Re: [PATCH/RFC] netfilter: nf_conntrack_sip: Handle quirky Ciscophones
From: Patrick McHardy
Date: Mon Nov 15 2010 - 04:51:54 EST
On 14.11.2010 20:57, Eric Dumazet wrote:
> Le dimanche 14 novembre 2010 à 10:33 -0800, Kevin Cernekee a écrit :
>> On Sun, Nov 14, 2010 at 12:59 AM, Eric Dumazet <eric.dumazet@xxxxxxxxx> wrote:
>>> I would like to get an exact SIP exchange to make sure their is not
>>> another way to handle this without adding a "Cisco" string somewhere...
>>>
>>> Please provide a pcap or tcpdump -A
>>
>> Existing nf_nat_sip: phone sends unauthenticated REGISTER requests
>> over and over again, because it is not seeing the replies sent back to
>> port 50070:
>>
>> 10:05:53.496479 IP 192.168.2.28.50070 > 67.215.241.250.5060: SIP, length: 723
>> E`...[..@.r.....C...........REGISTER sip:losangeles.voip.ms SIP/2.0
>> Via: SIP/2.0/
>>
>
> Hmm, partial tcpdump... you should use" tcpdump -s 1000 -A"
>
> We miss the
>
> Via: SIP/2.0/UDP 192.168.2.28:5060;branch=xxxxxxxx
>
>
> Maybe a fix would be to use this "5060" port, instead of hardcoding it
> like you did ?
I agree, using the Via header to route the response makes more sense.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/