Confused about siproxd in 1.2.1-RC

  • Background: I am looking at using pfSense to handle two WAN links and deal properly with SIP traffic for an Asterisk box on my LAN. Currently I have a commercial "dual-Wan" box but it does not understand SIP so there are cases where audio fails (in particular ENUM calls from unregistered locations end up with the RTP packets attempting to go directly to/from ATAs located on the LAN when port mapping on the router/firewall will only allow them to/from the Asterisk box). So I am looking for a multiple WAN firewall/router that understands SIP and can properly deal with dynamically handling the RTP traffic that is setup by the SIP exchanges.

    According to pfSense will support siproxd starting with v1.2.1. And according several posts on this forum including,10084.0.html others have gotten it to work.

    However looking at my install from pfSense-1.2.1-RC2-Embedded.img from 20Nov2008 I see little evidence of support for siproxd: ps shows no daemon, there is reference to configuing siproxd in but it is checking for /usr/local/pkg/ which does not exist:

    pfsense:/usr/local/pkg#  ls
    carp.xml                miniupnpd.xml          openntpd.xml            openvpn_csc.xml
    carp_settings.xml      olsrd.xml              openvpn.xml            routed            openvpn_cli.xml        sasyncd.xml

    Nor does that file exist on the CVS on the pfSense developer's CVS tree at Finally, I see no files on the image that look like siproxd executables. Not being familiar with BSD, siproxy or pfSense I am not sure where they should be but I think this should have found something (the check for files with filter was to assure myself that this version of find worked as I am used to on Linux and/or Mac OSX):

    pfsense:/etc/inc#  find / -name 'sip'
    pfsense:/etc/inc#  find / -name 'filter'

    Do I have the correct disk image? If not where can I get one for an embedded target?

    Is siproxd actually on my image and I have missed it? If so, where is it?

    If not, is there a packaged form that is available for pfSense?


  • First of all, the embedded version does not support any packages. The reason for that is that many packages tend to write a lot of stuff to the hd, which is not healthy for your SSD. Second, I don't think you need siproxd for setting up your asterix box. Siproxd is only used if you have many different clients that want to connect to their individual sip account. As you have only one asterix box, you just need to open the necessary UDP ports and it should run.

  • Thank you for your clarification.

    If I could get Asterisk v1.4 to not attempt a "native-bridge" between my IP phones/ATAs and calls to/from ENUM listed destinations I would not need this (calls to/from my ITSP work fine as I can specify NAT and/or "reinvite" values for those contexts). I have been searching out that end of a solution too. All this works on my Astrisk v1.2 setup but I want to move to Asterisk v1.4 for a variety of reasons.

    Good to know that embedded pfSense does not support packages. I missed finding that information in my searching.

    It looks like m0n0wall supports siproxd so I guess that can be configured to run without too much I/O to the HD. But it sure does not look like I can use m0n0wall for my multiple WAN setup. The search continues….

  • You will have to tweak the nat settings on your asterisk server, and play with things a bit, but you can definitely get this working with pfsense, and I don't believe siproxd will be necessary for your situation.  See here for some static port settings that may help:,12830.0.html and make sure your phones are set to reinvite=no.

Log in to reply