[Serusers] permission module

Miklos Tirpak miklos at iptel.org
Thu Mar 2 14:54:36 CET 2006


Hi Hakan,

Try this value for from_patter without quotes: ^sip:902247654321 at .*
udp is correct for proto

Miklos

Hakan YASTI wrote:
> Hi Miklos,
> 
> It was output of ngrep -W byline, The original ngrep output is as below.
> 
>> From fielad is like    From: "902247654321" 
> 
> <sip:902247654321 at gi.com.tr>;tag=1c572128494.
> 
> What I wonder is ; according to this invite what must be the proto and 
> from_pattern values to allow the call.
> 
> 
> U 84.51.32.26:5060 -> 84.51.32.8:5060
>  INVITE sip:02124440111 at gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP 
> 84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: 
> "902247654321" <sip:9
>  02247654321 at gi.com.tr>;tag=1c572128494..To: 
> <sip:02124440111 at gi.com.tr;user=phone>..Call-ID: 
> 195110554Rsep at 84.51.32.26..CSeq: 1 INVITE..Contact: <sip:90
>  2247654321 at 84.51.32.26>..Supported: 
> em,100rel,timer,replaces,path..Allow: 
> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDAT 
> 
>  E..Session-Expires: 3600..Min-SE: 90..User-Agent: 
> Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Type: 
> application/sdp..Content-Length: 244..
>  ..v=0..o=AudiocodesGW 484853 895184 IN IP4 
> 84.51.32.26..s=Phone-Call..c=IN IP4 84.51.32.26..t=0 0..m=audio 4010 
> RTP/AVP 0 8 96..a=rtpmap:0 pcmu/8000..a=
>  rtpmap:8 pcma/8000..a=rtpmap:96 telephone-event/8000..a=fmtp:96 
> 0-15..a=ptime:20..a=sendrecv..
> #
> U 84.51.32.8:5060 -> 84.51.32.26:5060
>  SIP/2.0 403 ONLY REGISTERED USERS......Via: SIP/2.0/UDP 
> 84.51.32.26;branch=z9hG4bKacGtOiLfA..From: "902247654321" 
> <sip:902247654321 at gi.com.tr>;tag=1c572
>  128494..To: 
> <sip:02124440111 at gi.com.tr;user=phone>;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID: 
> 195110554Rsep at 84.51.32.26..CSeq: 1 INVITE..Server
>  : Sip EXpress router (0.9.3 (i386/freebsd))..Content-Length: 
> 0..Warning: 392 84.51.32.8:5060 "Noisy feedback tells:  pid=70414 
> req_src_ip=84.51.32.26 re
>  q_src_port=5060 in_uri=sip:02124440111 at gi.com.tr;user=phone 
> out_uri=sip:02124440111 at gi.com.tr;user=phone via_cnt==1"....
> #
> U 84.51.32.26:5060 -> 84.51.32.8:5060
>  ACK sip:02124440111 at gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP 
> 84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: 
> "902247654321" <sip:9022
>  47654321 at gi.com.tr>;tag=1c572128494..To: 
> <sip:02124440111 at gi.com.tr;user=phone>;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID: 
> 195110554Rsep at 84.51.
>  32.26..CSeq: 1 ACK..Contact: <sip:902247654321 at 84.51.32.26>..Supported: 
> em,timer,replaces,path..Allow: 
> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRA
>  CK,REFER,INFO,SUBSCRIBE,UPDATE..User-Agent: 
> Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Length: 0....
> 
> ################ SER LOG ###########
> 2(70414) val2str(): converting 84.51.32.26, 11
> 2(70414) PG[217] str2valp got string udp
> 2(70414) PG[217] str2valp got string "90224765321"
> 2(70414) NOT TRUSTED IP 2(70414) parse_headers: flags=4
> 2(70414) end of header reached, state=9
> 2(70414) DEBUG: get_hdr_field: <To> [40]; 
> uri=[sip:02124440111 at gi.com.tr;user=phone]
> 2(70414) DEBUG: to body [<sip:02124440111 at gi.com.tr;user=phone>
> 
> 
> Best Regards,
> Hakan.
> 
> 
> 
> 
> 
> 
> ----- Original Message ----- From: "Miklos Tirpak" <miklos at iptel.org>
> To: "Hakan YASTI" <hakanyasti at gmail.com>
> Cc: <serusers at lists.iptel.org>
> Sent: Thursday, March 02, 2006 11:38 AM
> Subject: Re: [Serusers] permission module
> 
> 
>> Hi Hakan,
>>
>> Does the From header really look like this???
>> From: "902247654321" ;tag=1c681629589
>>
>> It is incorrect, and of course the To and Contact headers are also 
>> incorrect.
>>
>> Miklos
>>
>> Hakan YASTI wrote:
>>
>>> Hi,
>>> I am trying to use permissions module. At configuration side 
>>> everything seems ok. when an invite comes to ser, gets the source ip 
>>> of the invite and select a query from the trusted table. But every 
>>> time, when correlates the from_pattern and proto, they mismatch ( I 
>>> SUPPOSE ). Is there any trick at from_pattern ? I have tried so many 
>>> values like
>>> .* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
>>>
>>> Hakan.
>>>
>>> loadmodule "/usr/local/lib/ser/modules/permissions.so"
>>> # -- permissions parameters -- #
>>>
>>> modparam("permissions", "db_url", 
>>> "postgres://xxxxx:xxxx@ip_address/xxxxx")
>>> modparam("permissions", "db_mode", 0)
>>> modparam("permissions", "trusted_table", "trusted")
>>> modparam("permissions", "source_col", "src_ip")
>>> modparam("permissions", "proto_col", "proto")
>>> modparam("permissions", "from_col", "from_pattern")
>>>
>>> if (method=="INVITE") {
>>> if (!allow_trusted()) {
>>> log("THE IP ADDRESS IS NOT ALLOWED");
>>> sl_send_reply("403","ONLY REGISTERED USERS ALLOWED ");
>>> break;
>>> }
>>>
>>>
>>>
>>> ########### SER LOG #############
>>>
>>> 2(69289) SIP Request:
>>> 2(69289) method:
>>> 2(69289) uri:
>>> 2(69289) version:
>>> 2(69289) parse_headers: flags=1
>>> 2(69289) Found param type 232, = ; state=16
>>> 2(69289) end of header reached, state=5
>>> 2(69289) parse_headers: Via found, flags=1
>>> 2(69289) parse_headers: this is the first via
>>> 2(69289) After parse_msg...
>>> 2(69289) preparing to run routing scripts...
>>> 2(69289) parse_headers: flags=128
>>> 2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70
>>> 2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
>>> 2(69289) parse_headers: flags=8
>>> 2(69289) DEBUG: add_param: tag=1c681629589
>>> 2(69289) end of header reached, state=29
>>> 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] 
>>> == [84.51.32.8]
>>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>>> 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] 
>>> == [127.0.0.1]
>>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>>> 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] 
>>> == [84.51.32.8]
>>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>>> 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] 
>>> == [127.0.0.1]
>>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>>> 2(69289) val2str(): converting 84.51.32.26, 11
>>> 2(69289) PG[217] str2valp got string udp
>>> 2(69289) PG[217] str2valp got string sip:90224765321 at gi.com.tr
>>> 2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4
>>> 2(69289) end of header reached, state=9
>>> 2(69289) DEBUG: get_hdr_field: [40]; 
>>> uri=[sip:02124440111 at gi.com.tr;user=phone]
>>> 2(69289) DEBUG: to body [
>>> ]
>>> 2(69289) parse_headers: flags=-1
>>> 2(69289) get_hdr_field: cseq : <1>
>>> 2(69289) DEBUG: get_hdr_body : content_length=267
>>> 2(69289) found end of header
>>> 2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1)
>>> 2(69289) DEBUG:destroy_avp_list: destroying list 0x0
>>> 2(69289) receive_msg: cleaning up
>>> 3(69290) SIP Request:
>>> 3(69290) method:
>>> 3(69290) uri:
>>> 3(69290) version:
>>> 3(69290) parse_headers: flags=1
>>> 3(69290) Found param type 232, = ; state=16
>>> 3(69290) end of header reached, state=5
>>> 3(69290) parse_headers: Via found, flags=1
>>> 3(69290) parse_headers: this is the first via
>>> 3(69290) After parse_msg...
>>> 3(69290) preparing to run routing scripts...
>>> 3(69290) parse_headers: flags=4
>>> 3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6
>>> 3(69290) end of header reached, state=29
>>> 3(69290) DEBUG: get_hdr_field: [82]; 
>>> uri=[sip:02124440111 at gi.com.tr;user=phone]
>>> 3(69290) DEBUG: to body []
>>> 3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it!
>>> 3(69290) DEBUG:destroy_avp_list: destroying list 0x0
>>> 3(69290) receive_msg: cleaning up
>>>
>>>
>>>
>>>
>>> ######### NGREP LOGS ################
>>>
>>> U 84.51.32.26:5060 -> 84.51.32.8:5060
>>> INVITE sip:02124440111 at gi.com.tr;user=phone SIP/2.0.
>>> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
>>> Max-Forwards: 70.
>>> From: "902247654321" ;tag=1c681629589.
>>> To: .
>>> Call-ID: *395527579dNhC at 84.51.32.26.* 
>>> <mailto:395527579dNhC at 84.51.32.26.>
>>> CSeq: 1 INVITE.
>>> Contact: .
>>> Supported: em,100rel,timer,replaces,path.
>>> Allow: 
>>> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. 
>>>
>>> Session-Expires: 3600.
>>> Min-SE: 90.
>>> User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
>>> Content-Type: application/sdp.
>>> Content-Length: 267.
>>> .
>>> v=0.
>>> o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26.
>>> s=Phone-Call.
>>> c=IN IP4 84.51.32.26.
>>> t=0 0.
>>> m=audio 4010 RTP/AVP 18 8 96.
>>> a=rtpmap:18 g729/8000.
>>> a=fmtp:18 annexb=no.
>>> a=rtpmap:8 pcma/8000.
>>> a=rtpmap:96 telephone-event/8000.
>>> a=fmtp:96 0-15.
>>> a=ptime:40.
>>> a=sendrecv.
>>>
>>> #
>>> U 84.51.32.8:5060 -> 84.51.32.26:5060
>>> SIP/2.0 403 ONLY REGISTERED USERS.....
>>> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
>>> From: "902247654321" ;tag=1c681629589.
>>> To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
>>> Call-ID: *395527579dNhC at 84.51.32.26.* 
>>> <mailto:395527579dNhC at 84.51.32.26.>
>>> CSeq: 1 INVITE.
>>> Server: Sip EXpress router (0.9.3 (i386/freebsd)).
>>> Content-Length: 0.
>>> Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289 
>>> req_src_ip=84.51.32.26 req_src_port=5060 
>>> in_uri=sip:02124440111 at gi.com.tr;user=phone 
>>> out_uri=sip:02124440111 at gi.com.tr;user=phone via_cnt==1".
>>> .
>>>
>>> #
>>> U 84.51.32.26:5060 -> 84.51.32.8:5060
>>> ACK sip:02124440111 at gi.com.tr;user=phone SIP/2.0.
>>> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
>>> Max-Forwards: 70.
>>> From: "902247654321" ;tag=1c681629589.
>>> To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
>>> Call-ID: *395527579dNhC at 84.51.32.26.* 
>>> <mailto:395527579dNhC at 84.51.32.26.>
>>> CSeq: 1 ACK.
>>> Contact: .
>>> Supported: em,timer,replaces,path.
>>> Allow: 
>>> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. 
>>>
>>> User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
>>> Content-Length: 0.
>>>
>>> #################################
>>> Tried another value for from_pattern...
>>>
>>> 3(69290) val2str(): converting 84.51.32.26, 11
>>> 3(69290) PG[217] str2valp got string udp
>>> 3(69290) PG[217] str2valp got string "90224765321"
>>>
>>>
>>>
>>> select * from trusted;
>>> src_ip | proto | from_pattern
>>> -------------+-------+---------------
>>> 84.51.32.25 | udp | "90224765321"
>>> 84.51.32.26 | udp | "90224765321"
>>> (2 rows)
>>> .
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> Serusers mailing list
>>> serusers at lists.iptel.org
>>> http://lists.iptel.org/mailman/listinfo/serusers 




More information about the sr-users mailing list