99 lines
2.7 KiB
Plaintext
99 lines
2.7 KiB
Plaintext
|
|
|
|
Be warned, this (and all the other) documentantation is far from
|
|
complete. This is just a *very* preliminary pre-alpha release. Don't
|
|
expect anything!
|
|
|
|
|
|
Overview:
|
|
=========
|
|
Siprox is an proxy/masquerading daemon for the SIP protocol.
|
|
It handles registrations of SIP clients on a private IP network
|
|
and performs rewriting of the SIP message bodies to make SIP
|
|
connections possible via an masquerading firewall.
|
|
It allows SIP clients (like kphone, linphone) to work behind
|
|
an IP masquerading firewall or router.
|
|
|
|
SIP (Session Initiation Protocol, RFC3261) is used by Softphones
|
|
(Voice over IP) to initiate communication. By itself, SIP does not
|
|
work via masquerading firewalls as the transfered data contains
|
|
IP addresses and port numbers.
|
|
|
|
|
|
|
|
Requirements:
|
|
=============
|
|
- libosip-0.8.8 (http://www.fsf.org/software/osip/)
|
|
|
|
Up to now, this packages only has been tested under an i386 Redhat Linux 6.0.
|
|
However, it should build and run under newer versions.
|
|
|
|
|
|
|
|
How to get started:
|
|
===================
|
|
|
|
- ./configure
|
|
|
|
- make
|
|
|
|
- make install
|
|
|
|
- copy sipproxd.conf.example to /etc/siproxd.conf
|
|
|
|
- edit /etc/siproxd.conf according to your situation
|
|
At least 'host_inbound' and 'host_outbound' have to be adapted!
|
|
host_inbound is your IP address of your private network,
|
|
host_outbound is your publich IP address or hostname (if you
|
|
have dynamic IP addresses, then you might want to use a hostname
|
|
here and use a dynamic DNS service like dyndns.org)
|
|
|
|
|
|
What siproxd does:
|
|
=================
|
|
Siproxd's main purpose (up to now) is to rewrite SIP messages.
|
|
|
|
|
|
|
|
What siproxd does NOT do:
|
|
=========================
|
|
Siproxd does *not* (yet) create masquerading tunnels or port-forwarding
|
|
for the data stream through the firewall.
|
|
|
|
These forwarding rules have to be set-up manually.
|
|
|
|
Example, using ipchains (mfw):
|
|
# ipchains -A input --proto udp --dport 7078 -m 100 -j ACCEPT
|
|
# ipmasqadm mfw -A -m 100 -r <remoteaddress> 7078
|
|
|
|
Example, using ipchains (portfw):
|
|
# portfw -a -P udp -L <localaddress> 7078 -R <remoteaddress> 7078
|
|
|
|
|
|
|
|
Limitations:
|
|
============
|
|
- currently, only UDP is supported
|
|
- very likely it does not follow the SIP spec in all details ;-)
|
|
|
|
|
|
|
|
Important Notice:
|
|
=================
|
|
gethostbyname() leaks memory in RedHat 6.0 with glibc 2.1.1.
|
|
|
|
The gethostbyname() function leaks memory in RedHat 6.0 with glibc 2.1.1.
|
|
The quick fix is to delete nisplus service from hosts entry in
|
|
/etc/nsswitch.conf. In my tests, memory use remained stable
|
|
after I made the above change.
|
|
(->http://www.squid-cache.org/Doc/FAQ/FAQ-14.html)
|
|
|
|
|
|
Contacts:
|
|
=========
|
|
|
|
Thomas Ries (tries@gmx.net)
|
|
GnuPG Public Key:
|
|
pub 1024D/87BCDC94 2000-03-19 Thomas Ries (tries@gmx.net)
|
|
Key fingerprint = 13D1 19F5 77D0 4CEC 8D3F A24E 09FC C18A 87BC DC94
|