#546 [nat_traversal] client_nat_test("2") shouldn't match port

ver devel
open
nobody
modules (357)
5
2008-12-29
2008-12-29
No

nat_traversal client_nat_test() function has the following parameter:

--------
1 - tests if client has a private IP address (as defined by RFC1918) in the Contact field of the SIP message.

2 - tests if client has contacted OpenSIPS from an address that is different from the one in the Via field. Both the IP and port are compared by this test.

4 - tests if client has a private IP address (as defined by RFC1918) in the top Via field of the SIP message.
---------

Imagine we use client_nat_test(2) and there is a phone with public IP using SIP TCP. This client will ALWAYS detected as "natted" since the source port will never match its listening port (5060, the port indicated in Via sent-by field).

I think that the port shouldn't be matched. Also note that nathelper nat_uac_test() function has two values for same purpose:

--------
2 - the "received" test is used: address in Via is compared against source IP address of signaling

16 - test if the source port is different from the port in Via
--------

nat_uac_test(2) and nat_uac_test(18) is valid for UDP clients while in case of TCP clients the only valid value is nat_uac_test(2).

So I suggest to split the nat_traversal client_nat_test() parameter 2 into 2 and 8, so it would be:

--------
1 - tests if client has a private IP address (as defined by RFC1918) in the Contact field of the SIP message.

2 - tests if client has contacted OpenSIPS from an IP that is different from the one in the Via field.

4 - tests if client has a private IP address (as defined by RFC1918) in the top Via field of the SIP message.

8 - tests if the source port is different from the port in Via.
---------

Discussion


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks