From 41b283933426ebfe07fd6039e6ed7a9d5f04a43a Mon Sep 17 00:00:00 2001 From: Colin Smith Date: Sun, 27 Feb 2005 05:19:42 +0000 Subject: Add siproxd package. --- packages/siproxd.xml | 162 ++++++++++++++++++++++++++++++++++++++++++++++ packages/siproxdusers.xml | 68 +++++++++++++++++++ pkg_config.xml | 12 ++++ 3 files changed, 242 insertions(+) create mode 100644 packages/siproxd.xml create mode 100644 packages/siproxdusers.xml diff --git a/packages/siproxd.xml b/packages/siproxd.xml new file mode 100644 index 00000000..c14918bc --- /dev/null +++ b/packages/siproxd.xml @@ -0,0 +1,162 @@ + + siproxd + siproxd: Settings + 0.5.9 + pkg_edit.php?xml=freeradiussettings.xml&id=0 + + + Settings + /pkg_edit.php?xml=freeradiussettings.xml&id=0 + + + + Users + /pkg.php?xml=siproxdusers.xml + + + + http://www.pfsense.com/packages/config/siproxdusers.xml + + installedpackages->package->$packagename->configuration->settings + + + Inbound interface + if_inbound + Select the inbound interface. + interfaces_selection + + + Outbound interface + if_outbound + Select the outbound interface. + interfaces_selection + + + Listening port + port + Enter the port on which to listen for SIP traffic (default 5060). Do not change this unless you know what you're doing. + input + + + Enable RTP proxy + rtpenable + Enable or disable the RTP proxy. (default is enabled) + select + + + + + + + RTP port range + rtplower + Enter the bottom edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7070). + input + + + rtpupper + Enter the top edge of the port range siproxd will allocate for incoming RTP traffic. This range must be one not blocked by the firewall (default 7079). + input + + + RTP stream timeout + rtptimeout + After this number of seconds, an RTP stream is considered dead and proxying it will be stopped (default 300sec). + input + + + Default expiration timeout + defaulttimeout + If a REGISTER request dose not contain an Expires header or expires= parameter, this number of seconds will be used and reported back to the UA in the answer. + input + + + Enable proxy authentication + authentication + If this is checked, clients will be forced to authenticate themselves at the proxy (for registration only). + checkbox + + + Outbound proxy hostname + outboundproxyhost + input + + + Outbound proxy port + outboundproxyport + Enter the hostname and port of an outbound proxy to send all traffic to. This is only useful if you have multiple masquerading firewalls to cross. + + + mwexec("rm /usr/local/etc/rc.d/siproxd.sh"); + $fout = fopen("/usr/local/etc/rc.d/siproxd.sh","w"); + fwrite($fout, "#!/bin/sh\n\n/usr/local/sbin/siproxd\n"); + fclose($fout); + + + function sync_package() { + conf_mount_rw(); + config_lock(); + global $config; + $fout = fopen("/usr/local/etc/siproxd.conf","w"); + fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n"); + if($_POST['if_inbound'] != "") { + $if_inbound = find_interface_ip($_POST['if_inbound']); + fwrite($fout, "if_inbound = " . $if_inbound . "\n"); + } + if($_POST['if_outbound'] != "") { + $if_outbound = find_interface_ip($_POST['if_outbound']); + fwrite($fout, "if_outbound = " . $if_outbound . "\n\n"); + } + if($_POST['port'] != "") { + fwrite($fout, "sip_listen_port = " . $_POST['port'] . "\n\n"); + } else { + fwrite($fout, "sip_listen_port = 5060\n\n"); + } + fwrite($fout, "daemonize = 1\n\nsilence_log = 0\n\nlog_calls = 1\n\nuser = nobody\nchrootjail = /usr/local/siproxd/\n\nregistration_file = siproxd_registrations\n\npid_file = siproxd.pid\n\n"); + if($_POST['rtpenable'] != "") { + fwrite($fout, "rtp_proxy_enable = " . $_POST['rtpenable'] . "\n\n"); + } else { + fwrite($fout, "rtp_proxy_enable = 1\n\n"); + } + if($_POST['rtplower'] != "") { + if($_POST['rtpupper'] != "") { + fwrite($fout, "rtp_port_low = " . $_POST['rtplower'] . "\n"); + fwrite($fout, "rtp_port_high = " . $_POST['rtpupper'] . "\n\n"); + } + } + if($_POST['rtptimeout'] != "") { + fwrite($fout, "rtp_timeout = " . $_POST['rtptimeout'] . "\n\n"); + } else { + fwrite($fout, "rtp_timeout = 300\n\n"); + } + if($_POST['defaulttimeout'] != "") { + fwrite($fout, "default_expires = " . $_POST['defaulttimeout'] . "\n\n"); + } else { + fwrite($fout, "default_expires = 600\n\n"); + } + if($_POST['authentication']) { + fwrite($fout, "proxy_auth_realm = Authentication_Realm\nproxy_auth_pwfile = /usr/local/etc/siproxd_passwd.cfg\n\n"); + } + fwrite($fout, "debug_level = 0x00000000\n\n"); + if($_POST['outboundproxyhost'] != "") { + if($_POST['outboundproxyport'] != "") { + fwrite($fout, "outbound_proxy_host = " . $_POST['outboundproxyhost'] . "\n"); + fwrite($fout, "outbound_proxy_port = " . $_POST['outboundproxyport'] . "\n"); + } + } + fclose($fout); + mwexec("killall siproxd"); + mwexec("/usr/local/etc/rc.d/siproxd.sh"); + conf_mount_ro(); + config_unlock(); + } + sync_package(); + + + diff --git a/packages/siproxdusers.xml b/packages/siproxdusers.xml new file mode 100644 index 00000000..9209bf84 --- /dev/null +++ b/packages/siproxdusers.xml @@ -0,0 +1,68 @@ + + siproxdusers + 0.5.9 + siproxd: Users + + + Settings + /pkg_edit.php?xml=siproxd.xml&id=0 + + + Users + /pkg.php?xml=siproxdusers.xml + + + + installedpackages->package->$packagename->configuration->settings + + + Username + username + + + Description + description + + + + + Username + username + Enter the username here + input + + + Password + password + Enter the password here + password + + + Username Description + description + Enter the description of the user here + input + + + + function sync_package() + { + conf_mount_rw(); + config_lock(); + global $config; + $fout = fopen("/usr/local/etc/siproxd_passwd.cfg","w"); + fwrite($fout, "# This file was automatically generated by the pfSense\n# package management system.\n\n"); + if($config['installedpackages']['siproxdusers']['config'] != "") { + foreach($config['installedpackages']['siproxdusers']['config'] as $rowhelper) { + fwrite($fout, $rowhelper['username'] . " " . $rowhelper['password'] . "\n"); + } + } + fclose($fout); + conf_mount_ro(); + config_unlock(); + system("/usr/bin/killall -HUP siproxd"); + } + sync_package(); + + + diff --git a/pkg_config.xml b/pkg_config.xml index 73608027..738a54bf 100644 --- a/pkg_config.xml +++ b/pkg_config.xml @@ -176,5 +176,17 @@ BETA pfflowd.xml + + siproxd + http://siproxd.sourceforge.net/ + Siproxd is a proxy/masquerading daemon for the SIP protocol. It handles registrations of SIP clients on a private IP network and performs rewriting of the SIP message bodies to make SIP connections possible via a masquerading firewall. It allows SIP clients (like kphone, linphone) to work behind an IP masquerading firewall or router. + Services + http://www.pfsense.com/packages/config/siproxd.xml + http://www.pfsense.com/~colin/All/ + siproxd-0.5.9.tbz + 0.5.9 + ALPHA + siproxd.xml + -- cgit v1.2.3