Hi everybody,
I'm having problems rewritehostport to PSTN gateway. It gives me the 403 Forbidden error. Here is the error:
SEND TIME: 130027089 SEND >> ACK sip:0013373038435@test.com SIP/2.0 Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bK437FA12BFB124DA68EB569C02212327D From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com;tag=eb9822f1ed1b15a932bf98c097b3aaca.befd Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9401 ACK Max-Forwards: 70 Content-Length: 0
SEND TIME: 130027095 SEND >> 70.xxx.xxx.xxx:5060 INVITE sip:0013373038435@test.com SIP/2.0 Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Proxy-Authorization: Digest username="200",realm="test.com",nonce="44a21eb77c572fc09155f89521700490cb8a87ef",response="75921f5f225efeaeb0177e3353769190",uri="sip:0013373038435@test.com" Max-Forwards: 70 Content-Type: application/sdp User-Agent: X-Lite release 1105x Content-Length: 308
v=0 o=200 130026958 130027078 IN IP470.xxx.xxx.xxx s=X-Lite c=IN IP4 70.xxx.xxx.xxx t=0 0 m=audio 8000 RTP/AVP 0 8 3 98 97 101 a=rtpmap:0 pcmu/8000 a=rtpmap:8 pcma/8000 a=rtpmap:3 gsm/8000 a=rtpmap:98 iLBC/8000 a=rtpmap:97 speex/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv
RECEIVE TIME: 130027172 RECEIVE << 70.xxx.xxx.xxx:5060 SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908;received=192.168.1.1 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Server: OpenSer (1.0.1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.6:5060 "Noisy feedback tells: pid=4989 req_src_ip=192.168.1.1 req_src_port=5060 in_uri=sip:0013373038435@test.com out_uri=sip:13373038435@pstn.gateway:5060 via_cnt==1"
RECEIVE TIME: 130027371 RECEIVE << 70.xxx.xxx.xxx:5060 SIP/2.0 403 Forbidden To: sip:0013373038435@test.com;tag=3360460030-876466 From: Kenny sip:200@test.com;tag=1187743606 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Contact: sip:13373038435@65.xxx.xxx.xxx:5060 Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;received=192.168.1.1;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 Content-Length: 0
SEND TIME: 130027372 SEND >>70.xxx.xxx.xxx:5060 ACK sip:0013373038435@test.comSIP/2.0 Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com;tag=3360460030-876466 Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 ACK Max-Forwards: 70 Content-Length: 0
********************************Openser.cfg********************************************
debug=3 fork=yes log_stderror=no
listen=192.168.1.6 alias=test.com port=5060 children=32
dns=no rev_dns=no fifo="/tmp/openser_fifo" fifo_db_url="mysql://openser:openserrw@localhost/openser"
loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/uri.so" loadmodule "/usr/local/lib/openser/modules/uri_db.so" loadmodule "/usr/local/lib/openser/modules/nathelper.so" loadmodule "/usr/local/lib/openser/modules/avpops.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/xlog.so"
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password")
modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "rtpproxy_sock", "/var/run/rtpproxy.sock")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
modparam("tm", "fr_inv_timer", 27) modparam("tm", "fr_inv_timer_avp", "inv_timeout")
route {
# ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); exit; };
if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); exit; };
# ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- if (method!="REGISTER") { record_route(); };
if (method=="BYE" || method=="CANCEL") { unforce_rtp_proxy(); t_relay(); exit; }
# ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) {
if ((method=="INVITE" || method=="REFER") && !has_totag()) { xlog("Does not have to tag, FORBIDDEN\n"); sl_send_reply("403", "Forbidden"); exit; };
if (method=="INVITE") {
if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; }; consume_credentials();
if (nat_uac_test("19")) { setflag(6); force_rport(); xlog("Forcing rtpport\n"); fix_nated_contact(); }; force_rtp_proxy("l"); }; route(1); return; };
# ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (uri!=myself) { route(4); route(1); return; };
if (method=="ACK") { route(1); return; } else if (method=="CANCEL") { route(1); return; } else if (method=="INVITE") { route(3); return; } else if (method=="REGISTER") { route(2); return; };
lookup("aliases"); if (uri!=myself) { route(4); route(1); return; };
if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; };
route(1); }
route[1] {
# ----------------------------------------------------------------- # Default Message Handler # -----------------------------------------------------------------
t_on_reply("1");
if (!t_relay()) { if (method=="INVITE" && isflagset(6)) { unforce_rtp_proxy(); xlog("Unforce RTP proxy2\n"); }; xlog("Dunno why forbidden\n"); sl_reply_error(); xlog("Forbidden4\n"); };
}
route[2] {
# ----------------------------------------------------------------- # REGISTER Message Handler # ----------------------------------------------------------------
if (!search("^Contact:[ ]**") && nat_uac_test("19")) { setflag(6); fix_nated_register(); force_rport(); };
sl_send_reply("100", "Trying");
if (!www_authorize("","subscriber")) { www_challenge("","0"); exit; };
if (!check_to()) { sl_send_reply("401", "Unauthorized"); return; };
consume_credentials();
if (!save("location")) { sl_reply_error(); }; }
route[3] {
# ----------------------------------------------------------------- # INVITE Message Handler # -----------------------------------------------------------------
if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; };
consume_credentials();
if (nat_uac_test("19")) { setflag(6); xlog("Setflag cos behind NAT\n"); }
lookup("aliases"); if (uri!=myself) { route(4); route(1); return; };
if (uri=~"^sip:00[0-9]*@") { # International PSTN xlog("International PSTN\n"); strip(2); route(4); route(5); return; };
if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; };
route(4); route(1); }
route[4] {
# ----------------------------------------------------------------- # NAT Traversal Section # -----------------------------------------------------------------
if (isflagset(6)) { force_rport(); fix_nated_contact(); force_rtp_proxy(); xlog("NAT Traversal Section\n"); } }
route[5] {
# ----------------------------------------------------------------- # PSTN Handler # ----------------------------------------------------------------- xlog("Routing to PSTN gateway\n"); rewritehostport("pstn.gateway:5060");
avp_write("i:45", "inv_timeout");
route(1); xlog("Routed to PSTN gateway\n"); }
onreply_route[1] {
if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") { if (!search("^Content-Length:[ ]*0")) { force_rtp_proxy(); }; };
if (nat_uac_test("1")) { fix_nated_contact(); }; }
--------------------------------- Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min.
Hi Kenny,
If your PSTN Gateway is an Asterisk server, please check there and make sure that it is set up to receive calls from OpenSER. I've seen this problem when Asterisk isn't set up properly.
An example of a way to integrate OpenSER with Asterisk is here: http://www.voip-info.org/wiki/view/Realtime+Integration+Of+Asterisk+With+Ope...
Regards, Norm
Kenny Chua wrote:
Hi everybody,
I'm having problems rewritehostport to PSTN gateway. It gives me the 403 Forbidden error. Here is the error:
SEND TIME: 130027089 SEND >> ACK sip:0013373038435@test.com SIP/2.0 Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bK437FA12BFB124DA68EB569C02212327D From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com;tag=eb9822f1ed1b15a932bf98c097b3aaca.befd Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9401 ACK Max-Forwards: 70 Content-Length: 0
SEND TIME: 130027095 SEND >> 70.xxx.xxx.xxx:5060 INVITE sip:0013373038435@test.com SIP/2.0 Via: SIP/2.0/UDP70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Proxy-Authorization: Digest username="200",realm="test.com",nonce="44a21eb77c572fc09155f89521700490cb8a87ef",response="75921f5f225efeaeb0177e3353769190",uri="sip:0013373038435@test.com" Max-Forwards: 70 Content-Type: application/sdp User-Agent: X-Lite release 1105x Content-Length: 308
v=0 o=200 130026958 130027078 IN IP470.xxx.xxx.xxx s=X-Lite c=IN IP4 70.xxx.xxx.xxx t=0 0 m=audio 8000 RTP/AVP 0 8 3 98 97 101 a=rtpmap:0 pcmu/8000 a=rtpmap:8 pcma/8000 a=rtpmap:3 gsm/8000 a=rtpmap:98 iLBC/8000 a=rtpmap:97 speex/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv
RECEIVE TIME: 130027172 RECEIVE << 70.xxx.xxx.xxx:5060 SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908;received=192.168.1.1 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Server: OpenSer (1.0.1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.1.6:5060 "Noisy feedback tells: pid=4989 req_src_ip=192.168.1.1 req_src_port=5060 in_uri=sip:0013373038435@test.com out_uri=sip:13373038435@pstn.gateway:5060 via_cnt==1"
RECEIVE TIME: 130027371 RECEIVE << 70.xxx.xxx.xxx:5060 SIP/2.0 403 Forbidden To: sip:0013373038435@test.com;tag=3360460030-876466 From: Kenny sip:200@test.com;tag=1187743606 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 INVITE Contact: sip:13373038435@65.xxx.xxx.xxx:5060 Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;received=192.168.1.1;rport=5060;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 Content-Length: 0
SEND TIME: 130027372 SEND >>70.xxx.xxx.xxx:5060 ACK sip:0013373038435@test.comSIP/2.0 Via: SIP/2.0/UDP 70.xxx.xxx.xxx:5060;rport;branch=z9hG4bKF16D7EAC63D6463A8624A802F5BB4908 From: Kenny sip:200@test.com;tag=1187743606 To: sip:0013373038435@test.com;tag=3360460030-876466 Contact: sip:200@70.xxx.xxx.xxx:5060 Call-ID: 67A1BB1A-C737-4C24-B7AF-19E9C92C2B47@192.168.1.30 CSeq: 9402 ACK Max-Forwards: 70 Content-Length: 0
********************************Openser.cfg********************************************
debug=3 fork=yes log_stderror=no
listen=192.168.1.6 alias=test.com port=5060 children=32
dns=no rev_dns=no fifo="/tmp/openser_fifo" fifo_db_url="mysql://openser:openserrw@localhost/openser"
loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/uri.so" loadmodule "/usr/local/lib/openser/modules/uri_db.so" loadmodule "/usr/local/lib/openser/modules/nathelper.so" loadmodule "/usr/local/lib/openser/modules/avpops.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/xlog.so"
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password")
modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "rtpproxy_sock", "/var/run/rtpproxy.sock")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
modparam("tm", "fr_inv_timer", 27) modparam("tm", "fr_inv_timer_avp", "inv_timeout")
route {
# ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); exit; }; if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); exit; }; # ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- if (method!="REGISTER") { record_route(); }; if (method=="BYE" || method=="CANCEL") { unforce_rtp_proxy(); t_relay(); exit; } # ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) { if ((method=="INVITE" || method=="REFER") && !has_totag()) { xlog("Does not have to tag, FORBIDDEN\n"); sl_send_reply("403", "Forbidden"); exit; }; if (method=="INVITE") { if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; }; consume_credentials(); if (nat_uac_test("19")) { setflag(6); force_rport(); xlog("Forcing rtpport\n"); fix_nated_contact(); }; force_rtp_proxy("l"); }; route(1); return; }; # ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (uri!=myself) { route(4); route(1); return; }; if (method=="ACK") { route(1); return; } else if (method=="CANCEL") { route(1); return; } else if (method=="INVITE") { route(3); return; } else if (method=="REGISTER") { route(2); return; }; lookup("aliases"); if (uri!=myself) { route(4); route(1); return; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; }; route(1);}
route[1] {
# ----------------------------------------------------------------- # Default Message Handler # ----------------------------------------------------------------- t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" && isflagset(6)) { unforce_rtp_proxy(); xlog("Unforce RTP proxy2\n"); }; xlog("Dunno why forbidden\n"); sl_reply_error(); xlog("Forbidden4\n"); };}
route[2] {
# ----------------------------------------------------------------- # REGISTER Message Handler # ---------------------------------------------------------------- if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) { setflag(6); fix_nated_register(); force_rport(); }; sl_send_reply("100", "Trying"); if (!www_authorize("","subscriber")) { www_challenge("","0"); exit; }; if (!check_to()) { sl_send_reply("401", "Unauthorized"); return; }; consume_credentials(); if (!save("location")) { sl_reply_error(); };}
route[3] {
# ----------------------------------------------------------------- # INVITE Message Handler # ----------------------------------------------------------------- if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; }; consume_credentials(); if (nat_uac_test("19")) { setflag(6); xlog("Setflag cos behind NAT\n"); } lookup("aliases"); if (uri!=myself) { route(4); route(1); return; }; if (uri=~"^sip:00[0-9]*@") { # International PSTN xlog("International PSTN\n"); strip(2); route(4); route(5); return; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); return; }; route(4); route(1);}
route[4] {
# ----------------------------------------------------------------- # NAT Traversal Section # ----------------------------------------------------------------- if (isflagset(6)) { force_rport(); fix_nated_contact(); force_rtp_proxy(); xlog("NAT Traversal Section\n"); }}
route[5] {
# ----------------------------------------------------------------- # PSTN Handler # ----------------------------------------------------------------- xlog("Routing to PSTN gateway\n"); rewritehostport("pstn.gateway:5060"); avp_write("i:45", "inv_timeout"); route(1); xlog("Routed to PSTN gateway\n");}
onreply_route[1] {
if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") { if (!search("^Content-Length:[ ]*0")) { force_rtp_proxy(); }; }; if (nat_uac_test("1")) { fix_nated_contact(); };}
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min. http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com
http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com
http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com
No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.9.5/376 - Release Date: 6/26/2006 http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com
-
Kenny Chua -
Norman Brandinger