[Users] 403 Forbidden-----onsip configs testing. user not able to register
Rafael J. Risco G.V.
rafael.risco at gmail.com
Wed Aug 23 06:49:39 CEST 2006
I think you get forbidden message because the Call Type Processing
Section, you need to define your sip domain in 'domain' table in your
database or just try running openser after coment call type processing
section.
rafael
On 8/22/06, ram <talk2ram at gmail.com> wrote:
>
> Hi all
>
> iam trying to read the getting started document from onsip
> when iam configuring pstn-gw.cfg
> with the below config
>
> when the X-lite user try to loging , SIP/2.0 403 Forbidden, in the Log of
> X-lite
>
> what is wrong , even i have changed AVP after reading module configs in
> openser.
>
> any one suggest me what is wrong iam doing here
>
> Ram
>
> -----------------
> openser.cfg
> #
> # $Id: openser.cfg,v 1.6 2006/02/15 18:23:46 bogdan_iancu Exp $
> #
> # simple quick-start config script
> #
>
> # ----------- global configuration parameters ------------------------
>
> debug=9 # debug level (cmd line: -dddddddddd)
> fork=yes
> log_stderror=no # (cmd line: -E)
>
> /* Uncomment these lines to enter debugging mode
> #fork=no
> #log_stderror=yes
> */
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> listen=myip
> port=5060
> children=4
> fifo="/tmp/openser_fifo"
> fifo_db_url="mysql://openser:openserrw@localhost /openser"
>
>
> # ------------------ module loading
> ----------------------------------
>
>
> loadmodule "/usr/local/lib/openser/modules/mysql.so"
> loadmodule "/usr/local/lib/openser/modules/sl.so"
> loadmodule "/usr/local/lib/openser/modules/tm.so"
> loadmodule "/usr/local/lib/openser/modules/rr.so"
> loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/openser/modules/usrloc.so"
> loadmodule "/usr/local/lib/openser/modules/registrar.so"
> loadmodule "/usr/local/lib/openser/modules/textops.so"
> loadmodule "/usr/local/lib/openser/modules/auth.so"
> loadmodule "/usr/local/lib/openser/modules/auth_db.so"
> loadmodule "/usr/local/lib/openser/modules/uri.so"
> loadmodule "/usr/local/lib/openser/modules/uri_db.so"
> loadmodule "/usr/local/lib/openser/modules/domain.so"
> loadmodule "/usr/local/lib/openser/modules/mediaproxy.so"
> loadmodule "/usr/local/lib/openser/modules/nathelper.so"
> loadmodule "/usr/local/lib/openser/modules/avpops.so"
> loadmodule "/usr/local/lib/openser/modules/permissions.so"
>
> modparam("auth_db|permissions|uri_db|usrloc","db_url",
> "mysql://openser:openserrw@localhost/openser")
> modparam("auth_db", "calculate_ha1", 1)
> modparam("auth_db", "password_column", "password")
>
> modparam("nathelper", "rtpproxy_disable", 1)
> modparam("nathelper", "natping_interval", 0)
>
> modparam("mediaproxy","natping_interval", 30)
> modparam("mediaproxy","mediaproxy_socket",
> "/var/run/mediaproxy.sock")
> modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients")
> modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")
>
> modparam("usrloc", "db_mode", 2)
> modparam("auth_db", "calculate_ha1", yes)
> modparam("auth_db", "password_column", "password")
>
> modparam("registrar", "nat_flag", 6)
>
> modparam("rr", "enable_full_lr", 1)
>
> modparam("tm", "fr_timer_avp", "i:25")
> modparam("tm", "fr_inv_timer_avp", "i:25")
>
> modparam("permissions", "db_mode", 1)
> modparam("permissions", "trusted_table", "trusted")
>
> route {
>
> #
> -----------------------------------------------------------------
> # Sanity Check Section
> #
> -----------------------------------------------------------------
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483", "Too Many Hops");
> return;
> };
>
> if (msg:len > max_len) {
> sl_send_reply("513", "Message Overflow");
> return;
> };
>
> #
> -----------------------------------------------------------------
> # Record Route Section
> #
> -----------------------------------------------------------------
> if (method=="INVITE" && client_nat_test("3")) {
> # INSERT YOUR IP ADDRESS HERE
>
> record_route_preset("myproxyip:5060;nat=yes");
> } else if (method!="REGISTER") {
> record_route();
> };
>
> #
> -----------------------------------------------------------------
> # Call Tear Down Section
> #
> -----------------------------------------------------------------
> if (method=="BYE" || method=="CANCEL") {
> end_media_session();
> };
>
> #
> -----------------------------------------------------------------
> # Loose Route Section
> #
> -----------------------------------------------------------------
> if (loose_route()) {
>
> if (has_totag() && (method=="INVITE" || method=="ACK")) {
>
> if
> (client_nat_test("3")||search("^Route:.*;nat=yes")){
> setflag(6);
> use_media_proxy();
> };
> };
>
> route(1);
> return;
> };
>
> #
> -----------------------------------------------------------------
> # Call Type Processing Section
> #
> -----------------------------------------------------------------
> if (!is_uri_host_local()) {
> if (is_from_local() || allow_trusted()) {
> route(4);
> route(1);
> } else {
> sl_send_reply("403", "Forbidden");
> };
> return;
> };
>
> if (method=="CANCEL") {
> route(1);
> return;
> } else if (method=="INVITE") {
> route(3);
> return;
> } else if (method=="REGISTER") {
> route(2);
> return;
> };
>
> lookup("aliases");
> if (uri!=myself) {
> route(4);
> route(1);
> return;
> };
>
> if (!lookup("location")) {
> sl_send_reply("404", "User Not Found");
> return;
> };
>
> route(1);
> }
>
> route[1] {
>
> #
> -----------------------------------------------------------------
> # Default Message Handler
> #
> -----------------------------------------------------------------
>
> t_on_reply("1");
>
> if (!t_relay()) {
>
> if (method=="INVITE" || method=="ACK") {
> end_media_session();
> };
>
> sl_reply_error();
> };
> }
>
> route[2] {
>
> #
> -----------------------------------------------------------------
> # REGISTER Message Handler
> #
> -----------------------------------------------------------------
>
> sl_send_reply("100", "Trying");
>
> if (!search("^Contact:[ ]*\*") && client_nat_test("7")) {
> setflag(6);
> fix_nated_register();
> force_rport();
> };
>
> if (!www_authorize("","subscriber")) {
> www_challenge("","0");
> return;
> };
>
> if (!check_to()) {
> sl_send_reply("401", "Unauthorized");
> return;
> };
>
> consume_credentials();
>
> if (!save("location")) {
> sl_reply_error();
> };
> }
>
> route[3] {
>
> #
> -----------------------------------------------------------------
> # INVITE Message Handler
> #
> -----------------------------------------------------------------
>
> if (!allow_trusted()) {
>
> if (!proxy_authorize("","subscriber")) {
> proxy_challenge("","0");
> return;
> } else if (!check_from()) {
> sl_send_reply("403", "Use From=ID");
> return;
> };
>
> consume_credentials();
> };
>
> if (client_nat_test("3")) {
> setflag(7);
> force_rport();
> fix_nated_contact();
> };
>
> if (uri=~"^sip:1[0-9]{10}@") {
> strip(1);
> };
>
> lookup("aliases");
> if (uri!=myself) {
> route(4);
> route(1);
> return;
> };
>
> if (uri=~"^sip:011[0-9]*@") { # International PSTN
> route(4);
> route(5);
> return;
> };
>
> if (!lookup("location")) {
> if (uri=~"^sip:[0-9]{10}@") { # Domestic PSTN
> route(4);
> route(5);
> return;
> };
>
> sl_send_reply("404", "User Not Found");
> return;
> };
>
> route(4);
> route(1);
> }
>
> route[4] {
>
> #
> -----------------------------------------------------------------
> # NAT Traversal Section
> #
> -----------------------------------------------------------------
>
> if (isflagset(6) || isflagset(7)) {
> use_media_proxy();
> };
> }
>
> route[5] {
>
> #
> -----------------------------------------------------------------
> # PSTN Handler
> #
> -----------------------------------------------------------------
>
> rewritehost("mygateway:5060"); # INSERT YOUR PSTN GATEWAY IP ADDRESS
>
> # avp_write("i:45", "inv_timeout");
>
> route(4);
> route(1);
> }
>
> onreply_route[1] {
>
> if ((isflagset(6) || isflagset(7)) &&
> (status=~"(180)|(183)|2[0-9][0-9]")) {
>
> if (!search("^Content-Length:[ ]*0")) {
> use_media_proxy();
> };
> };
>
> if (client_nat_test("1")) {
> fix_nated_contact();
> };
> }
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
>
>
More information about the Users
mailing list