I can elaborate on what
@Melchieor and I did to get audio/video chat work in iChat AV. We used standard iChat AV with standard Logitech webcams. Most modern Logitech webcams seem to still be well supported on Tiger and Leopard. We were both running on Sorbet. I was using a Logitech Brio 4k with a PowerMac G4 Gigabit via a USB 2 PCI card and OS X automatically put it into a lower resulution mod. No special drivers. It just worked.
Getting iChat to work was a success with some caveats. We both set up Jabber accounts via
https://jabb.im. iChat AV in Leopard was able to connect to it with minimal effort and text chat worked perfectly.
To get audio/video chat working took some extra effort. Following
this old blog post we both setup up port forwards for:
- 5060 - UDP: SIP (Session Initiation Protocol)
- 5190 - TCP & UDP: AIM/iChat file transfert
- 5678 - UDP: SNATMAP server
- 16384-16403 - UDP: RTP/RTCP (Real-Time Transport Protocol)
This, however, wasn't quite enough. When it failed to connect, I did a tcpdump on my router and saw that my local IP (192.168.20.21) was attempt to connect to
@Melchieor's local IP (192.168.1.178). Obviously, there's no way that would work since the connection is traversing the Internet. It should have been going from my local IP to his WAN IP.
To test a work around I created separate NAT rules for each of the above ports that forwarded connections to his local IP as the destination (192.168.1.178) to his WAN IP instead. That worked! We successfully connected and have a video chat with decent (albiet a little grainy) quality.
Once we realized the problem, I started digging more into why iChat wasn't trying to initiate the connection between our WAN IPs. Again, this is where tcpdump comes in. Upon making a call, iChat makes an http request to
http://configuration.apple.com/configurations/macosx/ichat/1/snatmap.txt.
That file contains the URL of Apple's SNATMAP server (snatmap://snatmap.apple.com:5678). SNATMAP is Apple's service for determining each party's WAN IP. The problem in this case is that back then, plain HTTP worked fine. Now, that URL gives a 301 redirect to HTTPS that iChat chokes on.
To work around this I set up my own web server and added an entry in my /etc/hosts file that points configuration.apple.com to it. Then I copied the snatmap.txt file onto my web server where iChat expected to find it. When running iChat in debug mode with "/Applications/iChat.app/Contents/MacOS/iChat -errorLogLevel 7" I could see that it no longer errors when querying configuration.apple.com.
After that, we tried a call again while monitoring traffic. In wireshark we did see UDP queries to snatmap.apple.com:5678 (this didn't happen previously) but it was still attempting to connect my local IP to
@Melchieor's.
Where does this leave us? Short of reverse engineering how Apple's SNATMAP service works and figuring out what the response that iChatAV is looking for, I'm stuck. While we can successfully video conference, I was hoping to have a writeup on what to do without needing to create fancy NAT forwarding rules that forwards a mistaken local IP to the correct WAN IP. Needing to do that is limiting.
If anyone with more knowledge in this field is interested, I would love some help in taking this effort further.
