当前位置：首页 > news >正文

Nginx wss to ws 折腾记

news 2025/8/9 2:37:26

jssip 或 sipml5 <----wss--->nginx<---ws---->fs(5066)

fs_cli -x 'sofia loglevel all 9'

日志如下：

REGISTER sip:192.168.43.135 SIP/2.0
Via: SIP/2.0/WSS df7jal23ls0d.invalid;branch=z9hG4bKurFnCK9qJuXQlSrbszSL1S6wbCokKlLr;rport
From: <sip:1005@192.168.43.135>;tag=MMulT85Sh1aJFiE1tkZq
To: <sip:1005@192.168.43.135>
Contact: <sips:1005@df7jal23ls0d.invalid;rtcweb-breaker=no;transport=wss>;expires=200;click2call=no;+g.oma.sip-im;+audio;language="en,fr"
Call-ID: 0e23e99e-8037-f1f7-8b91-f47ed433c65c
CSeq: 50125 REGISTER
Content-Length: 0
Max-Forwards: 70
User-Agent: IM-client/OMA1.0 sipML5-v1.2016.03.04
Organization: Doubango Telecom
Supported: path

tport.c:3054 tport_deliver() tport_deliver(0x7f63cc073d60): msg 0x7f63cc0a40a0 (565 bytes) from ws/192.168.43.135:38184/sip next=(nil)
nta.c:2957 agent_recv_request() nta: received REGISTER sip:192.168.43.135 SIP/2.0 (CSeq 50125) (load: 0 rps)
nta.c:3225 agent_check_request_via() nta: Via check: invalid transport "SIP/2.0/WSS" from 192.168.43.135:38184
nta.c:3070 agent_recv_request() nta: REGISTER (50125) has invalid Via
tport.c:2315 tport_set_secondary_timer() tport(0x7f63cc073d60): reset timer
tport.c:2315 tport_set_secondary_timer() tport(0x7f63cc073d60): reset timer

5066 绑定的是 ws，但是收到的 via 是 wss, 于是报错，不回 sip 消息（正常应该是 401）

找到 nta.c，做下面的修改：

重新编译后再测试，可以注册，可以呼叫

查了下，有个链接可以参考

https://lists.freeswitch.org/pipermail/freeswitch-users/2015-February/110971.html

可能不容易访问，这里贴下：

Hello,we have placed Freeswitch behind a Apache ws tunnel proxy. Now, Freeswitch give me an error message because the sip_via is not correct.nta.c:3146 agent_check_request_via() nta: Via check: invalid transport
"SIP/2.0/WSS" from 127.0.0.1:39964
nta.c:2990 agent_recv_request() nta: REGISTER (1) has invalid ViaHow do I modify the sip via entry that Freeswitch is expecting? Where to set the
sip_via_address/protocol/port variables?Thanks

几小时候发帖写道：

Hello again,the problem lies in the nta.c function agent_check_request_via.My apache proxy translation is from wss to ws (which may sense if on lo), but
agent_check_request_via is still expecting WSS.As a workaround, I am transmitting wss even locally. With best regards

也就是说放弃了 Apache 转发的方案，jssip 直接连 mod_sofia 的 wss 端口。

附测试用的 nginx 配置文件：

## nginx ip: 192.168.43.135
## fs ip: 192.168.43.203## 没有域名
## nginx 自签名证书
## wss 转到 fs 的 5066 ws 端口upstream freeswitch_sofia {# freeswitch mod_sofia wsserver 192.168.43.203:5066;
}upstream freeswitch_verto {server 192.168.43.203:8081;
}server {listen 443 ssl;ssl_certificate /root/cert.pem;ssl_certificate_key /root/privkey.pem;ssl_prefer_server_ciphers  on;ssl_session_cache shared:SSL:1m;ssl_session_timeout 5m;client_max_body_size 100M;server_name 192.168.43.135:443;location / {root /var/www/;index index.html;gzip on;gzip_min_length 1k;gzip_buffers 4 16k;gzip_comp_level 2;gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;gzip_vary off;gzip_disable "MSIE [1-6]\.";}location /ws {proxy_connect_timeout 30m;proxy_send_timeout 1d;proxy_read_timeout 1d;proxy_pass http://freeswitch_sofia;proxy_redirect off;proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection "upgrade";}location /api/ {add_header Access-Control-Allow-Origin *;add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';if ($request_method = 'OPTIONS') {return 204;}proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;proxy_set_header Host $http_host;proxy_set_header X-NginX-Proxy true;proxy_pass http://freeswitch_verto;proxy_redirect off;proxy_http_version 1.1;}
}server {listen 80;server_name 192.168.43.135;return 301 https://192.168.43.135:443$request_uri;
}

FreeSWITCH 版本：1.10.9

Nginx 版本：1.18.0-6.1

查看全文

http://www.lryc.cn/news/349907.html