WebRTC: Difference between revisions

From VoIPmonitor.org
Jump to navigation Jump to search
No edit summary
 
(2 intermediate revisions by one other user not shown)
Line 1: Line 1:
VoIPmonitor sniffer is able to analyse SIP over WebSocket encrypted or unencrypted. For unencrypted WebSocket the only think needed is to set
VoIPmonitor sniffer is able to analyse SIP over WebSocket encrypted or unencrypted. For unencrypted WebSocket just configure WebScoket port as sipport:


voipmonitor.conf:
  sipport = 5060, 8088
  sipport = 5060, 8088


Line 74: Line 75:
  bind=192.168.2.107
  bind=192.168.2.107
  cipher=0x002f
  cipher=0x002f
method=tlsv1_2
   [101]
   [101]
  type=aor
  type=aor
  max_contacts=1
  max_contacts=1
  remove_existing=yes
  remove_existing=yes


  [101]
  [101]

Latest revision as of 14:20, 7 August 2020

VoIPmonitor sniffer is able to analyse SIP over WebSocket encrypted or unencrypted. For unencrypted WebSocket just configure WebScoket port as sipport:

voipmonitor.conf:

sipport = 5060, 8088

this example will analyse SIP TCP/UDP and SIP over WebSocket on port 8088

For encrypted webscoket see following examples for Freeswitch and Asterisk:

Freeswitch

vars.conf

<param name="tls-version" value="tlsv1.2"/> 
<param name="tls-ciphers" value="AES128-SHA" >

voipmonitor.conf

ssl = yes
ssl_ipport = 192.168.0.1 : 7443 /etc/voipmonitor/privkey.pem

Asterisk

http.conf

;
; Asterisk Builtin mini-HTTP server
;
;
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
;prefix=asterisk
;sessionlimit=100
;enablestatic=yes
;redirect = / /static/config/index.html
tlsenable=yes          ; enable tls - default no.
tlsbindaddr=0.0.0.0:8089    ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/asterisk.pem  ; path to the certificate file (*.pem) only.
tlscipher=AES128-SHA
;tlsprivatekey=</path/to/private.pem>    ; path to private key file (*.pem) only.

rtp.conf

add at the end of this file:

icesupport=yes
stunaddr=stun.l.google.com:19302

pjsip.conf

[general]
allowguest = no 
  [global]
type = global
user_agent = VoIPsun PBX
realm=192.168.2.107
bindport=5060
transport=udp,ws,wss
[transport-udp]
type = transport
protocol = udp
bind = 192.168.2.107:5060
tos = cs3
cos = 3 
[transport-ws]
type=transport
protocol=ws
bind=192.168.2.107 
[transport-wss]
type=transport
protocol=wss
bind=192.168.2.107
cipher=0x002f
method=tlsv1_2
 [101]
type=aor
max_contacts=1
remove_existing=yes


[101]
type=auth
auth_type=userpass
username=101
password=1234
[101]
type=endpoint
disallow=all
allow=opus
allow=alaw
allow=ulaw
context=from101
auth=101
aors=101
media_encryption=dtls
dtls_verify=fingerprint
dtls_cert_file=/etc/asterisk/keys/asterisk.pem
dtls_ca_file=/etc/asterisk/keys/ca.crt
dtls_setup=actpass
use_avpf=yes
ice_support=yes
media_use_received_transport=yes
rtcp_mux=yes
[102]
type=aor
max_contacts=1
remove_existing=yes
[102]
type=auth
auth_type=userpass
username=102
password=1234
[102]
type=endpoint
disallow=all
allow=opus
allow=alaw
allow=ulaw
context=from102
auth=102
aors=102
media_encryption=dtls
dtls_verify=fingerprint
dtls_cert_file=/etc/asterisk/keys/asterisk.pem
dtls_ca_file=/etc/asterisk/keys/ca.crt
dtls_setup=actpass
use_avpf=yes
ice_support=yes
media_use_received_transport=yes
rtcp_mux=yes

extensions.conf

[from101] exten => _X.,1,NooP(Call from 101 to ${EXTEN}) same => n,Dial(PJSIP/102/${EXTEN}) 
exten => i,1,Goto(other,${EXTEN},1)
[from102]
exten => _X.,1,NooP(Call from 102 to ${EXTEN})
same => n,Dial(PJSIP/101/${EXTEN})

exten => i,1,Goto(other,${EXTEN},1)
[other]
exten => X,1,NooP(Call from ${CALLERID(num)} to ${EXTEN})
same => n,DumpChan()
same => n,Ringing()
same => n,Wait(3)
same => n,Playback(/var/lib/asterisk/sounds/cz/queue-periodic-announce)
same => n,Hangup()

modules.conf

noload => chan_sip.so

keys

mkdir /etc/asterisk/keys
cd /etc/asterisk/keys
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
openssl genrsa -out key.pem 1024
openssl req -new -key key.pem -out req-sip_server.csr
openssl x509 -req -days 365 -in req-sip_server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out cert-sip_server.crt
cat key.pem > asterisk.pem
cat cert-sip_server.crt >> asterisk.pem

Sipml5

https://www.doubango.org/sipml5/call.htm?svn=170#


Display name: 102   
Private Identity: 102 
Public Identity: sip:102@192.168.2.107 
Password: 1234Realm: 192.168.2.107


click on expert mode:


Disable video: on
Enable RTCWeb breaker
WebSocket Server URL: wss://192.168.2.107:8089/ws
ICE servers: [{ url: 'stun:stun.l.google.com:19302'}]  (this can be maybe empty) 
Disable 3GPP Early IMS: on
Disable debug messages: on
Cache media stream: on
Disable Call button options: on


  • after settings go back to first tab and click login