pjsip change contact sip address within the router enabled ALG - router

While developing iOS PJSIP client, I found that PJSIP would change contact address at second register request with authorization. It only happens when I enable ALG feature on my router, and the router will drop all response packets after first ack packet.
For example, disable ALG
enable ALG
PJSIP version: 2.7.1
How can I lock PJSIP contact sip address when ALG is enable?

Turn off the allow_contact_rewrite feature in the account configuration.
This should stop pjsip from modifying the contact header on registration.

Related

UDP broadcast for IoT discovery using Raspberry PI and public wifi

A couple questions.
TLDR is sending UDP broadcast packets on a Wifi network to allow for discovery of a IoT device (Raspberry PI) a conventional practice?
Long version: I'm working on an IoT project for a class. Based on other IoT devices I've used (a Christmas carol lighting system and music player), we decided to utilize an already working application (https://github.com/balena-os/wifi-connect). The way it works is it runs on the Raspberry PI and hosts a wifi endpoint through the RPI's network card that the user can connect to. Once a user connects to this Wifi endpoint on his/her Iphone, a Wifi selection and password entry page appears on his/her Iphone. The user enters the Wifi/password that the IoT device (Raspberry PI) should connect to. The entered Wifi will then be connected to by the Raspberry PI. The user can then connect to the entered Wifi as well and now both the user's Iphone and Raspberry PI will be connected to the same Wifi network.
We decided to send UDP packets to the broadcast address of the Wifi network from the IoT device, so that users connected to the Wifi (via their Iphones) can "discover" the IoT devices IP address by listening for UDP packets. Once the user discovers the IoT device's IP address, they can send HTTP RESTful API calls to the IoT device. I was wondering if the described process is conventionally used.
# script we are using to send UDP broadcast packets
import socket
import time
server = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
server.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
server.settimeout(0.2)
message = b"message"
while True:
server.sendto(message, ('<broadcast>', 16123))
time.sleep(1)
We tried this setup at a public library, using their free public wifi. However, the UDP broadcast packet discovery process failed. UDP broadcast packets were sent out by the IoT device, but were not received by the Iphone. We're wondering if this has something to do with a firewall. We could successfully send UDP broadcast packets from a Macbook (via a python script) to an IOS emulator residing on the same Macbook, such that the source IP address of the packet was the same as the recipient. Is there a firewall rule such that a broadcast packet sent from IP address [A] can be delivered back to IP address [A] but not to IP address [B].
Also, I didn't mess around with the port number, which might have helped if certain ports were disabled by a firewall. I'm not sure. Help is appreciated. We are both relatively new to this.
DNS-SD (RFC6763) is the a fairly common and standardized way to do network discovery. It actually supports both TCP & UDP services. It was originally invented by Apple under the brand name "Bonjour" for printer discovery.
So yes, it is common to use UDP broadcast packets (via DNS-SD) for IoT device discovery on a Wifi network.

Linphone SIP client not working Behind NAT

I am trying to test Linphone in public network with both clients are
behind NAT and my sip server is having public IP. All my SIP
signalling with SIP server is working fine but end to end Linphone
clients are not able to receive voice packets for communication.
Please suggest what is the approach to get this scenario working.
P.S: I have also enabled STUN, ICE still not working.

SMTP ports on desktop and mobile

For years I used port 465 for my outgoing email with no problem, but suddenly my desktop client (eM Client) refused to send messages. I went to my provider for advice and they claim they haven't changed any settings and it's my client's fault. Hmm... I've changed the port to 587 and it works smoothly now.
But I've noticed that my mobile client (AirMail on iOS) still uses port 465! What's more, when I tried updating it to 587, it stopped working and I had to revert to 465.
So now I have working mail on desktop on port 587 and on mobile on port 465, all with the same provider! It's no real issue, but I can help wondering: what's the real reason for it? Can it be actually attributed to the client software I use?
It would be much easier to provide useful answers if you could provide more details, such as what error responses your clients got from the server when they tried to send email, and what you tried to do to fix the problem.
This is a bit of a wild guess: maybe your desktop is no longer able to send email over a secure (TLS) connection on port 465, but it can send email over an insecure connection on port 587. That might indicate a problem with a certificate.
Indeed! Here's the error message I was getting:
[CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk QUOTA STARTTLS AUTH=PLAIN AUTH = LOGIN] Dovecot ready.'.
I may be wrong as I have no access to my desktop at the moment but I believe that sending over 587 happens with SSL, at least that's the security set in the account configuration.

How to receive sip response?

How do I receive responses from sip using php/nodejs/javascript.
What I have:
Software Telephone (SIP/TAPI) required!
Remote Debian Server (can't login to provider)
I'd like to open browser and Software VOIP Telephone and run a procedure.
Procedure:
Select Telephonnumber from Datebase (mysql)
Call selected nummber
receive response
work with response
It is possible to use SIP over WebSockets: https://datatracker.ietf.org/doc/html/draft-ibc-sipcore-sip-websocket
This protocol is supported by OverSIP, Kamailio, Asterisk, OfficeSIP.
And here are some usable libraries implementing SIP client over WS:
http://sipml5.org/
http://jssip.net/

Using Asterisk as SIP relay server

I currently have issues with SIP User Agents behind a symmetric NAT connecting to my SIP client, which is an IVR voice service.
I read that Asterisk has a solution for this in the sip.conf, where I can set attribute
nat=yes
and this will ignore the IP and Port in the SIP headers and use the one for the SIP request and also waits for an incoming RTP stream to reply to.
I'd like to make use of this feature as we already have an Asterix server installed for AIX requests.
What would be the minimum configuration required for Asterix to act as the man in the middle on a new port as 5060 will still be used to connect directly to the SIP client? I don't care about authentication etc. I just need the Asterix to act as a SIP relay.
Thanks
K
You may also need to have "canreinvite=no" in the [general] section of your sip.conf.
That setting keeps Asterisk in the call path, otherwise voice traffic may be sent directly from one endpoint to the other.