asterisk users - Nov 2003 - tunnel iax via gnophone with ssh?

Hey all...I'm trying to use gnophone to connect to my asterisk box 
behind my firewall..I thought I could just setup a tunnel with something 
like ssh host.com -L5036:asteriskserver:5036 and just change my gnophone 
to connect to localhost:5036 but I never see anything happen on the 
asterisk server. I'm even trying this on the same network just in case 
there is something funky with NAT.

Anybody have any ideas? I did notice that when I start gnophone I see

iax.c line 654 in iax_init: Started on port 5036
Listening on port 5036

and it doesn't seem to matter what I do inside the config. Are these 
ports in some way hardcoded? If if they are can't I do something like above?

Thanks!
Chris

-- 

http://ccicolorado.org
Exceptional Dogs for Exceptional People - Help Out Today!

Hi,

On Thu, 20 Nov 2003 at 08:44, Chris Hirsch wrote:
> Anybody have any ideas?
Asterisk uses UDP, but ssh can only forward TCP ports.

cu
	Reinhard

On Thu, 2003-11-20 at 09:44, Chris Hirsch wrote:
> Hey all...I'm trying to use gnophone to connect to my asterisk box 
> behind my firewall..I thought I could just setup a tunnel with something 
> like ssh host.com -L5036:asteriskserver:5036 and just change my gnophone 
> to connect to localhost:5036 but I never see anything happen on the 
> asterisk server. I'm even trying this on the same network just in case 
> there is something funky with NAT.
> 
> Anybody have any ideas? I did notice that when I start gnophone I see
> 
> iax.c line 654 in iax_init: Started on port 5036
> Listening on port 5036
> 
> and it doesn't seem to matter what I do inside the config. Are these 
> ports in some way hardcoded? If if they are can't I do something like
above?
I think your problem is going to be related to the fact that IAX is a
UDP protocol. I don't know, but I think you can't push UDP down a tunnel
like that normally. Check out this URL for some pointers.
http://lists.debian.org/debian-laptop/2001/debian-laptop-200110/msg00258.html
-- 
Steven Critchfield  <critch@basesys.com>

Chris Hirsch wrote:
> Hey all...I'm trying to use gnophone to connect to my asterisk box 
> behind my firewall..I thought I could just setup a tunnel with something 
> like ssh host.com -L5036:asteriskserver:5036 and just change my gnophone 
> to connect to localhost:5036 but I never see anything happen on the 
> asterisk server. I'm even trying this on the same network just in case 
> there is something funky with NAT.
I b'lieve ssh will only tunnel tcp traffic, not udp.

On 20/11/03 15:44, Chris Hirsch wrote:
> Hey all...I'm trying to use gnophone to connect to my asterisk box 
> behind my firewall..I thought I could just setup a tunnel with something 
> like ssh host.com -L5036:asteriskserver:5036 and just change my gnophone 
> to connect to localhost:5036 but I never see anything happen on the 
> asterisk server. I'm even trying this on the same network just in case 
> there is something funky with NAT.
> 
> Anybody have any ideas?
Yes, IIRC SSH only tunnels TCP. IAX is UDP based. You'll need to find 
something that will tunnel UDP over TCP, so you can tunnel that over SSH 
(!).

Good luck. :)

Alastair

Reinhard Max wrote:
>Asterisk uses UDP, but ssh can only forward TCP ports.
>
>  
>
Ahhh something I completly missed...that makes sense because I tunnel 
lots of other things...Are there other protocols that are TCP instead?

-- 
To be intoxicated is to feel sophisticated but not be able to say it.


http://ccicolorado.org
Exceptional Dogs for Exceptional People - Help Out Today!

> Reinhard Max wrote:
> 
> >Asterisk uses UDP, but ssh can only forward TCP ports.
> >
> >  
> >
> Ahhh something I completly missed...that makes sense because I tunnel 
> lots of other things...Are there other protocols that are TCP instead?
> 
All protocols use UDP for voice data, for obvious reasons.

On Thu, 2003-11-20 at 15:44, Chris Hirsch wrote:
> Reinhard Max wrote:
> 
> >Asterisk uses UDP, but ssh can only forward TCP ports.
> >
> >  
> >
> Ahhh something I completly missed...that makes sense because I tunnel 
> lots of other things...Are there other protocols that are TCP instead?
No, the difference in voice as opposed to files transfers is that voice
can survive drop outs and a file can not. UDP allows packets to be
dropped and will continue running where as TCP requires all packets make
it to the end point. If a packet is lost, you have delay while the
packet is retransmitted.
-- 
Steven Critchfield <critch@basesys.com>

On Thu, 20 Nov 2003 08:44:10 -0700, Chris Hirsch wrote
> Hey all...I'm trying to use gnophone to connect to my 
> asterisk box behind my firewall..I thought I could just 
> setup a tunnel with something like ssh host.com -
> L5036:asteriskserver:5036 and just change my gnophone to 
> connect to localhost:5036 but I never see anything happen on 
> the asterisk server. I'm even trying this on the same 
> network just in case there is something funky with NAT.
As somebody already pointed out (and I corrected this in the Wiki a
few days ago), IAX uses UDP, so plain ssh tunneling won't work.
> 
> Anybody have any ideas? I did notice that when I start 
> gnophone I see
> 
> iax.c line 654 in iax_init: Started on port 5036
> Listening on port 5036
> 
> and it doesn't seem to matter what I do inside the config. 
> Are these ports in some way hardcoded? If if they are can't 
> I do something like above?
> 
> Thanks!
> Chris
The 5036 port is hardcoded in the IAX library (iax.h, #define
IAX_DEFAULT_PORTNO 5036) which gnophone uses. For the quickest hack,
change the value and recompile libiax.

In the longer run, consider adding a command line option (or even
better, a GUI config item), specifying an int passed to iax_init() in
pc_init() in phonecore.c in gnophone source (I went through the code
so much I almost know it by heart ;). Currently it is passed a zero
which means "the default". In any case, if the required port is in
use, IAX uses a random one.

Grzegorz Nosek