"") $rules .= "rdr on {$iface} proto udp from any to !($iface) port {$port} -> 127.0.0.1 port {$port}\n"; } break; case 'filter': case 'rule': foreach ($ifaces as $iface) { if($iface <> "") { $rules .= "# allow SIP signaling and RTP traffic\n"; $rules .= "pass in on {$iface} proto udp from any to any port = {$port}\n"; $rules .= "pass in on {$iface} proto udp from any to any port {$rtplower}:{$rtpupper}\n"; } } break; default: log_error("Siproxd.inc -- error -- should not hit default case statement."); break; } return $rules; } function sync_package_siproxd() { global $config; conf_mount_rw(); $siproxd_chroot = "/var/siproxd/"; @mkdir($siproxd_chroot); @chown($siproxd_chroot, "nobody"); @chgrp($siproxd_chroot, "nobody"); unlink_if_exists("/usr/local/etc/rc.d/siproxd"); $conf = &$config['installedpackages']['siproxd']['config'][0]; $fout = fopen("/usr/local/etc/siproxd.conf","w"); fwrite($fout, "# This file was automatically generated by the pfSense\n"); fwrite($fout, "# package management system.\n\n"); /* proxy is turned off in package settings */ if($_POST['rtpenable'] == "0") { fclose($fout); return; } if($_POST['if_inbound'] != "") { fwrite($fout, "if_inbound = " . convert_friendly_interface_to_real_interface_name($_POST['if_inbound']) . "\n"); } if($_POST['if_outbound'] != "") { if(intval($config['version']) < 6 && $config['interfaces'][$_POST['if_outbound']]['ipaddr'] == "pppoe") { fwrite($fout, "if_outbound = ng0\n"); } else { fwrite($fout, "if_outbound = " . convert_friendly_interface_to_real_interface_name($_POST['if_outbound']) . "\n"); } } if($_POST['port'] != "") { fwrite($fout, "sip_listen_port = " . $_POST['port'] . "\n"); } else { fwrite($fout, "sip_listen_port = 5060\n"); } fwrite($fout, "daemonize = 1\n"); fwrite($fout, "silence_log = 0\n"); //fwrite($fout, "log_calls = 1\n"); fwrite($fout, "user = nobody\n"); fwrite($fout, "chrootjail = {$siproxd_chroot}\n"); fwrite($fout, "registration_file = siproxd_registrations\n"); fwrite($fout, "autosave_registrations = 10\n"); fwrite($fout, "pid_file = siproxd.pid\n"); if($_POST['rtpenable'] != "") { fwrite($fout, "rtp_proxy_enable = " . $_POST['rtpenable'] . "\n"); } else { fwrite($fout, "rtp_proxy_enable = 1\n"); } if(($_POST['rtplower'] != "") && ($_POST['rtpupper'] != "")) { fwrite($fout, "rtp_port_low = " . $_POST['rtplower'] . "\n"); fwrite($fout, "rtp_port_high = " . $_POST['rtpupper'] . "\n"); } else { fwrite($fout, "rtp_port_low = 7070\n"); fwrite($fout, "rtp_port_high = 7079\n"); } if($_POST['rtptimeout'] != "") { fwrite($fout, "rtp_timeout = " . $_POST['rtptimeout'] . "\n"); } else { fwrite($fout, "rtp_timeout = 300\n"); } if($_POST['defaulttimeout'] != "") { fwrite($fout, "default_expires = " . $_POST['defaulttimeout'] . "\n"); } else { fwrite($fout, "default_expires = 600\n"); } if($_POST['authentication']) { fwrite($fout, "proxy_auth_realm = Authentication_Realm\n"); fwrite($fout, "proxy_auth_pwfile = /usr/local/etc/siproxd_passwd.cfg\n"); } fwrite($fout, "debug_level = 0x00000000\n"); if($_POST['outboundproxyhost'] != "") { if($_POST['outboundproxyport'] != "") { fwrite($fout, "outbound_proxy_host = " . $_POST['outboundproxyhost'] . "\n"); fwrite($fout, "outbound_proxy_port = " . $_POST['outboundproxyport'] . "\n"); } } if($_POST['expeditedforwarding'] != "") fwrite($fout, "rtp_dscp = 46\n"); fclose($fout); write_rcfile(array( "file" => "siproxd.sh", "start" => "/usr/local/sbin/siproxd -c /usr/local/etc/siproxd.conf &", "stop" => "/usr/bin/killall siproxd" ) ); exec("killall siproxd"); sleep(1); start_service("siproxd"); filter_configure(); conf_mount_ro(); } ?>