2 Mar
2006
2 Mar
'06
11:12 a.m.
Hi,
I am trying to use permissions module. At configuration side everything seems ok. when an
invite comes to ser, gets the source ip of the invite and select a query from the trusted
table. But every time, when correlates the from_pattern and proto, they mismatch ( I
SUPPOSE ). Is there any trick at from_pattern ? I have tried so many values like
.* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
Hakan.
loadmodule "/usr/local/lib/ser/modules/permissions.so"
# -- permissions parameters -- #
modparam("permissions", "db_url",
"postgres://xxxxx:xxxx@ip_address/xxxxx")
modparam("permissions", "db_mode", 0)
modparam("permissions", "trusted_table", "trusted")
modparam("permissions", "source_col", "src_ip")
modparam("permissions", "proto_col", "proto")
modparam("permissions", "from_col", "from_pattern")
if (method=="INVITE") {
if (!allow_trusted()) {
log("THE IP ADDRESS IS NOT ALLOWED");
sl_send_reply("403","ONLY REGISTERED USERS ALLOWED ");
break;
}
########### SER LOG #############
2(69289) SIP Request:
2(69289) method:
2(69289) uri:
2(69289) version:
2(69289) parse_headers: flags=1
2(69289) Found param type 232, = ; state=16
2(69289) end of header reached, state=5
2(69289) parse_headers: Via found, flags=1
2(69289) parse_headers: this is the first via
2(69289) After parse_msg...
2(69289) preparing to run routing scripts...
2(69289) parse_headers: flags=128
2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70
2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
2(69289) parse_headers: flags=8
2(69289) DEBUG: add_param: tag=1c681629589
2(69289) end of header reached, state=29
2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] ==
[84.51.32.8]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] ==
[127.0.0.1]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] ==
[84.51.32.8]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] ==
[127.0.0.1]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) val2str(): converting 84.51.32.26, 11
2(69289) PG[217] str2valp got string udp
2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr
2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4
2(69289) end of header reached, state=9
2(69289) DEBUG: get_hdr_field: [40]; uri=[sip:02124440111@gi.com.tr;user=phone]
2(69289) DEBUG: to body [
]
2(69289) parse_headers: flags=-1
2(69289) get_hdr_field: cseq : <1>
2(69289) DEBUG: get_hdr_body : content_length=267
2(69289) found end of header
2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1)
2(69289) DEBUG:destroy_avp_list: destroying list 0x0
2(69289) receive_msg: cleaning up
3(69290) SIP Request:
3(69290) method:
3(69290) uri:
3(69290) version:
3(69290) parse_headers: flags=1
3(69290) Found param type 232, = ; state=16
3(69290) end of header reached, state=5
3(69290) parse_headers: Via found, flags=1
3(69290) parse_headers: this is the first via
3(69290) After parse_msg...
3(69290) preparing to run routing scripts...
3(69290) parse_headers: flags=4
3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6
3(69290) end of header reached, state=29
3(69290) DEBUG: get_hdr_field: [82]; uri=[sip:02124440111@gi.com.tr;user=phone]
3(69290) DEBUG: to body []
3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it!
3(69290) DEBUG:destroy_avp_list: destroying list 0x0
3(69290) receive_msg: cleaning up
######### NGREP LOGS ################
U 84.51.32.26:5060 -> 84.51.32.8:5060
INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0.
Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
Max-Forwards: 70.
From: "902247654321" ;tag=1c681629589.
To: .
Call-ID: 395527579dNhC(a)84.51.32.26.
CSeq: 1 INVITE.
Contact: .
Supported: em,100rel,timer,replaces,path.
Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
Session-Expires: 3600.
Min-SE: 90.
User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
Content-Type: application/sdp.
Content-Length: 267.
.
v=0.
o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26.
s=Phone-Call.
c=IN IP4 84.51.32.26.
t=0 0.
m=audio 4010 RTP/AVP 18 8 96.
a=rtpmap:18 g729/8000.
a=fmtp:18 annexb=no.
a=rtpmap:8 pcma/8000.
a=rtpmap:96 telephone-event/8000.
a=fmtp:96 0-15.
a=ptime:40.
a=sendrecv.
#
U 84.51.32.8:5060 -> 84.51.32.26:5060
SIP/2.0 403 ONLY REGISTERED USERS.....
Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
From: "902247654321" ;tag=1c681629589.
To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
Call-ID: 395527579dNhC(a)84.51.32.26.
CSeq: 1 INVITE.
Server: Sip EXpress router (0.9.3 (i386/freebsd)).
Content-Length: 0.
Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289 req_src_ip=84.51.32.26
req_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone
out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1".
.
#
U 84.51.32.26:5060 -> 84.51.32.8:5060
ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0.
Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
Max-Forwards: 70.
From: "902247654321" ;tag=1c681629589.
To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
Call-ID: 395527579dNhC(a)84.51.32.26.
CSeq: 1 ACK.
Contact: .
Supported: em,timer,replaces,path.
Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
Content-Length: 0.
#################################
Tried another value for from_pattern...
3(69290) val2str(): converting 84.51.32.26, 11
3(69290) PG[217] str2valp got string udp
3(69290) PG[217] str2valp got string "90224765321"
select * from trusted;
src_ip | proto | from_pattern
-------------+-------+---------------
84.51.32.25 | udp | "90224765321"
84.51.32.26 | udp | "90224765321"
(2 rows)
.
2 Mar
2 Mar
11:38 a.m.
Hi Hakan,
Does the From header really look like this???
From: "902247654321" ;tag=1c681629589
It is incorrect, and of course the To and Contact headers are also
incorrect.
Miklos
Hakan YASTI wrote:
Hi,
I am trying to use permissions module. At configuration side everything
seems ok. when an invite comes to ser, gets the source ip of the invite
and select a query from the trusted table. But every time, when
correlates the from_pattern and proto, they mismatch ( I SUPPOSE ). Is
there any trick at from_pattern ? I have tried so many values like
.* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
Hakan.
loadmodule "/usr/local/lib/ser/modules/permissions.so"
# -- permissions parameters -- #
modparam("permissions", "db_url",
"postgres://xxxxx:xxxx@ip_address/xxxxx")
modparam("permissions", "db_mode", 0)
modparam("permissions", "trusted_table", "trusted")
modparam("permissions", "source_col", "src_ip")
modparam("permissions", "proto_col", "proto")
modparam("permissions", "from_col", "from_pattern")
if (method=="INVITE") {
if (!allow_trusted()) {
log("THE IP ADDRESS IS NOT ALLOWED");
sl_send_reply("403","ONLY REGISTERED USERS ALLOWED ");
break;
}
########### SER LOG #############
2(69289) SIP Request:
2(69289) method:
2(69289) uri:
2(69289) version:
2(69289) parse_headers: flags=1
2(69289) Found param type 232, = ; state=16
2(69289) end of header reached, state=5
2(69289) parse_headers: Via found, flags=1
2(69289) parse_headers: this is the first via
2(69289) After parse_msg...
2(69289) preparing to run routing scripts...
2(69289) parse_headers: flags=128
2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70
2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
2(69289) parse_headers: flags=8
2(69289) DEBUG: add_param: tag=1c681629589
2(69289) end of header reached, state=29
2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] ==
[84.51.32.8]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] ==
[127.0.0.1]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] ==
[84.51.32.8]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] ==
[127.0.0.1]
2(69289) grep_sock_info - checking if port 5060 matches port 5060
2(69289) val2str(): converting 84.51.32.26, 11
2(69289) PG[217] str2valp got string udp
2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr
2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4
2(69289) end of header reached, state=9
2(69289) DEBUG: get_hdr_field: [40];
uri=[sip:02124440111@gi.com.tr;user=phone]
2(69289) DEBUG: to body [
]
2(69289) parse_headers: flags=-1
2(69289) get_hdr_field: cseq : <1>
2(69289) DEBUG: get_hdr_body : content_length=267
2(69289) found end of header
2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1)
2(69289) DEBUG:destroy_avp_list: destroying list 0x0
2(69289) receive_msg: cleaning up
3(69290) SIP Request:
3(69290) method:
3(69290) uri:
3(69290) version:
3(69290) parse_headers: flags=1
3(69290) Found param type 232, = ; state=16
3(69290) end of header reached, state=5
3(69290) parse_headers: Via found, flags=1
3(69290) parse_headers: this is the first via
3(69290) After parse_msg...
3(69290) preparing to run routing scripts...
3(69290) parse_headers: flags=4
3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6
3(69290) end of header reached, state=29
3(69290) DEBUG: get_hdr_field: [82];
uri=[sip:02124440111@gi.com.tr;user=phone]
3(69290) DEBUG: to body []
3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it!
3(69290) DEBUG:destroy_avp_list: destroying list 0x0
3(69290) receive_msg: cleaning up
######### NGREP LOGS ################
U 84.51.32.26:5060 -> 84.51.32.8:5060
INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0.
Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
Max-Forwards: 70.
From: "902247654321" ;tag=1c681629589.
To: .
Call-ID: *395527579dNhC(a)84.51.32.26.* <mailto:395527579dNhC@84.51.32.26.>
CSeq: 1 INVITE.
Contact: .
Supported: em,100rel,timer,replaces,path.
Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
Session-Expires: 3600.
Min-SE: 90.
User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
Content-Type: application/sdp.
Content-Length: 267.
.
v=0.
o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26.
s=Phone-Call.
c=IN IP4 84.51.32.26.
t=0 0.
m=audio 4010 RTP/AVP 18 8 96.
a=rtpmap:18 g729/8000.
a=fmtp:18 annexb=no.
a=rtpmap:8 pcma/8000.
a=rtpmap:96 telephone-event/8000.
a=fmtp:96 0-15.
a=ptime:40.
a=sendrecv.
#
U 84.51.32.8:5060 -> 84.51.32.26:5060
SIP/2.0 403 ONLY REGISTERED USERS.....
Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
From: "902247654321" ;tag=1c681629589.
To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
Call-ID: *395527579dNhC(a)84.51.32.26.* <mailto:395527579dNhC@84.51.32.26.>
CSeq: 1 INVITE.
Server: Sip EXpress router (0.9.3 (i386/freebsd)).
Content-Length: 0.
Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289
req_src_ip=84.51.32.26 req_src_port=5060
in_uri=sip:02124440111@gi.com.tr;user=phone
out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1".
.
#
U 84.51.32.26:5060 -> 84.51.32.8:5060
ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0.
Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
Max-Forwards: 70.
From: "902247654321" ;tag=1c681629589.
To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
Call-ID: *395527579dNhC(a)84.51.32.26.* <mailto:395527579dNhC@84.51.32.26.>
CSeq: 1 ACK.
Contact: .
Supported: em,timer,replaces,path.
Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
Content-Length: 0.
#################################
Tried another value for from_pattern...
3(69290) val2str(): converting 84.51.32.26, 11
3(69290) PG[217] str2valp got string udp
3(69290) PG[217] str2valp got string "90224765321"
select * from trusted;
src_ip | proto | from_pattern
-------------+-------+---------------
84.51.32.25 | udp | "90224765321"
84.51.32.26 | udp | "90224765321"
(2 rows)
.
------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
3:05 p.m.
Hi Miklos,
It was output of ngrep -W byline, The original ngrep output is as below.
From fielad is like From: "902247654321"
<sip:902247654321@gi.com.tr>;tag=1c572128494.
What I wonder is ; according to this invite what must be the proto and
from_pattern values to allow the call.
U 84.51.32.26:5060 -> 84.51.32.8:5060
INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP
84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: "902247654321"
<sip:9
02247654321@gi.com.tr>;tag=1c572128494..To:
<sip:02124440111@gi.com.tr;user=phone>..Call-ID:
195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Contact: <sip:90
2247654321@84.51.32.26>..Supported: em,100rel,timer,replaces,path..Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDAT
E..Session-Expires: 3600..Min-SE: 90..User-Agent:
Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Type:
application/sdp..Content-Length: 244..
..v=0..o=AudiocodesGW 484853 895184 IN IP4 84.51.32.26..s=Phone-Call..c=IN
IP4 84.51.32.26..t=0 0..m=audio 4010 RTP/AVP 0 8 96..a=rtpmap:0
pcmu/8000..a=
rtpmap:8 pcma/8000..a=rtpmap:96 telephone-event/8000..a=fmtp:96
0-15..a=ptime:20..a=sendrecv..
#
U 84.51.32.8:5060 -> 84.51.32.26:5060
SIP/2.0 403 ONLY REGISTERED USERS......Via: SIP/2.0/UDP
84.51.32.26;branch=z9hG4bKacGtOiLfA..From: "902247654321"
<sip:902247654321@gi.com.tr>;tag=1c572
128494..To:
<sip:02124440111@gi.com.tr;user=phone>;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID:
195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Server
: Sip EXpress router (0.9.3 (i386/freebsd))..Content-Length: 0..Warning:
392 84.51.32.8:5060 "Noisy feedback tells: pid=70414 req_src_ip=84.51.32.26
re
q_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone
out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1"....
#
U 84.51.32.26:5060 -> 84.51.32.8:5060
ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP
84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: "902247654321"
<sip:9022
47654321@gi.com.tr>;tag=1c572128494..To:
<sip:02124440111@gi.com.tr;user=phone>;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID:
195110554Rsep(a)84.51.
32.26..CSeq: 1 ACK..Contact: <sip:902247654321@84.51.32.26>..Supported:
em,timer,replaces,path..Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRA
CK,REFER,INFO,SUBSCRIBE,UPDATE..User-Agent: Audiocodes-Sip-Gateway-MP-104
FXS/v.4.40.200.371..Content-Length: 0....
################ SER LOG ###########
2(70414) val2str(): converting 84.51.32.26, 11
2(70414) PG[217] str2valp got string udp
2(70414) PG[217] str2valp got string "90224765321"
2(70414) NOT TRUSTED IP 2(70414) parse_headers: flags=4
2(70414) end of header reached, state=9
2(70414) DEBUG: get_hdr_field: <To> [40];
uri=[sip:02124440111@gi.com.tr;user=phone]
2(70414) DEBUG: to body [<sip:02124440111@gi.com.tr;user=phone>
Best Regards,
Hakan.
----- Original Message -----
From: "Miklos Tirpak" <miklos(a)iptel.org>
To: "Hakan YASTI" <hakanyasti(a)gmail.com>
Cc: <serusers(a)lists.iptel.org>
Sent: Thursday, March 02, 2006 11:38 AM
Subject: Re: [Serusers] permission module
Hi Hakan,
Does the From header really look like this???
From: "902247654321" ;tag=1c681629589
It is incorrect, and of course the To and Contact headers are also
incorrect.
Miklos
Hakan YASTI wrote:
> Hi,
> I am trying to use permissions module. At configuration side everything
> seems ok. when an invite comes to ser, gets the source ip of the invite
> and select a query from the trusted table. But every time, when
> correlates the from_pattern and proto, they mismatch ( I SUPPOSE ). Is
> there any trick at from_pattern ? I have tried so many values like
> .* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
>
> Hakan.
>
> loadmodule "/usr/local/lib/ser/modules/permissions.so"
> # -- permissions parameters -- #
>
> modparam("permissions", "db_url",
> "postgres://xxxxx:xxxx@ip_address/xxxxx")
> modparam("permissions", "db_mode", 0)
> modparam("permissions", "trusted_table", "trusted")
> modparam("permissions", "source_col", "src_ip")
> modparam("permissions", "proto_col", "proto")
> modparam("permissions", "from_col", "from_pattern")
>
> if (method=="INVITE") {
> if (!allow_trusted()) {
> log("THE IP ADDRESS IS NOT ALLOWED");
> sl_send_reply("403","ONLY REGISTERED USERS ALLOWED ");
> break;
> }
>
>
>
> ########### SER LOG #############
>
> 2(69289) SIP Request:
> 2(69289) method:
> 2(69289) uri:
> 2(69289) version:
> 2(69289) parse_headers: flags=1
> 2(69289) Found param type 232, = ; state=16
> 2(69289) end of header reached, state=5
> 2(69289) parse_headers: Via found, flags=1
> 2(69289) parse_headers: this is the first via
> 2(69289) After parse_msg...
> 2(69289) preparing to run routing scripts...
> 2(69289) parse_headers: flags=128
> 2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70
> 2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
> 2(69289) parse_headers: flags=8
> 2(69289) DEBUG: add_param: tag=1c681629589
> 2(69289) end of header reached, state=29
> 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] ==
> [84.51.32.8]
> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
> 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] ==
> [127.0.0.1]
> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
> 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] ==
> [84.51.32.8]
> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
> 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] ==
> [127.0.0.1]
> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
> 2(69289) val2str(): converting 84.51.32.26, 11
> 2(69289) PG[217] str2valp got string udp
> 2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr
> 2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4
> 2(69289) end of header reached, state=9
> 2(69289) DEBUG: get_hdr_field: [40];
> uri=[sip:02124440111@gi.com.tr;user=phone]
> 2(69289) DEBUG: to body [
> ]
> 2(69289) parse_headers: flags=-1
> 2(69289) get_hdr_field: cseq : <1>
> 2(69289) DEBUG: get_hdr_body : content_length=267
> 2(69289) found end of header
> 2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1)
> 2(69289) DEBUG:destroy_avp_list: destroying list 0x0
> 2(69289) receive_msg: cleaning up
> 3(69290) SIP Request:
> 3(69290) method:
> 3(69290) uri:
> 3(69290) version:
> 3(69290) parse_headers: flags=1
> 3(69290) Found param type 232, = ; state=16
> 3(69290) end of header reached, state=5
> 3(69290) parse_headers: Via found, flags=1
> 3(69290) parse_headers: this is the first via
> 3(69290) After parse_msg...
> 3(69290) preparing to run routing scripts...
> 3(69290) parse_headers: flags=4
> 3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6
> 3(69290) end of header reached, state=29
> 3(69290) DEBUG: get_hdr_field: [82];
> uri=[sip:02124440111@gi.com.tr;user=phone]
> 3(69290) DEBUG: to body []
> 3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it!
> 3(69290) DEBUG:destroy_avp_list: destroying list 0x0
> 3(69290) receive_msg: cleaning up
>
>
>
>
> ######### NGREP LOGS ################
>
> U 84.51.32.26:5060 -> 84.51.32.8:5060
> INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0.
> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
> Max-Forwards: 70.
> From: "902247654321" ;tag=1c681629589.
> To: .
> Call-ID: *395527579dNhC(a)84.51.32.26.* <mailto:395527579dNhC@84.51.32.26.>
> CSeq: 1 INVITE.
> Contact: .
> Supported: em,100rel,timer,replaces,path.
> Allow:
> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
> Session-Expires: 3600.
> Min-SE: 90.
> User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
> Content-Type: application/sdp.
> Content-Length: 267.
> .
> v=0.
> o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26.
> s=Phone-Call.
> c=IN IP4 84.51.32.26.
> t=0 0.
> m=audio 4010 RTP/AVP 18 8 96.
> a=rtpmap:18 g729/8000.
> a=fmtp:18 annexb=no.
> a=rtpmap:8 pcma/8000.
> a=rtpmap:96 telephone-event/8000.
> a=fmtp:96 0-15.
> a=ptime:40.
> a=sendrecv.
>
> #
> U 84.51.32.8:5060 -> 84.51.32.26:5060
> SIP/2.0 403 ONLY REGISTERED USERS.....
> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
> From: "902247654321" ;tag=1c681629589.
> To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
> Call-ID: *395527579dNhC(a)84.51.32.26.* <mailto:395527579dNhC@84.51.32.26.>
> CSeq: 1 INVITE.
> Server: Sip EXpress router (0.9.3 (i386/freebsd)).
> Content-Length: 0.
> Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289
> req_src_ip=84.51.32.26 req_src_port=5060
> in_uri=sip:02124440111@gi.com.tr;user=phone
> out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1".
> .
>
> #
> U 84.51.32.26:5060 -> 84.51.32.8:5060
> ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0.
> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
> Max-Forwards: 70.
> From: "902247654321" ;tag=1c681629589.
> To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
> Call-ID: *395527579dNhC(a)84.51.32.26.* <mailto:395527579dNhC@84.51.32.26.>
> CSeq: 1 ACK.
> Contact: .
> Supported: em,timer,replaces,path.
> Allow:
> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
> User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
> Content-Length: 0.
>
> #################################
> Tried another value for from_pattern...
>
> 3(69290) val2str(): converting 84.51.32.26, 11
> 3(69290) PG[217] str2valp got string udp
> 3(69290) PG[217] str2valp got string "90224765321"
>
>
>
> select * from trusted;
> src_ip | proto | from_pattern
> -------------+-------+---------------
> 84.51.32.25 | udp | "90224765321"
> 84.51.32.26 | udp | "90224765321"
> (2 rows)
> .
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
3:54 p.m.
Hi Hakan,
Try this value for from_patter without quotes: ^sip:902247654321@.*
udp is correct for proto
Miklos
Hakan YASTI wrote:
Hi Miklos,
It was output of ngrep -W byline, The original ngrep output is as below.
From fielad is like From:
"902247654321"
<sip:902247654321@gi.com.tr>;tag=1c572128494.
What I wonder is ; according to this invite what must be the proto and
from_pattern values to allow the call.
U 84.51.32.26:5060 -> 84.51.32.8:5060
INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP
84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From:
"902247654321" <sip:9
02247654321@gi.com.tr>;tag=1c572128494..To:
<sip:02124440111@gi.com.tr;user=phone>..Call-ID:
195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Contact: <sip:90
2247654321@84.51.32.26>..Supported:
em,100rel,timer,replaces,path..Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDAT
E..Session-Expires: 3600..Min-SE: 90..User-Agent:
Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Type:
application/sdp..Content-Length: 244..
..v=0..o=AudiocodesGW 484853 895184 IN IP4
84.51.32.26..s=Phone-Call..c=IN IP4 84.51.32.26..t=0 0..m=audio 4010
RTP/AVP 0 8 96..a=rtpmap:0 pcmu/8000..a=
rtpmap:8 pcma/8000..a=rtpmap:96 telephone-event/8000..a=fmtp:96
0-15..a=ptime:20..a=sendrecv..
#
U 84.51.32.8:5060 -> 84.51.32.26:5060
SIP/2.0 403 ONLY REGISTERED USERS......Via: SIP/2.0/UDP
84.51.32.26;branch=z9hG4bKacGtOiLfA..From: "902247654321"
<sip:902247654321@gi.com.tr>;tag=1c572
128494..To:
<sip:02124440111@gi.com.tr;user=phone>;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID:
195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Server
: Sip EXpress router (0.9.3 (i386/freebsd))..Content-Length:
0..Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=70414
req_src_ip=84.51.32.26 re
q_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone
out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1"....
#
U 84.51.32.26:5060 -> 84.51.32.8:5060
ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP
84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From:
"902247654321" <sip:9022
47654321@gi.com.tr>;tag=1c572128494..To:
<sip:02124440111@gi.com.tr;user=phone>;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID:
195110554Rsep(a)84.51.
32.26..CSeq: 1 ACK..Contact: <sip:902247654321@84.51.32.26>..Supported:
em,timer,replaces,path..Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRA
CK,REFER,INFO,SUBSCRIBE,UPDATE..User-Agent:
Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Length: 0....
################ SER LOG ###########
2(70414) val2str(): converting 84.51.32.26, 11
2(70414) PG[217] str2valp got string udp
2(70414) PG[217] str2valp got string "90224765321"
2(70414) NOT TRUSTED IP 2(70414) parse_headers: flags=4
2(70414) end of header reached, state=9
2(70414) DEBUG: get_hdr_field: <To> [40];
uri=[sip:02124440111@gi.com.tr;user=phone]
2(70414) DEBUG: to body [<sip:02124440111@gi.com.tr;user=phone>
Best Regards,
Hakan.
----- Original Message ----- From: "Miklos Tirpak" <miklos(a)iptel.org>
To: "Hakan YASTI" <hakanyasti(a)gmail.com>
Cc: <serusers(a)lists.iptel.org>
Sent: Thursday, March 02, 2006 11:38 AM
Subject: Re: [Serusers] permission module
> Hi Hakan,
>
> Does the From header really look like this???
> From: "902247654321" ;tag=1c681629589
>
> It is incorrect, and of course the To and Contact headers are also
> incorrect.
>
> Miklos
>
> Hakan YASTI wrote:
>
>> Hi,
>> I am trying to use permissions module. At configuration side
>> everything seems ok. when an invite comes to ser, gets the source ip
>> of the invite and select a query from the trusted table. But every
>> time, when correlates the from_pattern and proto, they mismatch ( I
>> SUPPOSE ). Is there any trick at from_pattern ? I have tried so many
>> values like
>> .* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
>>
>> Hakan.
>>
>> loadmodule "/usr/local/lib/ser/modules/permissions.so"
>> # -- permissions parameters -- #
>>
>> modparam("permissions", "db_url",
>> "postgres://xxxxx:xxxx@ip_address/xxxxx")
>> modparam("permissions", "db_mode", 0)
>> modparam("permissions", "trusted_table",
"trusted")
>> modparam("permissions", "source_col", "src_ip")
>> modparam("permissions", "proto_col", "proto")
>> modparam("permissions", "from_col",
"from_pattern")
>>
>> if (method=="INVITE") {
>> if (!allow_trusted()) {
>> log("THE IP ADDRESS IS NOT ALLOWED");
>> sl_send_reply("403","ONLY REGISTERED USERS ALLOWED ");
>> break;
>> }
>>
>>
>>
>> ########### SER LOG #############
>>
>> 2(69289) SIP Request:
>> 2(69289) method:
>> 2(69289) uri:
>> 2(69289) version:
>> 2(69289) parse_headers: flags=1
>> 2(69289) Found param type 232, = ; state=16
>> 2(69289) end of header reached, state=5
>> 2(69289) parse_headers: Via found, flags=1
>> 2(69289) parse_headers: this is the first via
>> 2(69289) After parse_msg...
>> 2(69289) preparing to run routing scripts...
>> 2(69289) parse_headers: flags=128
>> 2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70
>> 2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
>> 2(69289) parse_headers: flags=8
>> 2(69289) DEBUG: add_param: tag=1c681629589
>> 2(69289) end of header reached, state=29
>> 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr]
>> == [84.51.32.8]
>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>> 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr]
>> == [127.0.0.1]
>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>> 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr]
>> == [84.51.32.8]
>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>> 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr]
>> == [127.0.0.1]
>> 2(69289) grep_sock_info - checking if port 5060 matches port 5060
>> 2(69289) val2str(): converting 84.51.32.26, 11
>> 2(69289) PG[217] str2valp got string udp
>> 2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr
>> 2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4
>> 2(69289) end of header reached, state=9
>> 2(69289) DEBUG: get_hdr_field: [40];
>> uri=[sip:02124440111@gi.com.tr;user=phone]
>> 2(69289) DEBUG: to body [
>> ]
>> 2(69289) parse_headers: flags=-1
>> 2(69289) get_hdr_field: cseq : <1>
>> 2(69289) DEBUG: get_hdr_body : content_length=267
>> 2(69289) found end of header
>> 2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1)
>> 2(69289) DEBUG:destroy_avp_list: destroying list 0x0
>> 2(69289) receive_msg: cleaning up
>> 3(69290) SIP Request:
>> 3(69290) method:
>> 3(69290) uri:
>> 3(69290) version:
>> 3(69290) parse_headers: flags=1
>> 3(69290) Found param type 232, = ; state=16
>> 3(69290) end of header reached, state=5
>> 3(69290) parse_headers: Via found, flags=1
>> 3(69290) parse_headers: this is the first via
>> 3(69290) After parse_msg...
>> 3(69290) preparing to run routing scripts...
>> 3(69290) parse_headers: flags=4
>> 3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6
>> 3(69290) end of header reached, state=29
>> 3(69290) DEBUG: get_hdr_field: [82];
>> uri=[sip:02124440111@gi.com.tr;user=phone]
>> 3(69290) DEBUG: to body []
>> 3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it!
>> 3(69290) DEBUG:destroy_avp_list: destroying list 0x0
>> 3(69290) receive_msg: cleaning up
>>
>>
>>
>>
>> ######### NGREP LOGS ################
>>
>> U 84.51.32.26:5060 -> 84.51.32.8:5060
>> INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0.
>> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
>> Max-Forwards: 70.
>> From: "902247654321" ;tag=1c681629589.
>> To: .
>> Call-ID: *395527579dNhC(a)84.51.32.26.*
>> <mailto:395527579dNhC@84.51.32.26.>
>> CSeq: 1 INVITE.
>> Contact: .
>> Supported: em,100rel,timer,replaces,path.
>> Allow:
>> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
>>
>> Session-Expires: 3600.
>> Min-SE: 90.
>> User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
>> Content-Type: application/sdp.
>> Content-Length: 267.
>> .
>> v=0.
>> o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26.
>> s=Phone-Call.
>> c=IN IP4 84.51.32.26.
>> t=0 0.
>> m=audio 4010 RTP/AVP 18 8 96.
>> a=rtpmap:18 g729/8000.
>> a=fmtp:18 annexb=no.
>> a=rtpmap:8 pcma/8000.
>> a=rtpmap:96 telephone-event/8000.
>> a=fmtp:96 0-15.
>> a=ptime:40.
>> a=sendrecv.
>>
>> #
>> U 84.51.32.8:5060 -> 84.51.32.26:5060
>> SIP/2.0 403 ONLY REGISTERED USERS.....
>> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
>> From: "902247654321" ;tag=1c681629589.
>> To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
>> Call-ID: *395527579dNhC(a)84.51.32.26.*
>> <mailto:395527579dNhC@84.51.32.26.>
>> CSeq: 1 INVITE.
>> Server: Sip EXpress router (0.9.3 (i386/freebsd)).
>> Content-Length: 0.
>> Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289
>> req_src_ip=84.51.32.26 req_src_port=5060
>> in_uri=sip:02124440111@gi.com.tr;user=phone
>> out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1".
>> .
>>
>> #
>> U 84.51.32.26:5060 -> 84.51.32.8:5060
>> ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0.
>> Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg.
>> Max-Forwards: 70.
>> From: "902247654321" ;tag=1c681629589.
>> To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6.
>> Call-ID: *395527579dNhC(a)84.51.32.26.*
>> <mailto:395527579dNhC@84.51.32.26.>
>> CSeq: 1 ACK.
>> Contact: .
>> Supported: em,timer,replaces,path.
>> Allow:
>> REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
>>
>> User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371.
>> Content-Length: 0.
>>
>> #################################
>> Tried another value for from_pattern...
>>
>> 3(69290) val2str(): converting 84.51.32.26, 11
>> 3(69290) PG[217] str2valp got string udp
>> 3(69290) PG[217] str2valp got string "90224765321"
>>
>>
>>
>> select * from trusted;
>> src_ip | proto | from_pattern
>> -------------+-------+---------------
>> 84.51.32.25 | udp | "90224765321"
>> 84.51.32.26 | udp | "90224765321"
>> (2 rows)
>> .
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Serusers mailing list
>> serusers(a)lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
6843
days inactive
6843
days old
3 comments
2 participants
participants (2)
-
Hakan YASTI -
Miklos Tirpak