第二部分:MediaProxy的安装与配置
安装依赖包
yum -y groupinstall “Development Tools” yum -y install gcc gcc-c++ iptables-devel libnfnetlink-devel libnetfilter_conntrack-devel libgcrypt-devel libgpg-error-devel gnutls python-devel python-zope-interface
2.安装python-cjson-1.0.5.tar.gz
wget https://pypi.python.org/packages/source/p/python-cjson/python-cjson-1.0.5.tar.gz tar zxf python-cjson-1.0.5.tar.gz cd python-cjson-1.0.5 ./setup.py build ./setup.py install cd
3.安装python-application-1.3.0.tar.gz
wget https://pypi.python.org/packages/source/p/python-application/python-application-1.3.0.tar.gz tar zxf python-application-1.3.0.tar.gz cd python-application-1.3.0 ./setup.py build ./setup.py install cd
4.安装python-gnutls-1.2.4.tar.gz
wget https://pypi.python.org/packages/source/p/python-gnutls/python-gnutls-1.2.4.tar.gz tar zxf python-gnutls-1.2.4.tar.gz cd python-gnutls-1.2.4 ./setup.py build ./setup.py install cd
5.安装Twisted-11.0.0.tar.bz2
wget http://twistedmatrix.com/Releases/Twisted/11.0/Twisted-11.0.0.tar.bz2 tar jxf Twisted-11.0.0.tar.bz2 cd Twisted-11.0.0 ./setup.py build ./setup.py install cd
6.安装mediaproxy-2.5.2.tar.gz
wget http://download.ag-projects.com/MediaProxy/old/mediaproxy-2.5.2.tar.gz tar zxf mediaproxy-2.5.2.tar.gz cd mediaproxy-2.5.2 ./setup.py build ./setup.py install cd
7.配置mediaproxy
mkdir /etc/mediaproxy mkdir -p /var/run/mediaproxy mkdir -p /var/run/opensips cp -rf /root/mediaproxy-2.5.2/tls/ /etc/mediaproxy/ #生成mediaproxy的配置文件 cat << EOF >/etc/mediaproxy/config.ini [Relay] dispatchers = 192.168.88.10 passport = None relay_ip = 192.168.88.10 port_range = 50000:60000 [Dispatcher] socket_path = dispatcher.sock listen = 192.168.88.10 listen_management = 192.168.88.10 passport = None management_passport = None [TLS] [Database] [Radius] [OpenSIPS] socket_path = /var/run/opensips/socket max_connections = 10 EOF #将以上IP改为本机的IP
8.配置Linux内核设置转发
sed -i 's#net.ipv4.ip_forward = 0#net.ipv4.ip_forward = 1#g' /etc/sysctl.conf sysctl -p
9.启动mediaproxy及中继
media-dispatcher media-relay
#在启动的时候一定要观察/var/log/message
10.在opensips配置文件中增加
#add for mediaproxy#######################################
loadmodule "mediaproxy.so"
modparam("mediaproxy", "disable", 0)
modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy/dispatcher.sock")
modparam("mediaproxy", "mediaproxy_timeout", 1000)
modparam("mediaproxy", "signaling_ip_avp", "$avp(nat_ip)")
modparam("mediaproxy", "media_relay_avp", "$avp(media_relay)")
modparam("mediaproxy", "ice_candidate", "low-priority")
最后opensips.cfg的配置文件就是
# # $Id$ # # OpenSIPS residential configuration script # by OpenSIPS Solutions <[email protected]> # # This script was generated via "make menuconfig", from # the "Residential" scenario. # You can enable / disable more features / functionalities by # re-generating the scenario with different options.# # # Please refer to the Core CookBook at: # http://www.opensips.org/Resources/DocsCookbooks # for a explanation of possible statements, functions and parameters. # ####### Global Parameters ######### debug=3 log_stderror=no log_facility=LOG_LOCAL0 fork=yes children=4 /* uncomment the following lines to enable debugging */ #debug=6 #fork=no #log_stderror=yes /* uncomment the next line to enable the auto temporary blacklisting of not available destinations (default disabled) */ #disable_dns_blacklist=no /* uncomment the next line to enable IPv6 lookup after IPv4 dns lookup failures (default disabled) */ #dns_try_ipv6=yes /* comment the next line to enable the auto discovery of local aliases based on revers DNS on IPs */ auto_aliases=no listen=udp:192.168.1.245:5060 # CUSTOMIZE ME #disable_tcp=yes #disable_tls=yes ####### Modules Section ######## #set module path mpath="/data/opensips1.11.4/lib64/opensips/modules/" #### SIGNALING module loadmodule "signaling.so" #### StateLess module loadmodule "sl.so" #### Transaction Module loadmodule "tm.so" modparam("tm", "fr_timeout", 5) modparam("tm", "fr_inv_timeout", 30) modparam("tm", "restart_fr_on_each_reply", 0) modparam("tm", "onreply_avp_mode", 1) #### Record Route Module loadmodule "rr.so" /* do not append from tag to the RR (no need for this script) */ modparam("rr", "append_fromtag", 0) #### MAX ForWarD module loadmodule "maxfwd.so" #### SIP MSG OPerationS module loadmodule "sipmsgops.so" #### FIFO Management Interface loadmodule "mi_fifo.so" modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") modparam("mi_fifo", "fifo_mode", 0666) #### URI module loadmodule "uri.so" modparam("uri", "use_uri_table", 0) modparam("uri", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME #### MYSQL module loadmodule "db_mysql.so" #### USeR LOCation module loadmodule "usrloc.so" modparam("usrloc", "nat_bflag", "NAT") modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME #### REGISTRAR module loadmodule "registrar.so" modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT") /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10) #### ACCounting module loadmodule "acc.so" /* what special events should be accounted ? */ modparam("acc", "early_media", 0) modparam("acc", "report_cancels", 0) /* by default we do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) modparam("acc", "failed_transaction_flag", "ACC_FAILED") /* account triggers (flags) */ modparam("acc", "db_flag", "ACC_DO") modparam("acc", "db_missed_flag", "ACC_MISSED") modparam("acc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME #### AUTHentication modules loadmodule "auth.so" loadmodule "auth_db.so" modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME modparam("auth_db", "load_credentials", "") #### ALIAS module loadmodule "alias_db.so" modparam("alias_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME #### DIALOG module loadmodule "dialog.so" modparam("dialog", "dlg_match_mode", 1) modparam("dialog", "default_timeout", 21600) # 6 hours timeout modparam("dialog", "db_mode", 2) modparam("dialog", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME #### NAT modules loadmodule "nathelper.so" modparam("nathelper", "natping_interval", 10) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "received_avp", "$avp(received_nh)") loadmodule "rtpproxy.so" modparam("rtpproxy", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock") # CUSTOMIZE ME loadmodule "mediaproxy.so" modparam("mediaproxy", "disable", 0) modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy/dispatcher.sock") modparam("mediaproxy", "mediaproxy_timeout", 1000) modparam("mediaproxy", "signaling_ip_avp", "$avp(nat_ip)") modparam("mediaproxy", "media_relay_avp", "$avp(media_relay)") modparam("mediaproxy", "ice_candidate", "low-priority") ####### Routing Logic ######## # main request routing logic route{ /* force_rport(); if (nat_uac_test("23")) { if (is_method("REGISTER")) { fix_nated_register(); setbflag(NAT); } else { fix_nated_contact(); setflag(NAT); } } */ if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { # validate the sequential request against dialog if ( $DLG_status!=NULL && !validate_dialog() ) { xlog("In-Dialog $rm from $si (callid=$ci) is not valid according to dialog\n"); ## exit; } if (is_method("BYE")) { setflag(ACC_DO); # do accounting ... setflag(ACC_FAILED); # ... even if the transaction fails } else if (is_method("INVITE")) { # even if in most of the cases is useless, do RR for # re-INVITEs alos, as some buggy clients do change route set # during the dialog. record_route(); } /* if (check_route_param("nat=yes")) { setflag(NAT); } */ # route it out to whatever destination was set by loose_route() # in $du (destination URI). route(relay); } else { if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after # a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction -> # ignore and discard exit; } } sl_send_reply("404","Not here"); } exit; }else { if (is_method("INVITE") && !has_totag()) { engage_media_proxy(); } } # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; } t_check_trans(); if ( !(is_method("REGISTER") ) ) { if (from_uri==myself) { # authenticate if from local subscriber # authenticate all initial non-REGISTER request that pretend to be # generated by local subscriber (domain from FROM URI is local) if (!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); exit; } if (!db_check_from()) { sl_send_reply("403","Forbidden auth ID"); exit; } consume_credentials(); # caller authenticated } else { # if caller is not local, then called number must be local if (!uri==myself) { send_reply("403","Rely forbidden"); exit; } } } ############################################### #if (is_method("INVITE") && !has_totag()) { #engage_media_proxy(); #} ############################################## # preloaded route checking if (loose_route()) { xlog("L_ERR", "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]"); if (!is_method("ACK")) sl_send_reply("403","Preload Route denied"); exit; } #################################################### #if (is_method("INVITE") && !has_totag()) { #engage_media_proxy(); #} #################################################### # record routing if (!is_method("REGISTER|MESSAGE")) record_route(); # account only INVITEs if (is_method("INVITE")) { # create dialog with timeout if ( !create_dialog("B") ) { send_reply("500","Internal Server Error"); exit; } setflag(ACC_DO); # do accounting } if (!uri==myself) { append_hf("P-hint: outbound\r\n"); route(relay); } # requests for my domain if (is_method("PUBLISH|SUBSCRIBE")) { sl_send_reply("503", "Service Unavailable"); exit; } if (is_method("REGISTER")) { # authenticate the REGISTER requests if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; } if (!db_check_to()) { sl_send_reply("403","Forbidden auth ID"); exit; } if ( 0 ) setflag(TCP_PERSISTENT); if (!save("location")) sl_reply_error(); exit; } if ($rU==NULL) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # apply DB based aliases alias_db_lookup("dbaliases"); # do lookup with method filtering if (!lookup("location","m")) { if (!db_does_uri_exist()) { send_reply("420","Bad Extension"); exit; } t_newtran(); t_reply("404", "Not Found"); exit; } # when routing via usrloc, log the missed calls also setflag(ACC_MISSED); route(relay); } route[relay] { # for INVITEs enable some additional helper routes if (is_method("INVITE")) { #route(media); t_on_branch("per_branch_ops"); t_on_reply("handle_nat"); t_on_failure("missed_call"); } if (!t_relay()) { send_reply("500","Internal Error"); }; exit; } /* route[media] { if (is_method("BYE") || is_method("CANCEL")) { end_media_session(); } if (is_method("INVITE")) { use_media_proxy(); } } */ branch_route[per_branch_ops] { xlog("new branch at $ru\n"); } onreply_route[handle_nat] { xlog("incoming reply\n"); } failure_route[missed_call] { if (t_was_cancelled()) { exit; } # uncomment the following lines if you want to block client # redirect based on 3xx replies. ##if (t_check_status("3[0-9][0-9]")) { ##t_reply("404","Not found"); ## exit; ##} } local_route { if (is_method("BYE") && $DLG_dir=="UPSTREAM") { acc_db_request("200 Dialog Timeout", "acc"); } }
最后,如果要使用ICE,必须要有客户端支持,也还要有STUN服务器(外部有免费的STUN服务器)。
如在LINPHONE的设置中,“设置”--“NetWork”--“STUN SERVER”,输入STUN服务器地址。然后开启“Enable ICE”
这个时候拨打电话如果是P2P的话就会出现HOST CONNECTION
如果是无法点对点的话,ICE的状态就是RELAY CONNECTION.