its's one conditonnal block if +
harry
if (method=="INVITE" && !allow_trusted()) {
if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); sl_send_reply("407", "Proxy Authentication
Required"); break; }; };
--- Steve Blair blairs@isc.upenn.edu a écrit :
If he is getting a proxy authenticate error as his message suggested then your ser.cfg has to be modified to allow calls from outside your domain without those calls being authenticated first.
harry gaillac wrote:
Thanks Ryan,
Many people can't call me !?
Harry
look at my ser.cfg: # $Id: ser.cfg,v 1.27 2005/03/10 14:16:25 Exp $ # #
# ----------- global configuration parameters
debug=3 # debug level (cmd line:
-dddddddddd)
fork=yes log_stderror=no # (cmd line: -E) #memlog=5 # memory debug log level #log_facility=LOG_LOCAL0 # sets the facility used
for
logging (see syslog(3))
/* Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo"
fifo_db_url="mysql://ser:heslo@serveur1.home.net/ser"
user=root group=ser fifo_user=root # owner of the ser fifo fifo_group=ser fifo_mode=0660 # fifo's permissions #disable_core=yes #disables core dumping #open_fd_limit=1024 # sets the open file
descriptors
limit #mhomed=yes # usefull for multihomed hosts, small performance penalty #disable_tcp=yes #tcp_accept_aliases=yes # accepts the tcp alias via option (see NEWS) listen=80.119.9.7 #
# ------------------ module loading
loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/uri.so" loadmodule "/usr/lib/ser/modules/uri_db.so" loadmodule "/usr/lib/ser/modules/nathelper.so" loadmodule "/usr/lib/ser/modules/mediaproxy.so" loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so" loadmodule "/usr/lib/ser/modules/textops.so" loadmodule "/usr/lib/ser/modules/permissions.so" loadmodule "/usr/lib/ser/modules/domain.so" loadmodule "/usr/lib/ser/modules/group.so" loadmodule "/usr/lib/ser/modules/avpops.so"
# ----------------- setting module-specific
parameters
# -- usrloc params-- modparam("usrloc", "db_mode", 2)
# -- autdb_params-- modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs
happy
modparam("rr", "enable_full_lr", 1)
# -- nathelper params -- modparam("nathelper", "ping_nated_only", 0) modparam("nathelper", "rtpproxy_disable", 1)
# mediaproxy params -- modparam("mediaproxy", "natping_interval", 30) modparam("mediaproxy", "mediaproxy_socket", "var/run/mediaproxy.sock")
# -- registrar params -- modparam("registrar", "nat_flag", 4)
# -- tm params -- modparam("tm", "fr_inv_timer", 27) modparam("tm", "fr_inv_timer_avp", "inv_timeout")
# --domain params -- modparam("domain", "db_url", "mysql://ser:heslo@serveur1.home.net/ser") modparam("domain", "domain_table", "domain") modparam("domain", "db_mode", 1) # Use caching
# -- permissions params -- modparam("permissions", "db_url", "mysql://ser:heslo@serveur1.home.net/ser") modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") modparam("permissions", "default_deny_file", "/etc/ser/permissions.deny") modparam("permissions", "default_allow_file", "/etc/ser/permissions.allow")
# ------------------------- request routing logic
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; };
# we record-route all messages -- to make sure
that
# subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") { record_route(); };
if (method=="CANCEL" || method=="BYE") { end_media_session(); };
# subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { if (has_totag() && method=="INVITE" || method=="ACK") { if (client_nat_test("3")) { setflag(4); force_rport(); fix_contact(); }; use_media_proxy(); }; route(1); break; };
# Requests to others domains if (!is_uri_host_local()) {
# Checking Authorization if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); sl_send_reply("407", "Proxy Authentication Required"); break; };
if (client_nat_test("3")) { setflag(4); }; if (isflagset(4)) {
=== message truncated ===
___________________________________________________________________________ Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger Téléchargez cette version sur http://fr.messenger.yahoo.com