[Users] 403 Forbidden-----onsip configs testing. user not able to register

Ferianto siregar ferianto_voip at yahoo.com
Wed Aug 23 09:16:55 CEST 2006


Hi, Ram
   
  its Not looking up in aliases table , it look ups only on location table. the  each request and responses .
  
So, You have to add your domain in the domain table by using :
  
insert  into domain values('urs_domain', ' date) ; in   openser  databases tables. 

I do hope it can help you.
   
  Thanks.
  
On 8/22/06, ram wrote:
>
> Hi all
>
> iam trying to read the getting started document from onsip
> when iam configuring pstn-gw.cfg
> with the below config
>
> when the X-lite user try to loging , SIP/2.0 403 Forbidden, in the Log of
> X-lite
>
> what is wrong , even i have changed AVP after reading module configs in
> openser.
>
> any one suggest me what is wrong iam doing here
>
> Ram
>
> -----------------
> openser.cfg
> #
> # $Id: openser.cfg,v 1.6 2006/02/15 18:23:46 bogdan_iancu Exp $
> #
> # simple quick-start config script
> #
>
> # ----------- global configuration parameters ------------------------
>
> debug=9 # debug level (cmd line: -dddddddddd)
> fork=yes
> log_stderror=no # (cmd line: -E)
>
> /* Uncomment these lines to enter debugging mode
> #fork=no
> #log_stderror=yes
> */
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> listen=myip
> port=5060
> children=4
> fifo="/tmp/openser_fifo"
> fifo_db_url="mysql://openser:openserrw@localhost /openser"
>
>
> # ------------------ module loading
> ----------------------------------
>
>
> loadmodule "/usr/local/lib/openser/modules/mysql.so"
> loadmodule "/usr/local/lib/openser/modules/sl.so"
> loadmodule "/usr/local/lib/openser/modules/tm.so"
> loadmodule "/usr/local/lib/openser/modules/rr.so"
> loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/openser/modules/usrloc.so"
> loadmodule "/usr/local/lib/openser/modules/registrar.so"
> loadmodule "/usr/local/lib/openser/modules/textops.so"
> loadmodule "/usr/local/lib/openser/modules/auth.so"
> loadmodule "/usr/local/lib/openser/modules/auth_db.so"
> loadmodule "/usr/local/lib/openser/modules/uri.so"
> loadmodule "/usr/local/lib/openser/modules/uri_db.so"
> loadmodule "/usr/local/lib/openser/modules/domain.so"
> loadmodule "/usr/local/lib/openser/modules/mediaproxy.so"
> loadmodule "/usr/local/lib/openser/modules/nathelper.so"
> loadmodule "/usr/local/lib/openser/modules/avpops.so"
> loadmodule "/usr/local/lib/openser/modules/permissions.so"
>
> modparam("auth_db|permissions|uri_db|usrloc","db_url",
> "mysql://openser:openserrw@localhost/openser")
> modparam("auth_db", "calculate_ha1", 1)
> modparam("auth_db", "password_column", "password")
>
> modparam("nathelper", "rtpproxy_disable", 1)
> modparam("nathelper", "natping_interval", 0)
>
> modparam("mediaproxy","natping_interval", 30)
> modparam("mediaproxy","mediaproxy_socket",
> "/var/run/mediaproxy.sock")
> modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients")
> modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")
>
> modparam("usrloc", "db_mode", 2)
> modparam("auth_db", "calculate_ha1", yes)
> modparam("auth_db", "password_column", "password")
>
> modparam("registrar", "nat_flag", 6)
>
> modparam("rr", "enable_full_lr", 1)
>
> modparam("tm", "fr_timer_avp", "i:25")
> modparam("tm", "fr_inv_timer_avp", "i:25")
>
> modparam("permissions", "db_mode", 1)
> modparam("permissions", "trusted_table", "trusted")
>
> route {
>
> #
> -----------------------------------------------------------------
> # Sanity Check Section
> #
> -----------------------------------------------------------------
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483", "Too Many Hops");
> return;
> };
>
> if (msg:len > max_len) {
> sl_send_reply("513", "Message Overflow");
> return;
> };
>
> #
> -----------------------------------------------------------------
> # Record Route Section
> #
> -----------------------------------------------------------------
> if (method=="INVITE" && client_nat_test("3")) {
> # INSERT YOUR IP ADDRESS HERE
>
> record_route_preset("myproxyip:5060;nat=yes");
> } else if (method!="REGISTER") {
> record_route();
> };
>
> #
> -----------------------------------------------------------------
> # Call Tear Down Section
> #
> -----------------------------------------------------------------
> if (method=="BYE" || method=="CANCEL") {
> end_media_session();
> };
>
> #
> -----------------------------------------------------------------
> # Loose Route Section
> #
> -----------------------------------------------------------------
> if (loose_route()) {
>
> if (has_totag() && (method=="INVITE" || method=="ACK")) {
>
> if
> (client_nat_test("3")||search("^Route:.*;nat=yes")){
> setflag(6);
> use_media_proxy();
> };
> };
>
> route(1);
> return;
> };
>
> #
> -----------------------------------------------------------------
> # Call Type Processing Section
> #
> -----------------------------------------------------------------
> if (!is_uri_host_local()) {
> if (is_from_local() || allow_trusted()) {
> route(4);
> route(1);
> } else {
> sl_send_reply("403", "Forbidden");
> };
> return;
> };
>
> if (method=="CANCEL") {
> route(1);
> return;
> } else if (method=="INVITE") {
> route(3);
> return;
> } else if (method=="REGISTER") {
> route(2);
> return;
> };
>
> lookup("aliases");
> if (uri!=myself) {
> route(4);
> route(1);
> return;
> };
>
> if (!lookup("location")) {
> sl_send_reply("404", "User Not Found");
> return;
> };
>
> route(1);
> }
>
> route[1] {
>
> #
> -----------------------------------------------------------------
> # Default Message Handler
> #
> -----------------------------------------------------------------
>
> t_on_reply("1");
>
> if (!t_relay()) {
>
> if (method=="INVITE" || method=="ACK") {
> end_media_session();
> };
>
> sl_reply_error();
> };
> }
>
> route[2] {
>
> #
> -----------------------------------------------------------------
> # REGISTER Message Handler
> #
> -----------------------------------------------------------------
>
> sl_send_reply("100", "Trying");
>
> if (!search("^Contact:[ ]*\*") && client_nat_test("7")) {
> setflag(6);
> fix_nated_register();
> force_rport();
> };
>
> if (!www_authorize("","subscriber")) {
> www_challenge("","0");
> return;
> };
>
> if (!check_to()) {
> sl_send_reply("401", "Unauthorized");
> return;
> };
>
> consume_credentials();
>
> if (!save("location")) {
> sl_reply_error();
> };
> }
>
> route[3] {
>
> #
> -----------------------------------------------------------------
> # INVITE Message Handler
> #
> -----------------------------------------------------------------
>
> if (!allow_trusted()) {
>
> if (!proxy_authorize("","subscriber")) {
> proxy_challenge("","0");
> return;
> } else if (!check_from()) {
> sl_send_reply("403", "Use From=ID");
> return;
> };
>
> consume_credentials();
> };
>
> if (client_nat_test("3")) {
> setflag(7);
> force_rport();
> fix_nated_contact();
> };
>
> if (uri=~"^sip:1[0-9]{10}@") {
> strip(1);
> };
>
> lookup("aliases");
> if (uri!=myself) {
> route(4);
> route(1);
> return;

=== message truncated ===


 		
---------------------------------
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great rates starting at 1¢/min.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20060823/909b0fa3/attachment.htm>


More information about the sr-users mailing list