SIP helper review

Nils Ohlmeier lists at ohlmeier.org
Sun Feb 19 23:12:04 CET 2006


Hello,

I'm not a kernel programer but with several years experience in the SIP 
business I could call myself a SIP expert I guess. Therefor I was asked by a 
friend to take a look at the current SIP netfiler module.

So I made a code review of the code from this link:
http://svn.netfilter.org/netfilter/trunk/patch-o-matic-ng/patchlets/sip-conntrack-nat/linux-2.6.13/

From looking at the code I think I found the following two issues which might 
be worth fixing:

1) As far as I got it the skp_epaddr_len function in ip_conntrack_sip.c 
expects to find a username in the SIP URI in the Contact header. As usernames 
are generally optional in SIP URIs there are several User Agents (UA), 
especially the cheaper hardware UA's which support only one SIP account, 
which do not put a username into their Contact's. Thus I would propose that 
the searching for the username in the Contact header should be optional as 
well.

2) As far as I got it the epaddr_len function looks for 'UDP' in Via headers. 
Is it by intention that the IP address replacement would only work for the 
UDP transport but not for TCP? Allthough TCP is not very widely used yet I 
think it should be easy to do the replacement for TCP as well, or?

Let me know what do you think.

Greetings
  Nils Ohlmeier



More information about the netfilter-devel mailing list