Hosted by:

SaRP - SIP and RTP proxy

SaRP is a SIP and RTP proxy designed specifically to handle the problems inherit in NAT and SIP.
The current implementation is written in Perl but a cross-platform C++ version is being worked on.
Sourceforge project page

Current status:

v0.2.1 has been released (17/7/03) Click here to download it.
This is mainly an important bug fix for 0.2. It is highly recommended that anyone using earlier versions should upgrade.
v0.2 has been released (30/6/03)
This is the first general usage release. You should be able to download this and have little or no problems getting it working.
v0.1 released (18/6/03)
Successfully passed fully NATed calls out.
Allows for inbound calls to registered proxy clients.
Multiple calls handled.
Registrations restricted to the defined local networks.

Project criteria:

Allow hosts behind a NATing firewall/router to make and receive SIP calls. (done)
Allow more than on phone/computer/user to receive SIP calls on one real world IP. (done)
Be compatible with as many SIP implementations as possible. (work in progress)
Hide any internal IP addresses from the outside world. (done)
Avoid as much as possible the interia of a SIP call to allow as direct as possible communication between the UAs.
Completely define and control all ports used so as to allow easy configuration of firewalls, etc. (done)
Security! (i.e. by default drop any packets that aren't recognised instead of replying and leaking information.) (will never be finished :-( )
Be cross-platform to allow Windows users access to a simple SIP proxy. (functional but no fancy gui or config)

Planned features:

Send a 'heartbeat' packet on the SIP port to make sure the UAs are responding correctly during a call. There is an update to the RFC that allows for an UPDATE packet that may be suitable for this. Otherwise we may be able to craft a packet that will illicit a reasonable response.
Add a default UA to forward an incoming call to if it is directed to an unknown user on the proxy.

The planned feature: Monitor RTP traffic and gracefully disconnect call if no data flows in one/both directions for a defined time period. has been dropped.
Monitoring RTP will not work since there are occasions when a host may not send audio for some time but will still want the call to be active. Instead we will rely on using the SIP based heartbeat.

The following are a cut-and-paste from two emails that pretty much describe what it is:

I've been dealing with this problem since the first moment I've dealt
with VoIP. Basically I've had enough of it and have started writing a
very simple SIP and RTP proxy. It will pass all SIP related traffic
through it, effectively teminating all connections on itself from the
point of view of the UAs. It is also configurable as to what it's
external address is when dealing with non-internal traffic. This is
name based so that people on dynamic IPs can also use it. Lastly it is
going to be cross-platform to account for users of _any_ NATing
device/platform. All of this is clearly laid out in a number of Internet
Drafts from the IETF from _early_ 2000!

Okay, this is the simple plan for starters.


                   External
                   networks         Preferably has
                      |          .- Dynamic DNS entry
              .--     |         /   for real world IP
              |   NAT router <-'
  Optional -->|       |
              |       | <---- DNAT of ports to proxy
              `--     |
                      |      --.
                SIP/RTP proxy  |
                   /  |  \     |    Must have ability
                  /   |   \    |<-- to talk directly
                 UA1 UA2 UAn   |    without NAT or firewall
                             --'
UA  = User Agent
SIP = control channel
RTP = data channel

Required configuration for SIP proxy:
* DNS name / real world IP for external traffic
* Specific list of ports that it will listen/send on
* address of Internal network

Useful configuration:
* user to IP mapping for internal calls
* catchall to IP mapping of unknown/unspecified user

SIP process flow:
0. if $from ! in $internal_net && $to ! in $internal_net
   then drop and ALERT
1. if $from in $internal_net && $to in $internal_net
   then forward
   (With no modification this should then cause the UAs to negotiate RTP as
   normal)
2. if packet = BYE
   then modify, forward, remove connection record and close UDP RTP ports
3. if active connection then modify and forward
4. if $from in $internal_net && $to ! in $internal_net
   then record connection
   modify and forward
5. if $from ! in $internal_net && $to in $internal_net
   then record connection
   lookup user_to_IP_mapping, modify and forward

modify()
  if ($from_ip or $to_ip) ! in $internal_net
  then
    if $from_ip in $internal_net then rewrite to $real_world_ip from DNS query
    if $to_ip in $internal_net then rewrite to $proxy_internal_ip
    if packet = SIP
    then
      rewrite local UDP ports for RTP to those defined in config
      open RTP connections
    forward modified packet