Could they be caught by the check_to() for some reason? Add some log entries
in your config file to find out where it stops. And an ngrep trace always
helps...
g-)
Felipe Martins wrote:
Hi everybody,
I've configured SER to work with mediaproxy, I also configured
mediaproxy.ini. My clients are authenticating normally, but only the
clients that has a Public IP (ex. 200.201.145.146), all the cliets
that are behind NAT can't REGISTER. What may be wrong ? Do anyone
uses SER 0.9.0 with mysql authentication and Mediaproxy that could
give me a hand ?
My ser.cfg and mediaproxy.ini are as follows
================== ser.cfg ======================
debug=3
fork=yes
log_stderror=no
listen=192.0.2.13 # put your server IP address here
port=5060
children=4
dns=no
rev_dns=no
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://ser:heslo@localhost/ser"
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
loadmodule "/usr/local/lib/ser/modules/uri_db.so"
loadmodule "/usr/local/lib/ser/modules/domain.so"
loadmodule "/usr/local/lib/ser/modules/mediaproxy.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
modparam("auth_db|uri_db|usrloc", "db_url",
"mysql://ser:heslo@localhost/ser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("nathelper", "rtpproxy_disable", 1)
modparam("nathelper", "natping_interval", 0)
modparam("mediaproxy","natping_interval", 30)
modparam("mediaproxy","mediaproxy_socket",
"/var/run/mediaproxy.sock")
modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients")
modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
route {
#
----------------------------------------------------------------- #
Sanity Check Section #
----------------------------------------------------------------- if
(!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too
Many
Hops"); break; };
if (msg:len > max_len) {
sl_send_reply("513", "Message Overflow");
break;
};
#
----------------------------------------------------------------- #
Record Route Section #
----------------------------------------------------------------- if
(method=="INVITE" && client_nat_test("3")) { # INSERT YOUR IP
ADDRESS
HERE record_route_preset("192.0.2.13:5060;nat=yes"); } else if
(method!="REGISTER") { record_route(); };
#
----------------------------------------------------------------- #
Call Tear Down Section #
----------------------------------------------------------------- if
(method=="BYE" || method=="CANCEL") { end_media_session(); };
#
----------------------------------------------------------------- #
Loose Route Section #
----------------------------------------------------------------- if
(loose_route()) {
if (has_totag() && (method=="INVITE" ||
method=="ACK")) {
if (client_nat_test("3") ||
search("^Route:.*;nat=yes")) {
setflag(6); use_media_proxy();
};
};
route(1);
break;
};
#
----------------------------------------------------------------- #
Call Type Processing Section #
-----------------------------------------------------------------
if (uri!=myself) {
route(1);
break;
};
if (uri==myself) {
if (method=="CANCEL") {
route(3);
break;
} else if (method=="INVITE") {
route(3);
break;
} else if (method=="REGISTER") {
route(2);
break;
};
lookup("aliases");
if (uri!=myself) {
route(1);
break;
};
if (!lookup("location")) {
sl_send_reply("404", "User Not Found");
break;
};
};
route(1);
}
route[1] {
#
----------------------------------------------------------------- #
Default Message Handler #
-----------------------------------------------------------------
t_on_reply("1");
if (!t_relay()) {
if (method=="INVITE" || method=="ACK") {
end_media_session();
};
sl_reply_error();
};
}
route[2] {
#
----------------------------------------------------------------- #
REGISTER Message Handler #
----------------------------------------------------------------
sl_send_reply("100", "Trying");
if (!search("^Contact:\ +\*") && client_nat_test("7"))
{
setflag(6);
fix_nated_register();
force_rport();
};
if (!www_authorize("","subscriber")) {
www_challenge("","0");
break;
};
if (!check_to()) {
sl_send_reply("401", "Unauthorized");
break;
};
consume_credentials();
if (!save("location")) {
sl_reply_error();
};
}
route[3] {
#
----------------------------------------------------------------- #
CANCEL and INVITE Message Handler #
-----------------------------------------------------------------
if (client_nat_test("3")) {
setflag(7);
force_rport();
fix_nated_contact();
};
lookup("aliases");
if (uri!=myself) {
route(1);
break;
};
if (!lookup("location")) {
sl_send_reply("404", "User Not Found");
break;
};
if (method=="CANCEL") {
route(1);
break;
};
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
break;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
break;
};
consume_credentials();
if (isflagset(6) || isflagset(7)) {
use_media_proxy();
};
route(1);
}
onreply_route[1] {
if ((isflagset(6) || isflagset(7)) &&
(status=~"(180)|(183)|2[0-9][0-9]")) {
if (!search("^Content-Length:\ +0")) {
use_media_proxy();
};
};
if (client_nat_test("1")) {
fix_nated_contact();
};
}
================== End of ser.cfg ======================
=================== mediaproxy.ini ======================
;
; Configuration file for MediaProxy
;
[Dispatcher]
;
; Section for configuring the proxy dispatcher
;
; The following options are available here:
;
; start Boolean value that specifies if to start the
dispatcher. ; Default value: Yes
;
; socket Path to the UNIX socket where the dispatcher receives
; commands from SER. This should match the value for
; mediaproxy_socket in ser.cfg
; Default value: /var/run/proxydispatcher.sock
;
; group Put the socket in this group and make it group
writable. ; Default value: ser
;
; defaultProxy Default mediaproxy to use in case the From/To domains
; involved in the call don't define any.
; Valid values for this are:
;
; - None
; don't use any default proxies. domains without
; mediaproxy SRV records won't work
; - /path/to/unix/socket
; use a single MediaProxy server identified by the
given ; UNIX socket path
; - IP_or_hostname[:port]
; use a single MediaProxy server identified by its
network ; address. The network address consists of
an IP address ; or a hostname and an optional port
number separated by ; a double colon. If port is
missing 25060 will be assumed. ; Examples:
; 10.0.0.1 (connect to 10.0.0.1 on port
25060) ; 10.0.0.1:90 (connect to 10.0.0.1 on
port 90) ;
mp1.mydomain.com
; mp1.mydomain.com:7000
; - domain://domain_name
; Use all MediaProxies defined by domain_name,
honoring ; their priority and weight to create a
cluster of proxies ; with fallback and load
balancing capabilities. ;
; Default value: /var/run/mediaproxy.sock
;
start = yes
socket = /var/run/proxydispatcher.sock
group = ser
defaultProxy = /var/run/mediaproxy.sock
[MediaProxy]
;
; Section for configuring the MediaProxy server
;
; The following options are available here:
;
; start Boolean value that specifies if to start the RTP
proxy server. ; Default value: Yes
;
; socket Path to the UNIX socket where MediaProxy receives
; commands from the dispatcher or SER.
; Default value: /var/run/mediaproxy.sock
;
; group Put the socket in this group and make it group
writable. ; Default value: ser
;
; listen Network address where MediaProxy receives commands
from ; a remote dispatcher.
; Valid values for this are:
;
; - None
; don't listen for network connections at all
; - address[:port]
; listen on the specified address and port
; address can be an IP a hostname or the keyword
Any ; (in which case it will listen on 0.0.0.0).
If address is ; a hostname, that should map in DNS
to an IP address ; present on the machine through
an A record. ; If port is missing assume 25060.
;
; Default value: None
;
; allow List of addresses that are allowed to connect to this
; MediaProxy server and send commands.
; They are specified as a comma separated list of
entries, with ; each entry being specified in the CIDR
network/mask notation ; (ex. 10.0.0.0/8)
;
; In addition simple IP addresses or hostnames are
allowed, in ; which case the mask is considered to be
32. ;
; In addition to network ranges/addresses 2 keywords
can be used ; for this option:
; None to specify that none is allowed to connect
(not very ; useful but this is the default
for security reasons) ; Any to specify that
anyone is allowed to connect ; (dangerous!)
;
; Example: allow = 10.0.0.0/24,
home-pc.mydomain.com,
1.2.3.4 ;
; Default value: None
;
; proxyIP IP address to use to talk to the phones. If not
specified, the ; first found will be used. However
first found usually means ; first defined in /etc/hosts
which may not be what you want. ; If you find that the
address that's automatically selected is ; not the one
you want, you can specify the right one using this ;
option. The address must be one that's present on one of the ;
host's interfaces. ;
; portRange The range of ports to use for proxying the rtp
streams. ; This option is specified as minport:maxport
with minport and ; maxport being even numbers in the
range 1024-65536 ; Default value: 35000:65000
;
; TOS Unless you know what TOS means, leave this option
alone. ; The TOS value can be specified either as a
decimal number or ; as a hex number in the 0xnn format.
; Default value: 0xb8
;
; idleTimeout Expire idle sessions after this much time.
; Default 60 seconds
;
; holdTimeout Expire calls on hold after this much time.
; Default value is 3600 seconds
;
; forceClose Forcibly close a RTP session after this many seconds
even if ; it's still active. If forceClose is 0, then a
session is never ; closed no matter how long it lasts.
; Default value: 0
;
start = yes
socket = /var/run/mediaproxy.sock
group = ser
listen = 200.142.103.114
allow = any
;proxyIP = 10.0.0.1
portRange = 35000:36000
;TOS = 0xb8
idleTimeout = 60
holdTimeout = 3600
forceClose = 0
accounting = off
[Accounting]
user = ser
password = heslo
host = any
database = ser
table = ser
#[Accounting]
#user = dbuser
#password = dbpass
#host = dbhost
#database = radius
#table = radacct
=================== End of mediaproxy.ini ======================