Hi everybody,
I'm having problems rewritehostport to PSTN gateway. It gives me the 403 Forbidden error. Here is the error:
SEND TIME: 130027089
SEND >>
ACK sip:0013373038435@test.com SIP/2.0
Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bK437FA12BFB124DA68EB569C02212327D
From: Kenny <sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>;tag=eb9822f1ed1b15a932bf98c097b3aaca.befd
Contact: <sip:200@70.xxx.xxx.xxx:5060>
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9401 ACK
Max-Forwards: 70
Content-Length: 0
SEND TIME: 130027095
SEND >> 70.xxx.xxx.xxx:5060
INVITE sip:0013373038435@test.com SIP/2.0
Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908
From: Kenny <sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>
Contact: <sip:200@70.xxx.xxx.xxx:5060>
Call-ID:
67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 INVITE
Proxy-Authorization: Digest username="200",realm="test.com",nonce="44a21eb77c572fc09155f89521700490cb8a87ef",response="75921f5f225efeaeb0177e3353769190",uri="sip:0013373038435@test.com"
Max-Forwards: 70
Content-Type: application/sdp
User-Agent: X-Lite release 1105x
Content-Length: 308
v=0
o=200 130026958 130027078 IN IP470.xxx.xxx.xxx
s=X-Lite
c=IN IP4 70.xxx.xxx.xxx
t=0 0
m=audio 8000 RTP/AVP 0 8 3 98 97 101
a=rtpmap:0 pcmu/8000
a=rtpmap:8 pcma/8000
a=rtpmap:3 gsm/8000
a=rtpmap:98 iLBC/8000
a=rtpmap:97 speex/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=sendrecv
RECEIVE TIME: 130027172
RECEIVE << 70.xxx.xxx.xxx:5060
SIP/2.0 100 trying -- your call is important to us
Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908;received=192.168.1.1
From: Kenny
<sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 INVITE
Server: OpenSer (1.0.1 (i386/linux))
Content-Length: 0
Warning: 392 192.168.1.6:5060 "Noisy feedback tells: pid=4989 req_src_ip=192.168.1.1 req_src_port=5060 in_uri=sip:0013373038435@test.com out_uri=sip:13373038435@pstn.gateway:5060 via_cnt==1"
RECEIVE TIME: 130027371
RECEIVE << 70.xxx.xxx.xxx:5060
SIP/2.0 403 Forbidden
To: <sip:0013373038435@test.com>;tag=3360460030-876466
From: Kenny <sip:200@test.com>;tag=1187743606
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 INVITE
Contact: sip:13373038435@65.xxx.xxx.xxx:5060
Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;received=192.168.1.1;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908
Content-Length: 0
SEND TIME: 130027372
SEND
>>70.xxx.xxx.xxx:5060
ACK sip:0013373038435@test.comSIP/2.0
Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908
From: Kenny <sip:200@test.com>;tag=1187743606
To: <sip:0013373038435@test.com>;tag=3360460030-876466
Contact: <sip:200@70.xxx.xxx.xxx:5060>
Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30
CSeq: 9402 ACK
Max-Forwards: 70
Content-Length: 0
********************************Openser.cfg********************************************
debug=3
fork=yes
log_stderror=no
listen=192.168.1.6
alias=test.com
port=5060
children=32
dns=no
rev_dns=no
fifo="/tmp/openser_fifo"
fifo_db_url="mysql://openser:openserrw@localhost/openser"
loadmodule "/usr/local/lib/openser/modules/mysql.so"
loadmodule "/usr/local/lib/openser/modules/sl.so"
loadmodule
"/usr/local/lib/openser/modules/tm.so"
loadmodule "/usr/local/lib/openser/modules/rr.so"
loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
loadmodule "/usr/local/lib/openser/modules/usrloc.so"
loadmodule "/usr/local/lib/openser/modules/registrar.so"
loadmodule "/usr/local/lib/openser/modules/auth.so"
loadmodule "/usr/local/lib/openser/modules/auth_db.so"
loadmodule "/usr/local/lib/openser/modules/uri.so"
loadmodule "/usr/local/lib/openser/modules/uri_db.so"
loadmodule "/usr/local/lib/openser/modules/nathelper.so"
loadmodule "/usr/local/lib/openser/modules/avpops.so"
loadmodule "/usr/local/lib/openser/modules/textops.so"
loadmodule "/usr/local/lib/openser/modules/xlog.so"
modparam("auth_db|uri_db|usrloc", "db_url",
"mysql://openser:openserrw@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("nathelper", "natping_interval",
30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock", "/var/run/rtpproxy.sock")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
modparam("tm", "fr_inv_timer", 27)
modparam("tm", "fr_inv_timer_avp", "inv_timeout")
route {
# -----------------------------------------------------------------
# Sanity Check Section
# -----------------------------------------------------------------
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
exit;
};
if (msg:len > max_len) {
sl_send_reply("513", "Message Overflow");
exit;
};
# -----------------------------------------------------------------
# Record Route Section
# -----------------------------------------------------------------
if (method!="REGISTER") {
record_route();
};
if (method=="BYE" || method=="CANCEL") {
unforce_rtp_proxy();
t_relay();
exit;
}
# -----------------------------------------------------------------
# Loose Route Section
# -----------------------------------------------------------------
if (loose_route()) {
if
((method=="INVITE" || method=="REFER") && !has_totag()) {
xlog("Does not have to tag, FORBIDDEN\n");
sl_send_reply("403", "Forbidden");
exit;
};
if (method=="INVITE") {
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
exit;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
exit;
};
consume_credentials();
if (nat_uac_test("19")) {
setflag(6);
force_rport();
xlog("Forcing rtpport\n");
fix_nated_contact();
};
force_rtp_proxy("l");
};
route(1);
return;
};
# -----------------------------------------------------------------
# Call Type Processing Section
# -----------------------------------------------------------------
if (uri!=myself) {
route(4);
route(1);
return;
};
if (method=="ACK") {
route(1);
return;
} else if (method=="CANCEL") {
route(1);
return;
} else if (method=="INVITE") {
route(3);
return;
} else if (method=="REGISTER")
{
route(2);
return;
};
lookup("aliases");
if (uri!=myself) {
route(4);
route(1);
return;
};
if (!lookup("location")) {
sl_send_reply("404", "User Not Found");
return;
};
route(1);
}
route[1] {
# -----------------------------------------------------------------
# Default Message Handler
# -----------------------------------------------------------------
t_on_reply("1");
if (!t_relay())
{
if (method=="INVITE" && isflagset(6)) {
unforce_rtp_proxy();
xlog("Unforce RTP proxy2\n");
};
xlog("Dunno why forbidden\n");
sl_reply_error();
xlog("Forbidden4\n");
};
}
route[2] {
# -----------------------------------------------------------------
# REGISTER Message Handler
# ----------------------------------------------------------------
if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) {
setflag(6);
fix_nated_register();
force_rport();
};
sl_send_reply("100", "Trying");
if (!www_authorize("","subscriber")) {
www_challenge("","0");
exit;
};
if (!check_to()) {
sl_send_reply("401", "Unauthorized");
return;
};
consume_credentials();
if (!save("location")) {
sl_reply_error();
};
}
route[3] {
# -----------------------------------------------------------------
# INVITE Message Handler
#
-----------------------------------------------------------------
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
exit;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
exit;
};
consume_credentials();
if (nat_uac_test("19")) {
setflag(6);
xlog("Setflag cos behind NAT\n");
}
lookup("aliases");
if (uri!=myself) {
route(4);
route(1);
return;
};
if (uri=~"^sip:00[0-9]*@") { # International PSTN
xlog("International PSTN\n");
strip(2);
route(4);
route(5);
return;
};
if (!lookup("location")) {
sl_send_reply("404", "User Not Found");
return;
};
route(4);
route(1);
}
route[4] {
# -----------------------------------------------------------------
# NAT Traversal Section
#
-----------------------------------------------------------------
if (isflagset(6)) {
force_rport();
fix_nated_contact();
force_rtp_proxy();
xlog("NAT Traversal Section\n");
}
}
route[5] {
# -----------------------------------------------------------------
# PSTN Handler
# -----------------------------------------------------------------
xlog("Routing to PSTN gateway\n");
rewritehostport("pstn.gateway:5060");
avp_write("i:45", "inv_timeout");
route(1);
xlog("Routed to PSTN gateway\n");
}
onreply_route[1] {
if
(isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") {
if (!search("^Content-Length:[ ]*0")) {
force_rtp_proxy();
};
};
if (nat_uac_test("1")) {
fix_nated_contact();
};
}