-1

I want to use netsed to alter the incoming SIP traffic (UDP port 5060) on a PBX server which is running on a linux system (debian 10 stretch).

In the first step I simply tried to set up the phone to connect to UDP/5061 and started netsed with that command: 

./netsed udp 5061 127.0.0.1 5060 s/profile-level-id=4280D/profile-level-id=42800D

The traffic was intercepted, changed and forwarded to port 5060 of the PBX software.

Unfortunately, the SIP protocol "notices" that the port used by the phone does not match the PBX (the pbx is using 5060 and the phone is using 5061 because of the port forwarding). Now the question is how to do this with netsed.

So the question is how to create a transparent proxy on the same system as the pbx.

Or is there a way to listen with netsed already on port 5060, but then pass it on to the pbx software on port 5060?

The deeper background is the Mobotix door phones for outgoing calls that do not correctly encode the profile-level-id field (it should be six base16 characters long but is five characters long). My idea was to simply change the profile-level-id as soon as the SIP-Invite enters the PBX.

Same question at StackExchange.

jww
  • 97,681
  • 90
  • 411
  • 885
A. Fendt
  • 77
  • 9
  • 2
    [so] is for programming questions, not questions about using or configuring Unix and its utilities. [unix.se] or [sf] would be better places for questions like this. – Barmar Nov 05 '19 at 22:45
  • Ok, I'll try at [Server Fault](https://serverfault.com/) – A. Fendt Nov 05 '19 at 22:47
  • NAPT is particularly hard on VoIP systems. There is much work to be done to get VoIP to work with NAPT. – Ron Maupin Nov 05 '19 at 23:25

1 Answers1

2

If I do not misinterpret your idea ; and I thing a quite interesting one ; you are trying to set up an transparent application IP proxy using netsed. From that experiment, the straightforward solution does not fit because SIP protocol "notices" that 'netsed' is altering the data-path.

Some points to be aware of :

  • By itself, SIP does not work via NAPT as the transferred data contains IP addresses and port numbers.

  • Moreover taking aside TLS, SIP is transport protocol agnostic which mean that a SIP session is authorized to use both UDP and TCP at the same time.

I suggest you to have a look to SIP proxy, SBC B2BUA and STUN in order to build a correct understanding of all these issues, seem to be a hard path but valuable.

Or you can take inspiration of SIP proxy and implement minimun SIP proxying functionality into netsed. It is interesting but not so easy.

But if you abandon your initial idea of 'basic' proxy then you could use a SIP toolbox like [kamalio][1]. It is a known way of doing SIP related plumbing but obviously very far your initial goal.

Hope this help.

tomrtc
  • 517
  • 6
  • 10
  • The deeper background is the Mobotix door phones for outgoing calls that do not correctly encode the profile-level-id field (it should be six base16 characters long but is five characters long). My idea was to simply change the profile-level-id as soon as the SIP-Invite enters the PBX. For this reason I shouldn't worry about NAPT or TLS (the Mobotix door phone can't handle TLS) as long as the UDP port isn't changed. – A. Fendt Nov 06 '19 at 14:19
  • 1
    Thanks for the piece of information, in that case what I use to do is to put a SBC as proxy/registrar in front of the phones in order to normalize SIP messages. – tomrtc Nov 06 '19 at 16:05
  • In my configuration there are only three intercoms and six telephones. Until now I simply used the integrated SIP proxy/registrar of the Mobotix door phone and wanted to switch to 3CX on a Raspberry Pi. What software, as SBC, could I use to correct profile-level-id? What's also important to me is that I don't actually need technologies like STUN or ICE because phones and door phones are in the same LAN. – A. Fendt Nov 06 '19 at 22:18
  • Never use that but on the paper that seems to fit: http://siproxd.sourceforge.net/siproxd_guide/siproxd_guide_c1.html – tomrtc Nov 07 '19 at 13:32
  • Please close off-topic questions. – jww Nov 07 '19 at 23:48