Hi everybody,
I'm having problems rewritehostport to PSTN gateway. It gives me the 403 Forbidden error. Here is the error:
SEND TIME: 130027089 SEND >> ACK sip:0013373038435@test.com SIP/2.0 Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bK437FA12BFB124DA68EB569C02212327D From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com;tag=eb9822f1ed1b15a932bf98c097b3aaca.befd Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9401 ACK Max-Forwards: 70 Content-Length: 0
SEND TIME: 130027095 SEND >> 70.xxx.xxx.xxx:5060 INVITE sip:0013373038435@test.com SIP/2.0 Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Proxy-Authorization: Digest username="200",realm="test.com",nonce="44a21eb77c572fc09155f89521700490cb8a87ef",response="75921f5f225efeaeb0177e3353769190",uri="sip:0013373038435@test.com" Max-Forwards: 70 Content-Type: application/sdp User-Agent: X-Lite release 1105x Content-Length: 308
v=0 o=200 130026958 130027078 IN IP470.xxx.xxx.xxx s=X-Lite c=IN IP4 70.xxx.xxx.xxx t=0 0 m=audio 8000 RTP/AVP 0 8 3 98 97 101 a=rtpmap:0 pcmu/8000 a=rtpmap:8 pcma/8000 a=rtpmap:3 gsm/8000 a=rtpmap:98 iLBC/8000 a=rtpmap:97 speex/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv
RECEIVE TIME: 130027172 RECEIVE << 70.xxx.xxx.xxx:5060 SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908;received=192.168.1.1 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Server: OpenSer (1.0.1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.6:5060 "Noisy feedback tells: pid=4989 req_src_ip=192.168.1.1 req_src_port=5060 in_uri=sip:0013373038435@test.com out_uri=sip:13373038435@pstn.gateway:5060 via_cnt==1"
RECEIVE TIME: 130027371 RECEIVE << 70.xxx.xxx.xxx:5060 SIP/2.0 403 Forbidden To: sip:0013373038435@test.com;tag=3360460030-876466 From: Kenny sip:200@test.com;tag=1187743606 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Contact: sip:13373038435@65.xxx.xxx.xxx:5060 Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;received=192.168.1.1;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 Content-Length: 0
SEND TIME: 130027372 SEND >>70.xxx.xxx.xxx:5060 ACK sip:0013373038435@test.comSIP/2.0 Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com;tag=3360460030-876466 Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 ACK Max-Forwards: 70 Content-Length: 0
********************************Openser.cfg********************************************
debug=3 fork=yes log_stderror=no
listen=192.168.1.6 alias=test.com port=5060 children=32
dns=no rev_dns=no fifo="/tmp/openser_fifo" fifo_db_url="mysql://openser:openserrw@localhost/openser"
loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/uri.so" loadmodule "/usr/local/lib/openser/modules/uri_db.so" loadmodule "/usr/local/lib/openser/modules/nathelper.so" loadmodule "/usr/local/lib/openser/modules/avpops.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/xlog.so"
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password")
modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "rtpproxy_sock", "/var/run/rtpproxy.sock")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
modparam("tm", "fr_inv_timer", 27) modparam("tm", "fr_inv_timer_avp", "inv_timeout")
route {
# ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); exit; };
if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); exit; };
# ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- if (method!="REGISTER") { record_route(); };
if (method=="BYE" || method=="CANCEL") { unforce_rtp_proxy(); t_relay(); exit; }
# ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) {
if ((method=="INVITE" || method=="REFER") && !has_totag()) { xlog("Does not have to tag, FORBIDDEN\n"); sl_send_reply("403", "Forbidden"); exit; };
if (method=="INVITE") {
if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; }; consume_credentials();
if (nat_uac_test("19")) { setflag(6); force_rport(); xlog("Forcing rtpport\n"); fix_nated_contact(); }; force_rtp_proxy("l"); }; route(1); return; };
# ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (uri!=myself) { route(4); route(1); return; };
if (method=="ACK") { route(1); return; } else if (method=="CANCEL") { route(1); return; } else if (method=="INVITE") { route(3); return; } else if (method=="REGISTER") { route(2); return; };
lookup("aliases"); if (uri!=myself) { route(4); route(1); return; };
if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; };
route(1); }
route[1] {
# ----------------------------------------------------------------- # Default Message Handler # -----------------------------------------------------------------
t_on_reply("1");
if (!t_relay()) { if (method=="INVITE" && isflagset(6)) { unforce_rtp_proxy(); xlog("Unforce RTP proxy2\n"); }; xlog("Dunno why forbidden\n"); sl_reply_error(); xlog("Forbidden4\n"); };
}
route[2] {
# ----------------------------------------------------------------- # REGISTER Message Handler # ----------------------------------------------------------------
if (!search("^Contact:[ ]**") && nat_uac_test("19")) { setflag(6); fix_nated_register(); force_rport(); };
sl_send_reply("100", "Trying");
if (!www_authorize("","subscriber")) { www_challenge("","0"); exit; };
if (!check_to()) { sl_send_reply("401", "Unauthorized"); return; };
consume_credentials();
if (!save("location")) { sl_reply_error(); }; }
route[3] {
# ----------------------------------------------------------------- # INVITE Message Handler # -----------------------------------------------------------------
if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; };
consume_credentials();
if (nat_uac_test("19")) { setflag(6); xlog("Setflag cos behind NAT\n"); }
lookup("aliases"); if (uri!=myself) { route(4); route(1); return; };
if (uri=~"^sip:00[0-9]*@") { # International PSTN xlog("International PSTN\n"); strip(2); route(4); route(5); return; };
if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; };
route(4); route(1); }
route[4] {
# ----------------------------------------------------------------- # NAT Traversal Section # -----------------------------------------------------------------
if (isflagset(6)) { force_rport(); fix_nated_contact(); force_rtp_proxy(); xlog("NAT Traversal Section\n"); } }
route[5] {
# ----------------------------------------------------------------- # PSTN Handler # ----------------------------------------------------------------- xlog("Routing to PSTN gateway\n"); rewritehostport("pstn.gateway:5060");
avp_write("i:45", "inv_timeout");
route(1); xlog("Routed to PSTN gateway\n"); }
onreply_route[1] {
if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") { if (!search("^Content-Length:[ ]*0")) { force_rtp_proxy(); }; };
if (nat_uac_test("1")) { fix_nated_contact(); }; }
--------------------------------- Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min.