At 10:24 AM +0100 on 3/14/01, Balazs Scheidler wrote:
What is SIP good for, and how do you think it could be implemented on a firewall?
SIP is a signaling protocol for media streams (e.g., voice over RTP). An ideal implementation would include the following ingredients: 1. Open incoming port 5060 (standard SIP port) 2. Dynamic opening and closing of channels for media streams (RTP/RTCP) as negotiated by SIP messages 3. NAT for both SIP and media 4. Rewriting of SIP payloads to correspond to NAT (i.e., a special-purpose slim SIP proxy) For some examples, take a look at the Cisco PIX "sip fixup" [payload adjustment lacking], Aravox media firewall coupled with a dynamicsoft firewall control proxy, the offering from Microappliances <http://www.microappliances.com/applications/ALG/alg.html> [limited information on functionality], and the Linux SIP masquerade module <http://www.siphappens.com/masquerade/draft-biggs-sip-nat-00.txt>. Thanks, Igor