Friday, March 17, 2017

GNU Gatekeeper 4.5 released

The most important change is the implementation of TCP keepalives for H.460.18 (bugfix) and optionally for all kinds of calls (feature). This is really important for NAT traversal.

In addition to the keepalives there are a number of bugfixes and a few minor feature additions (see the change notes below).

You can download the new version from
https://www.gnugk.org/h323download.html


Full change log from 4.4 to 4.5

  • new feature to send H.225 and H.245 keep-alives for all calls, enable with [RoutedMode] EnableGnuGkTcpKeepAlive=1, set interval with GnuGkTcpKeepAliveInterval=n
  • BUGFIX(ProxyChannel.cxx) send H.225 and H.245 keep-alives when acting as H.460.18 client
  • BUGFIX(ProxyChannel.cxx) disable RTP/RTCP port check for IPs in AllowedSignalIPs= when doing port detection
  • [Proxy] AllowedSignalIPs= can now process a list of networks
  • add shortcurt 'rl' for status port command 'rotatelog'
  • new switch [CallTable] SetCalledStationIdToDialedIP=1
  • new switch [CallTable] UseDestCallSignalIPAsDialedNumber=1 to place the destSignalIP into the %{DialedNumber} field if no dialed number is available in the ARQ / Setup
  • BUGFIX(ProxyChannel.cxx) fix crash on invalid sourceCallSignalAddress
  • add optional parameter for call transfer method to MakeCall status port command
  • BUGFIX(Toolkit.*) fix bug in IP comparison
  • BUGFIX(Toolkit.*) the internal networks configured with the [Proxy] InternalNetworks switch were added to the detected internal networks and didn't replace them, now they replace them as documented

Friday, January 6, 2017

GNU Gatekeeper 4.4 released

GNU Gatekeeper 4.4 was released today. This is mainly a bug fix release
with only 2 new features.

If you use SSH on your status port you are urged to update as soon as
possible and also if you use LUA scripting. Two serious bugs have been
fixed for these features where GnuGk can be crashed remotely.

A new feature is the RequireOneNet policy that allows you to restrict
access to publicly accessible traversal gatekeepers. Now you can easily
define that one end of all calls must terminate in one of your own
networks and prevent abuse of your resources by 3rd parties.

The other new feature is a significant improvement to the MakeCall
command on the status port. It is now able to establish video calls and
supports virtually all endpoints by using GnuGk's call reroute feature.

Changed config switches:
  • [Proxy] ProxyForNAT now defaults to OFF
  • [CTI::MakeCall] DisableFastStart has been removed, fastStart is now always disabled

You can download the new version from
http://www.gnugk.org/h323download.html

Please see the full change log below.

These know bugs haven't been addressed, yet:
  • when GnuGk acts as a H.460.18 client (as client in a H.460.18 traversal zone with another gatekeeper or as child gatekeeper), it currently does not send a keep-alive on the Q.931 TCP connection  during a call
  • bandwidth management currently only applies to calls from registered endpoints and ignores unregistered calls completely


Changes from 4.3 to 4.4
  • [CTI::MakeCall] TransferMethod can now also be Reroute, DisableFastStart switch removed
  • BUGFIX(MakeCall.cxx) fix MakeCall bearer capabilities to support video calls
  • BUGFIX(ProxyChannel.cxx) don't send Notify after call Reroute: Polycom RealPresens  starts a flood of Status messages
  • BUGFIX(GkStatus.cxx) call ssh_init() and ssh_finalize() only on application start and shutdown
  • BUGFIX(ProxyChannel.cxx) fix IP check for IgnoreSignaledPrivateH239IPs= switch
  • new accounting/authentication policy RequireOneNet
  • pass full RRQ message to LuaAuth
  • BUGFIX(ProxyChannel.cxx) when opening a port from a PortRange fails, try next port  regardless of errno
  • BUGFIX(lua.cxx) add mutex for LUA interpreter, because it is not thread safe
  • added message type parameter in RouteRequest event (ARQ, Setup, LRQ)
  • BUGFIX(yasocket.cxx) fix UDP with LARGE_FDSET on Solaris, OpenBSD and NetBSD
  • BUGFIX(RasTbl.cxx) fix crash on invalid AliasTypeFilter setting
  • changed default setting: [Proxy] ProxyForNAT now defaults to off, if you want to keep the previous behaviour, please set it explicitely

Wednesday, November 16, 2016

GNU Gatekeeper 4.3 released

I'm happy to announce the release of GNU Gatekeeper 4.3.

This new version contains a number bug fixes and some security fixes.


Fuzzy testing surfaced methods to crash GnuGk remotely, causing at least a denial of service. So all users are encouraged to update.

The most notable new feature are probably the events for Setup messages on the status port so now you can see all calls. In addition, LuaAuth has been given access to more information about received messages and can end your status port sessions with Ctrl-C now.

Important bug fixes are in the H.460 NAT traversal code where sometimes keep-alive intervals could be too long in older versions and a bug where GnuGk might have missed port re-negotiations in some cases.

The IgnoreSignaledIPs port detection code also has a few bug fixes to detect cases where it should be turned off automatically because its either not needed because the parties use another form of NAT traversal or non-symmetric ports where the detection algorithm may cause more harm than good.

You can download the new version from
http://www.gnugk.org/h323download.html


Enjoy!


Changes from GnuGk 4.2 to 4.3
  • BUGFIX(ProxyChannel.cxx, gkh235.cxx, gkauth.h) fix crashes found with PROTOS
  • new authentication policies LuaPasswordAuth, HttpPasswordAuth
  • BUGFIX(configure.in) fix check for LUA 5.2 or higher
  • connection to the status port can now also be ended with Ctrl-C
  • new switch [Routing::DNS] RewriteARQDestination= to preserve URLs in ARQs
  • disable IgnoreSignaledIPs when one party is not using the same RTP ports for forward and reverse channels in same RTP session
  • BUGFIX(RasTbl.cxx) don't allow higher TTL for H.460.18 registrations  than set by H46018KeepAliveInterval= switch
  • add variables message, srcInfo and vendor to LuaAuth
  • print message on status port when Setup is received
  • BUGFIX(ProxyChannel.cxx) disregard IgnoreSignaledIPs=1 switch when caller supports some form of NAT traversal (to avoid both sides waiting for first RTP packet)
  • BUGFIX(ProxyChannel.cxx) enable H.245 tunneling for H.460.17 even when Innovaphone forgets the flag
  • BUGFIX(ProxyChannel.cxx) make sure CRV is 0 for all RAS messages when using H.460.17 even when they relate to a call
  • BUGFIX(ProxyChannel.cxx) re-do H.460.19 port detection when a new logical channel is opened on the same port
  • print number of CPU cores and thread configuration on startup
  • BUGFIX(RasTbl.cxx) fix display of H.460.17 for registrations on status port
  • BUGFIX(ProxyChannel.cxx) fix dead lock causing reroutes to fail

Saturday, October 8, 2016

Mobile H.323 endpoints revisited

If you are looking for a free H.323 endpoint to connect to the GNU Gatekeeper, mobile apps for smartphones and tablets seem to offer the widest variety of choice right now.

Polycom


My personal favorite are the RealPresence apps from Polycom, available  for iOS and Android. They offer you to sign in with a Polycom account, but you can simply skip this and just register with any H.323 gatekeeper in the settings.

http://support.polycom.com/PolycomService/support/us/support/video/realpresence_mobile/realpresence_mobile.html

ClearOne


Collaborate Mobile is also a good choice and also available for iOS and Android from the respective app stores.

https://play.google.com/store/apps/details?id=com.clearone.collaborate

https://itunes.apple.com/us/app/collaborate-mobile/id824952324?mt=8

Yealink


Yealink VC Mobile is relatively new, but seems to work find with GnuGk, too.

https://play.google.com/store/apps/details?id=com.yealink.videophone

https://itunes.apple.com/de/app/yealink-vcm/id1114669846?mt=8

Radvision


There used to be an Android version of BeedHD, but now its only available for iOS.

https://itunes.apple.com/de/app/beehd/id639912661?mt=8


I have dropped Sony IPELA from the list, because their apps seem to hang up without any visible reason after a few seconds in the call.

Here is my older post about free mobile H.323 endpoints for reference.

Tuesday, May 31, 2016

GNU Gatekeeper 4.2

I'm happy to announce the release of GNU Gatekeeper 4.2.

Version 4.2 is mainly a bug fix release.

A bug in proxying H.239 connections through NAT has been fixes as well
as a number of possible crashes and a few other small bugs.

The main functional change is that GnuGk's old NAT traversal method is
now disabled by default. Everybody should use H.460.x. If you want keep
using the old NAT traversal method, you can re-enable it with

[RoutedMode]
EnableGnuGkNATTraversal=1

[Endpoint]
EnableGnuGkNATTraversal=1

You can download the new version from
http://www.gnugk.org/h323download.html

Please see the full change log below.

Enjoy!


Changes from 4.1 to 4.2
  • BUGFIX(ProxyChannel.cxx) fix H.239 forwarding issue in call where  only one side uses H.460.19
  • BUGFIX(configure.in) make sure LUA test fails for versions below 5.2
  • BUGFIX(gkh235.cxx) small fix with password auth
  • BUGFIX(ProxyChannel.cxx) apply codec filtering also to  receiveAndTransmit capabilities
  • BUGFIX(ProxyChannel.cxx) fix crash in RTP multiplexing
  • BUGFIX(ProxyChannel.cxx) fix crash when using H.245 tunneling translation
  • BUGFIX(gk.cxx) fix shutdown on NetBSD 7
  • BUGFIX(ProxyChannel.cxx) fix compile on NetBSD 7
  • new switch: [RoutedMode] FilterVideoFastUpdatePicture= to reduce the  number of update requests from endpoints
  • disable SSLv3 when using TLS
  • BUGFIX(ProxyChannel.cxx) fix crash in call cleanup
  • support ON and OFF event in LuaAcct
  • BUGFIX(sqlacct.*) implement ON and OFF event as documented
  • new switches [RoutedMode] EnableGnuGkNATTraversal=1 and [Endpoint]  EnableGnuGkNATTraversal=1 to keep GnuGk's old NAT traversal method enabled

Sunday, April 17, 2016

Please tell us what you think about the GNU Gatekeeper!

We are running a suvery to get feedback and ideas for the future development of the GNU Gatekeeper.

Please take a moment to answer a few short questions:

http://www.gnugk.org/survey-2016.html

Thanks for your time!

Wednesday, February 17, 2016

GNU Gatekeeper 4.1

I'm happy to announce the availability of GNU Gatekeeper 4.1.

This is mainly a bug fix release. If you are using GnuGk as a server in
a traversal zone or if you do H.239 presentations with Avaya endpoints,
you are strongly encouraged to update. This version also fixes a memory
leak that mainly affects long running gatekeepers with a lot of RAS
traffic. Some of the bugs were long standing, so if you skipped some
previous releases, this is really a good time to update.

The main new feature in this release is expanded LUA support.
Besides LUA authentication and LUA routing, there is now a LuaAcct
module that allows you to run a script on every accounting event of your
choice. Please see the updated manual for details.

You can download the new version from
http://www.gnugk.org/h323download.html

Please see the full change log below.

My support website https://www.willamowius.com also got a face lift.
Please check it out as well.

Enjoy!


Changes from 4.0 to 4.1

  • BUGFIX(ProxyChannel.cxx) fix crash processing Setup
  • BUGFIX(RasSrv.cxx) update IP/port of traversal neighbor on every SCI,  not only on IP changes
  • new status port command: PrintNeighbors
  • BUGFIX(ProxyChannel.cxx) fix H.239 inside multiplePayloadStream from  Avaya XT5000 with H.460.19
  • new accounting module: LuaAcct
  • LUA: new library "gnugk" to allow access to GnuGk functionality
  • BUGFIX(configure) set all detected options in gnugkbuildopts.h on Unix
  • BUGFIX(ProxyChannel.cxx) removing H.235 capabilities might have skipped items
  • BUGFIX(lua.cxx) initialize all LUA variables for LUA routing
  • status port configuration (MaxStatusClients, StatusEventBacklog, StatusEventBacklogRegex) now changable at runtime
  • BUGFIX(GkStatus.cxx) fix StatusEventBacklogRegex for patterns that start at the beginning of the event line
  • BUGFIX(ProxyChannel.cxx) use RealPresence Group 0-Byte keep-alive for IgnoreSignaledH239PrivateIPs (needs LARGE_FDSET to work)
  • new switches to set database connect and read timeout (only used by  MySQL for now)
  • new switch to set worker thread idle timeout: [Gatekeeper::Main] WorkerThreadIdleTimeout=
  • BUGFIX(gk.cxx) better test for gatekeeper shutdown
  • BUGFIX(Routing.cxx) fix fromIP for ARQ and LRQ RouteRequests
  • BUGFIX(gkauth.cxx) only call Q.931 checks when activated
  • BUGFIX(Routing.cxx) fix RouteRequest from unregistered caller who  doesn't provide any alias
  • new switch: [RoutedMode] DisableSettingUDPSourceIP=1