Hi, I am trying to use permissions module. At configuration side everything seems ok. when an invite comes to ser, gets the source ip of the invite and select a query from the trusted table. But every time, when correlates the from_pattern and proto, they mismatch ( I SUPPOSE ). Is there any trick at from_pattern ? I have tried so many values like .* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
Hakan.
loadmodule "/usr/local/lib/ser/modules/permissions.so" # -- permissions parameters -- #
modparam("permissions", "db_url", "postgres://xxxxx:xxxx@ip_address/xxxxx") modparam("permissions", "db_mode", 0) modparam("permissions", "trusted_table", "trusted") modparam("permissions", "source_col", "src_ip") modparam("permissions", "proto_col", "proto") modparam("permissions", "from_col", "from_pattern")
if (method=="INVITE") { if (!allow_trusted()) { log("THE IP ADDRESS IS NOT ALLOWED"); sl_send_reply("403","ONLY REGISTERED USERS ALLOWED "); break; }
########### SER LOG #############
2(69289) SIP Request: 2(69289) method: 2(69289) uri: 2(69289) version: 2(69289) parse_headers: flags=1 2(69289) Found param type 232, = ; state=16 2(69289) end of header reached, state=5 2(69289) parse_headers: Via found, flags=1 2(69289) parse_headers: this is the first via 2(69289) After parse_msg... 2(69289) preparing to run routing scripts... 2(69289) parse_headers: flags=128 2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70 2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16 2(69289) parse_headers: flags=8 2(69289) DEBUG: add_param: tag=1c681629589 2(69289) end of header reached, state=29 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) val2str(): converting 84.51.32.26, 11 2(69289) PG[217] str2valp got string udp 2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr 2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4 2(69289) end of header reached, state=9 2(69289) DEBUG: get_hdr_field: [40]; uri=[sip:02124440111@gi.com.tr;user=phone] 2(69289) DEBUG: to body [ ] 2(69289) parse_headers: flags=-1 2(69289) get_hdr_field: cseq : <1> 2(69289) DEBUG: get_hdr_body : content_length=267 2(69289) found end of header 2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1) 2(69289) DEBUG:destroy_avp_list: destroying list 0x0 2(69289) receive_msg: cleaning up 3(69290) SIP Request: 3(69290) method: 3(69290) uri: 3(69290) version: 3(69290) parse_headers: flags=1 3(69290) Found param type 232, = ; state=16 3(69290) end of header reached, state=5 3(69290) parse_headers: Via found, flags=1 3(69290) parse_headers: this is the first via 3(69290) After parse_msg... 3(69290) preparing to run routing scripts... 3(69290) parse_headers: flags=4 3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6 3(69290) end of header reached, state=29 3(69290) DEBUG: get_hdr_field: [82]; uri=[sip:02124440111@gi.com.tr;user=phone] 3(69290) DEBUG: to body [] 3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it! 3(69290) DEBUG:destroy_avp_list: destroying list 0x0 3(69290) receive_msg: cleaning up
######### NGREP LOGS ################
U 84.51.32.26:5060 -> 84.51.32.8:5060 INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: . Call-ID: 395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Contact: . Supported: em,100rel,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. Session-Expires: 3600. Min-SE: 90. User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Type: application/sdp. Content-Length: 267. . v=0. o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26. s=Phone-Call. c=IN IP4 84.51.32.26. t=0 0. m=audio 4010 RTP/AVP 18 8 96. a=rtpmap:18 g729/8000. a=fmtp:18 annexb=no. a=rtpmap:8 pcma/8000. a=rtpmap:96 telephone-event/8000. a=fmtp:96 0-15. a=ptime:40. a=sendrecv.
# U 84.51.32.8:5060 -> 84.51.32.26:5060 SIP/2.0 403 ONLY REGISTERED USERS..... Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: 395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Server: Sip EXpress router (0.9.3 (i386/freebsd)). Content-Length: 0. Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289 req_src_ip=84.51.32.26 req_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1". .
# U 84.51.32.26:5060 -> 84.51.32.8:5060 ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: 395527579dNhC@84.51.32.26. CSeq: 1 ACK. Contact: . Supported: em,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Length: 0.
################################# Tried another value for from_pattern...
3(69290) val2str(): converting 84.51.32.26, 11 3(69290) PG[217] str2valp got string udp 3(69290) PG[217] str2valp got string "90224765321"
select * from trusted; src_ip | proto | from_pattern -------------+-------+--------------- 84.51.32.25 | udp | "90224765321" 84.51.32.26 | udp | "90224765321" (2 rows) .
Hi Hakan,
Does the From header really look like this??? From: "902247654321" ;tag=1c681629589
It is incorrect, and of course the To and Contact headers are also incorrect.
Miklos
Hakan YASTI wrote:
Hi, I am trying to use permissions module. At configuration side everything seems ok. when an invite comes to ser, gets the source ip of the invite and select a query from the trusted table. But every time, when correlates the from_pattern and proto, they mismatch ( I SUPPOSE ). Is there any trick at from_pattern ? I have tried so many values like .* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
Hakan.
loadmodule "/usr/local/lib/ser/modules/permissions.so" # -- permissions parameters -- #
modparam("permissions", "db_url", "postgres://xxxxx:xxxx@ip_address/xxxxx") modparam("permissions", "db_mode", 0) modparam("permissions", "trusted_table", "trusted") modparam("permissions", "source_col", "src_ip") modparam("permissions", "proto_col", "proto") modparam("permissions", "from_col", "from_pattern")
if (method=="INVITE") { if (!allow_trusted()) { log("THE IP ADDRESS IS NOT ALLOWED"); sl_send_reply("403","ONLY REGISTERED USERS ALLOWED "); break; }
########### SER LOG #############
2(69289) SIP Request: 2(69289) method: 2(69289) uri: 2(69289) version: 2(69289) parse_headers: flags=1 2(69289) Found param type 232, = ; state=16 2(69289) end of header reached, state=5 2(69289) parse_headers: Via found, flags=1 2(69289) parse_headers: this is the first via 2(69289) After parse_msg... 2(69289) preparing to run routing scripts... 2(69289) parse_headers: flags=128 2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70 2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16 2(69289) parse_headers: flags=8 2(69289) DEBUG: add_param: tag=1c681629589 2(69289) end of header reached, state=29 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) val2str(): converting 84.51.32.26, 11 2(69289) PG[217] str2valp got string udp 2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr 2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4 2(69289) end of header reached, state=9 2(69289) DEBUG: get_hdr_field: [40]; uri=[sip:02124440111@gi.com.tr;user=phone] 2(69289) DEBUG: to body [ ] 2(69289) parse_headers: flags=-1 2(69289) get_hdr_field: cseq : <1> 2(69289) DEBUG: get_hdr_body : content_length=267 2(69289) found end of header 2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1) 2(69289) DEBUG:destroy_avp_list: destroying list 0x0 2(69289) receive_msg: cleaning up 3(69290) SIP Request: 3(69290) method: 3(69290) uri: 3(69290) version: 3(69290) parse_headers: flags=1 3(69290) Found param type 232, = ; state=16 3(69290) end of header reached, state=5 3(69290) parse_headers: Via found, flags=1 3(69290) parse_headers: this is the first via 3(69290) After parse_msg... 3(69290) preparing to run routing scripts... 3(69290) parse_headers: flags=4 3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6 3(69290) end of header reached, state=29 3(69290) DEBUG: get_hdr_field: [82]; uri=[sip:02124440111@gi.com.tr;user=phone] 3(69290) DEBUG: to body [] 3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it! 3(69290) DEBUG:destroy_avp_list: destroying list 0x0 3(69290) receive_msg: cleaning up
######### NGREP LOGS ################
U 84.51.32.26:5060 -> 84.51.32.8:5060 INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: . Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Contact: . Supported: em,100rel,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. Session-Expires: 3600. Min-SE: 90. User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Type: application/sdp. Content-Length: 267. . v=0. o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26. s=Phone-Call. c=IN IP4 84.51.32.26. t=0 0. m=audio 4010 RTP/AVP 18 8 96. a=rtpmap:18 g729/8000. a=fmtp:18 annexb=no. a=rtpmap:8 pcma/8000. a=rtpmap:96 telephone-event/8000. a=fmtp:96 0-15. a=ptime:40. a=sendrecv.
# U 84.51.32.8:5060 -> 84.51.32.26:5060 SIP/2.0 403 ONLY REGISTERED USERS..... Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Server: Sip EXpress router (0.9.3 (i386/freebsd)). Content-Length: 0. Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289 req_src_ip=84.51.32.26 req_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1". .
# U 84.51.32.26:5060 -> 84.51.32.8:5060 ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 ACK. Contact: . Supported: em,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Length: 0.
################################# Tried another value for from_pattern...
3(69290) val2str(): converting 84.51.32.26, 11 3(69290) PG[217] str2valp got string udp 3(69290) PG[217] str2valp got string "90224765321"
select * from trusted; src_ip | proto | from_pattern -------------+-------+--------------- 84.51.32.25 | udp | "90224765321" 84.51.32.26 | udp | "90224765321" (2 rows) .
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Hi Miklos,
It was output of ngrep -W byline, The original ngrep output is as below.
From fielad is like From: "902247654321"
sip:902247654321@gi.com.tr;tag=1c572128494.
What I wonder is ; according to this invite what must be the proto and from_pattern values to allow the call.
U 84.51.32.26:5060 -> 84.51.32.8:5060 INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: "902247654321" <sip:9 02247654321@gi.com.tr>;tag=1c572128494..To: sip:02124440111@gi.com.tr;user=phone..Call-ID: 195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Contact: <sip:90 2247654321@84.51.32.26>..Supported: em,100rel,timer,replaces,path..Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDAT E..Session-Expires: 3600..Min-SE: 90..User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Type: application/sdp..Content-Length: 244.. ..v=0..o=AudiocodesGW 484853 895184 IN IP4 84.51.32.26..s=Phone-Call..c=IN IP4 84.51.32.26..t=0 0..m=audio 4010 RTP/AVP 0 8 96..a=rtpmap:0 pcmu/8000..a= rtpmap:8 pcma/8000..a=rtpmap:96 telephone-event/8000..a=fmtp:96 0-15..a=ptime:20..a=sendrecv.. # U 84.51.32.8:5060 -> 84.51.32.26:5060 SIP/2.0 403 ONLY REGISTERED USERS......Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKacGtOiLfA..From: "902247654321" sip:902247654321@gi.com.tr;tag=1c572 128494..To: sip:02124440111@gi.com.tr;user=phone;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID: 195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Server : Sip EXpress router (0.9.3 (i386/freebsd))..Content-Length: 0..Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=70414 req_src_ip=84.51.32.26 re q_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1".... # U 84.51.32.26:5060 -> 84.51.32.8:5060 ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: "902247654321" <sip:9022 47654321@gi.com.tr>;tag=1c572128494..To: sip:02124440111@gi.com.tr;user=phone;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID: 195110554Rsep@84.51. 32.26..CSeq: 1 ACK..Contact: sip:902247654321@84.51.32.26..Supported: em,timer,replaces,path..Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRA CK,REFER,INFO,SUBSCRIBE,UPDATE..User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Length: 0....
################ SER LOG ########### 2(70414) val2str(): converting 84.51.32.26, 11 2(70414) PG[217] str2valp got string udp 2(70414) PG[217] str2valp got string "90224765321" 2(70414) NOT TRUSTED IP 2(70414) parse_headers: flags=4 2(70414) end of header reached, state=9 2(70414) DEBUG: get_hdr_field: <To> [40]; uri=[sip:02124440111@gi.com.tr;user=phone] 2(70414) DEBUG: to body [sip:02124440111@gi.com.tr;user=phone
Best Regards, Hakan.
----- Original Message ----- From: "Miklos Tirpak" miklos@iptel.org To: "Hakan YASTI" hakanyasti@gmail.com Cc: serusers@lists.iptel.org Sent: Thursday, March 02, 2006 11:38 AM Subject: Re: [Serusers] permission module
Hi Hakan,
Does the From header really look like this??? From: "902247654321" ;tag=1c681629589
It is incorrect, and of course the To and Contact headers are also incorrect.
Miklos
Hakan YASTI wrote:
Hi, I am trying to use permissions module. At configuration side everything seems ok. when an invite comes to ser, gets the source ip of the invite and select a query from the trusted table. But every time, when correlates the from_pattern and proto, they mismatch ( I SUPPOSE ). Is there any trick at from_pattern ? I have tried so many values like .* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
Hakan.
loadmodule "/usr/local/lib/ser/modules/permissions.so" # -- permissions parameters -- #
modparam("permissions", "db_url", "postgres://xxxxx:xxxx@ip_address/xxxxx") modparam("permissions", "db_mode", 0) modparam("permissions", "trusted_table", "trusted") modparam("permissions", "source_col", "src_ip") modparam("permissions", "proto_col", "proto") modparam("permissions", "from_col", "from_pattern")
if (method=="INVITE") { if (!allow_trusted()) { log("THE IP ADDRESS IS NOT ALLOWED"); sl_send_reply("403","ONLY REGISTERED USERS ALLOWED "); break; }
########### SER LOG #############
2(69289) SIP Request: 2(69289) method: 2(69289) uri: 2(69289) version: 2(69289) parse_headers: flags=1 2(69289) Found param type 232, = ; state=16 2(69289) end of header reached, state=5 2(69289) parse_headers: Via found, flags=1 2(69289) parse_headers: this is the first via 2(69289) After parse_msg... 2(69289) preparing to run routing scripts... 2(69289) parse_headers: flags=128 2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70 2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16 2(69289) parse_headers: flags=8 2(69289) DEBUG: add_param: tag=1c681629589 2(69289) end of header reached, state=29 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) val2str(): converting 84.51.32.26, 11 2(69289) PG[217] str2valp got string udp 2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr 2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4 2(69289) end of header reached, state=9 2(69289) DEBUG: get_hdr_field: [40]; uri=[sip:02124440111@gi.com.tr;user=phone] 2(69289) DEBUG: to body [ ] 2(69289) parse_headers: flags=-1 2(69289) get_hdr_field: cseq : <1> 2(69289) DEBUG: get_hdr_body : content_length=267 2(69289) found end of header 2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1) 2(69289) DEBUG:destroy_avp_list: destroying list 0x0 2(69289) receive_msg: cleaning up 3(69290) SIP Request: 3(69290) method: 3(69290) uri: 3(69290) version: 3(69290) parse_headers: flags=1 3(69290) Found param type 232, = ; state=16 3(69290) end of header reached, state=5 3(69290) parse_headers: Via found, flags=1 3(69290) parse_headers: this is the first via 3(69290) After parse_msg... 3(69290) preparing to run routing scripts... 3(69290) parse_headers: flags=4 3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6 3(69290) end of header reached, state=29 3(69290) DEBUG: get_hdr_field: [82]; uri=[sip:02124440111@gi.com.tr;user=phone] 3(69290) DEBUG: to body [] 3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it! 3(69290) DEBUG:destroy_avp_list: destroying list 0x0 3(69290) receive_msg: cleaning up
######### NGREP LOGS ################
U 84.51.32.26:5060 -> 84.51.32.8:5060 INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: . Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Contact: . Supported: em,100rel,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. Session-Expires: 3600. Min-SE: 90. User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Type: application/sdp. Content-Length: 267. . v=0. o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26. s=Phone-Call. c=IN IP4 84.51.32.26. t=0 0. m=audio 4010 RTP/AVP 18 8 96. a=rtpmap:18 g729/8000. a=fmtp:18 annexb=no. a=rtpmap:8 pcma/8000. a=rtpmap:96 telephone-event/8000. a=fmtp:96 0-15. a=ptime:40. a=sendrecv.
# U 84.51.32.8:5060 -> 84.51.32.26:5060 SIP/2.0 403 ONLY REGISTERED USERS..... Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Server: Sip EXpress router (0.9.3 (i386/freebsd)). Content-Length: 0. Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289 req_src_ip=84.51.32.26 req_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1". .
# U 84.51.32.26:5060 -> 84.51.32.8:5060 ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 ACK. Contact: . Supported: em,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE. User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Length: 0.
################################# Tried another value for from_pattern...
3(69290) val2str(): converting 84.51.32.26, 11 3(69290) PG[217] str2valp got string udp 3(69290) PG[217] str2valp got string "90224765321"
select * from trusted; src_ip | proto | from_pattern -------------+-------+--------------- 84.51.32.25 | udp | "90224765321" 84.51.32.26 | udp | "90224765321" (2 rows) .
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Hi Hakan,
Try this value for from_patter without quotes: ^sip:902247654321@.* udp is correct for proto
Miklos
Hakan YASTI wrote:
Hi Miklos,
It was output of ngrep -W byline, The original ngrep output is as below.
From fielad is like From: "902247654321"
sip:902247654321@gi.com.tr;tag=1c572128494.
What I wonder is ; according to this invite what must be the proto and from_pattern values to allow the call.
U 84.51.32.26:5060 -> 84.51.32.8:5060 INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: "902247654321" <sip:9 02247654321@gi.com.tr>;tag=1c572128494..To: sip:02124440111@gi.com.tr;user=phone..Call-ID: 195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Contact: <sip:90 2247654321@84.51.32.26>..Supported: em,100rel,timer,replaces,path..Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDAT
E..Session-Expires: 3600..Min-SE: 90..User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Type: application/sdp..Content-Length: 244.. ..v=0..o=AudiocodesGW 484853 895184 IN IP4 84.51.32.26..s=Phone-Call..c=IN IP4 84.51.32.26..t=0 0..m=audio 4010 RTP/AVP 0 8 96..a=rtpmap:0 pcmu/8000..a= rtpmap:8 pcma/8000..a=rtpmap:96 telephone-event/8000..a=fmtp:96 0-15..a=ptime:20..a=sendrecv.. # U 84.51.32.8:5060 -> 84.51.32.26:5060 SIP/2.0 403 ONLY REGISTERED USERS......Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKacGtOiLfA..From: "902247654321" sip:902247654321@gi.com.tr;tag=1c572 128494..To: sip:02124440111@gi.com.tr;user=phone;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID: 195110554Rsep@84.51.32.26..CSeq: 1 INVITE..Server : Sip EXpress router (0.9.3 (i386/freebsd))..Content-Length: 0..Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=70414 req_src_ip=84.51.32.26 re q_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1".... # U 84.51.32.26:5060 -> 84.51.32.8:5060 ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0..Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKacGtOiLfA..Max-Forwards: 70..From: "902247654321" <sip:9022 47654321@gi.com.tr>;tag=1c572128494..To: sip:02124440111@gi.com.tr;user=phone;tag=26a82380ee921ee699cdfa26683b3165.a215..Call-ID: 195110554Rsep@84.51. 32.26..CSeq: 1 ACK..Contact: sip:902247654321@84.51.32.26..Supported: em,timer,replaces,path..Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRA CK,REFER,INFO,SUBSCRIBE,UPDATE..User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371..Content-Length: 0....
################ SER LOG ########### 2(70414) val2str(): converting 84.51.32.26, 11 2(70414) PG[217] str2valp got string udp 2(70414) PG[217] str2valp got string "90224765321" 2(70414) NOT TRUSTED IP 2(70414) parse_headers: flags=4 2(70414) end of header reached, state=9 2(70414) DEBUG: get_hdr_field: <To> [40]; uri=[sip:02124440111@gi.com.tr;user=phone] 2(70414) DEBUG: to body [sip:02124440111@gi.com.tr;user=phone
Best Regards, Hakan.
----- Original Message ----- From: "Miklos Tirpak" miklos@iptel.org To: "Hakan YASTI" hakanyasti@gmail.com Cc: serusers@lists.iptel.org Sent: Thursday, March 02, 2006 11:38 AM Subject: Re: [Serusers] permission module
Hi Hakan,
Does the From header really look like this??? From: "902247654321" ;tag=1c681629589
It is incorrect, and of course the To and Contact headers are also incorrect.
Miklos
Hakan YASTI wrote:
Hi, I am trying to use permissions module. At configuration side everything seems ok. when an invite comes to ser, gets the source ip of the invite and select a query from the trusted table. But every time, when correlates the from_pattern and proto, they mismatch ( I SUPPOSE ). Is there any trick at from_pattern ? I have tried so many values like .* , sip:.*,empty,^sip:.* and etc. Here is my ser.cfg, logs.
Hakan.
loadmodule "/usr/local/lib/ser/modules/permissions.so" # -- permissions parameters -- #
modparam("permissions", "db_url", "postgres://xxxxx:xxxx@ip_address/xxxxx") modparam("permissions", "db_mode", 0) modparam("permissions", "trusted_table", "trusted") modparam("permissions", "source_col", "src_ip") modparam("permissions", "proto_col", "proto") modparam("permissions", "from_col", "from_pattern")
if (method=="INVITE") { if (!allow_trusted()) { log("THE IP ADDRESS IS NOT ALLOWED"); sl_send_reply("403","ONLY REGISTERED USERS ALLOWED "); break; }
########### SER LOG #############
2(69289) SIP Request: 2(69289) method: 2(69289) uri: 2(69289) version: 2(69289) parse_headers: flags=1 2(69289) Found param type 232, = ; state=16 2(69289) end of header reached, state=5 2(69289) parse_headers: Via found, flags=1 2(69289) parse_headers: this is the first via 2(69289) After parse_msg... 2(69289) preparing to run routing scripts... 2(69289) parse_headers: flags=128 2(69289) DEBUG:maxfwd:is_maxfwd_present: value = 70 2(69289) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16 2(69289) parse_headers: flags=8 2(69289) DEBUG: add_param: tag=1c681629589 2(69289) end of header reached, state=29 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==10 && [gi.com.tr] == [84.51.32.8] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) grep_sock_info - checking if host==us: 9==9 && [gi.com.tr] == [127.0.0.1] 2(69289) grep_sock_info - checking if port 5060 matches port 5060 2(69289) val2str(): converting 84.51.32.26, 11 2(69289) PG[217] str2valp got string udp 2(69289) PG[217] str2valp got string sip:90224765321@gi.com.tr 2(69289) NOT TRUSTED IP 2(69289) parse_headers: flags=4 2(69289) end of header reached, state=9 2(69289) DEBUG: get_hdr_field: [40]; uri=[sip:02124440111@gi.com.tr;user=phone] 2(69289) DEBUG: to body [ ] 2(69289) parse_headers: flags=-1 2(69289) get_hdr_field: cseq : <1> 2(69289) DEBUG: get_hdr_body : content_length=267 2(69289) found end of header 2(69289) check_via_address(84.51.32.26, 84.51.32.26, 1) 2(69289) DEBUG:destroy_avp_list: destroying list 0x0 2(69289) receive_msg: cleaning up 3(69290) SIP Request: 3(69290) method: 3(69290) uri: 3(69290) version: 3(69290) parse_headers: flags=1 3(69290) Found param type 232, = ; state=16 3(69290) end of header reached, state=5 3(69290) parse_headers: Via found, flags=1 3(69290) parse_headers: this is the first via 3(69290) After parse_msg... 3(69290) preparing to run routing scripts... 3(69290) parse_headers: flags=4 3(69290) DEBUG: add_param: tag=26a82380ee921ee699cdfa26683b3165.bcf6 3(69290) end of header reached, state=29 3(69290) DEBUG: get_hdr_field: [82]; uri=[sip:02124440111@gi.com.tr;user=phone] 3(69290) DEBUG: to body [] 3(69290) DEBUG: sl_filter_ACK : local ACK found -> dropping it! 3(69290) DEBUG:destroy_avp_list: destroying list 0x0 3(69290) receive_msg: cleaning up
######### NGREP LOGS ################
U 84.51.32.26:5060 -> 84.51.32.8:5060 INVITE sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: . Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Contact: . Supported: em,100rel,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
Session-Expires: 3600. Min-SE: 90. User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Type: application/sdp. Content-Length: 267. . v=0. o=AudiocodesGW 440639 653740 IN IP4 84.51.32.26. s=Phone-Call. c=IN IP4 84.51.32.26. t=0 0. m=audio 4010 RTP/AVP 18 8 96. a=rtpmap:18 g729/8000. a=fmtp:18 annexb=no. a=rtpmap:8 pcma/8000. a=rtpmap:96 telephone-event/8000. a=fmtp:96 0-15. a=ptime:40. a=sendrecv.
# U 84.51.32.8:5060 -> 84.51.32.26:5060 SIP/2.0 403 ONLY REGISTERED USERS..... Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 INVITE. Server: Sip EXpress router (0.9.3 (i386/freebsd)). Content-Length: 0. Warning: 392 84.51.32.8:5060 "Noisy feedback tells: pid=69289 req_src_ip=84.51.32.26 req_src_port=5060 in_uri=sip:02124440111@gi.com.tr;user=phone out_uri=sip:02124440111@gi.com.tr;user=phone via_cnt==1". .
# U 84.51.32.26:5060 -> 84.51.32.8:5060 ACK sip:02124440111@gi.com.tr;user=phone SIP/2.0. Via: SIP/2.0/UDP 84.51.32.26;branch=z9hG4bKaccQkWrLg. Max-Forwards: 70. From: "902247654321" ;tag=1c681629589. To: ;tag=26a82380ee921ee699cdfa26683b3165.bcf6. Call-ID: *395527579dNhC@84.51.32.26.* mailto:395527579dNhC@84.51.32.26. CSeq: 1 ACK. Contact: . Supported: em,timer,replaces,path. Allow: REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE.
User-Agent: Audiocodes-Sip-Gateway-MP-104 FXS/v.4.40.200.371. Content-Length: 0.
################################# Tried another value for from_pattern...
3(69290) val2str(): converting 84.51.32.26, 11 3(69290) PG[217] str2valp got string udp 3(69290) PG[217] str2valp got string "90224765321"
select * from trusted; src_ip | proto | from_pattern -------------+-------+--------------- 84.51.32.25 | udp | "90224765321" 84.51.32.26 | udp | "90224765321" (2 rows) .
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Hakan YASTI -
Miklos Tirpak