SIP ALG Test This tool uses Java, therefore it will ask you to 'Allow' the plugin, please proceed with all Java security prompts to allow this tool to function properly Proceed. IMPORTANT: This project is not maintained. It may work today (or not). SIP-ALG-Detector is an utility to detect routers with SIP ALG enabled. It comes with a client and a server: The client is executed in a host into the private LAN.
IMPORTANT:This project is not maintained. It may work today (or not).
SIP-ALG-Detector is an utility to detect routers with SIP ALG enabled. It comes with a client and a server:
- The client is executed in a host into the private LAN.
- The server runs in a server with public IP.
Both the client and the server and written in Ruby language.
About SIP ALG
Many of today's commercial routers implement SIP ALG, coming with this feature enabled by default.
![Test tool for table saw blade Test tool for table saw blade](/uploads/1/2/6/4/126405654/106346545.png)
An ALG (Application-level gateway) understands the protocol used by the specific applications that it supports (in this case SIP) and does a protocol packet-inspection of traffic through it. A NAT router with a built-in SIP ALG can re-write information within the SIP messages (SIP headers and SDP body) making signaling and audio traffic between the client behind NAT and the SIP endpoint possible. While ALG could help in solving NAT related problems, the fact is that most of the routers ALG implementations are wrong and break SIP.
More information about SIP ALG in Voip-Info.org.
How it works
- Being in a private LAN,
sip-alg-detector.rb
creates a correct INVITE by getting the private address of the host. - The INVITE is sent via UDP and/or TCP to a server (public address) in which
sip-alg-detector-daemon.rb
is running in port 5060. - When passing through the LAN router, the INVITE could be modified if ALG SIP is enabled in the router.
- The request arrives finally to the server which takes the request headers and body and send them back to the client in two responses:
SIP/2.0 180
containing the request headers encoded inBase64
as response body ('Content-Type: text/plain').SIP/2.0 500
containing the request body encoded inBase64
as response body ('Content-Type: text/plain').
- The client get the responses, rebuilds the original request (as arrived to the server) and generates a 'diff' between its sent request and the mirrored request received from the server.
- Possible differences between them are displayed (in case SIP ALG exists).
- Finally test results are displayed in the screen (UDP test and/or TCP test).
Usage
Client
The client side
sip-alg-detector.rb
can be runned in interactive or non-interactive mode (by adding '-n' parameter). In non-interactive mode, the server IP must be provided with the '-si' parameter.Built on Ruby with no external dependencies or libraries, the client is supposed to run in Linux, Windows and Mac. However, ruby-readline is required interactive mode to work.
Server
The server side
sip-alg-detector-daemon.rb
must run in a host with public IP. It's also written in Ruby and requires daemons
gem installed:By default it listens in '0.0.0.0:5060' (all the interfaces). The address can be set with '-i' (IP to bind) and '-p' (port to bind).
Example
- Let's assume we run the server in a host with public IP 99.98.130.199:
- The router has a public IP 66.111.222.111.
- The client host has a private IP 192.168.1.102.
- Then we run the client in interactive mode:
- We could do the same in non-interactive mode:
Sip Alg Detector
As we can see from the previous example, our router is performig SIP ALG for UDP (not for TCP). It behaves as a proxy (inserts a new 'Via' header, decreases 'Max-Forwards') and also replaces the private IP with the router public IP ('Contact' header and SDP).
Author
- IƱaki Baz Castillo [website|github]