Hello all,
I'm trying to force all calls through mediaproxy, but can't seem to be able to do it... eyebeam doesn't do it while sjphone does...
What am I doing wrong?
Calls between eyebam and sjphone work fine but call to echo test, failes, rtps are going to the echo test ip directly... not going through mediaproxy...
This is really killing me, any help would be greatly appreciated!!
here's my config
#
# $Id: openser.cfg 1676 2007-02-21 13:16:34Z bogdan_iancu $
#
# simple quick-start config script
# Please refer to the Core CookBook at http://www.openser.org/dokuwiki/doku.php
# for a explanation of possible statements, functions and parameters.
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
children=10
port=5060
listen=MY.OPENSER.IP.COM
disable_dns_blacklist=true
# ------------------ module loading ----------------------------------
#set module path
mpath="//lib/openser/modules/"
# Uncomment this if you want to use SQL database
#loadmodule "mysql.so"
loadmodule "mysql.so"
loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "rr.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "uri.so"
loadmodule "uri_db.so"
loadmodule "domain.so"
loadmodule "permissions.so"
#loadmodule "group.so"
loadmodule "mi_fifo.so"
loadmodule "lcr.so"
loadmodule "avpops.so"
loadmodule "xlog.so"
loadmodule "mediaproxy.so"
loadmodule "acc.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "auth.so"
loadmodule "auth_db.so"
# ----------------- setting module-specific parameters ---------------
modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")
modparam("registrar", "received_avp", "$avp(i:42)")
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "nat_bflag", 4)
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("rr", "enable_full_lr", 1)
#modparam("auth_db|permissions|uri_db|usrloc","db_url","mysql://openser:openserrw@localhost/openser")
modparam("auth_db|permissions|usrloc|uri_db|domain|lcr|avpops|avp_url","db_url","mysql://openser:password@localhost/openser")
modparam("permissions", "db_mode", 1)
modparam("permissions", "trusted_table", "trusted")
modparam("avpops", "avp_table", "usr_preferences")
modparam("mediaproxy","natping_interval",20)
modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy/mediaproxy.sock")
modparam("mediaproxy","sip_asymmetrics","/etc/openser/sip-clients")
modparam("mediaproxy","rtp_asymmetrics","/ect/openser/rtp-clients")
modparam("lcr", "contact_avp", "$avp(i:711)")
modparam("lcr|tm", "fr_inv_timer_avp", "$avp(i:704)")
modparam("lcr", "gw_uri_avp", "$avp(i:709)")
modparam("^auth$|lcr", "rpid_avp", "$avp(i:302)")
modparam("lcr", "ruri_user_avp", "$avp(i:500)")
modparam("lcr", "dm_flag", 25)
modparam("acc", "radius_config", "/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "radius_flag", 2)
modparam("acc", "radius_missed_flag", 3)
modparam("acc", "radius_extra", "User-Name=$Au;Calling-Station-Id=$from;Called-Station-Id=$to;Sip-Translated-Request-URI=$ruri;Sip-RPid=$avp(s:rpid);Source-IP=$si;Source-Port=$sp;Canonical-URI=$avp(s:can_uri);Billing-Party=$avp(s:billing_party);Divert-Reason=$avp(s:divert_reason);X-RTP-Stat=$hdr(X-RTP-Stat);Contact=$hdr(contact);Event=$hdr(event);SIP-Proxy-IP=$avp(s:sip_proxy_ip);ENUM-TLD=$avp(s:enum_tld)")
# ------------------------- request routing logic -------------------
# main routing logic
route{
#
# -- 1 -- Request Validation
#
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
};
if (msg:len >= 2048 ) {
sl_send_reply("513", "Message too big");
exit;
};
#
# -- 2 -- Routing Preprocessing
#
## Record-route all except Register
## Mark packets with nat=yes
## This mark will be used to identify the request in the loose
## route section
if(!is_method("REGISTER")){
record_route(";nat=yes");
};
##Loose_route packets
if (has_totag()) {
#sequential request withing a dialog should
# take the path determined by record-routing
if (loose_route()) {
if(method=="BYE") {
#Account BYE transactions
setflag(2);
};
#Check authentication of re-invites
if(method=="INVITE" && (!allow_trusted())) {
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","1");
exit;
} else if (!check_from()) {
sl_send_reply("403", "Forbidden, use From=ID");
exit;
};
};
if(method=="BYE" || method=="CANCEL") {
end_media_session();
};
##Detect requests in the dialog behind NAT and flag with 6
route(1);
} else {
sl_send_reply("404","Not here");
}
exit;
}
#CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans()) {
end_media_session();
t_relay();
};
exit;
}
t_check_trans();
#
# -- 3 -- Determine Request Target
#
if (method=="REGISTER") {
route(2);
} else {
route(3);
};
}
route[1] {
#
# -- 4 -- Forward request to target
#
# Forward statefully
t_on_reply("1");
t_on_failure("1");
if (!t_relay()) {
sl_reply_error();
};
exit;
}
route[2] {
## Register request handler
if (is_uri_host_local()) {
if (!www_authorize("", "subscriber")) {
www_challenge("", "1");
exit;
};
if (!check_to()) {
sl_send_reply("403", "Forbidden");
exit;
};
setbflag(6);
force_rport();
save("location");
exit;
} else if {
sl_send_reply("403", "Forbidden");
};
}
route[3] {
## Requests handler
if (method=="INVITE") {
# Account INVITE packets
setflag(2);
# Account Missed calls
setflag(3);
# Radius Extra
$avp(s:sip_proxy_ip)="MY.OPENSER.IP.COM";
};
if (is_from_local()){
# From an internal domain -> check the credentials and the FROM
if(!allow_trusted()){
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
exit;
} else if(!check_from()) {
sl_send_reply("403", "Forbidden, use From=ID");
exit;
};
};
#unconditional call forward
if(avp_db_load("$ru/username","$avp(s:callfwd)")) {
avp_pushto("$ru", "$avp(s:callfwd)");
route(1);
exit;
}
consume_credentials();
#verify aliases, if found replace R-URI.
lookup("aliases");
if (is_uri_host_local()) {
# -- Inbound to Inbound
xlog("L_INFO","OPENSER: INBOUND -> INBOUND ($tU)");
route(10);
} else {
# -- Inbound to outbound
xlog("L_INFO","OPENSER: INBOUND -> OUTBOUND ($tU)");
route(11);
};
} else {
#From an external domain ->do not check credentials
#Verify aliases, if found replace R-URI.
lookup("aliases");
if (is_uri_host_local()) {
xlog("L_INFO","OPENSER: OUTBOUND -> INBOUND ($tU)");
#-- Outbound to inbound
route(12);
} else {
xlog("L_INFO","OPENSER: OUTBOUND -> OUTBOUND ($tU)");
# -- Outbound to outbound
route(13);
};
};
}
route[4] {
# routing to the public network
if (!load_gws()) {
sl_send_reply("503", "Unable to load gateways");
exit;
}
if(!next_gw()){
sl_send_reply("503", "Unable to find a gateway");
exit;
}
t_on_failure("2");
if (!t_relay()) {
sl_reply_error();
};
exit;
}
route[6] {
#
# -- NAT handling --
#
append_hf("P-hint: Route[6]: mediaproxy \r\n");
use_media_proxy();
}
route[10] {
#from an internal domain -> inbound
#Native SIP destinations are handled using the location table
#Gateway destinations are handled by regular expressions
append_hf("P-hint: inbound->inbound \r\n");
xlog("L_INFO","LOOKING FOR: $tU");
if (uri=~"^sip:55613") { # ECHO TEST
xlog("L_INFO","IN ROUTE 613");
route(6);
rewritehostport("fwdnat2.pulver.com:5060");
if (!t_relay()) {
sl_reply_error();
};
exit;
};
if (uri=~"^sip:301") { # ECHO TEST
route(6);
rewritehostport("blueface.ie");
if (!t_relay()) {
sl_reply_error();
};
exit;
};
#
# if (uri=~"^sip:1[2-9][0-9]{9}@") {
# if (is_user_in("credentials","ld")) {
# strip(1);
# prefix("+1");
# route(6);
# route(4);
# exit;
# } else {
# sl_send_reply("403", "No permissions for long distance");
# exit;
# };
# };
#
# if (uri=~"^sip:011[0-9]*@") {
# if (is_user_in("credentials","int")) {
# strip(3);
# prefix("+");
# route(6);
# route(4);
# exit;
# } else {
# sl_send_reply("403", "No permissions for international calls");
# };
# };
if (!lookup("location")) {
if (does_uri_exist()) {
## User not registered at this time.
## Use the IP Address of your e-mail server
revert_uri();
prefix("u");
rewritehostport("192.168.1.171"); #Use the IP address of your voicemail server
route(6);
route(1);
} else {
sl_send_reply("404", "Not Found");
exit;
}
sl_send_reply("404", "Not Found");
exit;
};
route(6);
route(1);
}
route[11] {
# from an internal domain -> outbound
# Simply route the call outbound using DNS search
append_hf("P-hint: inbound->outbound \r\n");
route(1);
}
route[12] {
# From an external domain -> inbound
# Verify aliases, if found replace R-URI.
lookup("aliases");
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
exit;
};
route(1);
}
route[13] {
#From an external domain outbound
#we are not accepting these calls
append_hf("P-hint: outbound->inbound \r\n");
sl_send_reply("403", "Forbidden");
exit;
}
failure_route[1] {
##--
##-- If cancelled, exit.
##--
if (t_was_cancelled()) {
exit;
};
##--
##-- If busy send to the e-mail server, prefix the "b"
##-- character to indicate busy.
##--
if (t_check_status("486")) {
revert_uri();
prefix("b");
rewritehostport("192.168.1.171");
append_branch();
route(1);
exit;
};
##--
##-- If timeout (408) or unavailable temporarily (480),
##-- prefix the uri with the "u"character to indicate
##-- unanswered and send to the e-mail
##-- sever
##--
if (t_check_status("408") || t_check_status("480")) {
revert_uri();
prefix("u");
rewritehostport("192.168.1.171");
append_branch();
route(1);
exit;
};
}
failure_route[2] {
if(!next_gw()) {
t_reply("503", "Service not available, no more gateways");
exit;
};
t_on_failure("2");
t_relay();
}
onreply_route[1] {
#
#-- On-replay block routing --
#
append_hf("P-hint: onreply_route|usemediaproxy \r\n");
use_media_proxy();
exit;
}