修改 /etc/rtpengine/rtpengine.conf 文件，增加一行配置：

sip-source = true # 一般不需要这样配置，本文仅为说明问题

offfer 部分的日志如下：

[1713246486.390578] DEBUG: [1-5025@192.168.43.126]: [control] Dump for 'offer' from 127.0.0.1:34943: { "supports": [ "load limit" ], "sdp": "v=0
o=XRMG 1704250570 3 IN IP4 10.143.1.14
s=XRMG V2.0
c=IN IP4 10.143.1.14
t=0 0
m=audio 30608 RTP/AVP 8 101
c=IN IP4 10.143.1.14
b=AS:82
b=RS:600
b=RR:2000
a=rtpmap:8 PCMA/8000
a=ptime:20
a=sendrecv
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
", "replace": [ "origin", "session-connection" ], "call-id": "1-5025@192.168.43.126", "via-branch": "z9hG4bK-5025-1-00", "received-from": [ "IP4", "192.168.43.126" ], "from-tag": "5025SIPpTag001", "command": "offer" }

这里 sip-source 的地址（来自 received-from）为 192.168.43.126，端口来自 sdp 里面的 30608

接下来的日志为：

 [core] set FILLED flag for stream, local 192.168.43.126:36912 remote 192.168.43.126:30608

远端地址不是 sdp 的 c 地址，而是 sip-source

源码里面 trust_address 如果为 true 代表采用 sdp 的 c 地址，跟 sip-source 的意思正好是反过来的

// call_interfaces.c// ...static void call_ng_flags_flags(struct sdp_ng_flags *out, str *s, void *dummy) {str_hyphenate(s);switch (__csh_lookup(s)) {case CSH_LOOKUP("trust-address"):out->trust_address = 1;   // sdp c addressbreak;case CSH_LOOKUP("SIP-source-address"):case CSH_LOOKUP("sip-source-address"):out->trust_address = 0;  // sip-sourcebreak;

// sdp.c
// ...
static int fill_endpoint(struct endpoint *ep, const struct sdp_media *media, struct sdp_ng_flags *flags,struct network_address *address, long int port)
{struct sdp_session *session = media->session;if (!flags->trust_address) {if (is_addr_unspecified(&flags->parsed_received_from)) {if (__parse_address(&flags->parsed_received_from, NULL, &flags->received_from_family,&flags->received_from_address))return -1;}ep->address = flags->parsed_received_from; // sip-source}

目前版本的 rtpengine 默认的配置就是 trust-address，不再是 sip-source

熟悉 kamailio 的都知道，havfo 的脚本牛的很，现在可以解读一下了：

request_route {
    # per request initial checks
    route(REQINIT);

    if (nat_uac_test(64)) {
        # Do NAT traversal stuff for requests from a WebSocket
        # connection - even if it is not behind a NAT!
        # This won't be needed in the future if Kamailio and the
        # WebSocket client support Outbound and Path.
        force_rport();
        if (is_method("REGISTER")) {
            fix_nated_register();
        } else if (!add_contact_alias()) {
            xlog("L_ERR", "Error aliasing contact <$ct>\n");
            sl_send_reply("400", "Bad Request");
            exit;
        }
    }
 

# nat_uac_test(64) 就是测试信令是不是 WebSocket

# 如果是 WebSocket，那么需要 force_rport, 因为 Via 地址根本不可达

route[NATMANAGE] {

        # ...

        if (!nat_uac_test("8")) {
            $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " trust-address";
         }

# nat_uac_test("8") 测试sdp里面的地址是不是 rfc1918

# 如果不是 rfc1918，那么 trust-address，当时写这个脚本的时候，rtpengine 的版本应该比较旧

onreply_route {
    if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT)
        && !(proto == WS || proto == WSS))) {
        xlog("L_WARN", "SIP response received on $Rp\n");
        drop;
    }

    if (nat_uac_test(64)) {
        # Do NAT traversal stuff for replies to a WebSocket connection
        # - even if it is not behind a NAT!
        # This won't be needed in the future if Kamailio and the
        # WebSocket client support Outbound and Path.
        add_contact_alias();
    }
}
 

# reply 路由块的处理

# 先检查接收端口

# 再做 nat_uac_test(64) 检查，也就是终端是不是 WebSocket

# 如果是，那么需要 rewrite contact, 因为 WebSocket 的 contact 地址根本不可达