[OpenSIPS-Users] topology hiding
BJ Quinn
bjquinn at seidal.com
Mon Feb 3 19:36:04 CET 2014
Oh and the only manual manipulation of the route headers was an attempt to get rid of that \304 in the header.
I think the \304 thing may be a red herring for now. I still can't get the topology hiding to work. Below is my config file. It's literally the default config file with nothing changed but I've put in my IP address on the listen line, added a couple of aliases, added UAC module to try to change the from header (that works) and the dialog module and a couple of modifications to the route to make topology hiding work (not working for me).
Am I putting this in the wrong part of the route?
Thx
-BJ Quinn
---
debug=3
log_stderror=no
log_facility=LOG_LOCAL0
fork=yes
children=4
auto_aliases=no
listen=udp:xx.xx.xx.9:5060
disable_tcp=yes
disable_tls=yes
alias=xx.xx.xx.76:5060
alias=xx.xx.xx.77:5060
mpath="/usr/lib64/opensips/modules"
loadmodule "signaling.so"
loadmodule "sl.so"
loadmodule "tm.so"
modparam("tm", "fr_timer", 5)
modparam("tm", "fr_inv_timer", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
loadmodule "rr.so"
modparam("rr", "append_fromtag", 0)
loadmodule "maxfwd.so"
loadmodule "sipmsgops.so"
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "db_mode", 0)
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
loadmodule "acc.so"
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", "ACC_FAILED")
modparam("acc", "log_flag", "ACC_DO")
modparam("acc", "log_missed_flag", "ACC_MISSED")
# added to rewrite from header
loadmodule "uac.so"
loadmodule "uac_auth.so"
modparam("uac","restore_mode","manual")
#added for topology hiding
loadmodule "dialog.so"
route{
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if (has_totag()) {
if (loose_route()) {
# added for topology hiding
if ($DLG_status==NULL && !match_dialog() ) {
xlog(" cannot match request to a dialog \n");
}
#/added for topology hiding
if (is_method("BYE")) {
setflag(ACC_DO);
setflag(ACC_FAILED);
} else if (is_method("INVITE")) {
record_route();
}
route(relay);
} else {
if ( is_method("ACK") ) {
if ( t_check_trans() ) {
t_relay();
exit;
} else {
exit;
}
}
sl_send_reply("404","Not here");
}
exit;
}
if (is_method("CANCEL"))
{
if (t_check_trans())
t_relay();
exit;
}
t_check_trans();
if ( !(is_method("REGISTER") ) ) {
if (from_uri==myself)
{
} else {
if (!uri==myself) {
send_reply("403","Rely forbidden");
exit;
}
}
}
if (loose_route()) {
xlog("L_ERR",
"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
if (!is_method("ACK"))
sl_send_reply("403","Preload Route denied");
exit;
}
if (!is_method("REGISTER|MESSAGE"))
record_route();
if (is_method("INVITE")) {
setflag(ACC_DO); # do accounting
}
if (is_method("INVITE")) {
# rewrite from header
uac_replace_from("sip:$fU at xx.xx.xx.9");
# trying to fix that /304 problem
#remove_hf("Route");
#append_hf("Route: <sip:xx.xx.xx.9;lr>");
create_dialog();
topology_hiding();
exit;
}
if (!uri==myself) {
append_hf("P-hint: outbound\r\n");
route(relay);
}
if (is_method("PUBLISH|SUBSCRIBE"))
{
sl_send_reply("503", "Service Unavailable");
exit;
}
if (is_method("REGISTER"))
{
if ( 0 ) setflag(TCP_PERSISTENT);
if (!save("location"))
sl_reply_error();
exit;
}
if ($rU==NULL) {
sl_send_reply("484","Address Incomplete");
exit;
}
if (!lookup("location","m")) {
t_newtran();
t_reply("404", "Not Found");
exit;
}
setflag(ACC_MISSED);
route(relay);
}
route[relay] {
if (is_method("INVITE")) {
t_on_branch("per_branch_ops");
t_on_reply("handle_nat");
t_on_failure("missed_call");
}
if (!t_relay()) {
send_reply("500","Internal Error");
};
exit;
}
branch_route[per_branch_ops] {
xlog("new branch at $ru\n");
}
onreply_route[handle_nat] {
xlog("incoming reply\n");
}
failure_route[missed_call] {
if (t_was_cancelled()) {
exit;
}
}
---
----- Original Message -----
From: "BJ Quinn" <bjquinn at seidal.com>
To: "OpenSIPS users mailling list" <users at lists.opensips.org>
Sent: Monday, February 3, 2014 10:27:22 AM
Subject: Re: [OpenSIPS-Users] topology hiding
Thanks, I'll do that. What about the topology hiding? Am I doing that incorrectly?
-BJ
----- Original Message -----
From: "Vlad Paiu" <vladpaiu at opensips.org>
To: users at lists.opensips.org
Sent: Monday, February 3, 2014 7:46:41 AM
Subject: Re: [OpenSIPS-Users] topology hiding
Hello,
No, you should not regex out those bogus characters, this seems like a
bug - could you please send us to SIP trace for your scenario so I can
understand how and when it's happening ? Are you currently doing any
manual manipulation on the Route headers in your script ?
Also, if possible, Please open an issue on
https://github.com/OpenSIPS/opensips/issue for this so we can better
keep track of it.
Best Regards,
Vlad Paiu
OpenSIPS Developer
http://www.opensips-solutions.com
On 01.02.2014 02:26, BJ Quinn wrote:
> Hi,
>
> I'd like to use topology_hiding(), but I can't quite understand how to integrate it into the routing part of the configuration file. I have my opensips box on a public IP and some machines initiating calls through the opensips box that are also on public IPs, so no NAT going on or anything like that. However, a couple of the carriers we're trying to use don't like seeing the IP address of the machines initiating the call (in Route and Contact headers, etc.) and that's causing problems including some carriers don't think the call has set up properly (even though it goes through), which leads to missing BYEs. Anyway, seems like topology_hiding() is a great idea anyway, regardless of the fact that I've had a carrier specifically request it.
>
> I'm using 1.10. So I've started with the basic Residential scenario made from osipsconfig. I didn't check any of the options (like ENABLE_TCP, USE_ALIASES, etc.) and modified only my IP address and added a couple of aliases for the machines making the calls. I added the following outside of the routing logic to load the dialog module to make topology_hiding() available.
>
> loadmodule "dialog.so"
>
> Then, under "if(has_totag()) { if (loose_route()) {" I added --
>
> if ($DLG_status==NULL && !match_dialog() ) {
> xlog(" cannot match request to a dialog \n");
> }
>
> And outside of the "if(has_totag())" section I added --
>
> if (is_method("INVITE")) {
> create_dialog();
> topology_hiding();
> }
>
> Without these added sections, things are fine on some carriers and with other carriers I have the problems described above which causes me to want to enable topology hiding. With these added sections, I get 408 timeouts since it appears that the opensips box is responding NOT HERE to the carrier's 200 OKs.
>
> Also, possibly unrelated, in either case I'm getting a weird "\304" added to my Route header. Should I just replace the Route header and regex that out?
>
> Route: <sip:xx.xx.xx.xx:\304;lr>
>
> Thanks!
>
> -BJ Quinn
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list