d' commandline option supersedes config file setting of debug_level. - - reworked concept return status from functions - uses - now symbolic values - - added individual user passowrds for authentication + - reworked return status from functions - now uses + symbolic values and is more consistent + - added individual user passwords for authentication 0.2.1 ===== diff --git a/README b/README index d58f58b..113edbf 100644 --- a/README +++ b/README @@ -85,7 +85,7 @@ Scenario ! IntHost !---------------! Firewall !------------>> ! ! ! ! +-------------+ +--------------+ - : + eth0 : ppp0 @@ -101,14 +101,29 @@ Scenario - foo.bar.org is the domain name corresponding to the public IP address of the firewall (eg use some dynamic DNS service [1]) - Firewall rules for incomming traffic (ipchains example): +IPCHAINS: + Firewall rules for incomming traffic: $ ipchains -A input --proto udp --dport 5060 --log -j ACCEPT $ ipchains -A input --proto udp --dport 7070:7080 -j ACCEPT + Firewall rule for masquerading outgoing traffic: + $ ipchains -A forward -i ppp0 -j MASQ -s 10.0.0.0/24 -d 0.0.0.0/0 + +IPTABLES: + Firewall rules for incomming traffic: + $iptables -A INPUT -i ppp0 -p udp -m udp --dport 5060 -j ACCEPT + $iptables -A INPUT -i ppp0 -p udp -m udp --dport 7070:7080 -j ACCEPT + + Firewall rule for masquerading outgoing traffic: + $ iptables -t nat -A POSTROUTING -s 10.0.0.0/255.255.255.0 -j MASQUERADE + + The first line will allow incomming SIP traffic. The second line will allow incomming RTP traffic on the ports 7070 - 7080 (the default port range used by siproxd for incomming RTP traffic). + The rule for masquerading will ensure that the outgoing RTP data stream + is masqueraded properly and sent to the remote host. REFERENCES diff --git a/RELNOTES b/RELNOTES index 170a00f..9834ce8 100644 --- a/RELNOTES +++ b/RELNOTES @@ -1,4 +1,4 @@ -Release Notes for siproxd-0.2.2 +Release Notes for siproxd-0.2.3 =============================== - SIP Proxy for SIP based softphones hidden behind a masquerading firewall - Includes an RTP data stream proxy for *incomming* audio data @@ -10,6 +10,7 @@ Release Notes for siproxd-0.2.2 - Supports changing user-ID after startup (if started as root) - All configuration done via one simple ascii configuration file - Proxy Authentication for registration of local clients (User Agents) + with individual passwords for each user - Logging to syslog in Daemon mode - Access control (IP based) for incomming traffic - RPM support (spec file) @@ -26,9 +27,51 @@ Interoperability (tested with softphones): - Kphone (http://www.wirlab.net/kphone/) ----- -md5sum for siproxd-0.2.2.tar.gz: +md5sum for siproxd-0.2.3.tar.gz: + +GnuPG signature for siproxd-0.2.3.tar.gz archive: + + + +Release Notes for siproxd-0.2.2 +=============================== + - SIP Proxy for SIP based softphones hidden behind a masquerading firewall + - Includes an RTP data stream proxy for *incomming* audio data + (outgoing RTP data should be handled by IP masquerading by the firewall) + - Port range to be used for incomming RTP traffic is configurable + (-> easy to set up apropriate firewall rules for incomming traffic) + - Multiple local users/hosts can be masqueraded simultaneously + - Supports running in a chroot jail (configurable) + - Supports changing user-ID after startup (if started as root) + - All configuration done via one simple ascii configuration file + - Proxy Authentication for registration of local clients (User Agents) + now supports per user passwords + - Logging to syslog in Daemon mode + - Access control (IP based) for incomming traffic + - RPM support (spec file) + +Requirements: + - pthreads + - libosip 0.8.8 + +Currently tested on Linux 2.2.x (Redhat 6.0) and 2.4.x (Redhat 7.2), +should run on others Linux distributions as well. + +Interoperability (tested with softphones): + - Linphone (http://www.linphone.org) + - Kphone (http://www.wirlab.net/kphone/) + +----- +md5sum for siproxd-0.2.2.tar.gz: eaeb7277277cf9c113a23d77c6e024ba GnuPG signature for siproxd-0.2.2.tar.gz archive: +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.0.5 (GNU/Linux) + +iEYEABECAAYFAj2oURQACgkQPOYHDi42pIpWUQCfdNtmP/l010HtzCHPMKjbBZo/ +MNUAn2dOBHIfOJLy3CaqM1AUt8PC8iN6 +=AIbl +-----END PGP SIGNATURE----- diff --git a/TODO b/TODO index b0adff7..41cde5f 100644 --- a/TODO +++ b/TODO @@ -12,7 +12,7 @@ TODOs, in random order: - support for "full duplex" RTP proxying - portability to other platforms / operating systems - first goal: other Unixes + first goal: other Unixes (porting to FreeBSD is queued) - security tests for received SIP messages (function securitycheck) diff --git a/configure.in b/configure.in index e472dcd..e64fb42 100644 --- a/configure.in +++ b/configure.in @@ -2,7 +2,8 @@ dnl dnl History dnl ------- dnl before time a lot happend before start of history -dnl 8-Sep-2002 tries included more tests for used functions +dnl 8-Sep-2002 tries included more tests for used functions +dnl 17-Sep-2002 tries fail configure if needed libs not there dnl dnl dnl @@ -15,7 +16,7 @@ dnl ****************************************************************** dnl SPD_MAJOR_VERSION=0 SPD_MINOR_VERSION=2 -SPD_MICRO_VERSION=2 +SPD_MICRO_VERSION=3 SPD_VERSION=$SPD_MAJOR_VERSION.$SPD_MINOR_VERSION.$SPD_MICRO_VERSION dnl ********************************************************************* @@ -31,8 +32,10 @@ AC_PROG_INSTALL AC_PROG_LN_S dnl Checks for libraries. -AC_CHECK_LIB(osip, parser_init) -AC_CHECK_LIB(pthread, pthread_create) +AC_CHECK_LIB(osip, parser_init,, + echo "*** ERROR: libosip is required!";exit 1;) +AC_CHECK_LIB(pthread, pthread_create,, + echo "*** ERROR: pthreads is required!"; exit 1;) dnl Checks for header files. AC_HEADER_STDC diff --git a/doc/Makefile.am b/doc/Makefile.am index d7af4fe..4b117c5 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -20,3 +20,6 @@ EXTRA_DIST = siproxd.conf.example FAQ + +install-data-local: + $(INSTALL_DATA) siproxd.conf.example /etc/ diff --git a/siproxd.spec b/siproxd.spec index 5d39404..4932175 100644 --- a/siproxd.spec +++ b/siproxd.spec @@ -1,5 +1,5 @@ %define name siproxd -%define ver 0.2.1 +%define ver 0.2.3 %define release 1 %define serial 1 %define prefix %{_prefix} diff --git a/src/Makefile.am b/src/Makefile.am index eea67fd..d49db1c 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -32,7 +32,7 @@ EXTRA_DIST = .buildno # # count BUILDs - each time increment by one and define the -# C macro BUILDNO. bing it to a file everybody includes (log.h) +# C macro BUILDNO. bind it to a file everybody includes (log.h) # log.h: increment_build diff --git a/src/utils.c b/src/utils.c index d9535a9..cbc3eab 100644 --- a/src/utils.c +++ b/src/utils.c @@ -263,7 +263,7 @@ int compare_url(url_t *url1, url_t *url2) { if ((url1 == NULL) || (url2 == NULL)) return STS_FAILURE; /* comparison of hosts should be based on IP addresses, no? */ - DEBUGC(DBCLASS_BABBLE, "comparng urls: %s@%s -> %s@%s", + DEBUGC(DBCLASS_BABBLE, "comparing urls: %s@%s -> %s@%s", url1->username, url1->host, url2->username, url2->host); if ((strcmp(url1->username, url2->username)==0) && (strcmp(url1->host, url2->host)==0)) {