Yes, Now I am not getting that issue any more. The change in hash table fixed the issue. <br>Thanks a lot. <br><br>For printing warning I changed this<br>LM_DBG("invalid ip field in address table, ignoring entry %d, %s\n", i, str_src_ip.s);<br>
to <br>LM_WARN("invalid ip field in address table, ignoring entry %d, %s\n", i, str_src_ip.s);<br><br>I like the fact that this will spit the warning in log file even I am not running in debug more. <br><br>Will do some more testing. <br>
<br>Again thank you so much. <br><br>-Jai <br><br><br><br><div class="gmail_quote">On Fri, Dec 11, 2009 at 1:46 AM, Irina Stanescu <span dir="ltr"><<a href="mailto:istanescu@opensips.org">istanescu@opensips.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi Jai,<br>
<br>
As you suggested, i added the id of the entry to the debug info for<br>
ignored entries .<br>
<br>
Also, i committed a fix for the other problem you had with<br>
check_source_address. Please update from SVN and let me know if you find<br>
any other issues.<br>
<div class="im"><br>
<br>
Regards,<br>
Irina Stanescu<br>
<br>
<br>
Jai Rangi wrote:<br>
</div><div><div></div><div class="h5">> Excellent, I owe you one.<br>
><br>
> As always users always want more and more ;)<br>
> I got this in the logs when I try to<br>
> Dec 10 13:55:02 [11176] DBG:permissions:reload_address_table: invalid<br>
> ip field in address table, ignoring entry 0<br>
> Dec 10 13:55:02 [11176] DBG:permissions:reload_address_table: invalid<br>
> ip field in address table, ignoring entry 1<br>
><br>
> Here ID or IPAddress will be more useful for debugging purpose.<br>
><br>
> Here is the trace for the failing call form same IP.<br>
><br>
> Dec 10 14:03:09 [11772] DBG:core:parse_via: end of header reached, state=5<br>
> Dec 10 14:03:09 [11772] DBG:core:parse_headers: via found, flags=200<br>
> Dec 10 14:03:09 [11772] DBG:core:get_hdr_field: content_length=235<br>
> Dec 10 14:03:09 [11772] DBG:core:get_hdr_field: found end of header<br>
> Dec 10 14:03:09 [11772] DBG:rr:find_first_route: No Route headers found<br>
> Dec 10 14:03:09 [11772] DBG:rr:loose_route: There is no Route HF<br>
> source ip is 65.211.120.237 and protocol is udp avp is <null><br>
> Dec 10 14:03:09 [11772] DBG:permissions:check_src_addr_3: Looking for<br>
> : <0, 65.211.120.237, 5060, 1> in tables<br>
> Dec 10 14:03:09 [11772] DBG:permissions:hash_match: no match in the<br>
> hash table<br>
> Dec 10 14:03:09 [11772] DBG:permissions:match_subnet_table: subnet<br>
> table is empty<br>
> Monitor Request not from trusted source from<br>
> sip:+19496794816@199.173.94.144:5060;user=phone to<br>
> sip:+19493334879@209.216.2.213:5060;user=phone;transport=UDP from IP<br>
> 65.211.120.237 Dec 10 14:03:09 [11772] DBG:core:parse_headers:<br>
> flags=ffffffffffffffff<br>
> Dec 10 14:03:09 [11772] DBG:core:parse_headers: flags=ffffffffffffffff<br>
> Dec 10 14:03:09 [11772] DBG:core:check_ip_address: params<br>
> 65.211.120.237, 65.211.120.237, 0<br>
> Dec 10 14:03:09 [11772] DBG:core:destroy_avp_list: destroying list (nil)<br>
> Dec 10 14:03:09 [11772] DBG:core:receive_msg: cleaning up<br>
> Dec 10 14:03:09 [11771] DBG:core:parse_msg: SIP Request:<br>
><br>
> Dump from address cache<br>
> ../../sbin/opensipsctl fifo address_dump | grep "65.211.120.237"<br>
> 12 <65.211.120.237,0, 0, 0, ^sip:.*$, NULL><br>
><br>
> Code in cfg file<br>
> xlog(" source ip is $si and protocol is $proto avp is $avp(i:9)");<br>
> if (check_source_address("0","$avp(i:9)")) {<br>
><br>
> Same Call from other IP works juts IP<br>
><br>
> Dec 10 14:08:16 [11776] DBG:rr:loose_route: There is no Route HF<br>
> source ip is 65.217.40.210 and protocol is udp avp is <null><br>
> Dec 10 14:08:16 [11776] DBG:permissions:check_src_addr_3: Looking for<br>
> : <0, 65.217.40.210, 5060, 1> in tables<br>
> Dec 10 14:08:16 [11776] DBG:permissions:hash_match: match found in the<br>
> hash table<br>
><br>
> ../../sbin/opensipsctl fifo address_dump | grep "65.217.40.210"<br>
> 9 <65.217.40.210,0, 0, 0, ^sip:.*$, NULL><br>
><br>
> Best,<br>
><br>
> -Jai<br>
><br>
> On Thu, Dec 10, 2009 at 8:19 AM, Irina Stanescu<br>
</div></div><div><div></div><div class="h5">> <<a href="mailto:istanescu@opensips.org">istanescu@opensips.org</a> <mailto:<a href="mailto:istanescu@opensips.org">istanescu@opensips.org</a>>> wrote:<br>
><br>
> Hi Jai,<br>
><br>
> I modified the permissions module so that now any invalid db entry<br>
> from<br>
> the address table is skipped.<br>
> I committed the change on trunk and also on the 1.6 branch.<br>
><br>
> About the other issue you have found, what does the log say?<br>
><br>
><br>
><br>
> Regards,<br>
> Irina Stanescu<br>
><br>
><br>
> Jai Rangi wrote:<br>
> > Bogda,<br>
> > Wow that was quick. Thank you,<br>
> ><br>
> > I found one more issue,<br>
> > I have this entry in address table<br>
> > 944 0 65.211.120.237 32 0 any ^sip:.*$<br>
> /NULL/ 0 some<br>
> > descriptiond<br>
> ><br>
> ><br>
> > Here is a check in my route block<br>
> > if (check_source_address("0","$avp(i:9)")) {<br>
> > t_rely();<br>
> > } else {<br>
> > xlog("Monitor Request not from trusted source from $fu to $ru from<br>
> > IP $si ");<br>
> > sl_send_reply("403", "Forbidden, we dont trust you");<br>
> > }<br>
> ><br>
> > ../../sbin/opensipsctl fifo address_dump | grep "65.211.120.237"<br>
> ><br>
> > 12 <65.211.120.237,0, 0, 0, ^sip:.*$, NULL><br>
> ><br>
> > I always get 403.<br>
> > Is there a limit in address table.<br>
> ><br>
> > -Jai<br>
> ><br>
> ><br>
> > On Thu, Dec 10, 2009 at 12:24 AM, Bogdan-Andrei Iancu<br>
> > <<a href="mailto:bogdan@voice-system.ro">bogdan@voice-system.ro</a> <mailto:<a href="mailto:bogdan@voice-system.ro">bogdan@voice-system.ro</a>><br>
</div></div>> <mailto:<a href="mailto:bogdan@voice-system.ro">bogdan@voice-system.ro</a> <mailto:<a href="mailto:bogdan@voice-system.ro">bogdan@voice-system.ro</a>>>><br>
<div><div></div><div class="h5">> wrote:<br>
> ><br>
> > Hi Jai,<br>
> ><br>
> > I think you are correct - the permission table should also<br>
> be more<br>
> > permissive when comes to the errors and skip bogus entries.<br>
> I will ask<br>
> > the maintainer (Irina) to fix this problem.<br>
> ><br>
> > Thanks for the report,<br>
> > Bogdan<br>
> ><br>
> > Jai Rangi wrote:<br>
> > > Not sure if this this the right place for this post. May<br>
> be I should<br>
> > > post it on developers mailing list. Please suggest.<br>
> > ><br>
> > > Just installed opensip1.6 with Mysql, drouting and permissions<br>
> > module.<br>
> > > Did not take long to get it configure and get it going.<br>
> > Documentations<br>
> > > is wonderful.<br>
> > > While testing I noticed that,<br>
> > ><br>
> > > 1. If there is any invalid entry in dr_routing tables, and<br>
> I reload<br>
> > > the dr_routing it spit the error for the mistyped/wrong<br>
> entry and<br>
> > > loads rest of the valid entries. Same thing with startup.<br>
> > Opensip will<br>
> > > start up just fine even if there are some invalid rules in<br>
> the table<br>
> > > and throws the error with ruleid.<br>
> > ><br>
> > > 2. On the other hand address table does not work that way. If<br>
> > there is<br>
> > > any space (Typo) in the IP address, opensip wont start and<br>
> wont<br>
> > reload<br>
> > > the address table.<br>
> > > I have to put the valid IP address, there is not option<br>
> for dynamic<br>
> > > domain names. (For people who does not have static IP).<br>
> Not only<br>
> > that<br>
> > > it does not even tell which IP has a problem that makes it<br>
> even<br>
> > harder<br>
> > > to debug when you have thousands of IPs in the trusted tables.<br>
> > ><br>
> > > I was wondering if there is a work around for this. I<br>
> would like<br>
> > > opensip to startup (or successful address_reload) with all<br>
> the valid<br>
> > > entries and throw an error for invalid entries. Also<br>
> having the<br>
> > > ability to add an domain would be nice.<br>
> > ><br>
> > > Any thoughts??<br>
> > ><br>
> > > -Jai<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> ><br>
> ------------------------------------------------------------------------<br>
> > ><br>
> > > _______________________________________________<br>
> > > Users mailing list<br>
> > > <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>><br>
</div></div>> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>>><br>
<div class="im">> > > <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
> > ><br>
> ><br>
> ><br>
> > --<br>
> > Bogdan-Andrei Iancu<br>
> > <a href="http://www.voice-system.ro" target="_blank">www.voice-system.ro</a> <<a href="http://www.voice-system.ro" target="_blank">http://www.voice-system.ro</a>><br>
> <<a href="http://www.voice-system.ro" target="_blank">http://www.voice-system.ro</a>><br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > Users mailing list<br>
> > <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>><br>
</div>> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>>><br>
<div><div></div><div class="h5">> > <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
> ><br>
> ><br>
> ><br>
> ------------------------------------------------------------------------<br>
> ><br>
> > _______________________________________________<br>
> > Users mailing list<br>
> > <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>><br>
> > <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
> ><br>
><br>
><br>
> _______________________________________________<br>
> Users mailing list<br>
> <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>><br>
> <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
><br>
><br>
> ------------------------------------------------------------------------<br>
><br>
> _______________________________________________<br>
> Users mailing list<br>
> <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
> <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
><br>
<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</div></div></blockquote></div><br>