Release Notes for siproxd-0.5.0 =============================== As quite some changes have been made now, I decided to make another release - even if some new feature are not yet completely ready, like IPTABLES (netfilter) support in the RTP proxy. However, it includes some important bugfixes and some other goodies. Major changes since 0.4.2: - Feature: Proxy chaining - siproxd itself may now use an additional outbound proxy. This allows for example to chain serveal siproxd (cross multiple firewalls). - Feature: Includes *preliminary* support for IPTABLES (netfilter) based systems. Current restrictions: The executable 'iptables' must reside in /sbin/iptables. Chroot jail not working. Must be run as root, don't let siproxd change the UID. This item is stil under work, it may or may not work for you. - Feature: Some changes to have siproxd compile under Solaris. Runtime is not tested yet. - Fix: Bugfixes and cleanup for building of FreeBSD - Fix: Chroot jail did not work properly and resultet in ERRORs during hostname lookups (gethostbyname) General Overview: - May be used as pure Outbound proxy (registration of local UAs to a 3rd party registrar) - Fli4l OPT_SIP (still experimental) available, check http://home.arcor.de/jsffm/fli4l/ - supports Linux and FreeBSD (other BSD derivates not yet tested) - SIP (RFC3261) Proxy for SIP based softphones hidden behind a masquerading firewall - Includes an RTP data stream proxy for *incoming* audio data (outgoing RTP data should be handled by IP masquerading by the firewall) - Includes Linux/IPCHAINS support for UDP masquerading tunnels as RTP proxy (Kernels 2,2,x so far - 2.4.x with IPTABLES is not yet supported) - Port range to be used for incoming RTP traffic is configurable (-> easy to set up apropriate firewall rules for incoming traffic) - RTP proxy can handle multiple RTP streams (eg. audio + video) within a single SIP session. - Multiple local users/hosts can be masqueraded simultaneously - Supports running in a chroot jail and changing user-ID after startup - All configuration done via one simple ascii configuration file - Proxy Authentication for registration of local clients (User Agents) with individual passwords for each user - Logging to syslog in daemon mode - Access control (IP based) for incoming traffic - RPM package available - works with "dial-up" conenctions (dynamic IP addresses) - The host part of UA registration entries can be masqueraded (mask_host, masked_host config items). Some Siemens SIP phones seem to need this 'feature'. Requirements: - pthreads (Linux) - glibc2 / libc5 / uClibc - libosip2 (libosip1 is no longer supported!) Currently tested on: - Redhat 6.0 (Kernel 2.2.x, Glibc) - Redhat 7.2 (Kernel 2.4.x, Glibc) - SUSE 5.3 (kernel 2.0.x, libc5) - Redhat 7.2 build against uClibc - should run on others Linux distributions as well. - FreeBSD 4.7-STABLE (compilation) Reported to build on: - OpenBSD 2.9 Reported interoperability (tested with softphones): - Grandstream BudgeTone-100 series (only works with IPCHAINS RTP proxy) - Linphone (local and remote UA) (http://www.linphone.org) - Kphone (local and remote UA) (http://www.wirlab.net/kphone/) - MSN messenger 4.6 (remote and local UA) Known bugs: There will be... If you port siproxd to a new platform or do other kinds of changes or bugfixes that might be of general interest, please drop me a line. Also if you intend to include siproxd into a distribution I'd be happy to get a short notice. ----- md5sum for siproxd-0.5.0.tar.gz: 506efb9c88d68944f63ab42130e15ae6 GnuPG signature for siproxd-0.5.0.tar.gz archive: -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQA/xPhdCfzBioe83JQRAp8CAKDFBUJEFiTraZc1xl8MJSHtqjevsACffF2N yuUjpOq58gUC4XEQRsYspuk= =YsPE -----END PGP SIGNATURE----- GnuPG: pub 1024D/87BCDC94 2000-03-19 Thomas Ries - Fingerprint = 13D1 19F5 77D0 4CEC 8D3F A24E 09FC C18A 87BC DC94 - Key via pgp.openpkg.org / http://www.ries.ch.vu/87BCDC94.pub VoIP: sip:17476691342@proxy01.sipphone.com | sip:thomas@ries.homeip.net