[OpenSIPS-Users] registrant example
Bogdan-Andrei Iancu
bogdan at opensips.org
Fri Sep 27 06:32:00 UTC 2024
Hi Alberto,
There is no automatic way to do the inbound detection (via the registrar
module). What you can do is to use the permissions module, with the
address table as a view over the registrant table, so you do the inbound
IP auth.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
https://www.opensips-solutions.com
https://www.siphub.com
On 25.09.2024 14:00, Alberto wrote:
> Thanks,
>
> So, for n1, after ip auth I can validate the contact matches one of
> the contacts used to register, but there's no function to do that
> automatically.
> So in the case where opensips is keeping 2 registrations up to the
> same server, it's up to me to validate which one was used.
>
> n2, thanks again, I got it working by loading the credentials with
> avp_db_query.
>
> Regards
> A
>
> On Mon, 23 Sept 2024 at 07:52, Bogdan-Andrei Iancu
> <bogdan at opensips.org> wrote:
>
> Hi,
>
> 1) The Registrant OpenSIPS should do an IP auth for the Remote SIP
> provider. OpenSIPS knows the server it registered with, so it
> should be able to do IP auth
>
> 2) there is notthing standard about loading the credentials, you
> can do it in any way that works for you, like having them hard
> coded in cfg (if the same credentials are to be used for the all
> calls), or loading them from DB (using sqlops module), or HTTP
> rest query.
>
> Regards,
>
> Bogdan-Andrei Iancu
>
> OpenSIPS Founder and Developer
> https://www.opensips-solutions.com
> https://www.siphub.com
>
> On 22.09.2024 03:10, Alberto wrote:
>> Hi,
>>
>> I'm trying to put together a simple script to use uac_registrant
>> So I have:
>> LEFT SIP SERVERS <-[ip authentication]-> OPENSIPS
>> <-[uac_registrant]-> REMOTE SIP PROVIDER
>>
>> Here's the 2 problems I still have:
>> I have the users for the remote sip provider in the registrant
>> table, and opensips is already able to register to this remote
>> sip provider,but:
>> - When an INVITE comes from the remote sip provider I register
>> to, how do I validate which user is it related to? Where should I
>> store avp, and how should I load them?
>> - When an INVITE comes from the left sip servers and I have to
>> call the remote sip provider, how do I load the credentials from
>> the database to authenticate the INVITE to the remote sip provider?
>>
>> I'm using the address table for the left sip servers and
>> check_address, but I've stripped all that from my example below.
>> I hope this makes sense, thank you.
>>
>> Here is a short example script I'm working with
>>
>> #######
>> debug_mode=no
>>
>> log_level=2
>> xlog_level=2
>> log_stdout=yes
>> stderror_enabled=yes
>> syslog_facility=LOG_LOCAL0
>>
>> auto_aliases=no
>>
>> server_signature=yes
>>
>> socket=udp:0.0.0.0:5060 <http://0.0.0.0:5060>
>>
>> mpath="/usr/lib64/opensips/modules/"
>>
>> loadmodule "db_mysql.so"
>>
>> loadmodule "signaling.so"
>>
>> loadmodule "sl.so"
>>
>> loadmodule "tm.so"
>> modparam("tm", "auto_100trying", 0)
>> modparam("tm", "fr_inv_timeout", 120)
>> modparam("tm", "fr_timeout", 30)
>> modparam("tm", "onreply_avp_mode", 1)
>> modparam("tm", "restart_fr_on_each_reply", 0)
>>
>> loadmodule "rr.so"
>> modparam("rr", "append_fromtag", 1)
>>
>> loadmodule "dialog.so"
>> modparam("dialog", "default_timeout", 14400)
>> modparam("dialog", "dlg_match_mode", 1)
>> modparam("dialog", "enable_stats", 1)
>> modparam("dialog", "profiles_with_value", "caller")
>>
>> loadmodule "sipmsgops.so"
>>
>> loadmodule "usrloc.so"
>>
>> loadmodule "registrar.so"
>>
>> loadmodule "uac_auth.so"
>> modparam("uac_auth", "credential", "username:domain:password")
>>
>> loadmodule "uac_registrant.so"
>> modparam("uac_registrant", "db_url",
>> "mysql://opensips:opensipsrw@localhost/opensips")
>>
>> loadmodule "proto_udp.so"
>>
>> route {
>> if (has_totag()) {
>> if (loose_route()) {
>> if ($DLG_status != NULL && !validate_dialog()) {
>> exit;
>> }
>> } else {
>> if (is_method("ACK")) {
>> if (t_check_trans()) {
>> t_relay();
>> }
>> exit;
>> }
>>
>> sl_send_reply(404, "Not Found");
>> exit;
>> }
>>
>> t_relay();
>>
>> exit;
>> }
>>
>> if (is_method("CANCEL")) {
>> if (t_check_trans()) {
>> t_relay();
>> }
>> exit;
>> }
>>
>> t_check_trans();
>>
>> if (is_method("INVITE")) {
>> if (!create_dialog("B")) {
>> sl_send_reply(500, "Internal Server Error");
>> exit;
>> }
>> }
>>
>> route(relay);
>> }
>>
>> route[relay] {
>> if (is_method("INVITE")) {
>> # VALIDATE THIS RELATES TO A USER IN THE UAC_REGISTRANT TABLE
>> AND LOAD AVPS
>> # OR LOAD CREDENTIALS TO SEND INVITE ONWARD TO THE REMOTE SIP
>> PROVIDER
>>
>> t_on_failure("invite_failure_route");
>> }
>>
>> if (!t_relay()) {
>> sl_send_reply(500, "Internal Error");
>> }
>>
>> exit;
>> }
>>
>> failure_route[invite_failure_route] {
>> if (t_was_cancelled()) {
>> exit;
>> }
>>
>> if (t_check_status("3[0-9][0-9]")) {
>> t_reply(404, "Not found");
>> exit;
>> }
>> }
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20240927/37aaeade/attachment.html>
More information about the Users
mailing list