Hi everybody,
It seems that i'm having a problem with my user authentication.
I did the following. Added two users at ser
# serctl add 1234 1234 1234(a)192.168.4.10
# serctl add 4321 1234 4321(a)192.168.4.10
I've checked my ser databases at subscriber table and the users were there the way I did.
I've configured my ser.cfg with mysql.so (which I use for my users database), so as the auth modules auth.so and auth_db.so. MySQL is running, without errors, i've already created ser tables with ser_mysql.sh, the database and the tables were created without further problems.
When I try to run ser with the default ser.cfg, my users get authenticated but when I use my ser.cfg configured with auth modules and mysql.so, they don't.
When my equipament is trying to auth at ser, it gives me first a "401 Unauthorized" because the fist clear text password sent, and then it gives me "500 Server Internal Error" the Erros are attached below
------------ Errors -------------------
Sending SIP PDU to ( 192.168.4.10:5060 ) from 5060
REGISTER sip:192.168.4.10 SIP/2.0
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a43
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 3 REGISTER
Date: Thu, 01 Jan 1970 00:00:00 GMT
User-Agent: AddPac SIP Gateway
Contact: sip:1234@192.168.14.30
Expires: 3600
Content-Length: 0
Max-Forwards: 70
AP160(config-sip-ua)#
Received SIP PDU from ( 192.168.4.10:5060 )
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a43
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10;tag=f967824f7e9189ff49a9fc75e4ea4f1c.cb2a
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 3 REGISTER
WWW-Authenticate: Digest realm="192.168.4.10",
nonce="3ee75c005bedc1108e8c7db3c737
4b74140e97c4"
Server: Sip EXpress router (0.8.14 (i386/linux))
Content-Length: 0
Warning: 392 192.168.4.10:5060 "Noisy feedback tells: pid=3788
req_src_ip=192.168
.14.30 req_src_port=5060 in_uri=sip:192.168.4.10 out_uri=sip:192.168.4.10
via_cnt==1"
Sending SIP PDU to ( 192.168.4.10:5060 ) from 5060
REGISTER sip:192.168.4.10 SIP/2.0
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a44
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 4 REGISTER
Date: Thu, 01 Jan 1970 00:00:00 GMT
User-Agent: AddPac SIP Gateway
Authorization: Digest username="1234", realm="192.168.4.10",
nonce="3ee75c005bedc1
108e8c7db3c7374b74140e97c4", uri="sip:192.168.4.10",
response="33ef4638b299ca839d5
d03240822aeca", algorithm=MD5
Contact: sip:1234@192.168.14.30
Expires: 3600
Content-Length: 0
Max-Forwards: 70
Received SIP PDU from ( 192.168.4.10:5060 )
SIP/2.0 500 Server Internal Error
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a44
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10;tag=f967824f7e9189ff49a9fc75e4ea4f1c.306d
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 4 REGISTER
Server: Sip EXpress router (0.8.14 (i386/linux))
Content-Length: 0
Warning: 392 192.168.4.10:5060 "Noisy feedback tells: pid=3789
req_src_ip=192.168
.14.30 req_src_port=5060 in_uri=sip:192.168.4.10 out_uri=sip:192.168.4.10
via_cnt==1"
------------------------------------------------------------------
At the moment I'm just testing the authentication features, before the routing ones, so my main problem is with it.
What am I doing wrong ? I've attached my current ser.cfg configuration for more information.
Thanks in advance.
--
Felipe Martins
Linux System Administrator
Tep Solution Provider
Mundivox Communications
Rua Lauro Muller, 116/Sala 505
RJ - Brasil - 22290-906
Tel.: 55 21 3820-8839
Fax.: 55 21 3820-8844
Hi everybody,
It seems that i'm having a problem with my user authentication.
I did the following. Added two users at ser
# serctl add 1234 1234 1234(a)192.168.4.10
# serctl add 4321 1234 4321(a)192.168.4.10
I've checked my ser databases at subscriber table and the users were there the way I did.
I've configured my ser.cfg with mysql.so (which I use for my users database), so as the auth modules auth.so and auth_db.so. MySQL is running, without errors, i've already created ser tables with ser_mysql.sh, the database and the tables were created without further problems.
When I try to run ser with the default ser.cfg, my users get authenticated but when I use my ser.cfg configured with auth modules and mysql.so, they don't.
When my equipament is trying to auth at ser, it gives me first a "401 Unauthorized" because the fist clear text password sent, and then it gives me "500 Server Internal Error" the Erros are attached below
------------ Errors -------------------
Sending SIP PDU to ( 192.168.4.10:5060 ) from 5060
REGISTER sip:192.168.4.10 SIP/2.0
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a43
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 3 REGISTER
Date: Thu, 01 Jan 1970 00:00:00 GMT
User-Agent: AddPac SIP Gateway
Contact: sip:1234@192.168.14.30
Expires: 3600
Content-Length: 0
Max-Forwards: 70
AP160(config-sip-ua)#
Received SIP PDU from ( 192.168.4.10:5060 )
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a43
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10;tag=f967824f7e9189ff49a9fc75e4ea4f1c.cb2a
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 3 REGISTER
WWW-Authenticate: Digest realm="192.168.4.10",
nonce="3ee75c005bedc1108e8c7db3c737
4b74140e97c4"
Server: Sip EXpress router (0.8.14 (i386/linux))
Content-Length: 0
Warning: 392 192.168.4.10:5060 "Noisy feedback tells: pid=3788
req_src_ip=192.168
.14.30 req_src_port=5060 in_uri=sip:192.168.4.10 out_uri=sip:192.168.4.10
via_cnt==1"
Sending SIP PDU to ( 192.168.4.10:5060 ) from 5060
REGISTER sip:192.168.4.10 SIP/2.0
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a44
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 4 REGISTER
Date: Thu, 01 Jan 1970 00:00:00 GMT
User-Agent: AddPac SIP Gateway
Authorization: Digest username="1234", realm="192.168.4.10",
nonce="3ee75c005bedc1
108e8c7db3c7374b74140e97c4", uri="sip:192.168.4.10",
response="33ef4638b299ca839d5
d03240822aeca", algorithm=MD5
Contact: sip:1234@192.168.14.30
Expires: 3600
Content-Length: 0
Max-Forwards: 70
Received SIP PDU from ( 192.168.4.10:5060 )
SIP/2.0 500 Server Internal Error
Via: SIP/2.0/UDP 192.168.14.30:5060;branch=z9hG4bK9307c100a44
From: <sip:1234@192.168.4.10>;tag=9307c100a4
To: sip:1234@192.168.4.10;tag=f967824f7e9189ff49a9fc75e4ea4f1c.306d
Call-ID: 93526c07-ec2e-c1aa-8000-0002a40052bc(a)192.168.14.30
CSeq: 4 REGISTER
Server: Sip EXpress router (0.8.14 (i386/linux))
Content-Length: 0
Warning: 392 192.168.4.10:5060 "Noisy feedback tells: pid=3789
req_src_ip=192.168
.14.30 req_src_port=5060 in_uri=sip:192.168.4.10 out_uri=sip:192.168.4.10
via_cnt==1"
------------------------------------------------------------------
At the moment I'm just testing the authentication features, before the routing ones, so my main problem is with it.
What am I doing wrong ? I've attached my current ser.cfg configuration for more information.
Thanks in advance.
--
Felipe Martins
Linux System Administrator
Tep Solution Provider
Mundivox Communications
Rua Lauro Muller, 116/Sala 505
RJ - Brasil - 22290-906
Tel.: 55 21 3820-8839
Fax.: 55 21 3820-8844
-----BEGIN PGP SIGNED MESSAGE-----
Hash: MD5
Hello!
I have installed with mysql support and works fine. Now, I want to
make the user auth on it to redirect to the provider sip server. They
need to auth on it but I want ser to get the auth too to know in every
moment which users are connected and the status of their calls.
I have been reading the docs and don't find how to do that. Could you
give me some help?
Thanks.
-----BEGIN PGP SIGNATURE-----
Version: 2.6
iQEVAwUAQcf9/3HoJ4bX5QlXAQHPzAgAwthefyFR/fbYE+wrrQaaHaD7ZQ0QnuKJ
3bBQ0z6/HZMNAkvM7vs6f2KG9nZ4Z+DkgZoG31Ob8DgS8a6hFQUvWgCPQV0pCIAn
3ivvTwK6wcC+vialroBkTDb2BwJVWgOqT7ZCK1AYucoKQLo0wLPtceKSE2S6cUkr
xr0PjbiMrycV5myb1BJmmDJmdV/UIeVxqqHMBd50zNn8TLmAUKyd4qdg/ZA4pjTY
h3iFR9lEdcq30bb+Ozu5nZ6U5x3dL8ADjk/NxstOalS9yB+0KDbY4b/K7VG5TQg7
vN7Jh1B2AGj1w4xsOR/8sEKu6cQ+CHKm77a5RaNMMW59/eEKiOOhXg==
=NoPb
-----END PGP SIGNATURE-----
Hi all,
i'm trying to use SER with Radius auth for users. First i've tried to use IT
with MySQL Auth and all works well so i decide to recompile all with Radius
support and try in that way.
I'm using FreeRadius with radiusclient and, after some tries, i'm able to
compile SER with Radius support (following SER Radius Howto). Then i modify
ser.conf in that way:
root@cerberus:/usr/local/etc/ser# cat ser.cfg
#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
#loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# RADIUS
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
loadmodule "/usr/local/lib/ser/modules/group_radius.so"
#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
# ----------------- setting module-specific parameters ---------------
#
modparam("auth_radius","radius_config","/usr/local/etc/radiusclient/radiusclient.conf")
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
#modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
modparam("acc", "log_level", 1)
modparam("acc", "radius_flag", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
record_route();
# loose-route processing
if (loose_route()) {
t_relay();
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
if (!radius_www_authorize("")) {
www_challenge("", "0");
break;
};
save("location");
break;
};
lookup("aliases");
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
if (!t_relay()) {
sl_reply_error();
};
}
root@cerberus:/usr/local/etc/ser#
but SER don't want to start !
When i do ser -c i have:
root@cerberus:/usr/local/etc/ser# ser -c
0(8766) WARNING: could not rev. resolve 192.168.1.203
Listening on
127.0.0.1 [127.0.0.1]:5060
192.168.1.203 [192.168.1.203]:5060
Aliases: localhost:5060
config file ok, exiting...
root@cerberus:/usr/local/etc/ser#
N.B.: (i'm trying to use it in a closed environment)
but when i launch it:
root@cerberus:/usr/local/etc/ser# ser
Listening on
127.0.0.1 [127.0.0.1]:5060
192.168.1.203 [192.168.1.203]:5060
Aliases: localhost:5060
root@cerberus:/usr/local/etc/ser#
i have, in /var/log/syslog, that message:
Dec 21 12:30:07 cerberus ser: WARNING: could not rev. resolve 192.168.1.203
and nothing else. SER is not running:
root@cerberus:/usr/local/etc/ser# ps -ax | grep ser -
8788 pts/1 S+ 0:00 grep ser -
root@cerberus:/usr/local/etc/ser#
Someone can help me ?
Thanks ! Oz
--
------
O-Zone ! www.zerozone.it
Hi!
I've some troubles with the radius authentication. If the radius
authentication takes longer than 0.5 secondes, the client retransmits
the message and causes another radius request. I tried to catch the
retransmissions using t_newtran (ser.cfg snippet at the end of this email).
This works fine for messages with credentials, but for the initial
REGISTER messages (without credentials), which will be answered by
www_challenge(), this causes the following warning:
WARNING: script writer didn't release transaction
Looks like www_challenge works only stateless. Is there a way to handle
the challange stateful?
Btw: I'm still using 0.8.12 - is this solved in newer versions?
regards,
klaus
if ( !t_newtran()) {
sl_reply_error();
xlog("L_ERR", "error creating new transaction\n");
break;
};
xlog("L_INFO", "creating new transaction ... done\n");
if (!radius_www_authorize("")) {
www_challenge("", "0");
break;
};
if (!check_to()) {
if (!t_reply("403", "Forbidden - please use proper To")) {
sl_reply_error();
};
break;
};
if(!save("location")) {
if (!t_reply("500", "Error saving contact")) {
sl_reply_error();
};
break;
};
break;
Does ser have support for SMPP (Small Message Peer to
Peer) ?
What protocl does sms module currently uses to talk to
the sms gateway.
Thanks.
Rao
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Hi all,
I'm very new to SER. Currently, I have an asterisk
server running ,and am able make calls thru a
conventional phone via an IAD box. Presently, I am
trying to implement SER on top of asterisk.
My plan is to use SER as a SIP Registrar and then
route calls to asterisk. It needs to be stateful.
Need some clarification on this:
1. When a call is made, (ngrep)it send an INVITE
request instead of a REGISTER. why?
2. I then checked and found out that my sip user has
already been stored in the "location" table even
before any calls were made. Why?
3.What's the difference between "location" and
"subscriber" table? Why does the
if(!lookup("location")) always returns true and gives
a NOT FOUND error when i can see my user in location
table?
Below is my ser.cfg file:
route{
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
record_route();
if (loose_route()) {
t_relay();
break;
};
# if the request is for other domain use
# UsrLoc (in case, it does not work, use the
# following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
if (!www_authorize("202.171.60.3", "subscriber")) {
www_challenge("202.171.60.3", "0");
break;
}
save("location");
break;
} else {
# NO registered contacts,exit now
if (!lookup("location")) {
sl_send_reply("404","Not Found");
break;
};
}
t_relay();
};
# forward to current uri now; use stateful
# forwarding; that works reliably even if we
# forward from TCP to UDP
if (!t_relay()) {
sl_reply_error();
};
}
I'm sure there's something wrong with my route logic.
Please help.
Nikki K
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
[please ignore my previous message]
Hi everyone,
When I try to change the port from 5060 to other value (e.g. 1234),
after restarting SER, the gateway (sipura 2000) fails to register even I
change the "SIP port" to 1234.
I use serctl ps to view the server process, only port 1234 is used for
listening. I use ethereal to trace the packets, when the client sends
the REQUEST, my SER server did not reply.
Only 5060 works successfully. Do you have any ideas?
Thomas
Hi,
When I try to change the port from 5060 to other value (e.g. 1234),
after restarting SER, the gateway (sipura 2000) fails to register even I
change the "SIP port" to 1234.
I use serctl ps to view the server process, only port 80 is used for
listening. I use ethereal to trace the packets, when the client sends
the REQUEST, my SER server did not reply.
Only 5060 works successfully. Do you have any ideas?
Thomas
On Fri, 2004-12-17 at 16:50, Atle Samuelsen wrote:
> yup
>
> - atle
>
> * Thomas <support(a)cybertel.biz> [041217 09:27]:
> > Hi,
> >
> > If I want to change the port 5060 to other port number, should I
just
> > modify ser.cfg and restart it?
> >
> >
> > Thomas
hello i have ser 0.8.14 working, some clients are behind nat others not.
i have setup pstn gateway - asterisk a try to route some call here, but
there is some problem with audio, from both clients - with real ip
address and clients behind nat. Called party hear everything what caller
say, but caller hear nothing.
calling between client with real address and other behind nat works fine.
ser and pstn-gateway have real ip addresses, they are no same subnet.
Can anybody help me to solve this problem ?
below is my sr.cfg
best regards Marian
#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
alias=mdk10.sunteq.sk
alias=sunteq.sk
#alias=atlas.sunteq.sk
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/lib/ser/modules/mysql.so"
loadmodule "/lib/ser/modules/sl.so"
loadmodule "/lib/ser/modules/tm.so"
loadmodule "/lib/ser/modules/rr.so"
loadmodule "/lib/ser/modules/maxfwd.so"
loadmodule "/lib/ser/modules/usrloc.so"
loadmodule "/lib/ser/modules/registrar.so"
loadmodule "/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/lib/ser/modules/auth.so"
loadmodule "/lib/ser/modules/auth_db.so"
# load the voicemail module
#loadmodule "/lib/ser/modules/vm.so"
# load the enum module
loadmodule "/lib/ser/modules/enum.so"
# load the group module, to verify if a user forwards to voicemail
loadmodule "/lib/ser/modules/group.so"
# load the nathelper module
loadmodule "/lib/ser/modules/nathelper.so"
loadmodule "/lib/ser/modules/acc.so"
# ----------------- setting module-specific parameters ---------------
# -- registrar parameter
# special NAT flag indicates that a registered client is behind NAT
modparam("registrar", "nat_flag", 6)
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
#modparam("usrloc", "db_url", "mysql://ser:heslo@localhost/ser")
modparam("usrloc|auth_db|acc|group|msilo|uri","db_url","mysql://ser:heslo@localhost/ser")
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
#modparam("auth_db", "db_url", "mysql://ser:heslo@localhost/ser")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- voicemail params --
#modparam("voicemail", "db_url","mysql://ser:heslo@localhost/ser")
# -- voicemail params --
#modparam("group", "db_url","mysql://serro:heslo@localhost/ser")
# -- nathelper params --
modparam("nathelper", "natping_interval", 3)
modparam("nathelper", "ping_nated_only", 1)
modparam("tm", "fr_inv_timer", 30 )
#modparam("tm", "fr_inv_timer", 8 )
# ------------------------- request routing logic -------------------
# main routing logic
route{
log(1, "-------------------------------------------\n");
log(1, "entering main loop\n");
if (nat_uac_test("2")) {
log(1, "src address different than via header->NAT
detected\n");
log(1, "force_rport and fix_nated_contact and
setflag(5)\n");
#try NAT traversal, works only if the client is symmetrical
force_rport();
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for request\r\n");
# flag 5 indicates that incoming request is from NATed
client
setflag(5);
};
if (method=="REGISTER")
log(1, "REGISTER message received\n");
if (method=="INVITE")
log(1, "INVITE message received\n");
if (method=="ACK")
log(1, "ACK message received\n");
if (method=="BYE")
log(1, "BYE message received\n");
if (method=="CANCEL")
log(1, "CANCEL message received\n");
if (method=="SUBSCRIBE")
log(1, "SUBSCRIBE message received\n");
if (method=="NOTIFY")
log(1, "NOTIFY message received\n");
if (method=="OPTIONS")
log(1, "OPTIONS message received\n");
if (method=="INFO")
log(1, "INFO message received\n");
if (method=="MESSAGE")
log(1, "MESSAGE message received\n");
if (method=="REFER")
log(1, "REFER message received\n");
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len > max_len) {
#if (len_gt( max_len )) {
sl_send_reply("513", "Message too big");
break;
};
# loose-route processing
if (loose_route()) {
log(1, "loose_route processing\n");
t_relay();
break;
};
# Check for PSTN access
if (uri=~"^sip:0[0-9]*@.*") {
log(1, "going to PSTN route3\n");
route(3);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
log(1, "analyzing REGISTER request\n");
# Uncomment this if you want to use digest authentication
if (!www_authorize("mdk10.sunteq.sk",
"subscriber")) {
www_challenge("mdk10.sunteq.sk", "0");
break;
};
if (isflagset(5)) {
#register from nated client, save
nat_flag=6
#in location table
setflag(6);
};
if (!save("location")) {
log(1, "save location error\n");
sl_reply_error();
};
break;
};
lookup("aliases");
#mark transaction for voicemail
#if (is_user_in("Request-URI", "voicemail\n")) {
# log(1, "requested user is in voicemail group");
# setflag(4);
#};
# Process Aliases
lookup("aliases");
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
# handle user which was not found
log(1, "requested user not found\n");
route(4);
break;
};
};
#add failure route which should be performed if response code >=300
if (method=="INVITE" && isflagset(4)) {
log(1, "invite for voicemail user->initiate
failureroute[1]\n");
t_on_failure("1");
};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
route(1);
}
route[1]{
log(1, "-------------------------------------------\n");
log(1, "entering route[1] - relaying SIP message\n");
if ((isflagset(5)) || (isflagset(6))) {
log(1, "at least one of the participants is
NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy,
set NATED-INVITE flag(7)");
force_rtp_proxy();
append_hf("P-hint: request forced to rtp
proxy\r\n");
setflag(7);
};
};
log(1, "relaying message ...\n");
if (!t_relay()) {
log(1, "t_relay error occured\n");
sl_reply_error();
};
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
log(1, "-------------------------------------------\n");
log(1, "onreply_route[1] entered\n");
if (isflagset(6)) {
log(1, "transaction was sent to a NATED client -> fix
nated contact\n");
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for response\r\n");
}
if ( (status=~"100") ) {
log(1, "status 100 received\n");
};
if ( (status=~"180") ) {
log(1, "status 180 received\n");
};
if ( (status=~"202") ) {
log(1, "status 202 received\n");
};
if ( (status=~"200" || status=~"183") ) {
log(1, "status 2xx or 183");
if ( isflagset(7) ) {
log(1, "marked(7) as NATED-INVITE ->
force_rtp_proxy \n");
force_rtp_proxy();
append_hf("P-hint: response forced to rtp
proxy\r\n");
};
};
}
route[3] {
if (method=="INVITE" && (!src_ip==194.1.222.26)) {
log(1, "method is invite\n");
if (!proxy_authorize( "mdk10.sunteq.sk","subscriber")) {
proxy_challenge( "mdk10.sunteq.sk", "0");
break;
};
# let's check from=id ... avoids accounting confusion
if(!is_user_in("credentials", "local")) {
sl_send_reply("403", "NO PSTN Privileges...");
break;
};
consume_credentials();
}; # INVITE to authorized PSTN
log(1, "authorized to PSTN\n");
# if you have passed through all the checks, let your call go to GW!
force_rtp_proxy();
record_route();
t_on_reply("1");
# snom conditioner
if (method=="INVITE" && search("User-Agent: snom")) {
replace("100rel, ", "");
};
append_hf("P-hint: GATEWAY\r\n");
# use UDP to guarantee well-known sender port (TCP ephemeral)
t_relay_to_udp("194.1.222.26","5060");
}
route[4]{
log(1, "-------------------------------------------\n");
log(1, "entering route[4] = requested user not online\n");
# non-Voip -- just send "off-line"
if (!(method == "INVITE" || method == "ACK" || method ==
"CANCEL" || method == "REFER" || method == "BYE")) {
log(1, "no invite,ack,cancel,refer->return 404\n");
sl_send_reply("404", "Not Found");
break;
};
# not voicemail subscriber and no echo/conference call
if ( isflagset(4)) {
log(1, "flag(4) active\n");
};
if (uri =~ "conference") {
log(1, "conference call\n");
};
if (uri =~ "echo") {
log(1, "echo call\n");
};
if ( !( isflagset(4) || (uri =~ "conference") || (uri =~
"echo") ) ) {
log(1, "no voicemail subscriber->return 404");
sl_send_reply("404", "Not Found and no voicemail turned
on");
break;
};
if ( isflagset(5) ) {
log(1, "caller is NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy");
force_rtp_proxy();
};
};
# forward to voicemail now
rewritehostport("192.168.1.253:5060");
log(1, "forward to voicemail\n");
t_relay_to_udp("192.168.1.253", "5060");
}
failure_route[1] {
/* XX: note: unsafe if preloaded routes without username used */
log(1, "-------------------------------------------\n");
log(1, "failureroute[1] entered\");
revert_uri();
rewritehostport("212.17.35.184:5060");
append_branch();
t_relay_to_udp("212.17.35.184", "5060");
}