summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrbays <rbays@roatan.lenny32.lenny32>2009-08-27 09:25:00 -0700
committerMohit Mehta <mohit.mehta@vyatta.com>2009-08-31 12:26:24 -0700
commitdd1c1213093a621cc36ce2c03f32d6bfda7dbcbb (patch)
treebe05c01918bc127b1a9be40fe2eaaa40408e4baf
parent498574a05e0ab6018e892c096f09f863c2158d82 (diff)
downloadvyatta-cfg-firewall-dd1c1213093a621cc36ce2c03f32d6bfda7dbcbb.tar.gz
vyatta-cfg-firewall-dd1c1213093a621cc36ce2c03f32d6bfda7dbcbb.zip
fix for bug 4794 SIP Helper/ALG module does not translate RTP traffic...
added new configuration parameters: firewall conntrack-options sip enable-indirect-media firewall conntrack-options sip enable-indirect-signalling (cherry picked from commit 8d73836b37bae1cb8e8211bc483bf55c51241542)
-rw-r--r--templates/firewall/conntrack-options/node.def1
-rw-r--r--templates/firewall/conntrack-options/sip/enable-indirect-media/node.def1
-rw-r--r--templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def1
-rw-r--r--templates/firewall/conntrack-options/sip/node.def38
4 files changed, 41 insertions, 0 deletions
diff --git a/templates/firewall/conntrack-options/node.def b/templates/firewall/conntrack-options/node.def
new file mode 100644
index 0000000..2a80cee
--- /dev/null
+++ b/templates/firewall/conntrack-options/node.def
@@ -0,0 +1 @@
+help: Set conntrack options
diff --git a/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def b/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def
new file mode 100644
index 0000000..777e16d
--- /dev/null
+++ b/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def
@@ -0,0 +1 @@
+help: Enable support for indirect media streams
diff --git a/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def b/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def
new file mode 100644
index 0000000..d705bb3
--- /dev/null
+++ b/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def
@@ -0,0 +1 @@
+help: Enable support for indirect signalling streams
diff --git a/templates/firewall/conntrack-options/sip/node.def b/templates/firewall/conntrack-options/sip/node.def
new file mode 100644
index 0000000..494d75c
--- /dev/null
+++ b/templates/firewall/conntrack-options/sip/node.def
@@ -0,0 +1,38 @@
+help: Set SIP conntrack options
+end: reload=0
+ sdm=2
+ if [ -f /sys/module/nf_conntrack_sip/parameters/sip_direct_media ]; then
+ sdm=$(sudo cat /sys/module/nf_conntrack_sip/parameters/sip_direct_media)
+ fi
+ if [ -n "$VAR(./enable-indirect-media)" ]; then
+ indirectmedia='sip_direct_media=0'
+ if [ $sdm -ge 1 ]; then reload=1; fi
+ else
+ if [ $sdm -eq 0 ]; then reload=1; fi
+ fi
+
+ sds=2
+ if [ -f /sys/module/nf_conntrack_sip/parameters/sip_direct_signalling ]; then
+ sds=$(sudo cat /sys/module/nf_conntrack_sip/parameters/sip_direct_signalling)
+ fi
+ if [ -n "$VAR(./enable-indirect-signalling)" ]; then
+ indirectsignalling='sip_direct_signalling=0'
+ if [ $sds -ge 1 ]; then reload=1; fi
+ else
+ if [ $sds -eq 0 ]; then reload=1; fi
+ fi
+
+ options=$(grep -s "options nf_conntrack_sip $indirect-media $indirect-signalling" /etc/modprobe.d/options)
+ if [ -z "$options" ] && [ -f /etc/modprobe.d/options ]; then
+ sudo sed -i '/nf_conntrack_sip/d' /etc/modprobe.d/options
+ fi
+
+ if [ -n "$indirectmedia" ] || [ -n "$indirectsignalling" ]; then
+ sudo sh -c "echo options nf_conntrack_sip $indirectmedia $indirectsignalling >> /etc/modprobe.d/options "
+ fi
+
+ if [ $reload -eq 1 ]; then
+ sudo modprobe -r nf_nat_sip nf_conntrack_sip
+ sudo modprobe nf_conntrack_sip
+ sudo modprobe nf_nat_sip
+ fi