summaryrefslogtreecommitdiff
path: root/templates/firewall/conntrack-options
diff options
context:
space:
mode:
Diffstat (limited to 'templates/firewall/conntrack-options')
-rw-r--r--templates/firewall/conntrack-options/node.def1
-rw-r--r--templates/firewall/conntrack-options/sip/enable-indirect-media/node.def1
-rw-r--r--templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def1
-rw-r--r--templates/firewall/conntrack-options/sip/node.def38
4 files changed, 41 insertions, 0 deletions
diff --git a/templates/firewall/conntrack-options/node.def b/templates/firewall/conntrack-options/node.def
new file mode 100644
index 0000000..2a80cee
--- /dev/null
+++ b/templates/firewall/conntrack-options/node.def
@@ -0,0 +1 @@
+help: Set conntrack options
diff --git a/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def b/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def
new file mode 100644
index 0000000..777e16d
--- /dev/null
+++ b/templates/firewall/conntrack-options/sip/enable-indirect-media/node.def
@@ -0,0 +1 @@
+help: Enable support for indirect media streams
diff --git a/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def b/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def
new file mode 100644
index 0000000..d705bb3
--- /dev/null
+++ b/templates/firewall/conntrack-options/sip/enable-indirect-signalling/node.def
@@ -0,0 +1 @@
+help: Enable support for indirect signalling streams
diff --git a/templates/firewall/conntrack-options/sip/node.def b/templates/firewall/conntrack-options/sip/node.def
new file mode 100644
index 0000000..494d75c
--- /dev/null
+++ b/templates/firewall/conntrack-options/sip/node.def
@@ -0,0 +1,38 @@
+help: Set SIP conntrack options
+end: reload=0
+ sdm=2
+ if [ -f /sys/module/nf_conntrack_sip/parameters/sip_direct_media ]; then
+ sdm=$(sudo cat /sys/module/nf_conntrack_sip/parameters/sip_direct_media)
+ fi
+ if [ -n "$VAR(./enable-indirect-media)" ]; then
+ indirectmedia='sip_direct_media=0'
+ if [ $sdm -ge 1 ]; then reload=1; fi
+ else
+ if [ $sdm -eq 0 ]; then reload=1; fi
+ fi
+
+ sds=2
+ if [ -f /sys/module/nf_conntrack_sip/parameters/sip_direct_signalling ]; then
+ sds=$(sudo cat /sys/module/nf_conntrack_sip/parameters/sip_direct_signalling)
+ fi
+ if [ -n "$VAR(./enable-indirect-signalling)" ]; then
+ indirectsignalling='sip_direct_signalling=0'
+ if [ $sds -ge 1 ]; then reload=1; fi
+ else
+ if [ $sds -eq 0 ]; then reload=1; fi
+ fi
+
+ options=$(grep -s "options nf_conntrack_sip $indirect-media $indirect-signalling" /etc/modprobe.d/options)
+ if [ -z "$options" ] && [ -f /etc/modprobe.d/options ]; then
+ sudo sed -i '/nf_conntrack_sip/d' /etc/modprobe.d/options
+ fi
+
+ if [ -n "$indirectmedia" ] || [ -n "$indirectsignalling" ]; then
+ sudo sh -c "echo options nf_conntrack_sip $indirectmedia $indirectsignalling >> /etc/modprobe.d/options "
+ fi
+
+ if [ $reload -eq 1 ]; then
+ sudo modprobe -r nf_nat_sip nf_conntrack_sip
+ sudo modprobe nf_conntrack_sip
+ sudo modprobe nf_nat_sip
+ fi
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 19:58:54 +0000