WebRTC

From VoIPmonitor.org
Revision as of 10:55, 11 March 2020 by Festr (talk | contribs) (Festr moved page Webrtc to WebRTC)
Jump to navigation Jump to search

VoIPmonitor sniffer is able to analyse SIP over WebSocket encrypted or unencrypted. For unencrypted WebSocket the only think needed is to set

sipport = 5060, 8088

this example will analyse SIP TCP/UDP and SIP over WebSocket on port 8088

For encrypted webscoket see following examples for Freeswitch and Asterisk:

Freeswitch

vars.conf

<param name="tls-version" value="tlsv1.2"/> 
<param name="tls-ciphers" value="AES128-SHA" >

voipmonitor.conf

ssl = yes
ssl_ipport = 192.168.0.1 : 7443 /etc/voipmonitor/privkey.pem

Asterisk

http.conf

;
; Asterisk Builtin mini-HTTP server
;
;
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
;prefix=asterisk
;sessionlimit=100
;enablestatic=yes
;redirect = / /static/config/index.html
tlsenable=yes          ; enable tls - default no.
tlsbindaddr=0.0.0.0:8089    ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/asterisk.pem  ; path to the certificate file (*.pem) only.
tlscipher=AES128-SHA
;tlsprivatekey=</path/to/private.pem>    ; path to private key file (*.pem) only.

rtp.conf

add at the end of this file:

icesupport=yes
stunaddr=stun.l.google.com:19302

pjsip.conf

[general]
allowguest = no 
  [global]
type = global
user_agent = VoIPsun PBX
realm=192.168.2.107
bindport=5060
transport=udp,ws,wss
[transport-udp]
type = transport
protocol = udp
bind = 192.168.2.107:5060
tos = cs3
cos = 3 
[transport-ws]
type=transport
protocol=ws
bind=192.168.2.107 
[transport-wss]
type=transport
protocol=wss
bind=192.168.2.107
cipher=0x002f
 [101]
type=aor
max_contacts=1
remove_existing=yes
[101]
type=auth
auth_type=userpass
username=101
password=1234
[101]
type=endpoint
disallow=all
allow=opus
allow=alaw
allow=ulaw
context=from101
auth=101
aors=101
media_encryption=dtls
dtls_verify=fingerprint
dtls_cert_file=/etc/asterisk/keys/asterisk.pem
dtls_ca_file=/etc/asterisk/keys/ca.crt
dtls_setup=actpass
use_avpf=yes
ice_support=yes
media_use_received_transport=yes
rtcp_mux=yes
[102]
type=aor
max_contacts=1
remove_existing=yes
[102]
type=auth
auth_type=userpass
username=102
password=1234
[102]
type=endpoint
disallow=all
allow=opus
allow=alaw
allow=ulaw
context=from102
auth=102
aors=102
media_encryption=dtls
dtls_verify=fingerprint
dtls_cert_file=/etc/asterisk/keys/asterisk.pem
dtls_ca_file=/etc/asterisk/keys/ca.crt
dtls_setup=actpass
use_avpf=yes
ice_support=yes
media_use_received_transport=yes
rtcp_mux=yes

extensions.conf

[from101] exten => _X.,1,NooP(Call from 101 to ${EXTEN}) same => n,Dial(PJSIP/102/${EXTEN}) 
exten => i,1,Goto(other,${EXTEN},1)
[from102]
exten => _X.,1,NooP(Call from 102 to ${EXTEN})
same => n,Dial(PJSIP/101/${EXTEN})

exten => i,1,Goto(other,${EXTEN},1)
[other]
exten => X,1,NooP(Call from ${CALLERID(num)} to ${EXTEN})
same => n,DumpChan()
same => n,Ringing()
same => n,Wait(3)
same => n,Playback(/var/lib/asterisk/sounds/cz/queue-periodic-announce)
same => n,Hangup()

modules.conf

noload => chan_sip.so

keys

mkdir /etc/asterisk/keys
cd /etc/asterisk/keys
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
openssl genrsa -out key.pem 1024
openssl req -new -key key.pem -out req-sip_server.csr
openssl x509 -req -days 365 -in req-sip_server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out cert-sip_server.crt
cat key.pem > asterisk.pem
cat cert-sip_server.crt >> asterisk.pem

Sipml5

https://www.doubango.org/sipml5/call.htm?svn=170#


Display name: 102   
Private Identity: 102 
Public Identity: sip:102@192.168.2.107 
Password: 1234Realm: 192.168.2.107


click on expert mode:


Disable video: on
Enable RTCWeb breaker
WebSocket Server URL: wss://192.168.2.107:8089/ws
ICE servers: [{ url: 'stun:stun.l.google.com:19302'}]  (this can be maybe empty) 
Disable 3GPP Early IMS: on
Disable debug messages: on
Cache media stream: on
Disable Call button options: on


  • after settings go back to first tab and click login