Hi, Do you folks have any plans to support a media firewall based on SIP signaling? FYI, you may find the SIP RFC at <http://www.tec.informatik.uni-rostock.de/IuK/resources/rfcs/rfc2543.html>. Thanks, Igor
On Tue, Mar 13, 2001 at 03:50:17PM -0600, Igor S. Livshits wrote:
Hi,
Do you folks have any plans to support a media firewall based on SIP signaling? FYI, you may find the SIP RFC at <http://www.tec.informatik.uni-rostock.de/IuK/resources/rfcs/rfc2543.html>.
We don't have SIP in our plans, though anything reasonable can be added to that list. What is SIP good for, and how do you think it could be implemented on a firewall? -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
At 10:24 AM +0100 on 3/14/01, Balazs Scheidler wrote:
What is SIP good for, and how do you think it could be implemented on a firewall?
SIP is a signaling protocol for media streams (e.g., voice over RTP). An ideal implementation would include the following ingredients: 1. Open incoming port 5060 (standard SIP port) 2. Dynamic opening and closing of channels for media streams (RTP/RTCP) as negotiated by SIP messages 3. NAT for both SIP and media 4. Rewriting of SIP payloads to correspond to NAT (i.e., a special-purpose slim SIP proxy) For some examples, take a look at the Cisco PIX "sip fixup" [payload adjustment lacking], Aravox media firewall coupled with a dynamicsoft firewall control proxy, the offering from Microappliances <http://www.microappliances.com/applications/ALG/alg.html> [limited information on functionality], and the Linux SIP masquerade module <http://www.siphappens.com/masquerade/draft-biggs-sip-nat-00.txt>. Thanks, Igor
participants (2)
-
Balazs Scheidler
-
Igor S. Livshits