[OpenSIPS-Users] Getting Error when using NATHELPER module
Ahmed Munir
ahmedmunir007 at gmail.com
Thu Apr 1 09:16:15 CEST 2010
Hi,
I've configured OpenSIPs with Radius and now working to configure NAT on
OpenSIPs using module mod_nathelper. After configuring, I'm getting
following errors as listed down below;
Apr 1 11:53:31 rose /usr/local/sbin/opensips[11386]:
ERROR:nathelper:select_rtpp_node: script error -no valid set selected
Apr 1 11:53:31 rose /usr/local/sbin/opensips[11386]:
ERROR:nathelper:force_rtp_proxy_body: no available proxies
Apr 1 11:53:46 rose /usr/local/sbin/opensips[11382]:
ERROR:nathelper:select_rtpp_node: script error -no valid set selected
Apr 1 11:53:46 rose /usr/local/sbin/opensips[11382]:
ERROR:nathelper:unforce_rtp_proxy_f: no available proxies
Apr 1 11:53:46 rose /usr/local/sbin/opensips[11386]:
ERROR:nathelper:force_rtp_proxy: Unable to parse body
And the configuration of OpenSIPs is listed below;
loadmodule "dispatcher.so"
#loadmodule "auth_diameter.so"
loadmodule "aaa_radius.so"
loadmodule "auth_aaa.so"
loadmodule "permissions.so"
loadmodule "nathelper.so"
#--------------------------------Settings For
Radius-------------------------------------
#modparam("auth_diameter", "diameter_client_host", "localhost")
modparam("aaa_radius",
"radius_config","/usr/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "aaa_url",
"radius:/usr/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "aaa_flag", 2)
modparam("acc", "aaa_missed_flag", 3)
modparam("acc", "aaa_extra", "User-Name=$Au; \
Calling-Station-Id=$from; \
Called-Station-Id=$to; \
Sip-Translated-Request-URI=$ruri; \
Sip-RPid=$avp(s:rpid); \
Source-IP=$si; \
Source-Port=$sp; \
Canonical-URI=$avp(s:can_uri); \
Billing-Party=$avp(s:billing_party); \
Divert-Reason=$avp(s:divert_reason); \
X-RTP-Stat=$hdr(X-RTP-Stat); \
Contact=$hdr(contact); \
Event=$hdr(event); \
SIP-Proxy-IP=$avp(s:sip_proxy_ip); \
ENUM-TLD=$avp(s:enum_tld)")
modparam("auth_aaa","aaa_url","radius:/usr/etc/radiusclient-ng/radiusclient.conf")
modparam("auth", "rpid_prefix", "<sip:")
modparam("auth", "rpid_suffix", "@rose.vopium.com>;screen=yes;privacy=off")
modparam("auth", "rpid_avp", "$avp(s:rpid)")
#modparam("uri","service_type",10)
# ----------------- setting module-specific parameters ---------------
modparam("permissions", "db_url", "mysql://opensips:opensipsrw@localhost
/opensips")
#----------------- setting NAT module parameters ---------------------
modparam("nathelper","ping_nated_only",1)
modparam("nathelper", "natping_interval", 30)
modparam("nathelper","natping_processes",1)
modparam("nathelper","rtpproxy_sock","")
modparam("nathelper","received_avp","$avp(i:42)")
#modparam("nathelper", "sipping_bflag", 7)
modparam("usrloc", "nat_bflag", 6)
route{
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
#NAT detection
log("######################################### Go to Route 3 for NAT
Detection #####################################");
route(3);
if (has_totag()) {
if (loose_route()) {
if (is_method("BYE")) {
setflag(1); # do accounting ...
setflag(3); # ... even if the transaction
fails
} else if (is_method("INVITE")) {
record_route();
}
route(1);
} else {
if ( is_method("ACK") ) {
if ( t_check_trans() ) {
t_relay();
exit;
} else {
exit;
}
}
sl_send_reply("404","Not here");
}
exit;
}
# CANCEL processing
if (is_method("CANCEL"))
{
if (t_check_trans())
t_relay();
exit;
}
t_check_trans();
# authenticate if from local subscriber (uncomment to enable auth)
# authenticate all initial non-REGISTER request that pretend to be
# generated by local subscriber (domain from FROM URI is local)
##if (!(method=="REGISTER") && from_uri==myself) /*no multidomain
version*/
##if (!(method=="REGISTER") && is_from_local()) /*multidomain
version*/
##{
## if (!proxy_authorize("", "subscriber")) {
## proxy_challenge("", "0");
## exit;
## }
## if (!check_from()) {
## sl_send_reply("403","Forbidden auth ID");
## exit;
## }
##
## consume_credentials();
## # caller authenticated
##}
# preloaded route checking
if (loose_route()) {
xlog("L_ERR",
"Attempt to route with preloaded Route's
[$fu/$tu/$ru/$ci]");
if (!is_method("ACK"))
sl_send_reply("403","Preload Route denied");
exit;
}
# record routing
if (!is_method("REGISTER|MESSAGE"))
record_route();
#$avp(i:27)=check_source_address("0");
#xlog("Check Source Address from Address TABLE : $(avp(i:27))\n");
$avp(s:checksrc) = check_source_address("0");
log("###########################################################################################\n");
xlog("Check Source Address from Address TABLE Where Value 1 is Equal
to True: $(avp(s:checksrc))\n");
log("###########################################################################################\n");
xlog("incoming from $si : $sp \n");
if (check_source_address("0")) {
if (is_method("INVITE")){
log("#################### INVITE FUNCTION 1
####################");
setflag(1); # do accounting
}
}
if (!uri==myself)
## replace with following line if multi-domain support is used
##if (!is_uri_host_local())
{
append_hf("P-hint: outbound\r\n");
# if you have some interdomain connections via TLS
##if($rd=="tls_domain1.net") {
## t_relay("tls:domain1.net");
## exit;
##} else if($rd=="tls_domain2.net") {
## t_relay("tls:domain2.net");
## exit;
##}
route(1);
}
if(uri==myself)
{
log("########################################### URI ==
MYSELF ########################################");
if(method=="REGISTER")
{
route(2);
}
append_hf("P-hint: usrloc applied\r\n");
}
# requests for my domain
## uncomment this if you want to enable presence server
## and comment the next 'if' block
## NOTE: uncomment also the definition of route[2] from below
##if( is_method("PUBLISH|SUBSCRIBE"))
## route(2);
if (is_method("PUBLISH"))
{
sl_send_reply("503", "Service Unavailable");
exit;
}
if (is_method("REGISTER"))
{
route(2);
}
if ($rU==NULL) {
# request with no Username in RURI
sl_send_reply("484","Address Incomplete");
exit;
}
# apply DB based aliases (uncomment to enable)
##alias_db_lookup("dbaliases");
# do lookup with method filtering
if (!lookup("location","m")) {
switch ($retcode) {
case -1:
log("############################# LOOKUP
LOCATION FLAG -1 PASS #################################");
#ds_select_dst("1","4");
log("############################# DO
ACCOUNTING ON RADIUS ######################################");
setflag(2);
log("############################# SEND CALL
TO ASTERISK #######################################");
rewritehostport("11.22.33.44:5060");
#forward();
log("############################# CALL IS
GOING IN STATEFULL MANNER ############################");
t_relay();
log("############################# CALL
ROUTING TO ROUTE 1 ######################################");
route(1);
exit;
case -3:
log("############################ LOOKUP
LOCATION FLAG -3 PASS #################################");
t_newtran();
t_reply("404", "Not Found");
exit;
case -2:
log("############################ LOOKUP
LOCATION FLAG -2 PASS #################################");
sl_send_reply("405", "Method Not Allowed");
exit;
}
}
# when routing via usrloc, log the missed calls also
setflag(2);
log("############################# LOOKUP LOCATION FLAG 1 PASS
########################################");
route(1);
}
route[1] {
# for INVITEs enable some additional helper routes
if (is_method("INVITE")) {
log("################################ INVITE ROUTE 1
Function ##################################");
t_on_branch("2");
t_on_reply("2");
t_on_failure("1");
}
if (subst_uri('/(sip:.*);nat=yes/\1/')){
log("################################ IF SUBSTR CONTAINS
NAT=YES ################################");
setbflag(6);
};
if (isflagset(5)||isbflagset(6)) {
log("################################ CHECK FLAGSET AND
ROUTE TO 4 ###############################");
route(4);
}
if (!t_relay()) {
sl_reply_error();
};
exit;
}
route[2]
{
log("######################################## AAA-REGISTRATION
#######################################");
if (!aaa_www_authorize("rose.vopium.com"))
{
www_challenge("rose.vopium.com", "1");
return;
# #exit;
}
if(isflagset(5))
{
log("################################### IF FLAG SET IS 5
##################################");
# set branch flag -- when someone will call this user
# the INVITE will have branch flag 6 set after
lookup("location")
setbflag(6);
# if you want OPTIONS natpings uncomment next
# setbflag(7);
}
if (!save("location"))
sl_reply_error();
exit;
}
route[3]
{
log("################################ FUNCTION ROUTE 3 NAT
DETECTION ################################");
force_rport();
if (nat_uac_test("19")) {
if (method=="REGISTER") {
fix_nated_register();
} else {
fix_nated_contact();
};
setflag(5);
};
}
route[4]
{
log("################################ FUNCTION ROUTE 4 RTP PROXY
################################");
if (is_method("BYE")) {
unforce_rtp_proxy();
} else if (is_method("INVITE")){
force_rtp_proxy();
#t_on_failure("2");
t_on_failure("3");
};
if (isflagset(5))
search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes');
#t_on_reply("1");
t_on_reply("3");
}
branch_route[2] {
xlog("new branch at $ru\n");
}
onreply_route[2] {
xlog("incoming reply\n");
}
failure_route[1] {
if (t_was_cancelled()) {
exit;
}
}
failure_route[3] {
log("################################ FAILURE ROUTE 3 FUNCTION
################################");
if (isbflagset(6) || isflagset(5)) {
unforce_rtp_proxy();
}
}
onreply_route[3] {
log("################################ ONREPLY ROUTE 3 FUNCTION
################################");
if ((isflagset(5) || isbflagset(6)) &&
status=~"(183)|(2[0-9][0-9])") {
force_rtp_proxy();
}
search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes');
if (isbflagset(6)) {
fix_nated_contact();
}
exit;
}
Kindly state, how can I resolve this error in my above configuration. Please
advise.
--
Regards,
Ahmed Munir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20100401/2c866fec/attachment-0001.htm
More information about the Users
mailing list