<div dir="ltr"><div>Hello Daniel,</div><div><br></div><div>I have forwarded the requested capture files to your private email address. Thanks!</div><div><br></div><div>Best regards,</div><div>George<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, 8 Jul 2020 at 13:06, Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com">miconda@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Can you send the pcap taken on kamailio server for such call
(with all request/replies)?</p>
<p>Cheers,<br>
Daniel<br>
</p>
<div>On 08.07.20 11:49, George
Diamantopoulos wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">
<div>Update: Disabling the topoh module on the proxy which
produces the error seems to stop the failure from
manifesting. I'll try using topos_redis instead, but should
this be treated as a bug?</div>
<div><br>
</div>
<div>BR,</div>
<div>George<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Wed, 8 Jul 2020 at 12:37,
George Diamantopoulos <<a href="mailto:georgediam@gmail.com" target="_blank">georgediam@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>Hello again,</div>
<div><br>
</div>
<div>Indeed $mb seems to contain garbage:</div>
<div><br>
</div>
<div style="margin-left:40px"><span style="font-family:monospace">SCRIPT_MB: ACK
<BC><EA><8F> SIP/2.0#015#012Via:
SIP/2.0/UDP
172.30.154.189;TH=dcv;branch=z9hG4bK629b.6af9302cd78dc58dffe817e60124f4ed.0#015#012Route:
<<a>sip:RJ2U2c7mrFzQjgG5SSvyE8RVS9omgAA=@</a><a href="http://172.30.155.1" target="_blank">172.30.155.1</a>;lr;received=<a>sip:2.2.2.2:32768;ob;r2=on</a>>,<<a>sip:RJ2U2c7mrFzQjgG5SSvyE8RVS9omgAA=@</a><a href="http://3.3.3.3" target="_blank">3.3.3.3</a>;lr;received=<a>sip:2.2.2.2:32768;ob;r2=on</a>>#015#012Max-Forwards:
68#015#012From: "Anonymous" <<a href="mailto:sip%3Aunknown@voip.domain.com" target="_blank">sip:unknown@voip.domain.com</a>>;tag=as4bc9e324#015#012To:
<<a href="mailto:sip%3Avoip-test-user-02@voip.domain.com" target="_blank">sip:voip-test-user-02@voip.domain.com</a>>;tag=jw7z5s0zvc#015#012Call-ID:
<a href="http://0138c6370346d1dd7f1b47f604b01f92@voip.domain.com#015%23012CSeq" target="_blank">0138c6370346d1dd7f1b47f604b01f92@voip.domain.com#015#012CSeq</a>:
102 ACK#015#012Content-Length: 0#015#012TH:
dch#015#012#015#012</span></div>
<div><span style="font-family:monospace"><br>
</span></div>
<div><span style="font-family:monospace"><font face="arial,sans-serif">How can this be possible?
Capturing traffic on wire shows the RURI I pasted in
my original message and there are no script
operations on the RURI before sanity_check()
(message buffer above is printed just before
sanity_check() is run in REQINIT).</font></span></div>
<div><span style="font-family:arial,sans-serif"><br>
</span></div>
<div><span style="font-family:arial,sans-serif">BR,</span></div>
<div><span style="font-family:monospace"><span style="font-family:arial,sans-serif">George</span><br>
</span></div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Wed, 8 Jul 2020 at
11:18, George Diamantopoulos <<a href="mailto:georgediam@gmail.com" target="_blank">georgediam@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>I'll post the message buffer ASAP, but in the
meantime I don't see how config operations could
affect the RURI. Here's everything that's happening
until the sanity check involved:</div>
<div><br>
</div>
<div><span style="font-family:monospace">request_route
{<br>
<br>
if(is_method("KDMQ")) {<br>
dmq_handle_message();<br>
}</span></div>
<div><span style="font-family:monospace"><br>
</span></div>
<div><span style="font-family:monospace"> # no
connect for sending replies<br>
set_reply_no_connect();<br>
<br>
if($ua =~
"friendly-scanner|sipcli|sipvicious|VaxSIPUserAgent")
{<br>
# silent drop for scanners - uncomment
next line if want to reply<br>
# sl_send_reply("200", "OK");<br>
exit;<br>
}<br>
<br>
if (!mf_process_maxfwd_header("10")) {<br>
force_rport();<br>
sl_send_reply("483","Too Many Hops");<br>
exit;<br>
}<br>
<br>
# OPTIONS and NOTIFYs directed to myself<br>
if(is_method("OPTIONS|NOTIFY") &&
uri==myself && $rU==$null) {<br>
force_rport();<br>
sl_send_reply("200","Keepalive");<br>
exit;<br>
}<br>
<br>
# All keep-alive methods regardless of
destination<br>
if ( $hdr(Event) == "keep-alive") {<br>
force_rport();<br>
sl_send_reply("200","Keepalive");<br>
exit;<br>
}<br>
<br>
if(!sanity_check("17895", "7")) {<br>
xlog("Malformed SIP request from
$si:$sp\n");<br>
exit;<br>
}</span></div>
<div><span style="font-family:arial,sans-serif"><br>
</span></div>
<div><span style="font-family:arial,sans-serif">BR,</span></div>
<div><span style="font-family:monospace"><span style="font-family:arial,sans-serif">George</span><br>
</span></div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Wed, 8 Jul 2020
at 10:58, Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Hello,</p>
<p>check your config operations, because the R-URI
seems to be the next string (without quotes):
"<BC><EA><8F>" <br>
</p>
<p>You can try to print $mb in such case to see
the entire SIP message buffer.</p>
<p>Cheers,<br>
Daniel<br>
</p>
<div>On 08.07.20 09:48, George Diamantopoulos
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>Hello Daniel,</div>
<div><br>
</div>
<div>Thanks for the reply. Indeed there is,
not sure how I managed to miss that. And it
wasn't about the schema after all:</div>
<div style="margin-left:40px">Jul 7 18:42:11
lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[909]: DEBUG: {1
<null> 172.30.154.189 102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- sanity [sanity.c:277]:
check_ruri_scheme(): check_ruri_scheme
entered<br>
Jul 7 18:42:11 lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[909]: DEBUG: {1
<null> 172.30.154.189 102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- <core>
[core/parser/parse_uri.c:1254]: parse_uri():
uri too short:
<<BC><EA><8F>> (3)<br>
Jul 7 18:42:11 lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[909]: DEBUG: {1
<null> 172.30.154.189 102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- <core>
[core/parser/parse_uri.c:1328]:
parse_sip_msg_uri(): bad uri
<<BC><EA><8F>><br>
Jul 7 18:42:11 lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[909]: WARNING: {1
<null> 172.30.154.189 102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- sanity [sanity.c:282]:
check_ruri_scheme(): failed to parse request
uri [<BC><EA><8F>]<br>
Jul 7 18:42:11 lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[909]: DEBUG: {1
<null> 172.30.154.189 102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- sanity [sanity_mod.c:254]:
w_sanity_check(): sanity checks result: 0<br>
Jul 7 18:42:11 lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[909]: ERROR: {1
<null> 172.30.154.189 102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- <script>: Malformed SIP request from
<a href="http://172.30.154.189:5060" target="_blank">172.30.154.189:5060</a></div>
<div style="margin-left:40px"><br>
</div>
<div>Still, not sure what the problem is
though...</div>
<div><br>
</div>
<div>BR,</div>
<div>George<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Wed, 8
Jul 2020 at 09:30, Daniel-Constantin Mierla
<<a href="mailto:miconda@gmail.com" target="_blank">miconda@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Hello,</p>
<p>when the ruri scheme check fails, there
should be another debug message saying
that. Have you pasted all log messages
for the failure case?</p>
<p>Cheers,<br>
Daniel<br>
</p>
<div>On 07.07.20 22:23, George
Diamantopoulos wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>Sorry, I realised I copy pasted
wrong log messages for Call 1.
Here's the relevant part showing
success for call 1 in contrast with
Call 2:</div>
<div><br>
</div>
<div style="margin-left:40px">grep
2a859fcc4e1c8f840191a81d7c16e76d
kamailio.log | egrep
'check_ruri_scheme|w_sanity_check' |
grep ACK<br>
Jul 7 18:42:11
lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[907]: DEBUG: {1
<null> 172.30.154.189 102 ACK
<a href="mailto:2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com" target="_blank">2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com</a>
- sanity [sanity.c:277]:
check_ruri_scheme():
check_ruri_scheme entered<br>
Jul 7 18:42:11
lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[907]: DEBUG: {1
<null> 172.30.154.189 102 ACK
<a href="mailto:2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com" target="_blank">2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com</a>
- sanity [sanity.c:297]:
check_ruri_scheme():
check_ruri_scheme passed<br>
Jul 7 18:42:11
lbpub0-stage-lhe0-cn1
/usr/sbin/kamailio[907]: DEBUG: {1
<null> 172.30.154.189 102 ACK
<a href="mailto:2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com" target="_blank">2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com</a>
- sanity [sanity_mod.c:254]:
w_sanity_check(): sanity checks
result: 1</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On
Tue, 7 Jul 2020 at 21:34, George
Diamantopoulos <<a href="mailto:georgediam@gmail.com" target="_blank">georgediam@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div>Hello all,</div>
<div><br>
</div>
<div>I'm not 100% sure this is the
only culprit in an issue I'm
investigating, but superficially
it appears that RURI scheme
sanity module checks from the
default config (flags <span><span></span>17895<span>
in REQINIT</span></span>)
fail if the RURI in an ACK
following a 487 includes
parameters. Example from two
calls from a kamailio instance
acting as registrar/usrloc
server, INVITE RURIs are after
usrloc lookup:<br>
</div>
<div><br>
</div>
<div>Call 1: INVITE <a href="http://sip:voip-test-gd@172.17.173.14:5063" target="_blank">sip:voip-test-gd@172.17.173.14:5063</a>
SIP/2.0</div>
<div>Call 2: INVITE <a>sip:voip-test-user-02@10.2.24.142:32768;line=moo62e08</a>
SIP/2.0</div>
<div><br>
</div>
<div>These INVITEs produce no
complaints. Later, the same
registrar produces ACKs to
acknowledge 487 (thus, same
transaction ACKs) responses from
the next proxy in the path
following a CANCEL:</div>
<div><br>
</div>
<div>Call 1: ACK <a href="http://sip:voip-test-gd@172.17.173.14:5063" target="_blank">sip:voip-test-gd@172.17.173.14:5063</a>
SIP/2.0</div>
<div>Call 2: ACK <a>sip:voip-test-user-02@10.2.24.142:32768;line=moo62e08</a>
SIP/2.0</div>
<div><br>
</div>
<div>The next proxy (which
produced/relayed the 487)
processes the ACK for Call 1
successfully, but sanity_check
at the proxy drops the request
for Call 2 with:</div>
<br>
<div>
<div style="margin-left:40px">DEBUG:
{1 <null> 172.30.154.189
102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- sanity [sanity.c:277]:
check_ruri_scheme():
check_ruri_scheme entered<br>
DEBUG: {1 <null>
172.30.154.189 102 ACK <a href="mailto:08679c4228983f9e65f3b47f767b6e07@voip.domain.com" target="_blank">08679c4228983f9e65f3b47f767b6e07@voip.domain.com</a>
- sanity [sanity_mod.c:254]:
w_sanity_check(): sanity
checks result: 0</div>
<div><br>
</div>
<div>whereas Call 1 seems OK:</div>
<div><br>
</div>
<div style="margin-left:40px">DEBUG:
{1 <null> 172.30.154.189
102 ACK <a href="mailto:2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com" target="_blank">2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com</a>
- sanity [sanity.c:305]:
check_required_headers():
check_required_headers entered<br>
DEBUG: {1 <null>
172.30.154.189 102 ACK <a href="mailto:2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com" target="_blank">2a859fcc4e1c8f840191a81d7c16e76d@voip.domain.com</a>
- sanity [sanity.c:313]:
check_required_headers():
check_required_headers passed</div>
<div><br>
</div>
<div>Could this be a bug in
sanity module? Is there
anything one can do in config
which could result in illegal
ACKs being produced for
hop-by-hop transactions?
schema appears to be sip: in
both cases...<br>
</div>
<div><br>
</div>
<div>Thank you. Best regards,<br>
</div>
<div>George</div>
</div>
</div>
</blockquote>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
Kamailio (SER) - Users Mailing List
<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<pre cols="72">--
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a>
Funding: <a href="https://www.paypal.me/dcmierla" target="_blank">https://www.paypal.me/dcmierla</a></pre>
</div>
</blockquote>
</div>
</blockquote>
<pre cols="72">--
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a>
Funding: <a href="https://www.paypal.me/dcmierla" target="_blank">https://www.paypal.me/dcmierla</a></pre>
</div>
</blockquote>
</div>
</blockquote>
</div>
</blockquote>
</div>
</div>
</blockquote>
<pre cols="72">--
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" target="_blank">www.linkedin.com/in/miconda</a>
Funding: <a href="https://www.paypal.me/dcmierla" target="_blank">https://www.paypal.me/dcmierla</a></pre>
</div>
</blockquote></div>