Packetizer Forums: GNU Gatekeeper (GnuGk)2024-02-19T18:08:17ZPacketizer Forumshttps://forums.packetizer.com/webmaster@packetizer.comhttps://forums.packetizer.com/feeds/?f=47Copyright (C) 2024 Packetizer, Inc. All Rights Reserved.Packetizer ATOM/RSS Feed Generatorhttps://www.packetizer.com/rss/images/packetizer.pnghttps://forums.packetizer.com/images/packetizer_icon.pngwillamowiusGNU Gatekeeper 5.12https://forums.packetizer.com/viewtopic.php?f=47&t=1765&p=3409#p34092024-02-19T18:08:17Z2024-02-19T18:08:17Z<div>GNU Gatekeeper version 5.12 has been released.<br/>
<br/>
Another important bug in the handling of the ExternalIP switch has been fixed as well as Y2K38 issues.<br/>
<br/>
This release also adds features:<br/>
- support for Oracle databases<br/>
- easier cloud deployment with IP detection with STUN<br/>
- better load scaling by mixing proxied with direct mode endpoints in a single gatekeeper<br/>
- Windows 64bit executables with VS2022<br/>
<br/>
<br/>
All changes and additions:<br/>
- enable more runtime hardening flags from OpenSSF recommendation 11/2023<br/>
- fix bug with H.245 address when using ExternalIP= switch without H.460.18/.19<br/>
- auto-detect public IP with ExternalIP=STUN and STUNServer=stun.example.com<br/>
- compiler support for VS2022<br/>
- new database driver for Oracle and new timestamp format 'Oracle'<br/>
- new switch [EP::xxx] ForceDirectMode=1 to handle all calls from this endpoint in direct mode<br/>
- BUGFIX(RasSrv.cxx, gkauth.cxx) make sure time_t is handled unsigned to avoid Y2K38 issue<br/>
- BUGFIX(ProxyChannel.cxx) check for too small packets when acting as encryption proxy<br/>
<br/>
Download from <a href="https://www.gnugk.org/h323download.html"><s>[url]</s>https://www.gnugk.org/h323download.html[/url]</a></div>willamowiusGNU Gatekeeper 5.9https://forums.packetizer.com/viewtopic.php?f=47&t=1478&p=2983#p29832021-12-03T14:51:57Z2021-12-03T14:51:57Z<div>GNU Gatekeeper version 5.9 has been released.<br/>
<br/>
Download: <a href="https://www.gnugk.org/h323download.html"><s>[url]</s>https://www.gnugk.org/h323download.html[/url]</a><br/>
<br/>
New features:<br/>
- new switches [Proxy] CachePortDetection=1 and<br/>
CachePortDetectionDuration= to cache port detection packets<br/>
for faster media connects when IgnoreSignaledIPs= is active<br/>
- new switch: [EP::] ForceTerminalType=<br/>
- new place holder for port notifications: %t for port type<br/>
- experimental: better error recovery if multiplexed RTP sending fails<br/>
<br/>
Bug fixes:<br/>
- fix bug in port detection with AllowSignaledIPsFrom=<br/>
- when DNS name resolves to IP without alias, remove alias from ACF completely (Cisco interop)<br/>
- remove RTP session 0 from internal tables once H.245 master has assigned a session ID<br/>
- fix compilation of Avaya support<br/>
- initialized cmsg struct to zero before using<br/>
- fix regression introduced with MatchH239SessionsByIDOnly= switch<br/>
<br/>
If you want a say what goes into the next version, please head over to<br/>
<a href="https://www.gnugk.org/survey-2021.html"><s>[url]</s>https://www.gnugk.org/survey-2021.html[/url]</a> and give us some feedback!</div>willamowiusGNU Gatekeeper 5.7https://forums.packetizer.com/viewtopic.php?f=47&t=1460&p=2927#p29272021-03-04T21:04:18Z2021-03-04T21:04:18Z<div>This version has some important bug fixes, improves interoperability<br/>
with other vendors and also has a few new features.<br/>
<br/>
Bug fixes:<br/>
- several severe crashes and a few memory leaks have been fixed<br/>
<br/>
Improved interoperability with:<br/>
- Lifesize endpoints<br/>
- Poly's Microsoft Teams gateway<br/>
- Polycom RealPresence Capture Server<br/>
<br/>
New features:<br/>
- You get a warning in the GUI / on the status port if one of your endpoints has an incorrect time setting and this password authentication fails. This makes trouble shooting a lot easier.<br/>
<br/>
- Invalid TPKT packets (eg. due to network errors) now don't necessarily take down an otherwise healthy call. Use the new AbortOnInvalidTPKT=0 switch to enable.<br/>
<br/>
- You have a new %{Vendor} variable for SqlAuth RegQuerys and LuaAuth<br/>
<br/>
<br/>
Full change log:<br/>
<br/>
- BUGFIX(ProxyChannel.cxx) fix crash on non-standard H.245 Indication from Polycom RealPresence Capture Server<br/>
- BUGFIX(ProxyChannel.cxx) fix possible crashes on non-standard generic information in OLCs<br/>
- print warning message on status port when passwords get rejected due to wrong time<br/>
- BUGFIX(httpacct.cxx) fix memory leak<br/>
- BUGFIX(ProxyChannel.cxx) fix possible crash<br/>
- BUGFIX(gk.cxx) avoid crash when terminating in the middle of program startup, set non-zero exit code so restarter notices error<br/>
- return unused memory back to OS periodically<br/>
- new switch: [RoutedMode] AbortOnInvalidTPKT=0 for more graceful handling of network errors<br/>
- BUGFIX(gk.cxx) fix for running on Alpine Linux (needs updated PTLib, too)<br/>
- don't start GnuGk if RTP multiplexing is configured, but we can't start the listener<br/>
- new switch: [RoutedMode] MatchH239SessionsByType=0 to fix presentations with LifeSize endpoints over Poly's Microsoft Teams gateway<br/>
- BUGFIX(ProxyChannel.cxx) make sure we don't set RTP address on multiplexed RTCP keepalive<br/>
- BUGFIX(RasSrv.cxx) look at all tokens for H.235.TSSM<br/>
- add %{Vendor} variable for SqlAuth RegQuery and LuaAuth</div>willamowiusGNU Gatekeeper 5.4 releasedhttps://forums.packetizer.com/viewtopic.php?f=47&t=1421&p=2845#p28452020-01-07T12:44:53Z2020-01-07T12:44:53Z<div>I am happy to announce the release of GNU Gatekeeper 5.4.<br/>
<br/>
You can download it from <a href="https://www.gnugk.org/h323download.html"><s>[url]</s>https://www.gnugk.org/h323download.html[/url]</a><br/>
<br/>
New features:<br/>
- new accounting module to send accounting data to an MQTT server<br/>
- support for redis as database (eg. as backend for password storage)<br/>
<br/>
Bug fixes:<br/>
- important fix for H.245 tunneling translation with H.460.18 endpoints<br/>
- fix for snmpwalk in PTLib-SNMP implementation<br/>
- fix sending alternate gatekeeper list to endpoints with assigned gatekeeper<br/>
- improved DRQ from child gatekeepers<br/>
- fix TLS with neighbor gatekeeper<br/>
<br/>
<br/>
Please also note that a bug has been found in PTLib that can cause a<br/>
crash in any GnuGk version if you use the status port (manually of from<br/>
an application). Please upgrade to PTLib 2.10.9.3!<br/>
<br/>
Get PTLib and H323Plus from <a href="https://www.h323plus.org/source/"><s>[url]</s>https://www.h323plus.org/source/[/url]</a></div>willamowiusGNU Gatekeeper 5.3https://forums.packetizer.com/viewtopic.php?f=47&t=1332&p=2748#p27482019-10-30T14:37:38Z2019-10-30T14:37:38Z<div>GNU Gatekeeper 5.3 is out!<br/>
<br/>
You can download it from <a href="https://www.gnugk.org/h323download.html"><s>[url]</s>https://www.gnugk.org/h323download.html[/url]</a><br/>
<br/>
This release has a number of new features as well as some important bug<br/>
fixes.<br/>
<br/>
Whats new ?<br/>
<LIST><s>[list]</s>
<LI><s>[*]</s> LRQ loop detection to optimize calls flows between multiple<br/>
neighbor gatekeepers<br/>
This new feature has the potential to significantly reduce the load<br/>
on all gatekeepers and prevent "LRQ storms".</LI>
<LI><s>[*]</s> new routing policy to set call destinations by querying HTTP<br/>
or REST servers, see [Routing::Http]</LI>
<LI><s>[*]</s> much improved support for SNMP</LI>
<LI><s>[*]</s> important bug fix for TLS encryption of signaling channels</LI>
<LI><s>[*]</s> important bug fixes for H.460.18 (for H.245 tunneling and for<br/>
multi-homed servers)</LI>
<LI><s>[*]</s> performance optimization: this version can handle 5-10% more proxied<br/>
calls on the same hardware</LI>
<LI><s>[*]</s> performance optimization: re-authenticate lightweight, additive<br/>
registrations only when new aliases differ<br/>
This significantly reduces the load on password databases.</LI>
[/list]</LIST>
Blog post: <a href="https://blog.gnugk.org/2019/07/gnu-gatekeeper-5-3.html"><s>[url]</s>https://blog.gnugk.org/2019/07/gnu-gatekeeper-5-3.html[/url]</a><br/>
<br/>
Enjoy!</div>willamowiusGNU Gatekeeper 5.1https://forums.packetizer.com/viewtopic.php?f=47&t=1292&p=2683#p26832019-01-07T07:32:22Z2019-01-07T07:32:22Z<div>I have released GNU Gatekeeper version 5.1.<br/>
<br/>
You can download it from <a href="https://www.gnugk.org/h323download.html"><s>[url]</s>https://www.gnugk.org/h323download.html[/url]</a><br/>
<br/>
The main new feature in this release is H.245 multiplexing.<br/>
Together with the long supported RTP multiplexing it allows GnuGk to<br/>
handle a large amount of calls from H.460 endpoints using just 5<br/>
ports total.<br/>
<br/>
Whats new ?<br/>
<br/>
- support for H.245 multiplexing with H.460.18:<br/>
[RoutedMode] EnableH245Multiplexing=1, H245MultiplexPort=1722<br/>
- improved interop with Lifesize Icon (H.235), Scopia VC240 (H.460.18)<br/>
and Yealink Mobile (H.460.19)<br/>
- improved detection of neighbor gatekeeper availability<br/>
- public IP detection for Google Cloud<br/>
- new feature to let GnuGk send an event if port detection fails<br/>
<br/>
There were also a number of bug fixes, please see changes.txt or the<br/>
blog post:<br/>
<a href="https://blog.gnugk.org/2019/01/gnu-gatekeeper-5-1.html"><s>[url]</s>https://blog.gnugk.org/2019/01/gnu-gatekeeper-5-1.html[/url]</a><br/>
<br/>
Enjoy!</div>willamowiusGNU Gatekeeper 3.9 releasedhttps://forums.packetizer.com/viewtopic.php?f=47&t=574&p=1654#p16542015-07-10T16:16:31Z2015-07-10T16:16:31Z<div>GnuGk 3.9 is out now.<br/>
<br/>
Release Notes:<br/>
<a href="http://blog.gnugk.org/2015/07/gnu-gatekeeper-39-released.html">http://blog.gnugk.org/2015/07/gnu-gatekeeper-39-released.html</a><br/>
<br/>
Download:<br/>
<a href="http://www.gnugk.org/h323download.html">http://www.gnugk.org/h323download.html</a></div>willamowiusGNU Gatekeeper 3.2https://forums.packetizer.com/viewtopic.php?f=47&t=313&p=910#p9102013-01-15T17:02:03Z2013-01-15T17:02:03Z<div>Dear community,<br/>
<br/>
I'm happy to announce the availability of GNU Gatekeeper 3.2. This is<br/>
the first version released by Relaxed Communications GmbH, the company I<br/>
recently founded to provide consulting and support for GnuGk.<br/>
<br/>
Version 3.2 has a few new features and many bugfixes, especially for<br/>
those of you with a lot of calls. There are executables for Linux,<br/>
Windows, FreeBSD, NetBSD and OpenBSD.<br/>
<br/>
<a href="http://www.gnugk.org/gnugk-3.2.html"><s>[url]</s>http://www.gnugk.org/gnugk-3.2.html[/url]</a><br/>
<br/>
New Features:<br/>
<br/>
The most important new feature in my view is the ability to have<br/>
multiple instances of routing policies with different configuration.<br/>
Another very important feature is support for additive registrations.<br/>
<br/>
Here is the full list:
<LIST><s>[list]</s>
<LI><s>[*]</s> allow multiple instances of routing policies with different settings (currently works for sql, enum, srv, dns, numberanalysis, lua, forwarding)</LI>
<LI><s>[*]</s> support for additive registration for gateways, new switch [RasSrv::RRQFeatures] EnableAdditiveRegistration</LI>
<LI><s>[*]</s> new Alias SQL variable "Additive-RRQ"</LI>
<LI><s>[*]</s> new [Gatekeeper::Main] TTLExpireDropCall switch to prevent calls being dropped due to registration timeout</LI>
<LI><s>[*]</s> added AssignedGatekeeper support to child gatekeeper</LI>
<LI><s>[*]</s> new [Routing::Sql] EnableRegexRewrite switch to support basic regex rewrite in SQL queries</LI>
<LI><s>[*]</s> new switch [RoutedMode] RemoveH245AddressFromSetup=</LI>
<LI><s>[*]</s> improved speed of H.460.19 port detection</LI>
<LI><s>[*]</s> new ACF status item for media routing for calls</LI>
<LI><s>[*]</s> extend [RasSrv::PermanentEndpoints] to support vendor information on gateways</LI>[/list]</LIST>
Please see changes.txt in the download archives for details on the bug<br/>
fixes.<br/>
<br/>
Regards,<br/>
Jan</div>willamowiusGNU Gatekeeper 3.0https://forums.packetizer.com/viewtopic.php?f=47&t=224&p=595#p5952012-01-04T14:10:37Z2012-01-04T14:10:37Z<div>I'm pleased to announce GnuGk 3.0.<br/>
<br/>
You can download the new version at<br/>
<a href="http://www.gnugk.org/h323download.html">http://www.gnugk.org/h323download.html</a><br/>
<br/>
New features:
<LIST><s>[list]</s>
<LI><s>[*]</s>full traversal zone support (gatekeeper-to-gatekeeper H.460.18/.19)<br/>
Now you can place one GnuGk behind a firewall and let it tunnel out<br/>
the calls for all other devices behind the firewall eg. to a VCS or<br/>
to another GnuGk.<br/>
This was probably the most request feature in the past.</LI>
<LI><s>[*]</s>full IPv6 support (incl. IPv4-IPv6 proxying)<br/>
With the proxy function, you can let GnuGk manage a network of IPv6<br/>
endpoints and connect them to the IPv4 network or make legacy<br/>
endpoints reachable for IPv6 calls.</LI>
<LI><s>[*]</s>RTP multiplexing (all calls to and from devices supporting H.460.19<br/>
will only use 2 sockets total)</LI>
<LI><s>[*]</s>rewrite destination IPs into aliases</LI>
<LI><s>[*]</s>ENUM, SRV and RDS routing policies extended for LRQs, in case the<br/>
calling gatekeeper isn't able to do this</LI>
<LI><s>[*]</s>notifications when GnuGk opens listen ports<br/>
This allows you to update firewall rules on the fly, so you only have<br/>
the minimum amount of ports open.</LI>
<LI><s>[*]</s>improved H.235 password authentication with neighbors</LI>
<LI><s>[*]</s>massive performance improvement when (re-)loading large numbers of GW<br/>
rewrites</LI>
<LI><s>[*]</s>interop fixes for Polycom m100 and Sorenson endpoints</LI>
<LI><s>[*]</s>fixes in the underlying libraries so *BSD systems can get the latest<br/>
GnuGk features</LI>
<LI><s>[*]</s>a few bug fixes</LI>[/list]</LIST>
We provide executables for Linux (32 and 64 bit), Windows, MacOS X,<br/>
FreeBSD, OpenBSD, NetBSD and Solaris.</div>willamowiusGNU Gatekeeper 2.3.5https://forums.packetizer.com/viewtopic.php?f=47&t=173&p=421#p4212011-08-02T19:20:43Z2011-08-02T19:20:43Z<div>GNU Gatekeeper version 2.3.5 has been released.<br/>
<a href="http://www.gnugk.org/gnugk-2-3-5.html"><s>[url]</s>http://www.gnugk.org/gnugk-2-3-5.html[/url]</a><br/>
<br/>
The highlights of the new version are:<br/>
<br/>
- H.350 LDAP directory support<br/>
Now you can point the gatekeeper to a H.350 directory and assign<br/>
endpoints aliases, a gatekeeper or let them do white-page lookups on<br/>
the H.350 directory.<br/>
<br/>
- QoS monitoring<br/>
The new version supports H.460.9 and will collect QoS data from the<br/>
endpoints. For endpoints that don't support QoS reporting, it<br/>
can sniff the RTP statistics for the calls routed through the<br/>
gatekeeper to obtain QoS data. The collected QoS data is made<br/>
available to other applications through the Radius or telnet<br/>
interface.<br/>
<br/>
- SSH security<br/>
The telnet interface for applications can now be secured with ssh.<br/>
<br/>
- H.460.18/.19 firewall traversal<br/>
The traversal code got a major rewrite that has fixed a number of<br/>
interoperability issues.<br/>
<br/>
- Call failover<br/>
The call failover mechanism was extended so now failing calls can be<br/>
re-routed to a pre-defined operator position ('CatchAll endpoint').<br/>
Call failover is also now able to recover more error conditions than<br/>
before.<br/>
<br/>
- much better checking of the config file for misspellings or obsolete<br/>
settings (Fortytwo=42 is now obsolete)<br/>
<br/>
- support for sending RIP messages<br/>
<br/>
- improved VCS interoperability<br/>
<br/>
See Changelog (changes.txt) for full details:<br/>
<a href="http://openh323gk.cvs.sourceforge.net/viewvc/openh323gk/openh323gk/changes.txt?revision=1.607">http://openh323gk.cvs.sourceforge.net/viewvc/openh323gk/openh323gk/changes.txt?revision=1.607</a><br/>
<br/>
Regards,<br/>
Jan</div>willamowiusGNU Gatekeeper 2.3.4https://forums.packetizer.com/viewtopic.php?f=47&t=116&p=227#p2272011-01-04T15:25:31Z2011-01-04T15:25:31Z<div>GNU Gatekeeper version 2.3.4 has been released.<br/>
<br/>
This is a bugfix release, mainly for bandwidth management, H.460.18 and proxy mode selection.<br/>
<br/>
See the release notes at <a href="http://www.gnugk.org/gnugk-2-3-4.html"><s>[url]</s>http://www.gnugk.org/gnugk-2-3-4.html[/url]</a> for details.</div>willamowiusGNU Gatekeeper 2.3.3https://forums.packetizer.com/viewtopic.php?f=47&t=62&p=123#p1232010-11-07T23:48:26Z2010-11-07T23:48:26Z<div>Hi,<br/>
<br/>
the new GNU Gatekeeper release 2.3.3 is now available:<br/>
<a href="http://www.gnugk.org/gnugk-2-3-3.html">http://www.gnugk.org/gnugk-2-3-3.html</a><br/>
<br/>
New features (gatekeeper configuration):<br/>
<br/>
- all executables now contain all database drivers: MySQL, PostgreSQL, ODBC, SQLite and Firebird!<br/>
- much improved bandwidth management for registered endpoints per endpoint and per call<br/>
- configure alternate gatekeepers per endpoint IP range with [RasSrv::AlternateGatekeeper]<br/>
- call routing by destination IP with [Routing::Explicit]<br/>
- gatekeeper-based TCS=0 call transfer: activated through H.450.2 emulator or status port (experimental)<br/>
- H.450.2 emulator extended for unregistered calls<br/>
- new switch: [CTI::MakeCall]TransferMethod=<br/>
- BMV, a web front-end for SQLBill (in contrib/bmv2/)<br/>
- configure where to send RAS replies with [ReplyToRasAddress]<br/>
- ignore a 2nd column in SQL routing if it equals "IGNORE"<br/>
- display H323Plus and PTLib version in GnuGk's version string<br/>
- documented [RoutedMode] EnableH460P= and H460PActThread=<br/>
switches<br/>
<br/>
New features (API):<br/>
<br/>
- extended status port commands RouteToAlias, RouteToGateway, BindAndRouteToGateway with caller-ID parameter<br/>
- updated status port command: TransferCall by call-id and with transfer method<br/>
- new status port command RerouteCall (experimental)<br/>
- new status port command: DisconnectCallId<br/>
- added vendor string in RouteRequest event<br/>
- document status port command: DisconnectEndpoint<br/>
<br/>
Config changes:<br/>
<br/>
- change to the format of [Gatekeeper::Main] AlternateGKs=<br/>
<br/>
Bug fixes:<br/>
<br/>
- apply ENUM policy also to Setup and Facility messages<br/>
- fix multicast discovery<br/>
- fix crash on failover with DisableRetryChecks=1<br/>
- avoid bug in H323Plus so H.460.19 feature indicator can be removed<br/>
- disregard IPv6 addresses if the machine has any<br/>
- DisconnectIP now disconnects all calls on the IP as specified<br/>
- fix crash when setting a non-writable trace file in the config file<br/>
- signal change of destination alias in parent policy<br/>
- don't accept new calls or retry calls when shutdown is in progress, avoids possible crash<br/>
- check if routing policies have been configured, before using them<br/>
- only rewrite sourceCallSignalAddress if proxying<br/>
- fix NAT detection for unregistered callers<br/>
- fire unregister event also when endpoint expired<br/>
- fix order of home IPs</div>