subject:"\[OpenSIPS\-Users\] Opensips \+ rtpengine \+ Sipml5 webrtc"

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-28 Thread Eric Tamme

And are you forcing RTPengine to act as an ice light client?  It looks 
like you are gettin a single ICE candidate in the answer back from 
freeswitch which would indicate that you are.

I'd check your chrome webrtc statistics to see if tis failed to do do 
ice/stun negotiation on the 183.  In general the signalling looks good.

I think you may have an error on your Freeswitch side - some thing that 
is trying to force it to use SRTP all the time, even though the 
signalling has requested plain RTP (to freeswitch).

I think you should ask in #freeswitch on freenode at this point.

-Eric

On 06/23/2016 01:42 PM, John Nash wrote:
Actually the issue is i hear no audio on either side and just after 
session progress (I guess when media starts coming from remote media 
server) i see error  "SRTP output wanted, but no crypto suite was 
negotiated"

I had also checked media logs i could see RTP packets being sent from 
freeswitch to RTPengine IP but there was no packet at all just after 
that. Ideally after RTP packet from freeswitch to rtpengine, Rtpengine 
should send that packet to browser using wss?

On Fri, Jun 24, 2016 at 1:05 AM, Eric Tamme > wrote:

So - i dont see a problem here - Chrome is getting
UDP/TLS/RTP/SAVPF and Freeswitch is getting RTP/AVP.  Freeswitch
responded to the offer in the invite with an answer in the 183,
and in the 200.  What is the failure you are seeing, and where is
it happening (in freeswitch? in the browser?)

The only thing that looks bad is that you are retransmitting the
ACK which FS either ... doesnt like, or is never getting,  because
it keeps retransmitting the 200, which is why you get a 481 when
you send BYE.

-Eric

On 06/23/2016 01:24 PM, John Nash wrote:

OK here is the log
https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744

Sorry took me a while to convert wireshark trace to text file.

My freeswitch is running on private IP (127.0.0.1) and opensips I
run on both public and private so that for outside world opensips
is the only public IP they see. In proxy log I pasted Opensips
===> Freeswitch logs and back.

On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme > wrote:

No - it's annoying to look at a trace that's had information
removed and try and piece together whats happening.  Your
paranoid side is wrong, sorry.

-Eric

On 06/23/2016 01:06 PM, Patrick Wakano wrote:

my paranoic side would recommend to hide/change private
informations, specially any authentication line that might
appear... this is certainly a sort of social engineering
threat we should worry...
better be safe than sorry

On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme
> wrote:

I mean you can use a private gist, but you will be
publishing the link in a public email list. In general I
personally dont believe revealing ip addresses etc. is
any problem - to put my money where my mouth is here is
a gist link to an unaltered SIP trace on my server :)

https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52

-Eric

On 06/23/2016 12:23 PM, John Nash wrote:

Ok i am ready with logs. About gist may I use private
option as traces have our IPs, user

On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme
> wrote:

Hey John,

Please paste a full UNALTERED sip trace into a gist
(gist.github.com ) from the
proxy servers perspective and provide a link so
that we can see what comes in, and what goes out
from both sides.

EG: ngrep -qtd any -W byline port 5060

This will show us the traffic that is leaving the
proxy destined for the Freeswitch box, and what the
freeswitch box sends back.

Also - you can look in your browsers console log
and provide the SIP trace from there in a seperate
gist, so that we can see what opensips sends back
up to your browser.

-Eric

Am I using correct sip.js example? I copied it to
my server and accessing it using https: (used
letsencrypt)

On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme
> wrote:

1. I would suggest using SIP.js -
https://github.com/onsip/SIP.js it is a much
more active project that sipml5.

2. Im

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-24 Thread John Nash

Yes fingerprints are different in Invite and session progress.

On Fri, Jun 24, 2016 at 3:00 AM, sevpal <sev...@aol.com> wrote:

> Take a look at the “fingerprint:” line.
>
> *From:* John Nash <john.nash...@gmail.com>
> *Sent:* Thursday, June 23, 2016 3:42 PM
> *To:* OpenSIPS users mailling list <users@lists.opensips.org>
> *Subject:* Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc
>
> Actually the issue is i hear no audio on either side and just after
> session progress (I guess when media starts coming from remote media
> server) i see error "SRTP output wanted, but no crypto suite was
> negotiated"
>
> I had also checked media logs i could see RTP packets being sent from
> freeswitch to RTPengine IP but there was no packet at all just after that.
> Ideally after RTP packet from freeswitch to rtpengine, Rtpengine should
> send that packet to browser using wss?
>
> On Fri, Jun 24, 2016 at 1:05 AM, Eric Tamme <e...@uphreak.com> wrote:
>
>> So - i dont see a problem here - Chrome is getting UDP/TLS/RTP/SAVPF and
>> Freeswitch is getting RTP/AVP.  Freeswitch responded to the offer in the
>> invite with an answer in the 183, and in the 200.  What is the failure you
>> are seeing, and where is it happening (in freeswitch? in the browser?)
>>
>> The only thing that looks bad is that you are retransmitting the ACK
>> which FS either ... doesnt like, or is never getting,  because it keeps
>> retransmitting the 200, which is why you get a 481 when you send BYE.
>>
>> -Eric
>>
>>
>> On 06/23/2016 01:24 PM, John Nash wrote:
>>
>> OK here is the log
>> https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744
>>
>> Sorry took me a while to convert wireshark trace to text file.
>>
>> My freeswitch is running on private IP (127.0.0.1) and opensips I run on
>> both public and private so that for outside world opensips is the only
>> public IP they see. In proxy log I pasted Opensips ===> Freeswitch logs and
>> back.
>>
>>
>>
>>
>>
>>
>> On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme <e...@uphreak.com> wrote:
>>
>>> No - it's annoying to look at a trace that's had information removed and
>>> try and piece together whats happening.  Your paranoid side is wrong, sorry.
>>>
>>> -Eric
>>>
>>>
>>> On 06/23/2016 01:06 PM, Patrick Wakano wrote:
>>>
>>> my paranoic side would recommend to hide/change private informations,
>>> specially any authentication line that might appear... this is certainly a
>>> sort of social engineering threat we should worry...
>>> better be safe than sorry
>>>
>>>
>>> On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme <e...@uphreak.com> wrote:
>>>
>>>> I mean you can use a private gist, but you will be publishing the link
>>>> in a public email list.  In general I personally dont believe revealing ip
>>>> addresses etc. is any problem - to put my money where my mouth is here is a
>>>> gist link to an unaltered SIP trace on my server :)
>>>>
>>>> https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52
>>>>
>>>> -Eric
>>>>
>>>>
>>>> On 06/23/2016 12:23 PM, John Nash wrote:
>>>>
>>>> Ok i am ready with logs. About gist may I use private option as traces
>>>> have our IPs, user
>>>>
>>>> On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme <e...@uphreak.com> wrote:
>>>>
>>>>> Hey John,
>>>>>
>>>>> Please paste a full UNALTERED sip trace into a gist (gist.github.com)
>>>>> from the proxy servers perspective and provide a link so that we can see
>>>>> what comes in, and what goes out from both sides.
>>>>>
>>>>> EG: ngrep -qtd any -W byline port 5060
>>>>>
>>>>> This will show us the traffic that is leaving the proxy destined for
>>>>> the Freeswitch box, and what the freeswitch box sends back.
>>>>>
>>>>> Also - you can look in your browsers console log and provide the SIP
>>>>> trace from there in a seperate gist, so that we can see what opensips 
>>>>> sends
>>>>> back up to your browser.
>>>>>
>>>>> -Eric
>>>>>
>>>>>
>>>>> Am I using correct sip.js example? I copied it to my server and
>>>>> accessing it using https: (used letsencrypt)

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-24 Thread John Nash

Sorry sevpal somehow your message went to spam. I am not sure I get what
you are trying to say as I was under the impression rtpengine is supposed
to bridge protocols.  Better I explain my test setup properly to you ..

1- On linux server I installed certificates from letsencrypt for a domain
().
2- I have opensips (wss listner is there as well as udp), Rtpengine and
freeswitch (udp only and it terminate calls to SIP network)
3- On web server I copied sipml5 code which I access on chrome browser
using https://:443. In sipml5 I give wss url of the opensips wss
listener (wss://:4431 along with SIP credentials
4- My call flow is Chrome(sipml5) ==wss==>Opensips===udp==>Freeswitch.
Before sending Invite to freeswitch Rtpengine call is made
as per http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2. Same
being done when session progress or 200 OK comes from freeswitch.


Now in this setup how can I make sure same crypto is used?






On Fri, Jun 24, 2016 at 2:50 AM, sevpal <sev...@aol.com> wrote:

> Hi, the rtpengine cannot negotiate SRTP between the two points, both must
> support the same cryptography and protocol. eg; SRTP to SRTP , DTLS/SRTP to
> DTLS/SRTP cipher 128 to 128 and 256 to 256.
>
> You can print the request body ($rb) on the INVITE with “application/sdp”
> and visually compare the exchange, do this on offer and answer.
>
> *From:* John Nash <john.nash...@gmail.com>
> *Sent:* Thursday, June 23, 2016 3:42 PM
> *To:* OpenSIPS users mailling list <users@lists.opensips.org>
> *Subject:* Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc
>
> Actually the issue is i hear no audio on either side and just after
> session progress (I guess when media starts coming from remote media
> server) i see error "SRTP output wanted, but no crypto suite was
> negotiated"
>
> I had also checked media logs i could see RTP packets being sent from
> freeswitch to RTPengine IP but there was no packet at all just after that.
> Ideally after RTP packet from freeswitch to rtpengine, Rtpengine should
> send that packet to browser using wss?
>
> On Fri, Jun 24, 2016 at 1:05 AM, Eric Tamme <e...@uphreak.com> wrote:
>
>> So - i dont see a problem here - Chrome is getting UDP/TLS/RTP/SAVPF and
>> Freeswitch is getting RTP/AVP.  Freeswitch responded to the offer in the
>> invite with an answer in the 183, and in the 200.  What is the failure you
>> are seeing, and where is it happening (in freeswitch? in the browser?)
>>
>> The only thing that looks bad is that you are retransmitting the ACK
>> which FS either ... doesnt like, or is never getting,  because it keeps
>> retransmitting the 200, which is why you get a 481 when you send BYE.
>>
>> -Eric
>>
>>
>> On 06/23/2016 01:24 PM, John Nash wrote:
>>
>> OK here is the log
>> https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744
>>
>> Sorry took me a while to convert wireshark trace to text file.
>>
>> My freeswitch is running on private IP (127.0.0.1) and opensips I run on
>> both public and private so that for outside world opensips is the only
>> public IP they see. In proxy log I pasted Opensips ===> Freeswitch logs and
>> back.
>>
>>
>>
>>
>>
>>
>> On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme <e...@uphreak.com> wrote:
>>
>>> No - it's annoying to look at a trace that's had information removed and
>>> try and piece together whats happening.  Your paranoid side is wrong, sorry.
>>>
>>> -Eric
>>>
>>>
>>> On 06/23/2016 01:06 PM, Patrick Wakano wrote:
>>>
>>> my paranoic side would recommend to hide/change private informations,
>>> specially any authentication line that might appear... this is certainly a
>>> sort of social engineering threat we should worry...
>>> better be safe than sorry
>>>
>>>
>>> On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme <e...@uphreak.com> wrote:
>>>
>>>> I mean you can use a private gist, but you will be publishing the link
>>>> in a public email list.  In general I personally dont believe revealing ip
>>>> addresses etc. is any problem - to put my money where my mouth is here is a
>>>> gist link to an unaltered SIP trace on my server :)
>>>>
>>>> https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52
>>>>
>>>> -Eric
>>>>
>>>>
>>>> On 06/23/2016 12:23 PM, John Nash wrote:
>>>>
>>>> Ok i am ready with logs. About gist may I use private option as traces
>>>> have our IPs, user
>>>>
&

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread sevpal

Take a look at the “fingerprint:” line. 

From: John Nash 
Sent: Thursday, June 23, 2016 3:42 PM
To: OpenSIPS users mailling list 
Subject: Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Actually the issue is i hear no audio on either side and just after session 
progress (I guess when media starts coming from remote media server) i see 
error "SRTP output wanted, but no crypto suite was negotiated" 

I had also checked media logs i could see RTP packets being sent from 
freeswitch to RTPengine IP but there was no packet at all just after that. 
Ideally after RTP packet from freeswitch to rtpengine, Rtpengine should send 
that packet to browser using wss?

On Fri, Jun 24, 2016 at 1:05 AM, Eric Tamme <e...@uphreak.com> wrote:

  So - i dont see a problem here - Chrome is getting UDP/TLS/RTP/SAVPF and 
Freeswitch is getting RTP/AVP.  Freeswitch responded to the offer in the invite 
with an answer in the 183, and in the 200.  What is the failure you are seeing, 
and where is it happening (in freeswitch? in the browser?)

  The only thing that looks bad is that you are retransmitting the ACK which FS 
either ... doesnt like, or is never getting,  because it keeps retransmitting 
the 200, which is why you get a 481 when you send BYE.

  -Eric 

  On 06/23/2016 01:24 PM, John Nash wrote:

OK here is the log 
https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744 

Sorry took me a while to convert wireshark trace to text file.

My freeswitch is running on private IP (127.0.0.1) and opensips I run on 
both public and private so that for outside world opensips is the only public 
IP they see. In proxy log I pasted Opensips ===> Freeswitch logs and back.

On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme <e...@uphreak.com> wrote:

  No - it's annoying to look at a trace that's had information removed and 
try and piece together whats happening.  Your paranoid side is wrong, sorry.

  -Eric 

  On 06/23/2016 01:06 PM, Patrick Wakano wrote:

my paranoic side would recommend to hide/change private informations, 
specially any authentication line that might appear... this is certainly a sort 
of social engineering threat we should worry...

better be safe than sorry

On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme <e...@uphreak.com> wrote:

  I mean you can use a private gist, but you will be publishing the 
link in a public email list.  In general I personally dont believe revealing ip 
addresses etc. is any problem - to put my money where my mouth is here is a 
gist link to an unaltered SIP trace on my server :)

  https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52

  -Eric 

  On 06/23/2016 12:23 PM, John Nash wrote:

Ok i am ready with logs. About gist may I use private option as 
traces have our IPs, user

On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme <e...@uphreak.com> 
wrote:

  Hey John,

  Please paste a full UNALTERED sip trace into a gist 
(gist.github.com) from the proxy servers perspective and provide a link so that 
we can see what comes in, and what goes out from both sides.

  EG: ngrep -qtd any -W byline port 5060

  This will show us the traffic that is leaving the proxy destined 
for the Freeswitch box, and what the freeswitch box sends back.

  Also - you can look in your browsers console log and provide the 
SIP trace from there in a seperate gist, so that we can see what opensips sends 
back up to your browser.

  -Eric 

Am I using correct sip.js example? I copied it to my server and 
accessing it using https: (used letsencrypt)

On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme <e...@uphreak.com> 
wrote:

  1. I would suggest using SIP.js - 
https://github.com/onsip/SIP.js it is a much more active project that sipml5.

  2. Im guessing that you are not properly passing flags to 
RTPEngine.  If you want to have DTLS-SRTP between the browser, and plain 
RTP/AVP between RTPEngine and freeswitch, you need to "offer" rtp/avp to 
freeswitch, and "answer" dtls-srtp back up to the browser.

  the offer to freeswitch would be:  

$var(rtpengine_flags) = "RTP/AVP replace-session-connection 
replace-origin ICE=remove";

and the answer back up to the browswer would be:

$var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
  -Eric 

  On 06/23/2016 08:20 AM, John Nash wrote:

I am following 
http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and trying to 
test a call  

sipml5 --->Opensips + rtpengine > SIP end 
point (Freeswitch)

But I do not have any audio on both sides. I

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread sevpal

Hi, the rtpengine cannot negotiate SRTP between the two points, both must 
support the same cryptography and protocol. eg; SRTP to SRTP , DTLS/SRTP to 
DTLS/SRTP cipher 128 to 128 and 256 to 256.

You can print the request body ($rb) on the INVITE with “application/sdp” and 
visually compare the exchange, do this on offer and answer.

From: John Nash 
Sent: Thursday, June 23, 2016 3:42 PM
To: OpenSIPS users mailling list 
Subject: Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Actually the issue is i hear no audio on either side and just after session 
progress (I guess when media starts coming from remote media server) i see 
error "SRTP output wanted, but no crypto suite was negotiated" 

I had also checked media logs i could see RTP packets being sent from 
freeswitch to RTPengine IP but there was no packet at all just after that. 
Ideally after RTP packet from freeswitch to rtpengine, Rtpengine should send 
that packet to browser using wss?

On Fri, Jun 24, 2016 at 1:05 AM, Eric Tamme <e...@uphreak.com> wrote:

  So - i dont see a problem here - Chrome is getting UDP/TLS/RTP/SAVPF and 
Freeswitch is getting RTP/AVP.  Freeswitch responded to the offer in the invite 
with an answer in the 183, and in the 200.  What is the failure you are seeing, 
and where is it happening (in freeswitch? in the browser?)

  The only thing that looks bad is that you are retransmitting the ACK which FS 
either ... doesnt like, or is never getting,  because it keeps retransmitting 
the 200, which is why you get a 481 when you send BYE.

  -Eric 

  On 06/23/2016 01:24 PM, John Nash wrote:

OK here is the log 
https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744 

Sorry took me a while to convert wireshark trace to text file.

My freeswitch is running on private IP (127.0.0.1) and opensips I run on 
both public and private so that for outside world opensips is the only public 
IP they see. In proxy log I pasted Opensips ===> Freeswitch logs and back.

On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme <e...@uphreak.com> wrote:

  No - it's annoying to look at a trace that's had information removed and 
try and piece together whats happening.  Your paranoid side is wrong, sorry.

  -Eric 

  On 06/23/2016 01:06 PM, Patrick Wakano wrote:

my paranoic side would recommend to hide/change private informations, 
specially any authentication line that might appear... this is certainly a sort 
of social engineering threat we should worry...

better be safe than sorry

On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme <e...@uphreak.com> wrote:

  I mean you can use a private gist, but you will be publishing the 
link in a public email list.  In general I personally dont believe revealing ip 
addresses etc. is any problem - to put my money where my mouth is here is a 
gist link to an unaltered SIP trace on my server :)

  https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52

  -Eric 

  On 06/23/2016 12:23 PM, John Nash wrote:

Ok i am ready with logs. About gist may I use private option as 
traces have our IPs, user

On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme <e...@uphreak.com> 
wrote:

  Hey John,

  Please paste a full UNALTERED sip trace into a gist 
(gist.github.com) from the proxy servers perspective and provide a link so that 
we can see what comes in, and what goes out from both sides.

  EG: ngrep -qtd any -W byline port 5060

  This will show us the traffic that is leaving the proxy destined 
for the Freeswitch box, and what the freeswitch box sends back.

  Also - you can look in your browsers console log and provide the 
SIP trace from there in a seperate gist, so that we can see what opensips sends 
back up to your browser.

  -Eric 

Am I using correct sip.js example? I copied it to my server and 
accessing it using https: (used letsencrypt)

On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme <e...@uphreak.com> 
wrote:

  1. I would suggest using SIP.js - 
https://github.com/onsip/SIP.js it is a much more active project that sipml5.

  2. Im guessing that you are not properly passing flags to 
RTPEngine.  If you want to have DTLS-SRTP between the browser, and plain 
RTP/AVP between RTPEngine and freeswitch, you need to "offer" rtp/avp to 
freeswitch, and "answer" dtls-srtp back up to the browser.

  the offer to freeswitch would be:  

$var(rtpengine_flags) = "RTP/AVP replace-session-connection 
replace-origin ICE=remove";

and the answer back up to the browswer would be:

$var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
  -Eric 

  On 06/23/2016 08:20 AM, John Nash wrote:

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread John Nash

Actually the issue is i hear no audio on either side and just after session
progress (I guess when media starts coming from remote media server) i see
error  "SRTP output wanted, but no crypto suite was negotiated"

I had also checked media logs i could see RTP packets being sent from
freeswitch to RTPengine IP but there was no packet at all just after that.
Ideally after RTP packet from freeswitch to rtpengine, Rtpengine should
send that packet to browser using wss?

On Fri, Jun 24, 2016 at 1:05 AM, Eric Tamme  wrote:

> So - i dont see a problem here - Chrome is getting UDP/TLS/RTP/SAVPF and
> Freeswitch is getting RTP/AVP.  Freeswitch responded to the offer in the
> invite with an answer in the 183, and in the 200.  What is the failure you
> are seeing, and where is it happening (in freeswitch? in the browser?)
>
> The only thing that looks bad is that you are retransmitting the ACK which
> FS either ... doesnt like, or is never getting,  because it keeps
> retransmitting the 200, which is why you get a 481 when you send BYE.
>
> -Eric
>
>
> On 06/23/2016 01:24 PM, John Nash wrote:
>
> OK here is the log
> https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744
>
> Sorry took me a while to convert wireshark trace to text file.
>
> My freeswitch is running on private IP (127.0.0.1) and opensips I run on
> both public and private so that for outside world opensips is the only
> public IP they see. In proxy log I pasted Opensips ===> Freeswitch logs and
> back.
>
>
>
>
>
>
> On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme  wrote:
>
>> No - it's annoying to look at a trace that's had information removed and
>> try and piece together whats happening.  Your paranoid side is wrong, sorry.
>>
>> -Eric
>>
>>
>> On 06/23/2016 01:06 PM, Patrick Wakano wrote:
>>
>> my paranoic side would recommend to hide/change private informations,
>> specially any authentication line that might appear... this is certainly a
>> sort of social engineering threat we should worry...
>> better be safe than sorry
>>
>>
>> On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme < 
>> e...@uphreak.com> wrote:
>>
>>> I mean you can use a private gist, but you will be publishing the link
>>> in a public email list.  In general I personally dont believe revealing ip
>>> addresses etc. is any problem - to put my money where my mouth is here is a
>>> gist link to an unaltered SIP trace on my server :)
>>>
>>> https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52
>>>
>>> -Eric
>>>
>>>
>>> On 06/23/2016 12:23 PM, John Nash wrote:
>>>
>>> Ok i am ready with logs. About gist may I use private option as traces
>>> have our IPs, user
>>>
>>> On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme < 
>>> e...@uphreak.com> wrote:
>>>
 Hey John,

 Please paste a full UNALTERED sip trace into a gist (gist.github.com)
 from the proxy servers perspective and provide a link so that we can see
 what comes in, and what goes out from both sides.

 EG: ngrep -qtd any -W byline port 5060

 This will show us the traffic that is leaving the proxy destined for
 the Freeswitch box, and what the freeswitch box sends back.

 Also - you can look in your browsers console log and provide the SIP
 trace from there in a seperate gist, so that we can see what opensips sends
 back up to your browser.

 -Eric


 Am I using correct sip.js example? I copied it to my server and
 accessing it using https: (used letsencrypt)

 On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme < 
 e...@uphreak.com> wrote:

> 1. I would suggest using SIP.js - 
> https://github.com/onsip/SIP.js it is a much more active project that
> sipml5.
>
> 2. Im guessing that you are not properly passing flags to RTPEngine.
> If you want to have DTLS-SRTP between the browser, and plain RTP/AVP
> between RTPEngine and freeswitch, you need to "offer" rtp/avp to
> freeswitch, and "answer" dtls-srtp back up to the browser.
>
> the offer to freeswitch would be:
>
> $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
> replace-origin ICE=remove";
>
>
> and the answer back up to the browswer would be:
>
> $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
>
>
> -Eric
>
>
>
> On 06/23/2016 08:20 AM, John Nash wrote:
>
> I am following
> 
> http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and
> trying to test a call
>
> sipml5 --->Opensips + rtpengine > SIP end point
> (Freeswitch)
>
> But I do not have any audio on both sides. I see this error at
> rtpengine log "SRTP output wanted, but no crypto suite was negotiated"
>
> Anyone tested

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread Eric Tamme

So - i dont see a problem here - Chrome is getting UDP/TLS/RTP/SAVPF and 
Freeswitch is getting RTP/AVP.  Freeswitch responded to the offer in the 
invite with an answer in the 183, and in the 200.  What is the failure 
you are seeing, and where is it happening (in freeswitch? in the browser?)

The only thing that looks bad is that you are retransmitting the ACK 
which FS either ... doesnt like, or is never getting,  because it keeps 
retransmitting the 200, which is why you get a 481 when you send BYE.

-Eric

On 06/23/2016 01:24 PM, John Nash wrote:
OK here is the log 
https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744

Sorry took me a while to convert wireshark trace to text file.

My freeswitch is running on private IP (127.0.0.1) and opensips I run 
on both public and private so that for outside world opensips is the 
only public IP they see. In proxy log I pasted Opensips ===> 
Freeswitch logs and back.

On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme > wrote:

No - it's annoying to look at a trace that's had information
removed and try and piece together whats happening.  Your paranoid
side is wrong, sorry.

-Eric

On 06/23/2016 01:06 PM, Patrick Wakano wrote:

my paranoic side would recommend to hide/change private
informations, specially any authentication line that might
appear... this is certainly a sort of social engineering threat
we should worry...
better be safe than sorry

On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme > wrote:

I mean you can use a private gist, but you will be publishing
the link in a public email list. In general I personally dont
believe revealing ip addresses etc. is any problem - to put
my money where my mouth is here is a gist link to an
unaltered SIP trace on my server :)

https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52

-Eric

On 06/23/2016 12:23 PM, John Nash wrote:

Ok i am ready with logs. About gist may I use private option
as traces have our IPs, user

On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme
> wrote:

Hey John,

Please paste a full UNALTERED sip trace into a gist
(gist.github.com ) from the
proxy servers perspective and provide a link so that we
can see what comes in, and what goes out from both sides.

EG: ngrep -qtd any -W byline port 5060

This will show us the traffic that is leaving the proxy
destined for the Freeswitch box, and what the freeswitch
box sends back.

Also - you can look in your browsers console log and
provide the SIP trace from there in a seperate gist, so
that we can see what opensips sends back up to your browser.

-Eric

Am I using correct sip.js example? I copied it to my
server and accessing it using https: (used letsencrypt)

On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme
> wrote:

1. I would suggest using SIP.js -
https://github.com/onsip/SIP.js it is a much more
active project that sipml5.

2. Im guessing that you are not properly passing
flags to RTPEngine.  If you want to have DTLS-SRTP
between the browser, and plain RTP/AVP between
RTPEngine and freeswitch, you need to "offer"
rtp/avp to freeswitch, and "answer" dtls-srtp back
up to the browser.

the offer to freeswitch would be:

 $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
replace-origin ICE=remove";

and the answer back up to the browswer would be:

 $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";

-Eric

On 06/23/2016 08:20 AM, John Nash wrote:

I am following
http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2
and trying to test a call

sipml5 --->Opensips + rtpengine >
SIP end point (Freeswitch)

But I do not have any audio on both sides. I see
this error at rtpengine log "SRTP output wanted,
but no crypto suite was negotiated"

Anyone tested this scenario positive?

___
Users mailing list
Users@lists.opensips.org

http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread John Nash

OK here is the log
https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744

Sorry took me a while to convert wireshark trace to text file.

My freeswitch is running on private IP (127.0.0.1) and opensips I run on
both public and private so that for outside world opensips is the only
public IP they see. In proxy log I pasted Opensips ===> Freeswitch logs and
back.






On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme  wrote:

> No - it's annoying to look at a trace that's had information removed and
> try and piece together whats happening.  Your paranoid side is wrong, sorry.
>
> -Eric
>
>
> On 06/23/2016 01:06 PM, Patrick Wakano wrote:
>
> my paranoic side would recommend to hide/change private informations,
> specially any authentication line that might appear... this is certainly a
> sort of social engineering threat we should worry...
> better be safe than sorry
>
>
> On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme  wrote:
>
>> I mean you can use a private gist, but you will be publishing the link in
>> a public email list.  In general I personally dont believe revealing ip
>> addresses etc. is any problem - to put my money where my mouth is here is a
>> gist link to an unaltered SIP trace on my server :)
>>
>> https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52
>>
>> -Eric
>>
>>
>> On 06/23/2016 12:23 PM, John Nash wrote:
>>
>> Ok i am ready with logs. About gist may I use private option as traces
>> have our IPs, user
>>
>> On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme < 
>> e...@uphreak.com> wrote:
>>
>>> Hey John,
>>>
>>> Please paste a full UNALTERED sip trace into a gist (gist.github.com)
>>> from the proxy servers perspective and provide a link so that we can see
>>> what comes in, and what goes out from both sides.
>>>
>>> EG: ngrep -qtd any -W byline port 5060
>>>
>>> This will show us the traffic that is leaving the proxy destined for the
>>> Freeswitch box, and what the freeswitch box sends back.
>>>
>>> Also - you can look in your browsers console log and provide the SIP
>>> trace from there in a seperate gist, so that we can see what opensips sends
>>> back up to your browser.
>>>
>>> -Eric
>>>
>>>
>>> Am I using correct sip.js example? I copied it to my server and
>>> accessing it using https: (used letsencrypt)
>>>
>>> On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme < 
>>> e...@uphreak.com> wrote:
>>>
 1. I would suggest using SIP.js - 
 https://github.com/onsip/SIP.js it is a much more active project that
 sipml5.

 2. Im guessing that you are not properly passing flags to RTPEngine.
 If you want to have DTLS-SRTP between the browser, and plain RTP/AVP
 between RTPEngine and freeswitch, you need to "offer" rtp/avp to
 freeswitch, and "answer" dtls-srtp back up to the browser.

 the offer to freeswitch would be:

 $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
 replace-origin ICE=remove";


 and the answer back up to the browswer would be:

 $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";


 -Eric



 On 06/23/2016 08:20 AM, John Nash wrote:

 I am following
 
 http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and
 trying to test a call

 sipml5 --->Opensips + rtpengine > SIP end point
 (Freeswitch)

 But I do not have any audio on both sides. I see this error at
 rtpengine log "SRTP output wanted, but no crypto suite was negotiated"

 Anyone tested this scenario positive?


 ___
 Users mailing 
 listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users



 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users


>>>
>>>
>>> ___
>>> Users mailing 
>>> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>
>>
>> ___
>> Users mailing 
>> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
>
> ___
> Users mailing 
> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
>

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread Eric Tamme

No - it's annoying to look at a trace that's had information removed and 
try and piece together whats happening.  Your paranoid side is wrong, sorry.


-Eric

On 06/23/2016 01:06 PM, Patrick Wakano wrote:
my paranoic side would recommend to hide/change private informations, 
specially any authentication line that might appear... this is 
certainly a sort of social engineering threat we should worry...

better be safe than sorry


On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme > wrote:


I mean you can use a private gist, but you will be publishing the
link in a public email list.  In general I personally dont believe
revealing ip addresses etc. is any problem - to put my money where
my mouth is here is a gist link to an unaltered SIP trace on my
server :)

https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52

-Eric


On 06/23/2016 12:23 PM, John Nash wrote:

Ok i am ready with logs. About gist may I use private option as
traces have our IPs, user

On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme > wrote:

Hey John,

Please paste a full UNALTERED sip trace into a gist
(gist.github.com ) from the proxy
servers perspective and provide a link so that we can see
what comes in, and what goes out from both sides.

EG: ngrep -qtd any -W byline port 5060

This will show us the traffic that is leaving the proxy
destined for the Freeswitch box, and what the freeswitch box
sends back.

Also - you can look in your browsers console log and provide
the SIP trace from there in a seperate gist, so that we can
see what opensips sends back up to your browser.

-Eric



Am I using correct sip.js example? I copied it to my server
and accessing it using https: (used letsencrypt)

On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme
> wrote:

1. I would suggest using SIP.js -
https://github.com/onsip/SIP.js it is a much more active
project that sipml5.

2. Im guessing that you are not properly passing flags
to RTPEngine.  If you want to have DTLS-SRTP between the
browser, and plain RTP/AVP between RTPEngine and
freeswitch, you need to "offer" rtp/avp to freeswitch,
and "answer" dtls-srtp back up to the browser.

the offer to freeswitch would be:

 $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
replace-origin ICE=remove";

and the answer back up to the browswer would be:

 $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";


-Eric



On 06/23/2016 08:20 AM, John Nash wrote:

I am following
http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2
and trying to test a call

sipml5 --->Opensips + rtpengine > SIP
end point (Freeswitch)

But I do not have any audio on both sides. I see this
error at rtpengine log "SRTP output wanted, but no
crypto suite was negotiated"

Anyone tested this scenario positive?


___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users




___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users




___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users




___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread Patrick Wakano

my paranoic side would recommend to hide/change private informations,
specially any authentication line that might appear... this is certainly a
sort of social engineering threat we should worry...
better be safe than sorry


On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme  wrote:

> I mean you can use a private gist, but you will be publishing the link in
> a public email list.  In general I personally dont believe revealing ip
> addresses etc. is any problem - to put my money where my mouth is here is a
> gist link to an unaltered SIP trace on my server :)
>
> https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52
>
> -Eric
>
>
> On 06/23/2016 12:23 PM, John Nash wrote:
>
> Ok i am ready with logs. About gist may I use private option as traces
> have our IPs, user
>
> On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme  wrote:
>
>> Hey John,
>>
>> Please paste a full UNALTERED sip trace into a gist (gist.github.com)
>> from the proxy servers perspective and provide a link so that we can see
>> what comes in, and what goes out from both sides.
>>
>> EG: ngrep -qtd any -W byline port 5060
>>
>> This will show us the traffic that is leaving the proxy destined for the
>> Freeswitch box, and what the freeswitch box sends back.
>>
>> Also - you can look in your browsers console log and provide the SIP
>> trace from there in a seperate gist, so that we can see what opensips sends
>> back up to your browser.
>>
>> -Eric
>>
>>
>> Am I using correct sip.js example? I copied it to my server and accessing
>> it using https: (used letsencrypt)
>>
>> On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme < 
>> e...@uphreak.com> wrote:
>>
>>> 1. I would suggest using SIP.js - 
>>> https://github.com/onsip/SIP.js it is a much more active project that
>>> sipml5.
>>>
>>> 2. Im guessing that you are not properly passing flags to RTPEngine.  If
>>> you want to have DTLS-SRTP between the browser, and plain RTP/AVP between
>>> RTPEngine and freeswitch, you need to "offer" rtp/avp to freeswitch, and
>>> "answer" dtls-srtp back up to the browser.
>>>
>>> the offer to freeswitch would be:
>>>
>>> $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
>>> replace-origin ICE=remove";
>>>
>>>
>>> and the answer back up to the browswer would be:
>>>
>>> $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
>>>
>>>
>>> -Eric
>>>
>>>
>>>
>>> On 06/23/2016 08:20 AM, John Nash wrote:
>>>
>>> I am following
>>> 
>>> http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and
>>> trying to test a call
>>>
>>> sipml5 --->Opensips + rtpengine > SIP end point
>>> (Freeswitch)
>>>
>>> But I do not have any audio on both sides. I see this error at rtpengine
>>> log "SRTP output wanted, but no crypto suite was negotiated"
>>>
>>> Anyone tested this scenario positive?
>>>
>>>
>>> ___
>>> Users mailing 
>>> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>>
>>> ___
>>> Users mailing list
>>> Users@lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>
>>
>> ___
>> Users mailing 
>> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
>
> ___
> Users mailing 
> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread Eric Tamme

I mean you can use a private gist, but you will be publishing the link 
in a public email list.  In general I personally dont believe revealing 
ip addresses etc. is any problem - to put my money where my mouth is 
here is a gist link to an unaltered SIP trace on my server :)


https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52

-Eric

On 06/23/2016 12:23 PM, John Nash wrote:
Ok i am ready with logs. About gist may I use private option as traces 
have our IPs, user


On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme > wrote:


Hey John,

Please paste a full UNALTERED sip trace into a gist
(gist.github.com ) from the proxy servers
perspective and provide a link so that we can see what comes in,
and what goes out from both sides.

EG: ngrep -qtd any -W byline port 5060

This will show us the traffic that is leaving the proxy destined
for the Freeswitch box, and what the freeswitch box sends back.

Also - you can look in your browsers console log and provide the
SIP trace from there in a seperate gist, so that we can see what
opensips sends back up to your browser.

-Eric



Am I using correct sip.js example? I copied it to my server and
accessing it using https: (used letsencrypt)

On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme > wrote:

1. I would suggest using SIP.js -
https://github.com/onsip/SIP.js it is a much more active
project that sipml5.

2. Im guessing that you are not properly passing flags to
RTPEngine.  If you want to have DTLS-SRTP between the
browser, and plain RTP/AVP between RTPEngine and freeswitch,
you need to "offer" rtp/avp to freeswitch, and "answer"
dtls-srtp back up to the browser.

the offer to freeswitch would be:

 $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
replace-origin ICE=remove";

and the answer back up to the browswer would be:

 $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";


-Eric



On 06/23/2016 08:20 AM, John Nash wrote:

I am following
http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and
trying to test a call

sipml5 --->Opensips + rtpengine > SIP end
point (Freeswitch)

But I do not have any audio on both sides. I see this error
at rtpengine log "SRTP output wanted, but no crypto suite
was negotiated"

Anyone tested this scenario positive?


___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users




___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users




___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread John Nash

Ok i am ready with logs. About gist may I use private option as traces have
our IPs, user

On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme  wrote:

> Hey John,
>
> Please paste a full UNALTERED sip trace into a gist (gist.github.com)
> from the proxy servers perspective and provide a link so that we can see
> what comes in, and what goes out from both sides.
>
> EG: ngrep -qtd any -W byline port 5060
>
> This will show us the traffic that is leaving the proxy destined for the
> Freeswitch box, and what the freeswitch box sends back.
>
> Also - you can look in your browsers console log and provide the SIP trace
> from there in a seperate gist, so that we can see what opensips sends back
> up to your browser.
>
> -Eric
>
>
> Am I using correct sip.js example? I copied it to my server and accessing
> it using https: (used letsencrypt)
>
> On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme  wrote:
>
>> 1. I would suggest using SIP.js - https://github.com/onsip/SIP.js it is
>> a much more active project that sipml5.
>>
>> 2. Im guessing that you are not properly passing flags to RTPEngine.  If
>> you want to have DTLS-SRTP between the browser, and plain RTP/AVP between
>> RTPEngine and freeswitch, you need to "offer" rtp/avp to freeswitch, and
>> "answer" dtls-srtp back up to the browser.
>>
>> the offer to freeswitch would be:
>>
>> $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
>> replace-origin ICE=remove";
>>
>>
>> and the answer back up to the browswer would be:
>>
>> $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
>>
>>
>> -Eric
>>
>>
>>
>> On 06/23/2016 08:20 AM, John Nash wrote:
>>
>> I am following
>> 
>> http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and trying
>> to test a call
>>
>> sipml5 --->Opensips + rtpengine > SIP end point
>> (Freeswitch)
>>
>> But I do not have any audio on both sides. I see this error at rtpengine
>> log "SRTP output wanted, but no crypto suite was negotiated"
>>
>> Anyone tested this scenario positive?
>>
>>
>> ___
>> Users mailing 
>> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
>
> ___
> Users mailing 
> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread Eric Tamme


Hey John,

Please paste a full UNALTERED sip trace into a gist (gist.github.com) 
from the proxy servers perspective and provide a link so that we can see 
what comes in, and what goes out from both sides.


EG: ngrep -qtd any -W byline port 5060

This will show us the traffic that is leaving the proxy destined for the 
Freeswitch box, and what the freeswitch box sends back.


Also - you can look in your browsers console log and provide the SIP 
trace from there in a seperate gist, so that we can see what opensips 
sends back up to your browser.


-Eric

Am I using correct sip.js example? I copied it to my server and 
accessing it using https: (used letsencrypt)


On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme > wrote:


1. I would suggest using SIP.js - https://github.com/onsip/SIP.js
it is a much more active project that sipml5.

2. Im guessing that you are not properly passing flags to
RTPEngine.  If you want to have DTLS-SRTP between the browser, and
plain RTP/AVP between RTPEngine and freeswitch, you need to
"offer" rtp/avp to freeswitch, and "answer" dtls-srtp back up to
the browser.

the offer to freeswitch would be:

 $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
replace-origin ICE=remove";

and the answer back up to the browswer would be:

 $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";


-Eric



On 06/23/2016 08:20 AM, John Nash wrote:

I am following
http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and
trying to test a call

sipml5 --->Opensips + rtpengine > SIP end point
(Freeswitch)

But I do not have any audio on both sides. I see this error at
rtpengine log "SRTP output wanted, but no crypto suite was
negotiated"

Anyone tested this scenario positive?


___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users




___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread John Nash

I double checked my rtpengine offer answer calls and now using
https://github.com/onsip/sipjs-examples/tree/master/demo-phone but I face
same issue (no audio either side) and error  "SRTP output wanted, but no
crypto suite was negotiated" Rtpengine also I updated to the latest now.

Am I using correct sip.js example? I copied it to my server and accessing
it using https: (used letsencrypt)

On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme  wrote:

> 1. I would suggest using SIP.js - https://github.com/onsip/SIP.js it is a
> much more active project that sipml5.
>
> 2. Im guessing that you are not properly passing flags to RTPEngine.  If
> you want to have DTLS-SRTP between the browser, and plain RTP/AVP between
> RTPEngine and freeswitch, you need to "offer" rtp/avp to freeswitch, and
> "answer" dtls-srtp back up to the browser.
>
> the offer to freeswitch would be:
>
> $var(rtpengine_flags) = "RTP/AVP replace-session-connection 
> replace-origin ICE=remove";
>
>
> and the answer back up to the browswer would be:
>
> $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
>
>
> -Eric
>
>
>
> On 06/23/2016 08:20 AM, John Nash wrote:
>
> I am following
> http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and trying
> to test a call
>
> sipml5 --->Opensips + rtpengine > SIP end point
> (Freeswitch)
>
> But I do not have any audio on both sides. I see this error at rtpengine
> log "SRTP output wanted, but no crypto suite was negotiated"
>
> Anyone tested this scenario positive?
>
>
> ___
> Users mailing 
> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread Eric Tamme

1. I would suggest using SIP.js - https://github.com/onsip/SIP.js it is 
a much more active project that sipml5.


2. Im guessing that you are not properly passing flags to RTPEngine.  If 
you want to have DTLS-SRTP between the browser, and plain RTP/AVP 
between RTPEngine and freeswitch, you need to "offer" rtp/avp to 
freeswitch, and "answer" dtls-srtp back up to the browser.


the offer to freeswitch would be:

$var(rtpengine_flags) = "RTP/AVP replace-session-connection replace-origin 
ICE=remove";

and the answer back up to the browswer would be:

$var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";


-Eric


On 06/23/2016 08:20 AM, John Nash wrote:
I am following 
http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and 
trying to test a call


sipml5 --->Opensips + rtpengine > SIP end point 
(Freeswitch)


But I do not have any audio on both sides. I see this error at 
rtpengine log "SRTP output wanted, but no crypto suite was negotiated"


Anyone tested this scenario positive?


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

[OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

2016-06-23 Thread John Nash

I am following http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2
and trying to test a call

sipml5 --->Opensips + rtpengine > SIP end point (Freeswitch)

But I do not have any audio on both sides. I see this error at rtpengine
log "SRTP output wanted, but no crypto suite was negotiated"

Anyone tested this scenario positive?
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

Re: [OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

[OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

16 matches

Site Navigation

Mail list logo

Footer information