Hi everybody,

I'm having problems rewritehostport to PSTN gateway. It gives me the 403 Forbidden error. Here is the error:

SEND TIME: 130027089
SEND >>
ACK sip:0013373038435@test.com SIP/2.0
Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bK437FA12BFB124DA68EB569C02212327D
From: Kenny <sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>;tag=eb9822f1ed1b15a932bf98c097b3aaca.befd
Contact: <sip:200@70.xxx.xxx.xxx:5060>
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9401 ACK
Max-Forwards: 70
Content-Length: 0


SEND TIME: 130027095
SEND >> 70.xxx.xxx.xxx:5060
INVITE sip:0013373038435@test.com SIP/2.0
Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908
From: Kenny <sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>
Contact: <sip:200@70.xxx.xxx.xxx:5060>
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 INVITE
Proxy-Authorization: Digest username="200",realm="test.com",nonce="44a21eb77c572fc09155f89521700490cb8a87ef",response="75921f5f225efeaeb0177e3353769190",uri="sip:0013373038435@test.com"
Max-Forwards: 70
Content-Type: application/sdp
User-Agent: X-Lite release 1105x
Content-Length: 308

v=0
o=200 130026958 130027078 IN IP470.xxx.xxx.xxx
s=X-Lite
c=IN IP4 70.xxx.xxx.xxx
t=0 0
m=audio 8000 RTP/AVP 0 8 3 98 97 101
a=rtpmap:0 pcmu/8000
a=rtpmap:8 pcma/8000
a=rtpmap:3 gsm/8000
a=rtpmap:98 iLBC/8000
a=rtpmap:97 speex/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=sendrecv

RECEIVE TIME: 130027172
RECEIVE << 70.xxx.xxx.xxx:5060
SIP/2.0 100 trying -- your call is important to us
Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908;received=192.168.1.1
From: Kenny <sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 INVITE
Server: OpenSer (1.0.1 (i386/linux))
Content-Length: 0
Warning: 392 192.168.1.6:5060 "Noisy feedback tells:  pid=4989 req_src_ip=192.168.1.1 req_src_port=5060 in_uri=sip:0013373038435@test.com out_uri=sip:13373038435@pstn.gateway:5060 via_cnt==1"


RECEIVE TIME: 130027371
RECEIVE << 70.xxx.xxx.xxx:5060
SIP/2.0 403 Forbidden
To: <sip:0013373038435@test.com>;tag=3360460030-876466
From: Kenny <sip:200@test.com>;tag=1187743606
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 INVITE
Contact: sip:13373038435@65.xxx.xxx.xxx:5060
Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;received=192.168.1.1;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908
Content-Length: 0


SEND TIME: 130027372
SEND >>70.xxx.xxx.xxx:5060
ACK sip:0013373038435@test.comSIP/2.0
Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908
From: Kenny <sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>;tag=3360460030-876466
Contact: <sip:200@70.xxx.xxx.xxx:5060>
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 ACK
Max-Forwards: 70
Content-Length: 0


********************************Openser.cfg********************************************


debug=3
fork=yes
log_stderror=no

listen=192.168.1.6      
alias=test.com
port=5060
children=32

dns=no
rev_dns=no
fifo="/tmp/openser_fifo"
fifo_db_url="mysql://openser:openserrw@localhost/openser"

loadmodule "/usr/local/lib/openser/modules/mysql.so"
loadmodule "/usr/local/lib/openser/modules/sl.so"
loadmodule "/usr/local/lib/openser/modules/tm.so"
loadmodule "/usr/local/lib/openser/modules/rr.so"
loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
loadmodule "/usr/local/lib/openser/modules/usrloc.so"
loadmodule "/usr/local/lib/openser/modules/registrar.so"
loadmodule "/usr/local/lib/openser/modules/auth.so"
loadmodule "/usr/local/lib/openser/modules/auth_db.so"
loadmodule "/usr/local/lib/openser/modules/uri.so"
loadmodule "/usr/local/lib/openser/modules/uri_db.so"
loadmodule "/usr/local/lib/openser/modules/nathelper.so"
loadmodule "/usr/local/lib/openser/modules/avpops.so"
loadmodule "/usr/local/lib/openser/modules/textops.so"
loadmodule "/usr/local/lib/openser/modules/xlog.so"

modparam("auth_db|uri_db|usrloc", "db_url",
    "mysql://openser:openserrw@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")

modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)  
modparam("nathelper", "rtpproxy_sock", "/var/run/rtpproxy.sock")

modparam("usrloc", "db_mode", 2)

modparam("registrar", "nat_flag", 6)

modparam("rr", "enable_full_lr", 1)

modparam("tm", "fr_inv_timer", 27)
modparam("tm", "fr_inv_timer_avp", "inv_timeout")

route {

    # -----------------------------------------------------------------
    # Sanity Check Section
    # -----------------------------------------------------------------
    if (!mf_process_maxfwd_header("10")) {
        sl_send_reply("483", "Too Many Hops");
        exit;
    };

    if (msg:len > max_len) {
        sl_send_reply("513", "Message Overflow");
        exit;
    };

    # -----------------------------------------------------------------
    # Record Route Section
    # -----------------------------------------------------------------
    if (method!="REGISTER") {
        record_route();
    };

    if (method=="BYE" || method=="CANCEL") {
        unforce_rtp_proxy();
        t_relay();
        exit;
    }

    # -----------------------------------------------------------------
    # Loose Route Section
    # -----------------------------------------------------------------
    if (loose_route()) {

        if ((method=="INVITE" || method=="REFER") && !has_totag()) {
            xlog("Does not have to tag, FORBIDDEN\n");
            sl_send_reply("403", "Forbidden");
            exit;
        };

        if (method=="INVITE") {

            if (!proxy_authorize("","subscriber")) {
                proxy_challenge("","0");
                exit;
            } else if (!check_from()) {
                sl_send_reply("403", "Use From=ID");
                exit;
            };
            consume_credentials();

            if (nat_uac_test("19")) {
                setflag(6);
                force_rport();
                xlog("Forcing rtpport\n");
                fix_nated_contact();
            };
            force_rtp_proxy("l");
        };
        route(1);
        return;
    };

    # -----------------------------------------------------------------
    # Call Type Processing Section
    # -----------------------------------------------------------------
    if (uri!=myself) {
        route(4);
        route(1);
        return;
    };

    if (method=="ACK") {
        route(1);
        return;
    } else if (method=="CANCEL") {
        route(1);
        return;
    } else if (method=="INVITE") {
        route(3);
        return;
    } else  if (method=="REGISTER") {
        route(2);
        return;
    };

    lookup("aliases");
    if (uri!=myself) {
        route(4);
        route(1);
        return;
    };

    if (!lookup("location")) {
        sl_send_reply("404", "User Not Found");
        return;
    };

    route(1);
}

route[1] {

    # -----------------------------------------------------------------
    # Default Message Handler
    # -----------------------------------------------------------------

    t_on_reply("1");

    if (!t_relay()) {
        if (method=="INVITE" && isflagset(6)) {
            unforce_rtp_proxy();
            xlog("Unforce RTP proxy2\n");
        };
        xlog("Dunno why forbidden\n");
        sl_reply_error();
        xlog("Forbidden4\n");
    };
   
}

route[2] {

    # -----------------------------------------------------------------
    # REGISTER Message Handler
    # ----------------------------------------------------------------

    if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) {
        setflag(6);
        fix_nated_register();
        force_rport();
    };

    sl_send_reply("100", "Trying");

    if (!www_authorize("","subscriber")) {
        www_challenge("","0");
        exit;
    };

    if (!check_to()) {
        sl_send_reply("401", "Unauthorized");
        return;
    };

    consume_credentials();

    if (!save("location")) {
        sl_reply_error();
    };
}

route[3] {

    # -----------------------------------------------------------------
    # INVITE Message Handler
    # -----------------------------------------------------------------

    if (!proxy_authorize("","subscriber")) {
        proxy_challenge("","0");
        exit;
    } else if (!check_from()) {
        sl_send_reply("403", "Use From=ID");
        exit;
    };

    consume_credentials();

    if (nat_uac_test("19")) {
        setflag(6);
        xlog("Setflag cos behind NAT\n");
    }
   
   
   
    lookup("aliases");
    if (uri!=myself) {
        route(4);
        route(1);
        return;
    };
   
    if (uri=~"^sip:00[0-9]*@") {        # International PSTN
        xlog("International PSTN\n");
        strip(2);
        route(4);
        route(5);
        return;
    };
   

    if (!lookup("location")) {
        sl_send_reply("404", "User Not Found");
        return;
    };

    route(4);
    route(1);
}

route[4] {

    # -----------------------------------------------------------------
    # NAT Traversal Section
    # -----------------------------------------------------------------

    if (isflagset(6)) {
        force_rport();
        fix_nated_contact();
        force_rtp_proxy();
        xlog("NAT Traversal Section\n");
    }
}

route[5] {

    # -----------------------------------------------------------------
    # PSTN Handler
    # -----------------------------------------------------------------
    xlog("Routing to PSTN gateway\n");
    rewritehostport("pstn.gateway:5060");
   
    avp_write("i:45", "inv_timeout");

    route(1);
    xlog("Routed to PSTN gateway\n");
}


onreply_route[1] {

    if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") {
        if (!search("^Content-Length:[ ]*0")) {
            force_rtp_proxy();
        };
    };

    if (nat_uac_test("1")) {
        fix_nated_contact();
    };
}


Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min.