they claim to be running sipx on multiple interfaces. we all know this is not a good idea. On Jun 24, 2011 4:02 PM, "Yuri Kurkarewicz" <sipx...@kapten.com.br> wrote: > *Has anyone seen if this post is true?* > ** > *http://qxip.net/mediawiki/index.php/SIPX_IPv6_HACK*< http://qxip.net/mediawiki/index.php/SIPX_IPv6_HACK> > ** > *Has anyone seen if this post is true? > > Could indicate what are the security measures required in the server OpenUcand > Sipxecs? > > > Thank you.* > ** > > > SIPX <http://qxip.net/mediawiki/index.php/SipXecs_Hacks>: *SIPX IPv6 > HACK*(very experimental) > > Documentation on sipXecs support for IPv6 is somewhat confusing or pointing > at possible issues with many posts suggesting to disable it completely (?) - > No fancy transformations and routing hacks with IPv6 Day coming up? As usual > there's FreeSWITCH to save the day! Let's try route some IPv6 traffic to our > FS/SIPX instance and setup a dedicated profile/ip to handle the traffic. > Since we're running on the same host, we'll proxy media to sipX and have FS > perform all translations - since it's great at all it does - why not? > > NOTICE: This hack is nothing more than a work in > progress/unfinished/unsecured... > PRE-REQUISITES: > > - sipXecs 4.4.0 or higher > - IPv6 enabled network & IPv6 address at sipX host (or 6to4 tunnel) > - DNS IPv6 AAAA records for your SIP topology > - SIP clients supporting IPv6 *(Linphone forever!)* > > THE LOGIC: > > - Create SIPX/FreeSwitch/IPv6 Profile running on port 15080 (separate ip) > > - IPv6 calls routed to FS/IPv6 via additional SRV > - UA[6] > IPv6 > FS/IPv6 > FS/IPv4 > sipXecs > UA[4] > > *NOTE: of course you could as well use plain 5060 since we're on a different > interface, we prefer to introduce no confusion at this stage* > > > CHANGES: > > *FreeSwitch:* > > Create new profile: in the directory > /etc/sipxpbx/freeswitch/conf/sip_profiles/ipv6gw.xml: > > <profile name="ipv6gw"> > <gateways> > </gateways> > <aliases> > </aliases> > <domains> > <domain name="all" alias="false" parse="true"/> > </domains> > <settings> > <param name="debug" value="0"/> > <param name="sip-trace" value="no"/> > <param name="rfc2833-pt" value="101"/> > <param name="sip-port" value="15080"/> > <param name="dialplan" value="XML"/> > <param name="context" value="ipv6gw"/> > <param name="dtmf-duration" value="100"/> > <param name="inbound-codec-prefs" value="$${global_codec_prefs}"/> > <param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/> > <param name="hold-music" value="$${hold_music}"/> > <param name="rtp-timer-name" value="soft"/> > <param name="local-network-acl" value="localnet.auto"/> > <param name="manage-presence" value="false"/> > <param name="inbound-codec-negotiation" value="generous"/> > <param name="nonce-ttl" value="60"/> > <param name="auth-calls" value="false"/> > <param name="accept-blind-auth" value="true"/> > <param name="rtp-ip" value="YOUR_IPv6_ADDRESS"/> > <param name="sip-ip" value="YOUR_IPv6_ADDRESS"/> > <param name="ext-rtp-ip" value="YOUR_IPv6_ADDRESS"/> > <param name="ext-sip-ip" value="YOUR_IPv6_ADDRESS"/> > <param name="rtp-timeout-sec" value="300"/> > <param name="rtp-hold-timeout-sec" value="1800"/> > <param name="tls" value="$${external_ssl_enable}"/> > <param name="tls-bind-params" value="transport=tls"/> > <param name="tls-sip-port" value="$${external_tls_port}"/> > <param name="tls-cert-dir" value="$${external_ssl_dir}"/> > <param name="tls-version" value="$${sip_tls_version}"/> > </settings> > </profile> > > > Create separate dialplan: in the directory > /etc/sipxpbx/freeswitch/conf/dialplan/ipv6gw.xml: > > <include> > <context name="ipv6gw"> > <extension name="unloop"> > <condition field="${unroll_loops}" expression="^true$"/> > <condition field="${sip_looped_call}" expression="^true$"> > <action application="deflect" data="${destination_number}"/> > </condition> > </extension> > <extension name="outside_call" continue="true"> > <condition> > <action application="set" data="outside_call=true"/> > </condition> > </extension> > <extension name="call_debug" continue="true"> > <condition field="${call_debug}" expression="^true$" break="never"> > <action application="info"/> > </condition> > </extension> > <condition field="destination_number" expression="^(\d+)$"/> > <action application="set" > data="effective_caller_id_number=${outbound_caller_id_number}"/> > <action application="set" > data="effective_caller_id_name=${outbound_caller_id_name}"/> > <action application="bridge" > data="sofia/your.host.net/$0...@your.host.net:5080"/> > </condition> > </extension> > <X-PRE-PROCESS cmd="include" data="ipv6gw/*.xml"/> > </context> > </include> > > or simply start with this barebone and add your requirements/rules later: > > <context name="ipv6gw"> > <extension name="ipv6gw"> > <condition> > <action application="set" data="proxy_media=true"/> > <action application="bridge" > data="sofia/host.net/${destination_number}@your.host.net"/> > </condition> > </extension> > </context> > > > Activate the new configuration and reload mod_sofia from your shell: > > /opt/freeswitch/bin/fs_cli -x "reloadxml" > /opt/freeswitch/bin/fs_cli -x "reload mod_sofia" > > TEST IT: > > - Setup a DNS AAAA entry for your host (ipv6.host.net) > - Start your IPv6 SIP Client (Linphone, I bet!) > - Dial sip:x...@ipv6.host.net:15080 > - Enjoy your IPv6 to IPv4 Call > > > NEXT: > > - Making some sense of the above... but it works!
_______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users/
