Thursday 16 October 2014

Freeswitch WTF?

Freeswitch is apparently 'very NAT friendly'.

No kidding. I've spent most of today trying to stop it from binding to the outside of the firewall and allowing anyone and everyone to try and authenticate, filling my logfiles with shite.

-nonat -nonatmap - doesn't appear to work, on windows at least. Nor does any combination of them.

commenting out every instance of

<param name="ext-rtp-ip" value="auto-nat"/>
<param name="ext-sip-ip" value="auto-nat"/>

doesn't work

<param name="ext-rtp-ip" value="192.168.255.255"/>
<param name="ext-sip-ip" value="192.168.255.255"/>

doesn't work.

At the moment, I just want to use this thing internally as a test switch. I'm spending a *lot* of time trying to lock down the default config, instead of debugging my code. This is not good, and inside a private network it should not be necessary.

Addendum:

I raised the question (extremely politely) on the freeswitch users mailing list, and got this response from one of the projects senior members:

"It has NOTHING at all to do with the ext-sip-ip and ext-rtp-ip settings, If

you don't want outside access then block it at your nat/firewall."

That's all - no "Hi", no sign off, just that. Rude, aggressive, shouty and unhelpful.

I'm using Asterisk now. Ho hum.