[Serusers] Public IP Register Problem !!!

Felipe Martins fmartins at mundivox.com
Thu Apr 28 21:40:54 CEST 2005


Hi guys,

	I have 2 SER Servers talking to each other, working in a Private network using 192.168.4.0/16 authenticating at a mysql server (everything is for test, so the configuration is very basic). Everything works perfect, I have 4 users registered in each server, and everybody is talking to each other with no problem.
	My next step was to test my architecture with public IPs, so I've changed my ser.cfg to reflect my ip changes, and also configured 4 clientes (2 at each server) with public IPs, but my clients now, can't register, none of them in any server. I can see at the logs that the REGISTER Request reaches my server but the clients can't register. I also tried to use some other private network at some clients but they can't register either. So, any network could be used to make it work, but 192.168.4.0/16. 
	I know it's probably a configuration error I've made, but I can't find where the error is. I'm sending my ser.cfg for you to see. Any hand will be pleased.

Best Regards


# -------------- SER.CFG ------------------------

#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#

# ----------- global configuration parameters ------------------------

# Uncomment these lines to enter debugging mode 
debug=9
fork=yes
log_stderror=no
#listen=200.142.96.218
listen=192.168.4.10
port=5060

alias="mundivox.com"
alias="sipserver.com"
#alias="200.201.187.254"
alias="192.168.4.10"

# sip_warning - Should replies include extensive warnings? By default
# yes, it is good for trouble-shooting
#sip_warnings=yes

# server_signature - Should locally-generated messages include server's
# signature? By default yes, it is good for trouble-shooting.
 server_signature=yes

# reply_to_via - A hint reply modules whether they should send reply

# to IP advertised in Via. Turned off by default, which means that
# replies are sent to IP address from which requests came.
# reply_to_via=no

# mhomed -- enable calculation of outbound interface; useful on
# multihomed servers.
# mhomed=0

check_via=yes		# (cmd. line: -v)
dns=yes           	# (cmd. line: -r)
rev_dns=yes      	# (cmd. line: -R)
children=4
fifo_mode=0666
fifo="/tmp/ser_fifo"

# ------------------ module loading ----------------------------------
# ------------- external module loading
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/exec.so"
loadmodule "/usr/local/lib/ser/modules/group.so"
loadmodule "/usr/local/lib/ser/modules/msilo.so"
#loadmodule "/usr/local/lib/ser/modules/print.so"
loadmodule "/usr/local/lib/ser/modules/enum.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
#loadmodule "/usr/local/lib/ser/modules/nathelper.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
#loadmodule "/usr/local/lib/ser/modules/uri_db.so"
loadmodule "/usr/local/lib/ser/modules/domain.so"
loadmodule "/usr/local/lib/ser/modules/xlog.so"
#loadmodule "/usr/local/lib/ser/modules/speeddial.so"
#loadmodule "/usr/local/lib/ser/modules/options.so"
#loadmodule "/usr/local/lib/ser/modules/rtpproxy.so"

# ----------------- setting module-specific parameters ---------------

# ------------- db_url setting
#modparam("acc|auth_db|domain|group|speeddial|uri_db|usrloc", 
#         "db_url", "mysql://ser:heslo@localhost/ser")
modparam("auth_db", "db_url", "mysql://ser:heslo@localhost/ser")

# ------------- use_domain setting
modparam("auth_db|group|speeddial|uri_db|usrloc", "use_domain", 1)

# ------------- accounting parameters
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
#modparam("acc", "db_flag", 1)
#modparam("acc", "db_missed_flag", 1)
#modparam("acc", "log_fmt", "cdfimorstup")
#modparam("acc", "failed_transactions", 1)
#modparam("acc", "report_cancels", 1)
#modparam("acc", "report_ack", 0)

# ------------- auth parameters
# allows clear text passwords in the mysql database
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")

# ------------- domain parameters
modparam("domain", "db_mode", 1)

# ------------- exec parameters
modparam("exec", "setvars", 1)
modparam("exec", "time_to_kill", 10)

# ------------- registration parameters
modparam("registrar", "nat_flag", 2)
modparam("registrar", "min_expires", 60)
modparam("registrar", "max_expires", 86400)
modparam("registrar", "default_expires", 3600)
modparam("registrar", "desc_time_order", 1)
modparam("registrar", "append_branches", 1)
modparam("registrar", "use_domain", 1)

#-------------- nathelper parameters
#modparam("nathelper", "natping_interval", 30)
#modparam("nathelper", "ping_nated_only", 1)

# ------------- rr parameters
# set ";lr" tag to lr=true
modparam("rr", "enable_full_lr", 1)

# ------------- tm parameters
modparam("tm", "fr_timer", 20)
modparam("tm", "fr_inv_timer", 40)
modparam("tm", "wt_timer", 5)

# ------------- usrloc parameters
# 0 = disable
# 1 = write-through
# 2 = write-back
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "timer_interval", 60)
modparam("usrloc", "desc_time_order", 1)

# ------------- logging parameters
modparam("xlog", "buf_size", 8192)


# Checking for Username Column     
#modparam("auth_db", "user_column", "username")

# Checking for Domain Column
#modparam("auth_db", "domain_column", "domain")

# ------------- logging parameters
modparam("xlog", "buf_size", 8192)


# -------------------------  request routing logic -------------------

# main routing logic

route  {

	# ----------------------------------------------------------------------------
	# Sanity Checks -- messages with max_forwards==0, or excessively long requests
	#-----------------------------------------------------------------------------
	if (!mf_process_maxfwd_header("10")) {
		sl_send_reply("483","Too Many Hops");
		break;
	};
	if ( msg:len > max_len ) {
		sl_send_reply("513", "Message too big");
		break;
	};

	# ------------------------------------------------------------------------
	# NOTIFY Keep-Alive Section
	# ------------------------------------------------------------------------
	if ((method=="NOTIFY") && search("^Event: keep-alive")) {
		sl_send_reply("200", "OK");
		break;
	};

	if ((method=="NOTIFY") && (uri=~"^sip:700@")) {
		sl_send_reply("200", "OK");
		break;
	};



	# ------------------------------------------------------------
	# OPTIONS Section
	#
	# This is used by sipsak to monitor the heath of our sip proxy
	#-------------------------------------------------------------

#	if (search("^From: sip:sipsak@") &&
#	   (method=="OPTIONS") && (!uri=~"sip:.*[@]+.*"))  {
#		options_reply();
#		break;
#	};

	# ------------------------------------------------------------
	# Registration Section
	# ------------------------------------------------------------
#	if (method=="REGISTER")  {
#
#	if (!is_from_local()) {
#	
#			sl_send_reply("403", "Unknown Domain");
#			break;
#		};
#	
#		if (is_user_in("Request-URI", "disabled"))  {
#	
#			sl_send_reply("403", "Your evaluation period has expired");
#			break;
#		};
#	
#		if (!www_authorize("", "subscriber"))  {
#			
#			www_challenge("", "0");
#			break;
#		};
#
#		if (!check_to())  {
#
#			sl_send_reply("401", "Unauthorized");
#			break;
#		};
#
#		if (!save("location"))  {
#
#			sl_reply_error();
#		};
#
#		break;
#
#	};

	# -----------------------------------------------------------------
	# Open Relay Section
	# -----------------------------------------------------------------
#	if (method=="INVITE")  {
#		
#		if (!(is_from_local() || is_uri_host_local())) {
#			sl_send_reply("403", "Please register to use our service");
#			break;
#		};
#	};

	# -----------------------------------------------------------------
	# Accounting Section
	# -----------------------------------------------------------------
#	if (method=="INVITE" || method=="BYE") {
#		setflag(1);
#	};

	# -----------------------------------------------------------------
	# Record Route Section
	# 
	# we record-route all messages -- to make sure that subsequent messages
	# will go through our proxy; that's particularly good if upstream and
	# donwstream entities use different transport protocol
	# -----------------------------------------------------------------
	if (!method=="REGISTER") {
		record_route();
	};

	if (method=="INVITE") record_route();
	log(1, "INVITE message received\n");


	# -----------------------------------------------------------------
	# Loose Route Section
	# 
	# Grant route routing if route headers present
	# -----------------------------------------------------------------
	if (loose_route())  {
		route(2);
		break;
	};

	# -----------------------------------------------------------------
	# Alias Routing Section
	# -----------------------------------------------------------------
	lookup("aliases");
	if (!uri==myself) {
		route(2);
		break;
	};

	# ------------------------------------------------------------------------
	# Anonymous Call Rejection Section
	# ------------------------------------------------------------------------
	if (isflagset(24) && (method=="INVITE") && search("^(f|F)rom:.*(a|A)nonymous")) {
		route(8);
		break;
	};
	

	# ------------------------------------------------------------------------
	# Call Block Section
	# ------------------------------------------------------------------------
#	if (is_caller_blocked()) {
#		route(7);
#		break;
#	};

	# ------------------------------------------------------------------------
	# Do Not Disturb Section
	# ------------------------------------------------------------------------
#	if (avp_db_load("$ruri/username", "s:donotdisturb")) {
#		if (avp_check("s:donotdisturb", "eq/y/i")) {
#			route(5);
#			break;
#		};
#	};

	# we record-route all messages -- to make sure that
	# subsequent messages will go through our proxy; that's
	# particularly good if upstream and downstream entities
	# use different transport protocol
	#record_route();	
	# loose-route processing
	if (loose_route()) {
		t_relay();
		break;
	};


	
	# Rota usada para guardar Logs no CDRTool - Billing
#	if (method=="REGISTER" || method=="INVITE" || method=="BYE" || method=="CANCEL") {
#		# Salvar mensagens no myslq para o CDRTool
#		exec_msg("/var/www/html/serweb/sertrace.py; exit 1");
#	};

	

	# if the request is for other domain use UsrLoc
	# (in case, it does not work, use the following command
	# with proper names and addresses in it)
	# uri==myself retorna true se o nome de dominio URI for igual ao nome do
	# host ao qual SER esta rodando. Para configurar quais domain names o ser
	# aceita, deve-se configurar os ALIASES do sistema para tais nomes.
	if (uri==myself) {

		if (method=="REGISTER") {
		log(1, "REGISTER message received\n");
			# Uncomment this if you want to use digest authentication
			if (!www_authorize("192.168.4.10", "subscriber")) {
				www_challenge("192.168.4.10", "0");
				break;
			}; 
			save("location");
			break;
		};

		# Repassando Chamadas Internacionais para Asterisk
	        if (uri=~"^sip:[2][0-9].*@") {
                	log(1, "Forwarding to Another Gateway - SIPProxy2 to SIPProxy1\n");
			setflag(1);     # MARK FOR ACCOUNTING
			rewritehost("192.168.4.11");
			forward(192.168.4.11,5060);
                	t_relay();
			break;
		}



	# ----------------------------------------------------------------
	# Call Routing Section
	# ----------------------------------------------------------------
		if (!lookup("location")) {

			sl_send_reply("404", "User Not Found");
			break;
		};
	};

	# forward to current uri now; use stateful forwarding; that
	# works reliably even if we forward from TCP to UDP
	if (!t_relay()) {
		sl_reply_error();
	};

}


# ------------------ EOF -------------------------




-- 
Felipe Martins
Mundivox Communications
Tecnologia e Projetos
fmartins at mundivox.com

Tel.: +55 +21 +3820 8839
Cel.: +55 +21 +9823 8602
Fax.: +55 +21 +3820 8844
www.mundivox.com





More information about the sr-users mailing list