[Users] Need help to migrate OpenSer v1.0.x to v1.1.x

Hi I am migrating OpenSER v1.0.9 to v1.1.0 using the config file I send below that works perfect in 1.0.9 and I modified to run in 1.1.x , I´ve just needed to change naming schema in parameter given to exported functions of avpops module to run without errors in this new version but when running can´t see basic logs and can´t register any client even if I install DB schema and create subscriber using its openserctl , ngrep just show me a 'forbidden' message but dont know why, please someone send me some advice. thanks rafael # ----------------- global configuration parameters -------------------- debug=4 fork=yes log_stderror=yes listen=192.168.2.136 # OPENSER IP ADDRESS HERE port=5060 # Hostname matching an alias will satisfy the condition uri==myself". # alias=mydomain.com.pe:5060 # alias=mydomain.com.pe alias=192.168.2.136:5060 alias=192.168.2.136 check_via=yes # (cmd. line: -v) children=4 dns=no rev_dns=no fifo="/tmp/openser_fifo" # fifo="FIFO" fifo_mode=0666 # Fifo permissions can be changes from here. fifo_db_url="mysql://dbuser:dbpass@dbt2.mydomain.com.pe/openser" # ----------------------------------------------------------------------- loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/group.so" loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/uri.so" loadmodule "/usr/local/lib/openser/modules/uri_db.so" ## loadmodule "/usr/local/lib/openser/modules/mediaproxy.so" loadmodule "/usr/local/lib/openser/modules/nathelper.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/avpops.so" loadmodule "/usr/local/lib/openser/modules/domain.so" loadmodule "/usr/local/lib/openser/modules/permissions.so" loadmodule "/usr/local/lib/openser/modules/acc.so" loadmodule "/usr/local/lib/openser/modules/uac_redirect.so" loadmodule "/usr/local/lib/openser/modules/diversion.so" # ----------------------------------------------------------------------- modparam("auth_db|permissions|group|uri_db|usrloc", "db_url", "mysql://dbuser:dbpass@dbt2.mydomain.com.pe/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password") modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock") modparam("usrloc", "db_mode", 2) modparam("registrar", "nat_flag", 6) modparam("rr", "enable_full_lr", 1) modparam("tm", "fr_inv_timer", 27) modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") modparam("avpops", "avp_url", "mysql://dbuser:dbpass@dbt2.mydomain.com.pe/openser") modparam("avpops", "avp_table", "usr_preferences") # ------------- Mysql Accounting parameters modparam("acc", "log_flag", 1) modparam("acc", "log_level", 2) modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 3) modparam("acc", "log_missed_flag", 3) modparam("acc", "db_url", "mysql://dbuser:dbpass@dbt2.mydomain.com.pe/openser") modparam("acc", "report_ack", 0) # 1 reporta dos starts en acc (para INVITE y ACK) modparam("acc", "log_fmt", "miocfsputdr") modparam("acc", "detect_direction", 1) # only in 1.1.x or cvs modparam("acc", "multi_leg_enabled", 1) modparam("acc", "src_leg_avp_id", 110) modparam("acc", "dst_leg_avp_id", 111) # ------------- Domain parameters modparam("usrloc", "use_domain", 1) modparam("auth_db", "use_domain", 1) modparam("registrar", "use_domain", 1) modparam("domain", "db_mode", 1) modparam("domain", "domain_table", "domain") modparam("domain", "domain_col", "domain") # ------------------------------------------------------------------------- route { # log(1, "-------------------------------------------------------\n"); # log(1, "entering main loop\n"); ## populate the avps (for Multi call leg accounting): if (!method=="REGISTER" && !method=="NOTIFY") { avp_write("$from/username", "$avp(i:110)"); avp_write("$ruri/username", "$avp(i:111)"); }; # set flag for Missed calls for Accounting: if (!method=="OPTIONS") setflag(3); if (method=="INVITE") { log(1, " INVITE MESSAGE RECEIVED - START ACC\n"); }; if (method=="BYE") { log (1, " BYE MESSAGE RECEIVED - STOP ACCOUNTING\n"); }; if (method=="CANCEL") { log (1, " CANCEL MESSAGE RECEIVED - STOP ACCOUNTING\n"); }; if (method=="OPTIONS") { log(1, " OPTIONS MESSAGE RECEIVED\n"); return; #Do Nothing for 'Options' }; # ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); return; }; if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); return; }; # ----------------------------------------------------------------- # Handle NOTIFY requests from Sipura's to keep-alive NAT # ----------------------------------------------------------------- if ((is_method("NOTIFY")) && (! uri=~"sip:.*[@]+.*")) { sl_send_reply("200", "OK keep-alive"); log(1, " OK keep-alive\n"); return; }; # ----------------------------------------------------------------- # Only allow known sip messages # ----------------------------------------------------------------- if (!is_method("INVITE|REGISTER|BYE|NOTIFY|ACK|CANCEL|REFER|SUBSCRIBE")) { sl_send_reply("501", "Not implemented here"); log(1, " 501 - Not implemented here\n"); return; }; # ----------------------------------------------------------------- # SUBSCRIBE cleanup # ----------------------------------------------------------------- if (is_method("SUBSCRIBE")) { replace(" talk", "talk"); }; # ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- if (method=="INVITE" && nat_uac_test("19")) { # OPENSER IP ADDRESS OR DOMAIN HERE: record_route_preset("192.168.2.136:5060;nat=yes"); setflag(1); ## Set Flag 1 for Acc: test from this location!! } else if (method!="REGISTER") { record_route(); }; # ----------------------------------------------------------------- # Call Tear Down Section # ----------------------------------------------------------------- if (method=="BYE" || method=="REFER" || method=="CANCEL") { unforce_rtp_proxy(); setflag(1); ### Set Flag 1 for Acounting }; # ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) { if (has_totag() && (method=="INVITE" || method=="ACK")) { if (nat_uac_test("19")) { setflag(7); force_rport(); fix_nated_contact(); }; force_rtp_proxy("l"); }; route(1); return; }; # ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (!is_uri_host_local()) { if (is_from_local() || allow_trusted()) { route(4); route(1); } else { sl_send_reply("403", "Forbidden"); }; return; }; if (method=="CANCEL") { route(1); return; } else if (method=="INVITE") { setflag(1); # Set Flag for Acounting route(3); return; } else if (method=="REGISTER") { route(2); return; }; lookup("aliases"); if (uri!=myself) { route(4); route(1); return; }; if (!lookup("location") && !method=="ACK") { if (does_uri_exist()) { log(1, " uri_exist but its Temporarily Unavailable 1 \n"); route(7); # To Voicemail return; } else { log(1, " unable to locate user - User Not Exist 1 \n"); sl_send_reply("404", "User Not Exist"); acc_db_request("404 User Not Exist", "missed_calls"); return; }; }; route(1); } route[1] { # ----------------------------------------------------------------- # Default Message Handler # ----------------------------------------------------------------- t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" || method=="ACK") { unforce_rtp_proxy(); }; sl_reply_error(); }; } route[2] { # ----------------------------------------------------------------- # REGISTER Message Handler # ----------------------------------------------------------------- sl_send_reply("100", "Trying"); if (is_user_in("from", "desactivado")) { sl_send_reply("402", "desactivada temporalmente"); log(1," Cta. desactivada temporalmente \n"); return; }; if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) { setflag(6); fix_nated_register(); force_rport(); }; if (!www_authorize("","subscriber")) { log(1," Fails to Register \n"); www_challenge("","0"); return; }; if (!check_to()) { log(1," Unauthorized registration attempt \n"); sl_send_reply("401", "Unauthorized"); return; }; consume_credentials(); log(1," Registered! \n"); if (!save("location")) { sl_reply_error(); }; } route[3] { # ----------------------------------------------------------------- # INVITE Message Handler # ----------------------------------------------------------------- log(1," route[3]---> INVITE Message Handler \n"); if ( allow_trusted() ) log(1, " Call from pstn or *pbx, no authentication is required. \n"); if (!allow_trusted()) { if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); return; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); log(1, " Sorry, only registered users are allowed \n"); return; }; consume_credentials(); }; append_rpid_hf(); # some digits rules here.... lookup("aliases"); if (!is_uri_host_local()) { route(4); route(1); return; }; if (nat_uac_test("19")) { setflag(7); force_rport(); }; # ----------------------------------------------------------------- # to PSTN Routes!!! # ----------------------------------------------------------------- route(6); # To PSTN & LDI Routes block!!! # ----------------------------------------------------------------- if ( is_uri_host_local() ) { # (Is he in the voicemail group?) -- determine it now and store it in # flag 4, before we rewrite the flag using UsrLoc: if (is_user_in("Request-URI", "voicemail")) { log(1, " requested user is in voicemail group \n"); setflag(4); }; # if user is on-line and is in Voicemail group, enable redirection # Pendiente: # ver como meter voicemail al avp junto a las otras funciones... if (method == "INVITE" && isflagset(4)) { log(1, " invite for voicemail user->initiate failureroute[1]\n"); t_on_failure("1"); }; # flag 22 determines if we need to call the append_branch() for Blind CallFwd. if (avp_db_load("$ruri/username", "$avp(s:callfwd)")) { setflag(22); avp_pushto("$ruri", "$avp(s:callfwd)"); route(6); return; }; # native SIP destinations are handled using our USRLOC DB: if (!lookup("location") ) { if (does_uri_exist()) { log(1," uri_exist but its Temporarily Unavailable 2 \n"); route(7); # To Voicemail return; } else { log(1," Unable to locate xcompany user - User Not Exist 2X \n"); prefix("iu"); ## in asterisk: iu: exten => _iu1780XXXX,1,Playback(invalid,noanswer) acc_db_request("404 User Invalid", "missed_calls"); rewritehostport("192.168.2.131:5070"); t_relay(); return; }; }; # t_on_failure() informs SER that we want to perform special handling when a failure condition occurs. # Failure conditions in this context refer to 4xx and 5xx response codes. # By setting t_on_failure(1) before calling t_relay(), oSER will pass control to the failure_route[1] t_on_failure("1"); route(4); route(1); }; } route[4] { # ----------------------------------------------------------------- # NAT Traversal Section # ----------------------------------------------------------------- ### First check and resetflags if UAS are behind the same NAT system: ### if (isflagset(6) && isflagset(7)){ log(2, " Both Clients are behind NAT"); # Store the destination domain into an AVP avp_printf("$avp(i:450)", "$dd"); if (avp_check("$avp(i:450)", "eq/$src_ip/g")){ log(3, " Detected Two Clients Behind the Same NAT - Disabling Mediaproxy"); # Do not use media-proxy as the clients seem to be behind the same NAT resetflag(6); resetflag(7); }; }; if (isflagset(6) || isflagset(7)) { if (!isflagset(8)) { setflag(8); force_rport(); fix_nated_contact(); force_rtp_proxy(); }; }; } route[5] { # ----------------------------------------------------------------- # ILD - PSTN Handler # ----------------------------------------------------------------- # Forward international calls to Asterisk (a SIP LDI Providers): if(uri=~"^sip:011"){ log(1, " 011N match - Larga Distancia Internacional a USA \n"); if (!is_user_in("from", "ldiusa")) { log(1," No permission for international calls to USA \n"); sl_send_reply("403", "No permission for international calls to USA"); acc_db_request("403 Forbidden", "missed_calls"); return; }; strip(2); }; if(uri=~"^sip:011"){ log(1," 011N match - Larga Distancia Internacional \n"); if (!is_user_in("from", "ldix")) { log(1, " No permission for international calls \n"); sl_send_reply("403", "No permission for international calls"); acc_db_request("403 Forbidden", "missed_calls"); return; }; }; rewritehostport("192.168.2.137:5070"); # Asterisk or PSTN GATEWAY IP ADDRESS t_on_failure("1"); route(4); route(1); } route[6] { # ----------------- Free Calls ------------------- # To Info numbers 102, 104, 123 y 080011236 if(uri=~"^sip:102@" || uri=~"^sip:104@" || uri=~"^sip:123@" || uri=~"^sip:0800123456@"){ log(1," To CallCenter xcompany!! \n"); rewriteuri("sip:123456@mydomain.com.pe"); rewritehostport("callcenter.mydomain.com.pe:5060"); route(4); route(1); return; }; if (is_user_in("from", "restringido")) { sl_send_reply("402", "Restriccion temporal"); log(1," 402 - Restriccion temporal \n"); acc_db_request("402 Restricted", "missed_calls"); return; }; lookup("aliases"); if (!is_uri_host_local()) { if (!isflagset(22)) { append_branch(); }; route(4); route(1); return; }; # -------------------------- Seccion de Rutas a LDI ---------------------------------------- # Forward international calls to Asterisk (To SIP LDI Providers): if (uri=~"^sip:011[0-9]*@" && !uri=~"^sip:01152*@") { route(5); return; }; if( uri=~"^sip:[2-8][0-9]{6}@" || uri=~"^sip:1[2-8][0-9]{6}@" || uri=~"^sip:01[2-8][0-9]{6}@" ) { log(1, " A Fijos Mexico PSTN \n"); if (uri=~"^sip:01[2-8][0-9][0-9][0-9][0-9][0-9][0-9]@") { strip(1); }; if (uri=~"^sip:[2-8][0-9][0-9][0-9][0-9][0-9][0-9]@") { prefix("1"); }; if (!is_user_in("from", "fijomexico")) { sl_send_reply("403", "No permission for local fixed calls"); log(1, " 403 - No permission for local fixed calls \n"); acc_db_request("403 Forbidden", "missed_calls"); return; }; rewritehostport("192.168.2.137:5070"); prefix("52"); route(4); route(1); return; }; # no existe? (debe ir al final siempre) if ( uri=~"^sip:[0-9]" && !does_uri_exist() ) { log(1, " Unable to locate route for this dnid - User Not Exist 3X \n"); prefix("mc"); acc_db_request("404 Number Invalid or Incomplete", "missed_calls"); rewritehostport("192.168.2.131:5070"); t_relay(); return; }; } route[7] { # ---------------------- Handling of Unavailable user ---------------------- # non-Voip -- just send "off-line" if (!(method=="INVITE" || method=="ACK" || method=="CANCEL" || method=="BYE" || method=="OPTIONS")) { sl_send_reply("404", "Not Found"); acc_db_request("404 Not Found", "missed_calls"); log(1, " 404 Not Found & non-Voip -- just send off-line \n"); return; }; # Not voicemail subscriber: if (!isflagset(4) && !method=="OPTIONS" && !method=="ACK" && !method=="BYE" && !method=="CANCEL") { #sl_send_reply("404", "Not Found and no VMail turned on"); acc_db_request("480 Temporarily Unavailable", "missed_calls"); # A locucion (Usuario temporalmente fuera de servicio 'ss-noservice'); log(1, " 404 Not Found and no voicemail \n"); prefix("fu"); ## su: exten => _su1780XXXX,1,Playback(ss-noservice,noanswer) rewritehostport("192.168.2.131:5070"); t_relay(); return; }; # forward to voicemail adding prefix to simplify asterisk "extension.conf" :: if (isflagset(4) && !method=="OPTIONS" && !method=="ACK" && !method=="BYE" && !method=="CANCEL") { prefix("vm"); acc_db_request("480 Temporarily Unavailable -> Vm", "missed_calls"); rewritehostport ("192.168.2.131:5070"); t_relay(); return; }; } # -------------------------------------------------------------------------- onreply_route[1] { if ((isflagset(6) || isflagset(7)) && (status=~"(180)|(183)|2[0-9][0-9]")) { if (!search("^Content-Length:[ ]*0")) { force_rtp_proxy(); }; }; if (nat_uac_test("1")) { fix_nated_contact(); }; } failure_route[1] { if (t_check_status("487")) { return; }; if (t_check_status("486")){ prefix("vmb"); acc_db_request("486 Busy -> Vm", "missed_calls"); rewritehostport ("192.168.2.131:5070"); append_branch(); t_relay(); return; }; if (t_check_status("408")){ prefix("vmu"); acc_db_request("408 Timeout -> Vm", "missed_calls"); rewritehostport ("192.168.2.131:5070"); append_branch(); t_relay(); return; }; unforce_rtp_proxy(); } failure_route[2] { # handle 302 redirects if (t_check_status("3[0-9][0-9]")) { get_redirects("*"); t_relay(); }; } ### The End ###