Hi guys,
I have a problem w/ the DUV 1000 ( http://corp.deltathree.com/productsandservices/dialup.html ) hardware device. I'm using www_authorize in my ser.cfg on every call forward (pstn) to prevent other sip proxies to forwad traffic to me:
if (uri=~"^sip:00") { log(0, "\n\n************ B2BUA ***********\n");
if((!src_ip=="12.34.56.78")||(!src_ip=="1.2.3.4")){ # if (!proxy_authorize("12.34.56.78", "subscriber")) { # proxy_challenge("12.34.56.78", "1"); # }; if (!www_authorize("12.34.56.78", "subscriber")) { www_challenge("12.34.56.78", "1"); break; }; }; strip(0); rewritehostport("1.2.3.4:11234"); append_branch("1.2.3.4"); t_relay(); t_relay_to_udp("1.2.3.4", "11234"); append_hf("P-hint: VoipSwitch GATEWAY\r\n"); log(0, "********************************************\n\n\n"); break; };
When I try to call 00xxxxxx the DUV device doesn't authorize to the ser and the call fails. The same happens when proxy_authorize is used. Here is the sniffer log:
# U 34.56.87.12:5060 -> 12.34.56.78:5060 INVITE sip:00359123456@12.34.56.78 SIP/2.0. Via: SIP/2.0/UDP 34.56.87.12:5060. From: 6789 sip:6789@12.34.56.78;tag=10311. To: sip:00359123456@12.34.56.78. Call-ID: 20495@34.56.87.12. Contact: sip:6789@34.56.87.12:5060. CSeq: 8112 INVITE. Max-Forwards: 70. Content-Length: 119. User-Agent: DUV1000 (dlk2.62)6789. Content-Type: application/sdp. . v=0. o=dlink 4526 9013 IN IP4 34.56.87.12. s=Session SDP. c=IN IP4 34.56.87.12. t=0 0. m=audio 6868 RTP/AVP 4 4 4. .
# U 12.34.56.78:5060 -> 34.56.87.12:5060 SIP/2.0 401 Unauthorized. Via: SIP/2.0/UDP 34.56.87.12:5060. From: 6789 sip:6789@12.34.56.78;tag=10311. To: sip:00359123456@12.34.56.78;tag=89fc68a3caf42d7e2d6038f5511e0f83.d0d2. Call-ID: 20495@34.56.87.12. CSeq: 8112 INVITE. WWW-Authenticate: Digest realm="12.34.56.78", nonce="423ab89f16ace6d2361b2f280fbcc0a1e55f06e1", qop="auth". Server: Sip EXpress router (0.9.0 (i386/linux)). Content-Length: 0. Warning: 392 12.34.56.78:5060 "Noisy feedback tells: pid=29694 req_src_ip=34.56.87.12 req_src_port=5060 in_uri=sip:00359123456@12.34.56.78 out_uri=sip:00359123456@12.34.56.78 via_cnt==1". .
# U 34.56.87.12:5060 -> 12.34.56.78:5060 ACK sip:00359123456@12.34.56.78 SIP/2.0. Via: SIP/2.0/UDP 34.56.87.12:5060. From: 6789 sip:6789@12.34.56.78;tag=10311. To: sip:00359123456@12.34.56.78. Call-ID: 20495@34.56.87.12. Contact: sip:6789@34.56.87.12:5060. CSeq: 8112 ACK. Max-Forwards: 70. Content-Length: 0. User-Agent: DUV1000 (dlk2.62)6789. .
# U 34.56.87.12:5060 -> 12.34.56.78:5060 INVITE sip:00359123456@12.34.56.78 SIP/2.0. Via: SIP/2.0/UDP 34.56.87.12:5060. From: 6789 sip:6789@12.34.56.78;tag=17031. To: sip:00359123456@12.34.56.78. Call-ID: 30054@34.56.87.12. Contact: sip:6789@34.56.87.12:5060. CSeq: 8288 INVITE. Max-Forwards: 70. Content-Length: 119. Authorization: Digest username="6789",realm="12.34.56.78",nonce="423ab89f16ace6d2361b2f280fbcc0a1e55f06e1",uri="sip:00359123456@12.34.56.78",algorithm=MD5,qop="auth",nc=00000006,cnonce="11367",response="ef6972dc5229d88060a952c10bdb2789". User-Agent: DUV1000 (dlk2.62)6789. Content-Type: application/sdp. . v=0. o=dlink 4526 9013 IN IP4 34.56.87.12. s=Session SDP. c=IN IP4 34.56.87.12. t=0 0. m=audio 7044 RTP/AVP 4 4 4.
It seems that DUV sends authorization information ... but not correct maybe. Without www_autorize and proxy_authorize the device is able to place calls.
Thanks in advance, Pavel