sngrep icon indicating copy to clipboard operation
sngrep copied to clipboard
verified publisher icon irontec

don'nt show rtp flow arrow when one leg with DMZ and sdp address with DMZ public address

Open michael2009 opened this issue 9 years ago • 5 comments

test with DMZ , sngrep run at IPPBX server

UAC1 -> NAT DMZ firewall -> LAN - IPPBX -> UAC2

1.1.1.1 -> 1.1.1.2 / 192.168.1.1 -> 192.168.1.200 -> 192.168.1.222

IPPBX give Answer SDP address same NAT public address to UAC1

then sngrep don'nt show any A-LEG rtp flow .

michael2009 avatar Apr 29 '16 08:04 michael2009

Hi!!

If I understand this properly, the 200 OK to the UAC1 has 1.1.1.2 as SDP audio address, but the received RTP packets have Destination IP as 192.168.1.200?

So, the only machine that knows that dialog has that RTP flow is the NAT Firewall, correct?

Kaian avatar May 02 '16 14:05 Kaian

yes . only IPPBX server know that dialog has that RTP flow is the NAT Firewall, correct.

then need add fuction for support dmz mode , sngrep run with dmz param !!!

michael2009 avatar May 04 '16 00:05 michael2009

example ./sngrep --dmz 1.1.1.2

then sngrep learn SDP address alias . 1.1.1.2 alias to 192.168.1.200

michael2009 avatar May 04 '16 00:05 michael2009

I could give it a try, but I think it would be more a setting in sngreprc file (like the existing alias directive) that a command line option.

dmz 1.1.1.2 192.168.1.200

When parsing a SDP with the first address, additional RTP streams will be configured with the second address in the same destination port.

Anyway I dont have a testing environment for this scenario so any test pcap will be appreciated. Also, we're right now with other projects so I'm not sure when I could implement this feature :)

Kaian avatar May 04 '16 18:05 Kaian

I had sent 3 pcap file to you , can check again later.

michael2009 avatar May 05 '16 00:05 michael2009