[Freeswitch-users] one last piece? maybe? Easy question, I hope just need to proxy port 5060 to 5080

Michael Scheidell michael.scheidell at secnap.com
Thu Aug 26 09:46:43 PDT 2010 

That all works below.
got one way audio, and no dtmf (and I know why)
media handoff is wrong.

system is the freewitch 1.2.3 package on pfsense (freebsd, 7.2, i386)

during the invite, this gets sent:


      Contact: <sip:gw+secnap.com at 204.89.241.135:5060;transport=udp>
             Contact Binding: 
<sip:gw+secnap.com at 204.89.241.135:5060;transport=udp>
                 URI: <sip:gw+secnap.com at 204.89.241.135:5060;transport=udp>
                     SIP contact address: 
sip:gw+secnap.com at 204.89.241.135:5060

NOW, that doesn't look all that bad, except that
1) the public ip address is 204.89.241.151
2) the private ip is 192.168.0.3


[pfsense: wan port is 204.89.241.135]
[pfsense lan port is 192.168.0.1]
sipx is at 192.168.0.2  see sip_profiles:  
./conf/sip_profiles/external/sipx.xml:
<param name="from-domain" value="192.168.0.2"/>
<param name="proxy" value="192.168..0.2:5080"/> <!-- 192.168.0.2 listens 
to 5080 for TRUNKS -->
<param name="expire-seconds" value="600"/>
<param name="register" value="false"/>
<param name="retry-seconds" value="30"/>
<param name="context" value="public"/>

I edited vars and have
<X-PRE-PROCESS cmd="set" data="domain=secnap.com"/>
<X-PRE-PROCESS cmd="set" data="local_ip_v4=192.168.0.3"/>


<list name="localnet.auto" default="allow">
<node type="allow" cidr="196.168.0.0/16"/>
</list>

<list name="lan" default="allow">
<node type="deny" cidr="192.168.0.0/16"/>
<node type="allow" cidr="192.168..0.3/32"/>
</list>

I still see this in ../freeswitch.log (and I can't find that ip 
ANYWHERE.  yes, its

o=FreeSWITCH 1282812037 1282812038 IN IP4 204.89.241.135
c=IN IP4 204.89.241.135
o=FreeSWITCH 1282814358 1282814359 IN IP4 204.89.241.135
c=IN IP4 204.89.241.135
2010-08-26 12:03:22.237567 [NOTICE] switch_core.c:915 Adding 
204.89.241.135/255.255.255.0 (deny) to list nat.auto
2010-08-26 12:03:22.237607 [NOTICE] switch_core.c:934 Adding 
204.89.241.135/255.255.255.0 (allow) to list localnet.auto

I have verified the OUTBOUND natting works: (im assuming when I set 
local_ip_ to 192.168.0.3 that it actually did it.


telnet -s 192.168.0.3 www.whatismyip.org 80
Trying 98.207.226.113...
Connected to www.whatismyip.org.
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.0 200 OK
Content-Type: text/plain

204.89.241.151Connection closed by foreign host.


wireshark dumps confirm it:

  Message Header
         Via: SIP/2.0/UDP 
192.168..0.3;rport=5060;branch=z9hG4bKXQQUvXFZDUymB;received=192.168..0.3
             Transport: UDP


-- 
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
 > *| *SECNAP Network Security Corporation

    * Certified SNORT Integrator
    * 2008-9 Hot Company Award Winner, World Executive Alliance
    * Five-Star Partner Program 2009, VARBusiness
    * Best in Email Security,2010: Network Products Guide
    * King of Spam Filters, SC Magazine 2008


______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100826/cbef474c/attachment.html

More information about the FreeSWITCH-users mailing list