CC'ing to the list...
Change the from pattern and just place .* (without the ^sip: and the $) if you want to accept ALL from patterns.
Samuel.
2006/9/15, ravi reddy mravikreddy@gmail.com:
Thanks for your reply Samuel,
I will get income calls from 6 pstn gateways and i had added all the ip-adresses in the trusted table as follows src_ip proto from_pattern pstngw any ^sip:.*$
but even though my SER is asking the authentication what i have to do :-(
On 9/15/06, samuel samu60@gmail.com wrote:
Take a look at the getting started doc and you'll find how to use allow_trusted. For instance:
#
- # Call Type Processing Section
- #
- if (!is_uri_host_local()) {
- if (is_from_local() || allow_trusted()) {
- route(4);
- route(1);
- } else {
- sl_send_reply("403", "Forbidden");
- };
- break;
- };
You would have to populate the trusted table in the SER's DB with the "trusted" IPs.
Samuel.
2006/9/14,
ravi reddy mravikreddy@gmail.com:
Hi samuel,
I am using onsip.org ser.cfg and how can we check allow_trusted istrue
?
Thank You for reply.Regards, Ravi.
On 9/14/06, samuel samu60@gmail.com wrote:
you have to check whether allow_trusted returns true or not before any auth. action.
Samuel.
2006/9/14, ravi reddy mravikreddy@gmail.com:
Hi ,
When i tried to make a incoming call from pstn to SER itsasking
for
proxy authentication required,
I had entered the pstngw ip address in trusted table even then the
same
problem , is any thing else i have to do ;-)
how i can cross this problem.
Thank
You.
Regards, Ravi.
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
I changed Samuel but no use.,,
my module param is like below:
modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted")
i think SER is not looking in to trusted table :-
Any ideas,
On 9/15/06, samuel samu60@gmail.com wrote:
CC'ing to the list...
Change the from pattern and just place .* (without the ^sip: and the $) if you want to accept ALL from patterns.
Samuel.
2006/9/15, ravi reddy mravikreddy@gmail.com:
Thanks for your reply Samuel,
I will get income calls from 6 pstn gateways and i had added all the ip-adresses in the trusted table as follows src_ip proto from_pattern pstngw any ^sip:.*$
but even though my SER is asking the authentication what i have to do
:-(
On 9/15/06, samuel samu60@gmail.com wrote:
Take a look at the getting started doc and you'll find how to use allow_trusted. For instance:
#
- # Call Type Processing Section
- #
- if (!is_uri_host_local()) {
- if (is_from_local() || allow_trusted()) {
- route(4);
- route(1);
- } else {
- sl_send_reply("403", "Forbidden");
- };
- break;
- };
You would have to populate the trusted table in the SER's DB with the "trusted" IPs.
Samuel.
2006/9/14,
ravi reddy mravikreddy@gmail.com:
Hi samuel,
I am using onsip.org ser.cfg and how can we check allow_trustedis
true
?
Thank You for reply.Regards, Ravi.
On 9/14/06, samuel samu60@gmail.com wrote:
you have to check whether allow_trusted returns true or not before
any
auth. action.
Samuel.
2006/9/14, ravi reddy mravikreddy@gmail.com:
Hi ,
When i tried to make a incoming call from pstn to SER itsasking
for
proxy authentication required,
I had entered the pstngw ip address in trusted table even then
the
same
problem , is any thing else i have to do ;-)
how i can cross this problem.
Thank
You.
Regards, Ravi.
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Check the logs for further info and provide it to the list so we can point you to the right direction.... 2006/9/15, ravi reddy mravikreddy@gmail.com:
I changed Samuel but no use.,,
my module param is like below:
modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted")
i think SER is not looking in to trusted table :-
Any ideas,
On 9/15/06, samuel samu60@gmail.com wrote:
CC'ing to the list...
Change the from pattern and just place .* (without the ^sip: and the $) if you want to accept ALL from patterns.
Samuel.
2006/9/15, ravi reddy < mravikreddy@gmail.com>:
Thanks for your reply Samuel,
I will get income calls from 6 pstn gateways and i had added all the ip-adresses in the trusted table as follows src_ip proto from_pattern pstngw any ^sip:.*$
but even though my SER is asking the authentication what i have to do
:-(
On 9/15/06, samuel <samu60@gmail.com > wrote:
Take a look at the getting started doc and you'll find how to use allow_trusted. For instance:
#
- # Call Type Processing Section
- #
- if (!is_uri_host_local()) {
- if (is_from_local() || allow_trusted()) {
- route(4);
- route(1);
- } else {
- sl_send_reply("403", "Forbidden");
- };
- break;
- };
You would have to populate the trusted table in the SER's DB with the "trusted" IPs.
Samuel.
2006/9/14,
ravi reddy mravikreddy@gmail.com:
Hi samuel,
I am using onsip.org ser.cfg and how can we check allow_trustedis
true
?
Thank You for reply.Regards, Ravi.
On 9/14/06, samuel samu60@gmail.com wrote:
you have to check whether allow_trusted returns true or not before
any
auth. action.
Samuel.
2006/9/14, ravi reddy < mravikreddy@gmail.com>: > Hi , > > When i tried to make a incoming call from pstn to SER its
asking
for
> proxy authentication required, > > I had entered the pstngw ip address in trusted table even then
the
same
> problem , is any thing else i have to do ;-) > > how i can cross this problem. > >
Thank
You.
> > Regards, > Ravi. > > _______________________________________________ > Serusers mailing list > Serusers@lists.iptel.org >
http://lists.iptel.org/mailman/listinfo/serusers
> > >
this is the ngrep -record when i tried to make a incoming call from PSTN
U 81.21.38.13:57812 -> 81.21.33.35:5060 INVITE sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35. Date: Fri, 15 Sep 2006 09:15:20 GMT. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. Supported: timer,100rel. Min-SE: 1800. Cisco-Guid: 3763255713-1164120539-2201223171-3126568985. User-Agent: Cisco-SIPGateway/IOS-12.x. Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, COMET, REFER, SUBSCRIBE, NOTIFY, INFO. CSeq: 101 INVITE. Max-Forwards: 6. Remote-Party-ID: <sip:22498045@81.21.38.13
;party=calling;screen=yes;privacy=off.
Timestamp: 1158311720. Contact: sip:22498045@81.21.38.13:5060. Expires: 180. Allow-Events: telephone-event. Content-Type: application/sdp. Content-Length: 274. . v=0. o=CiscoSystemsSIP-GW-UserAgent 9485 5123 IN IP4 81.21.38.13. s=SIP Call. c=IN IP4 81.21.38.13. t=0 0. m=audio 17124 RTP/AVP 18 0 8 100. a=rtpmap:18 G729/8000. a=fmtp:18 annexb=no. a=rtpmap:0 PCMU/8000. a=rtpmap:8 PCMA/8000. a=rtpmap:100 X-NSE/8000. a=fmtp:100 192-194.
# U 81.21.33.35:5060 -> 81.21.38.13:5060 SIP/2.0 407 Proxy Authentication Required. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35;tag=74961b5b71b6ddce908b9155b956083f.58b5. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. CSeq: 101 INVITE. Proxy-Authenticate: Digest realm="81.21.33.35", nonce="450a6fac7fc0d4000fd13a85f7f6c55323ed6a5c". Content-Length: 0. Warning: 392 81.21.33.35:5060 "Noisy feedback tells: pid=24505 req_src_ip= 81.21.38.13 req_src_port=57812 in_uri=sip:22030980@81.21.33.35:5060 out_uri= sip:22030980@81.21.33.35:5060 via_cnt==1". .
# U 81.21.38.13:57812 -> 81.21.33.35:5060 ACK sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35;tag=74961b5b71b6ddce908b9155b956083f.58b5. Date: Fri, 15 Sep 2006 09:15:20 GMT. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. Max-Forwards: 6. Content-Length: 0. CSeq: 101 ACK. .
# U 81.21.38.13:51826 -> 81.21.33.35:5060 INVITE sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415970-1FEC. To: sip:22030980@81.21.33.35. Date: Fri, 15 Sep 2006 09:15:22 GMT. Call-ID: 8C78BCF5-43D111DB-9F95880F-F0154510@81.21.38.13. Supported: timer,100rel. Min-SE: 1800. Cisco-Guid: 3776566429-1164120539-2202206211-3126568985. User-Agent: Cisco-SIPGateway/IOS-12.x. Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, COMET, REFER, SUBSCRIBE, NOTIFY, INFO. CSeq: 101 INVITE. Max-Forwards: 6. Remote-Party-ID: <sip:22498045@81.21.38.13
;party=calling;screen=yes;privacy=off.
Timestamp: 1158311722. Contact: sip:22498045@81.21.38.13:5060. Expires: 180. Allow-Events: telephone-event. Content-Type: application/sdp. Content-Length: 274. .
And these messages are repeating until the requested time out;-)
Whats wrong here :-
Hope this information can help me
Thanks, Ravi.
I dont get it... How come that you dont have the proxy authorize code there at all and yet your ser's asking for credentials??
Did u restart ser?
Andrey.
On 9/15/06, ravi reddy mravikreddy@gmail.com wrote:
this is the ngrep -record when i tried to make a incoming call from PSTN
U 81.21.38.13:57812 -> 81.21.33.35:5060 INVITE sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35. Date: Fri, 15 Sep 2006 09:15:20 GMT. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. Supported: timer,100rel. Min-SE: 1800. Cisco-Guid: 3763255713-1164120539-2201223171-3126568985. User-Agent: Cisco-SIPGateway/IOS-12.x. Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, COMET, REFER, SUBSCRIBE, NOTIFY, INFO. CSeq: 101 INVITE. Max-Forwards: 6. Remote-Party-ID: sip:22498045@81.21.38.13;party=calling;screen=yes;privacy=off. Timestamp: 1158311720. Contact: sip:22498045@81.21.38.13:5060. Expires: 180. Allow-Events: telephone-event. Content-Type: application/sdp. Content-Length: 274. . v=0. o=CiscoSystemsSIP-GW-UserAgent 9485 5123 IN IP4 81.21.38.13. s=SIP Call. c=IN IP4 81.21.38.13. t=0 0. m=audio 17124 RTP/AVP 18 0 8 100. a=rtpmap:18 G729/8000. a=fmtp:18 annexb=no. a=rtpmap:0 PCMU/8000. a=rtpmap:8 PCMA/8000. a=rtpmap:100 X-NSE/8000. a=fmtp:100 192-194.
# U 81.21.33.35:5060 -> 81.21.38.13:5060 SIP/2.0 407 Proxy Authentication Required. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35;tag=74961b5b71b6ddce908b9155b956083f.58b5. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. CSeq: 101 INVITE. Proxy-Authenticate: Digest realm="81.21.33.35", nonce="450a6fac7fc0d4000fd13a85f7f6c55323ed6a5c". Content-Length: 0. Warning: 392 81.21.33.35:5060 "Noisy feedback tells: pid=24505 req_src_ip=81.21.38.13 req_src_port=57812 in_uri=sip:22030980@81.21.33.35:5060 out_uri=sip:22030980@81.21.33.35:5060 via_cnt==1". .
# U 81.21.38.13:57812 -> 81.21.33.35:5060 ACK sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35;tag=74961b5b71b6ddce908b9155b956083f.58b5. Date: Fri, 15 Sep 2006 09:15:20 GMT. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. Max-Forwards: 6. Content-Length: 0. CSeq: 101 ACK. .
# U 81.21.38.13:51826 -> 81.21.33.35:5060 INVITE sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415970-1FEC. To: sip:22030980@81.21.33.35. Date: Fri, 15 Sep 2006 09:15:22 GMT. Call-ID: 8C78BCF5-43D111DB-9F95880F-F0154510@81.21.38.13. Supported: timer,100rel. Min-SE: 1800. Cisco-Guid: 3776566429-1164120539-2202206211-3126568985. User-Agent: Cisco-SIPGateway/IOS-12.x. Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, COMET, REFER, SUBSCRIBE, NOTIFY, INFO. CSeq: 101 INVITE. Max-Forwards: 6. Remote-Party-ID: sip:22498045@81.21.38.13;party=calling;screen=yes;privacy=off. Timestamp: 1158311722. Contact: sip:22498045@81.21.38.13:5060. Expires: 180. Allow-Events: telephone-event. Content-Type: application/sdp. Content-Length: 274. .
And these messages are repeating until the requested time out;-)
Whats wrong here :-
Hope this information can help me Thanks,Ravi.
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Okay... start small. You can work through this.
First things first:
Comment out the proxy_authorize portion of the config. Restart ser, and try the call again. See if it works. If it does, uncomment it, but right BEFORE the proxy_authorize, put the check for the trusted table and then a log message to check the logs...
something like:
if(!allow_trusted()) { log(1, "ALLOW TRUSTED CHECK FAILED -- HOST NOT IN TRUSTED TABLE"); if(!proxy_authorize... etc, etc)
};
Restart ser, and try the call again. If that message pops up, then there's something wrong with the trusted host check and you can double check the data you entered into the database to make sure it's all actually correct.
Your trusted table should look something like:
+----------------+-------+--------------+| src_ip | proto | from_pattern |+----------------+-------+--------------+| 127.0.0.1 | any | sip:.*$ || 81.21.38.13 | any | sip:.*$ |+----------------+-------+--------------+
On Fri, 15 Sep 2006 12:36:04 +0300, ravi reddy wrote
this is the ngrep -record when i tried to make a incoming call from PSTN
U MailScanner warning: numerical links are often malicious: 81.21.38.13:57812 -> MailScanner warning: numerical links are often malicious: 81.21.33.35:5060 INVITE sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP MailScanner warning: numerical links are often malicious: 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35. Date: Fri, 15 Sep 2006 09:15:20 GMT. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. Supported: timer,100rel. Min-SE: 1800. Cisco-Guid: 3763255713-1164120539-2201223171-3126568985. User-Agent: Cisco-SIPGateway/IOS-12.x. Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, COMET, REFER, SUBSCRIBE, NOTIFY, INFO. CSeq: 101 INVITE. Max-Forwards: 6. Remote-Party-ID: sip:22498045@81.21.38.13;party=calling;screen=yes;privacy=off. Timestamp: 1158311720. Contact: sip:22498045@81.21.38.13:5060. Expires: 180. Allow-Events: telephone-event. Content-Type: application/sdp. Content-Length: 274. . v=0. o=CiscoSystemsSIP-GW-UserAgent 9485 5123 IN IP4 MailScanner warning: numerical links are often malicious: 81.21.38.13. s=SIP Call. c=IN IP4 MailScanner warning: numerical links are often malicious: 81.21.38.13. t=0 0. m=audio 17124 RTP/AVP 18 0 8 100. a=rtpmap:18 G729/8000. a=fmtp:18 annexb=no. a=rtpmap:0 PCMU/8000. a=rtpmap:8 PCMA/8000. a=rtpmap:100 X-NSE/8000. a=fmtp:100 192-194.
# U MailScanner warning: numerical links are often malicious: 81.21.33.35:5060 -> MailScanner warning: numerical links are often malicious: 81.21.38.13:5060 SIP/2.0 407 Proxy Authentication Required. Via: SIP/2.0/UDP MailScanner warning: numerical links are often malicious: 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35;tag=74961b5b71b6ddce908b9155b956083f.58b5. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. CSeq: 101 INVITE. Proxy-Authenticate: Digest realm="MailScanner warning: numerical links are often malicious: 81.21.33.35", nonce="450a6fac7fc0d4000fd13a85f7f6c55323ed6a5c". Content-Length: 0. Warning: 392 MailScanner warning: numerical links are often malicious: 81.21.33.35:5060 "Noisy feedback tells: pid=24505req_src_ip=MailScanner warning: numerical links are often malicious: 81.21.38.13 req_src_port=57812in_uri=sip:22030980@81.21.33.35:5060out_uri=sip:22030980@81.21.33.35:5060 via_cnt==1". .
# U MailScanner warning: numerical links are often malicious: 81.21.38.13:57812 -> MailScanner warning: numerical links are often malicious: 81.21.33.35:5060 ACK sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP MailScanner warning: numerical links are often malicious: 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415468-CC3. To: sip:22030980@81.21.33.35;tag=74961b5b71b6ddce908b9155b956083f.58b5. Date: Fri, 15 Sep 2006 09:15:20 GMT. Call-ID: 8BB4320C-43D111DB-9F91880F-F0154510@81.21.38.13. Max-Forwards: 6. Content-Length: 0. CSeq: 101 ACK. .
# U MailScanner warning: numerical links are often malicious: 81.21.38.13:51826 -> MailScanner warning: numerical links are often malicious: 81.21.33.35:5060 INVITE sip:22030980@81.21.33.35:5060 SIP/2.0. Via: SIP/2.0/UDP MailScanner warning: numerical links are often malicious: 81.21.38.13:5060. From: sip:22498045@81.21.38.13;tag=78415970-1FEC. To: sip:22030980@81.21.33.35. Date: Fri, 15 Sep 2006 09:15:22 GMT. Call-ID: 8C78BCF5-43D111DB-9F95880F-F0154510@81.21.38.13. Supported: timer,100rel. Min-SE: 1800. Cisco-Guid: 3776566429-1164120539-2202206211-3126568985. User-Agent: Cisco-SIPGateway/IOS-12.x. Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, COMET, REFER, SUBSCRIBE, NOTIFY, INFO. CSeq: 101 INVITE. Max-Forwards: 6. Remote-Party-ID: sip:22498045@81.21.38.13;party=calling;screen=yes;privacy=off. Timestamp: 1158311722. Contact: sip:22498045@81.21.38.13:5060. Expires: 180. Allow-Events: telephone-event. Content-Type: application/sdp. Content-Length: 274. .
And these messages are repeating until the requested time out;-)
Whats wrong here :-
Hope this information can help me
Thanks, Ravi.
-
Andrey Kuprianov -
ravi reddy -
samuel -
sip