<div dir="ltr">Hello Alexander<br>But in haproxy FreeSwitch will see IP address of haproxy server for all cases.<br>How to see real IP of WEbRTC device in FS when used proxy?<br><br>Sergey</div><br><div class="gmail_quote"><div dir="ltr">вт, 3 янв. 2017 г. в 23:34, Alexandru Covalschi <<a href="mailto:568691@gmail.com">568691@gmail.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg">I'd recommend you to use HAPROXY as load-balancer for websockets as it can be simplier configured as statefull proxy.</div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg"></div></div><div class="gmail_extra gmail_msg"><div class="gmail_quote gmail_msg">2016-12-24 12:05 GMT+02:00 Sergey Safarov <span dir="ltr" class="gmail_msg"><<a href="mailto:s.safarov@gmail.com" class="gmail_msg" target="_blank">s.safarov@gmail.com</a>></span>:<br class="gmail_msg"></div></div><div class="gmail_extra gmail_msg"><div class="gmail_quote gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg">Hello guys<div class="gmail_msg">I want configure user frendly WebRTC server based on FreeSwitch and SipML5 client.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">It can be easy done in FreeSwitch and NGINX is bounded to different IP/ports. But if you wants use one IP and 443 port then you will try configre NGINX to proxy all reuests line "/fs-socket/" to FreeSwitch port 7443.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">It is works fine but FreeSwitch cannot not see real client IP address like folowing. Captured on Amazon server.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">freeswitch@ip-172-31-29-87.us-west-2.compute.internal> sofia status profile internal reg </div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Registrations:</div><div class="gmail_msg">=================================================================================================</div><div class="gmail_msg">Call-ID: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>f1e8c7ca-8f50-4285-fd1a-148d2f1d1b88</div><div class="gmail_msg">User: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span><a href="mailto:23@46.218.201.23" class="gmail_msg" target="_blank">23@46.218.201.23</a></div><div class="gmail_msg">Contact: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>"23" <sips:23@df7jal23ls0d.invalid;rtcweb-breaker=no;transport=wss;fs_nat=yes;fs_path=sips%3A23%40172.31.29.87%3A37244%3Brtcweb-breaker%3Dno%3Btransport%3Dwss></div><div class="gmail_msg">Agent: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>IM-client/OMA1.0 sipML5-v1.2016.03.04</div><div class="gmail_msg">Status: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>Registered(TLS-NAT)(unknown) EXP(2016-12-24 09:42:43) EXPSECS(230)</div><div class="gmail_msg">Ping-Status:<span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>Reachable</div><div class="gmail_msg">Ping-Time:<span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>0.00</div><div class="gmail_msg">Host: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>ip-172-31-29-87.us-west-2.compute.internal</div><div class="gmail_msg">IP: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>172.31.29.87</div><div class="gmail_msg">Port: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>37244</div><div class="gmail_msg">Auth-User: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>23</div><div class="gmail_msg">Auth-Realm: <span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span>46.218.201.23</div><div class="gmail_msg">MWI-Account:<span class="m_5924876866336598585m_7780085034435318832Apple-tab-span gmail_msg" style="white-space:pre-wrap"> </span><a href="mailto:23@46.218.201.23" class="gmail_msg" target="_blank">23@46.218.201.23</a></div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Total items returned: 1</div><div class="gmail_msg">=================================================================================================</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Displayed real IP address of NGINX</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Also when received INVITE then variables like network_addr will cantain real IP of NGINX.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Then you can try confgire nginx like ng</div><div class="gmail_msg"><pre style="margin-top:0px;margin-bottom:1em;padding:5px;border:0px;font-size:13px;width:auto;max-height:600px;overflow:auto;font-family:consolas,menlo,monaco,"lucida console","liberation mono","dejavu sans mono","bitstream vera sans mono","courier new",monospace,sans-serif;background-color:rgb(239,240,241);word-wrap:normal;color:rgb(36,39,41)" class="gmail_msg"><code style="margin:0px;padding:0px;border:0px;font-family:consolas,menlo,monaco,"lucida console","liberation mono","dejavu sans mono","bitstream vera sans mono","courier new",monospace,sans-serif;white-space:inherit" class="gmail_msg">proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</code></pre></div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">But FreeSwitch wants SIP headers "X-AUTH-IP" and "X-AUTH-PORT" in every SIP message not only connection establishing. NGINX not understand SIP messages and cannot do it.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Then you will try cofigure Kamailio between NGINX and FreeSwitch. In this case Kamailio can parce http headers and add requred SIP header.</div><div class="gmail_msg">Are you can suggest other way to publish FreeSwitch socket on same port with http server?</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg"> </div></div>
<br class="gmail_msg"></blockquote></div></div><div class="gmail_extra gmail_msg"><div class="gmail_quote gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">_________________________________________________________________________<br class="gmail_msg">
Professional FreeSWITCH Consulting Services:<br class="gmail_msg">
<a href="mailto:consulting@freeswitch.org" class="gmail_msg" target="_blank">consulting@freeswitch.org</a><br class="gmail_msg">
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitchsolutions.com</a><br class="gmail_msg">
<br class="gmail_msg">
Official FreeSWITCH Sites<br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><br class="gmail_msg">
<a href="http://confluence.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://confluence.freeswitch.org</a><br class="gmail_msg">
<a href="http://www.cluecon.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.cluecon.com</a><br class="gmail_msg">
<br class="gmail_msg">
FreeSWITCH-users mailing list<br class="gmail_msg">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" class="gmail_msg" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br class="gmail_msg">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="gmail_msg">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><br class="gmail_msg"></blockquote></div><br class="gmail_msg"><br clear="all" class="gmail_msg"><div class="gmail_msg"><br class="gmail_msg"></div>-- <br class="gmail_msg"><div class="m_5924876866336598585gmail_signature gmail_msg" data-smartmail="gmail_signature"><div dir="ltr" class="gmail_msg"><div class="gmail_msg"><div dir="ltr" class="gmail_msg"><div class="gmail_msg"><div dir="ltr" class="gmail_msg">Alexandru Covalschi<br class="gmail_msg"><div class="gmail_msg">VoIP engineer and system administrator<br class="gmail_msg">tel: <a href="tel:+373%20673%2098%20493" value="+37367398493" class="gmail_msg" target="_blank">+37367398493</a><br class="gmail_msg"><br class="gmail_msg"></div></div></div></div></div></div></div>
</div>
_________________________________________________________________________<br class="gmail_msg">
Professional FreeSWITCH Consulting Services:<br class="gmail_msg">
<a href="mailto:consulting@freeswitch.org" class="gmail_msg" target="_blank">consulting@freeswitch.org</a><br class="gmail_msg">
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitchsolutions.com</a><br class="gmail_msg">
<br class="gmail_msg">
Official FreeSWITCH Sites<br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a><br class="gmail_msg">
<a href="http://confluence.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://confluence.freeswitch.org</a><br class="gmail_msg">
<a href="http://www.cluecon.com" rel="noreferrer" class="gmail_msg" target="_blank">http://www.cluecon.com</a><br class="gmail_msg">
<br class="gmail_msg">
FreeSWITCH-users mailing list<br class="gmail_msg">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" class="gmail_msg" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br class="gmail_msg">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="gmail_msg">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="gmail_msg">
<a href="http://www.freeswitch.org" rel="noreferrer" class="gmail_msg" target="_blank">http://www.freeswitch.org</a></blockquote></div>