[asterisk-dev] Adding netfilter NATting/ALG support to chan_rtp

Jared Smith jsmith at digium.com
Fri Nov 7 07:36:03 CST 2008


On Thu, 2008-11-06 at 20:47 -0800, Philip Prindeville wrote:
> I read it...  it was fairly generic.
> 
> If there was as special takeaway from it, it was lost on me...

I don't mean to speak for John's proposal, but I think the two key
things that I got from his proposal are:

1) Use scripts external to Asterisk to respond to various stimuli.  I
know in your case that you'd like to embed the netfilter libraries so
that Asterisk can control netfilter directly, but please remember that
Asterisk runs on a *lot* of different platforms, many of which don't use
netfilter.  By using external scripts, this can be a generic solution
for all platforms, and is not limited to those using netfilter.
(External scripts obviously help alleviate the licensing concerns as
well.)

2) Let the Asterisk administrator be able to script the various
responses based on his own needs.  As you can well imagine, Asterisk is
deployed in many different scenarios, and what's good for one
installation isn't necessarily good for another.  In other words, let's
say Asterisk detects that there have been twenty registration attempts
for a particular SIP peer in the past minute, all using different
passwords.  One Asterisk administrator's response may be totally
different, depending on how he's deployed Asterisk.  Having a generic
framework that he/she can adapt to their particular deployment is key.

Anyway, that's my two cents (before taxes) on the matter.



-- 
Jared Smith
Training Manager
Digium, Inc.




More information about the asterisk-dev mailing list