[OpenSER-Users] OPenser+Media-Proxy - sr-users

13 Jun 2008


      Hello all,
I'm trying to force all calls through mediaproxy, but can't seem to be able
to do it... eyebeam doesn't do it while sjphone does...
What am I doing wrong?
Calls between eyebam and sjphone work fine but call to echo test, failes,
rtps are going to the echo test ip directly... not going through
mediaproxy...
This is really killing me, any help would be greatly appreciated!!
here's my config
#
# $Id: openser.cfg 1676 2007-02-21 13:16:34Z bogdan_iancu $
#
# simple quick-start config script
# Please refer to the Core CookBook at
http://www.openser.org/dokuwiki/doku.php
# for a explanation of possible statements, functions and parameters.
#
# ----------- global configuration parameters ------------------------
debug=3            # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no    # (cmd line: -E)
children=10
port=5060
listen=MY.OPENSER.IP.COM
disable_dns_blacklist=true
# ------------------ module loading ----------------------------------
#set module path
mpath="//lib/openser/modules/"
# Uncomment this if you want to use SQL database
#loadmodule "mysql.so"
loadmodule "mysql.so"
loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "rr.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "uri.so"
loadmodule "uri_db.so"
loadmodule "domain.so"
loadmodule "permissions.so"
#loadmodule "group.so"
loadmodule "mi_fifo.so"
loadmodule "lcr.so"
loadmodule "avpops.so"
loadmodule "xlog.so"
loadmodule "mediaproxy.so"
loadmodule "acc.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "auth.so"
loadmodule "auth_db.so"
# ----------------- setting module-specific parameters ---------------
modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")
modparam("registrar", "received_avp", "$avp(i:42)")
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "nat_bflag", 4)
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("rr", "enable_full_lr", 1)
#modparam("auth_db|permissions|uri_db|usrloc","db_url","mysql://openser:openserrw@localhost
/openser")
modparam("auth_db|permissions|usrloc|uri_db|domain|lcr|avpops|avp_url","db_url","mysql://openser:password@localhost
/openser")
modparam("permissions", "db_mode", 1)
modparam("permissions", "trusted_table", "trusted")
modparam("avpops", "avp_table", "usr_preferences")
modparam("mediaproxy","natping_interval",20)
modparam("mediaproxy","mediaproxy_socket",
"/var/run/mediaproxy/mediaproxy.sock")
modparam("mediaproxy","sip_asymmetrics","/etc/openser/sip-clients")
modparam("mediaproxy","rtp_asymmetrics","/ect/openser/rtp-clients")
modparam("lcr", "contact_avp", "$avp(i:711)")
modparam("lcr|tm", "fr_inv_timer_avp", "$avp(i:704)")
modparam("lcr", "gw_uri_avp", "$avp(i:709)")
modparam("^auth$|lcr", "rpid_avp", "$avp(i:302)")
modparam("lcr", "ruri_user_avp", "$avp(i:500)")
modparam("lcr", "dm_flag", 25)
modparam("acc", "radius_config",
"/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "radius_flag",        2)
modparam("acc", "radius_missed_flag", 3)
modparam("acc", "radius_extra",
"User-Name=$Au;Calling-Station-Id=$from;Called-Station-Id=$to;Sip-Translated-Request-URI=$ruri;Sip-RPid=$avp(s:rpid);Source-IP=$si;Source-Port=$sp;Canonical-URI=$avp(s:can_uri);Billing-Party=$avp(s:billing_party);Divert-Reason=$avp(s:divert_reason);X-RTP-Stat=$hdr(X-RTP-Stat);Contact=$hdr(contact);Event=$hdr(event);SIP-Proxy-IP=$avp(s:sip_proxy_ip);ENUM-TLD=$avp(s:enum_tld)")
# -------------------------  request routing logic -------------------
# main routing logic
route{
#
    # -- 1 -- Request Validation
    #
    if (!mf_process_maxfwd_header("10")) {
        sl_send_reply("483","Too Many Hops");
        exit;
    };
if (msg:len >=  2048 ) {
        sl_send_reply("513", "Message too big");
        exit;
    };
#
    # -- 2 -- Routing Preprocessing
    #
    ## Record-route all except Register
    ## Mark packets with nat=yes
    ## This mark will be used to identify the request in the loose
    ## route section
    if(!is_method("REGISTER")){
        record_route(";nat=yes");
    };
##Loose_route packets
    if (has_totag()) {
            #sequential request withing a dialog should
            # take the path determined by record-routing
            if (loose_route()) {
               if(method=="BYE") {
                   #Account BYE transactions
                   setflag(2);
               };
#Check authentication of re-invites
                if(method=="INVITE" && (!allow_trusted())) {
                    if (!proxy_authorize("","subscriber")) {
                    proxy_challenge("","1");
                    exit;
                } else if (!check_from()) {
                    sl_send_reply("403", "Forbidden, use From=ID");
                    exit;
                };
            };
            if(method=="BYE" || method=="CANCEL") {
                end_media_session();
            };
##Detect requests in the dialog behind NAT and flag with 6
            route(1);
        } else {
            sl_send_reply("404","Not here");
        }
        exit;
    }
#CANCEL processing
    if (is_method("CANCEL")) {
        if (t_check_trans()) {
            end_media_session();
            t_relay();
        };
        exit;
    }
t_check_trans();
    #
    # -- 3 -- Determine Request Target
    #
    if (method=="REGISTER") {
        route(2);
    } else {
        route(3);
    };
}
route[1] {
    #
    # -- 4 -- Forward request to target
    #
    # Forward statefully
    t_on_reply("1");
    t_on_failure("1");
    if (!t_relay()) {
        sl_reply_error();
    };
    exit;
}
route[2] {
    ## Register request handler
    if (is_uri_host_local()) {
        if (!www_authorize("", "subscriber")) {
            www_challenge("", "1");
            exit;
        };
if (!check_to()) {
            sl_send_reply("403", "Forbidden");
            exit;
        };
setbflag(6);
        force_rport();
        save("location");
        exit;
} else if {
sl_send_reply("403", "Forbidden");
};
}
route[3] {
    ## Requests handler
if (method=="INVITE") {
        # Account INVITE packets
        setflag(2);
        # Account Missed calls
        setflag(3);
        # Radius Extra
        $avp(s:sip_proxy_ip)="MY.OPENSER.IP.COM";
    };
if (is_from_local()){
        # From an internal domain -> check the credentials and the FROM
        if(!allow_trusted()){
            if (!proxy_authorize("","subscriber")) {
                proxy_challenge("","0");
                exit;
            } else if(!check_from()) {
            sl_send_reply("403", "Forbidden, use From=ID");
            exit;
          };
        };
#unconditional call forward
        if(avp_db_load("$ru/username","$avp(s:callfwd)")) {
            avp_pushto("$ru", "$avp(s:callfwd)");
            route(1);
            exit;
        }
consume_credentials();
#verify aliases, if found replace R-URI.
        lookup("aliases");
if (is_uri_host_local()) {
            # -- Inbound to Inbound
            xlog("L_INFO","OPENSER: INBOUND -> INBOUND ($tU)");
            route(10);
        } else {
            # -- Inbound to outbound
            xlog("L_INFO","OPENSER: INBOUND -> OUTBOUND ($tU)");
            route(11);
        };
} else {
#From an external domain ->do not check credentials
        #Verify aliases, if found replace R-URI.
        lookup("aliases");
            if (is_uri_host_local()) {
                xlog("L_INFO","OPENSER: OUTBOUND -> INBOUND ($tU)");
                #-- Outbound to inbound
                route(12);
            } else {
                xlog("L_INFO","OPENSER: OUTBOUND -> OUTBOUND ($tU)");
                # -- Outbound to outbound
                route(13);
            };
    };
}
route[4] {
    # routing to the public network
    if (!load_gws()) {
        sl_send_reply("503", "Unable to load gateways");
        exit;
    }
if(!next_gw()){
        sl_send_reply("503", "Unable to find a gateway");
     exit;
    }
    t_on_failure("2");
    if (!t_relay()) {
        sl_reply_error();
    };
    exit;
}
route[6] {
    #
    # -- NAT handling --
    #
    append_hf("P-hint: Route[6]: mediaproxy \r\n");
    use_media_proxy();
}
route[10] {
    #from an internal domain -> inbound
    #Native SIP destinations are handled using the location table
    #Gateway destinations are handled by regular expressions
    append_hf("P-hint: inbound->inbound \r\n");
xlog("L_INFO","LOOKING FOR: $tU");
    if (uri=~"^sip:55613") {     # ECHO TEST
        xlog("L_INFO","IN ROUTE 613");
        route(6);
        rewritehostport("fwdnat2.pulver.com:5060");
        if (!t_relay()) {
            sl_reply_error();
        };
        exit;
    };
if (uri=~"^sip:301") {     # ECHO TEST
        route(6);
        rewritehostport("blueface.ie");
        if (!t_relay()) {
            sl_reply_error();
        };
        exit;
    };
#
#    if (uri=~"^sip:1[2-9][0-9]{9}@") {
#        if (is_user_in("credentials","ld")) {
#            strip(1);
#            prefix("+1");
#            route(6);
#            route(4);
#            exit;
#        } else {
#            sl_send_reply("403", "No permissions for long distance");
#            exit;
#        };
#    };
#
#    if (uri=~"^sip:011[0-9]*@") {
#        if (is_user_in("credentials","int")) {
#            strip(3);
#            prefix("+");
#            route(6);
#            route(4);
#            exit;
#        } else {
#            sl_send_reply("403", "No permissions for international calls");
#        };
#    };
if (!lookup("location")) {
        if (does_uri_exist()) {
            ## User not registered at this time.
            ## Use the IP Address of your e-mail server
            revert_uri();
            prefix("u");
            rewritehostport("192.168.1.171"); #Use the IP address of your
voicemail server
            route(6);
            route(1);
        } else {
            sl_send_reply("404", "Not Found");
         exit;
        }
        sl_send_reply("404", "Not Found");
        exit;
    };
    route(6);
    route(1);
}
route[11] {
     # from an internal domain -> outbound
     # Simply route the call outbound using DNS search
     append_hf("P-hint: inbound->outbound \r\n");
     route(1);
}
route[12] {
     # From an external domain -> inbound
     # Verify aliases, if found replace R-URI.
     lookup("aliases");
     if (!lookup("location")) {
          sl_send_reply("404", "Not Found");
          exit;
     };
     route(1);
}
route[13] {
     #From an external domain outbound
     #we are not accepting these calls
     append_hf("P-hint: outbound->inbound \r\n");
     sl_send_reply("403", "Forbidden");
     exit;
}
failure_route[1] {
    ##--
    ##-- If cancelled, exit.
    ##--
    if (t_was_cancelled()) {
        exit;
    };
    ##--
    ##-- If busy send to the e-mail server, prefix the "b"
    ##-- character to indicate busy.
    ##--
    if (t_check_status("486")) {
        revert_uri();
        prefix("b");
        rewritehostport("192.168.1.171");
        append_branch();
        route(1);
        exit;
    };
    ##--
    ##-- If timeout (408) or unavailable temporarily (480),
    ##-- prefix the uri with the "u"character to indicate
    ##-- unanswered and send to the e-mail
    ##-- sever
    ##--
    if (t_check_status("408") || t_check_status("480")) {
        revert_uri();
        prefix("u");
        rewritehostport("192.168.1.171");
        append_branch();
        route(1);
        exit;
    };
}
failure_route[2] {
    if(!next_gw()) {
        t_reply("503", "Service not available, no more gateways");
        exit;
    };
    t_on_failure("2");
    t_relay();
}
onreply_route[1] {
#
#-- On-replay block routing --
#
    append_hf("P-hint: onreply_route|usemediaproxy \r\n");
    use_media_proxy();
    exit;
}