<div class="gmail_quote"><div>Hi Bogdan,</div><div><br></div><div>Thanks for your suggestion, few things I want to ask from you;</div><div><br></div><div>1- Can I use rewritehostport(); function instead of $rd='11.22.33.44' and append it to t_relay()? Like;</div>
<div><div><br></div><div>setflag(2);</div><div>rewritehostport("<a href="http://203.215.179.34:5060">203.215.179.34:5060</a>");</div><div>t_relay();</div><div>route(1);</div><div>exit;</div><div><br></div></div>
<div>2- When using check_source_address() function of permissions module, I'm facing weird problem. On machine A I've installed OpenSIPS ver 1.6.1 svn one, I used this function to permitted certain source IPs as I listed in address table. On machine B (currently working on it using Radius) I've installed same version of OpenSIPS as on machine A, when I call its check_source_address() function in INVITE section, it is working as it worked on machine A. Machine A settings are listed below;</div>
<div><br></div><div><br></div><div><div>if(is_method("INVITE") && check_source_address("0"))</div><div>{</div><div> log("#################### CHECK SOURCE ADDRESS ######################");</div>
<div> route(1);</div><div> setflag(1);</div><div>}</div><div><br></div><div><br></div><div>Machine B description I'm mentioning below;</div><div><br></div><div>2-1- If user registered him/her self on SIP phone their source IP not going to be checked, and make calls to each other.</div>
<div>2-2- If user A is on GW calls user B who is located and Registered on OpenSIPS, user A GW's source IP must be checked by OpenSIPs, if the IP exists on address table, call is permitted if not deny the call.</div>
<div><br></div><div>Problems;</div><div><br></div><div>When I user A and user B registered on OpenSIPs (using Radius) they can call each other, but if a user A calling from GW to user B who is registered on OpenSIPs, calls is made even the address is not listed on address table. And also in logs I see that that permissions module shows that it doesn't find any IP enlisted in its hash table, but still permitting it. The configuration of machine B is listed below;</div>
<div><br></div><div><div><div># main request routing logic</div><div><br></div><div>route{</div><div><br></div><div> if (!mf_process_maxfwd_header("10")) {</div><div> sl_send_reply("483","Too Many Hops");</div>
<div> exit;</div><div> }</div><div><br></div><div> if (has_totag()) {</div><div> if (loose_route()) {</div><div> if (is_method("BYE")) {</div><div>
setflag(1); # do accounting ...</div><div> setflag(3); # ... even if the transaction fails</div><div> } else if (is_method("INVITE")) {</div>
<div> record_route();</div><div> }</div><div> route(1);</div><div> } else {</div><div> if ( is_method("ACK") ) {</div>
<div> if ( t_check_trans() ) {</div><div> # non loose-route, but stateful ACK; must be an ACK after</div><div> # a 487 or e.g. 404 from upstream server</div>
<div> t_relay();</div><div> exit;</div><div> } else {</div><div> # ACK without matching transaction -></div>
<div> # ignore and discard</div><div> exit;</div><div> }</div><div> }</div><div> sl_send_reply("404","Not here");</div>
<div> }</div><div> exit;</div><div> }</div><div><br></div></div><div> #initial requests</div><div><br></div><div> # CANCEL processing</div><div> if (is_method("CANCEL"))</div>
<div> {</div><div> if (t_check_trans())</div><div> t_relay();</div><div> exit;</div><div> }</div><div><br></div><div> t_check_trans();</div><div><br>
</div><div> # preloaded route checking</div><div> if (loose_route()) {</div><div> xlog("L_ERR",</div><div> "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");</div>
<div> if (!is_method("ACK"))</div><div> sl_send_reply("403","Preload Route denied");</div><div> exit;</div><div> }</div><div><br></div>
<div> # record routing</div><div> if (!is_method("REGISTER|MESSAGE"))</div><div> record_route();</div><div><br></div></div><div><div><br></div><div> # account only INVITEs</div>
<div> if (is_method("INVITE") && check_source_address("0")){</div><div> log("#################### INVITE CASE 1 ####################");</div><div> setflag(1); # do accounting</div>
<div> }</div><div><div> if (!uri==myself)</div><div> ## replace with following line if multi-domain support is used</div><div> ##if (!is_uri_host_local())</div><div> {</div><div> append_hf("P-hint: outbound\r\n");</div>
<div> # if you have some interdomain connections via TLS</div><div> ##if($rd=="<a href="http://tls_domain1.net">tls_domain1.net</a>") {</div><div> ## t_relay("tls:<a href="http://domain1.net">domain1.net</a>");</div>
<div> ## exit;</div><div> ##} else if($rd=="<a href="http://tls_domain2.net">tls_domain2.net</a>") {</div><div> ## t_relay("tls:<a href="http://domain2.net">domain2.net</a>");</div>
<div> ## exit;</div><div> ##}</div><div> route(1);</div><div> }</div><div><br></div><div> # requests for my domain</div><div><br></div><div> ## uncomment this if you want to enable presence server</div>
<div> ## and comment the next 'if' block</div><div> ## NOTE: uncomment also the definition of route[2] from below</div><div> ##if( is_method("PUBLISH|SUBSCRIBE"))</div><div> ## route(2);</div>
<div><br></div><div> if (is_method("PUBLISH"))</div><div> {</div><div> sl_send_reply("503", "Service Unavailable");</div><div> exit;</div><div> }</div>
<div><div> if (is_method("REGISTER"))</div><div> {</div><div> route(2);</div><div> }</div><div><br></div><div> if ($rU==NULL) {</div><div> # request with no Username in RURI</div>
<div> sl_send_reply("484","Address Incomplete");</div><div> exit;</div><div> }</div><div><br></div><div> # apply DB based aliases (uncomment to enable)</div>
<div> ##alias_db_lookup("dbaliases");</div><div><br></div><div> # do lookup with method filtering</div><div> if (!lookup("location","m")) {</div><div> switch ($retcode) {</div>
<div> case -1:</div><div> log("############# LOOKUP LOCATION FLAG -1 PASS ###############");</div><div> setflag(2);</div><div>
rewritehostport("<a href="http://11.22.33.44:5060">11.22.33.44:5060</a>");</div><div> log("############### CALL ROUTING TO ROUTE 1 ###################");</div>
<div> route(1);</div><div> exit;</div><div> case -3:</div><div> log("############# LOOKUP LOCATION FLAG -3 PASS ###############");</div>
<div> t_newtran();</div><div> t_reply("404", "Not Found");</div><div> exit;</div><div> case -2:</div>
<div> log("############# LOOKUP LOCATION FLAG -2 PASS ###############");</div><div> sl_send_reply("405", "Method Not Allowed");</div>
<div> exit;</div><div> }</div><div> }</div><div><br></div><div> # when routing via usrloc, log the missed calls also</div><div> setflag(2);</div><div><br>
</div><div> log("############ LOOKUP LOCATION FLAG 1 PASS ################");</div><div> route(1);</div><div>}</div><div><br></div><div><div>route[1] {</div><div> # for INVITEs enable some additional helper routes</div>
<div> #if (is_method("INVITE") && check_source_address("0")) {</div><div> if (is_method("INVITE")) {</div><div> log("####################INVITE ROUTE 1 Function####################");</div>
<div> t_on_branch("2");</div><div> t_on_reply("2");</div><div> t_on_failure("1");</div><div> #ds_select_dst("1","4");</div>
<div> #forward();</div><div> }</div><div><br></div><div> if (!t_relay()) {</div><div> sl_reply_error();</div><div> };</div><div> exit;</div><div>}</div><div><br></div>
<div><div>route[2]</div><div>{</div><div><br></div><div><br></div><div> log("############## AAA-REGISTRATION #################");</div><div> if (!aaa_www_authorize("<a href="http://rose.abc.com">rose.abc.com</a>"))</div>
<div> {</div><div> www_challenge("<a href="http://rose.abc.com">rose.abc.com</a>", "1");</div><div> return;</div><div> }</div><div><br></div><div> if (!save("location"))</div>
<div> sl_reply_error();</div><div><br></div><div> exit;</div><div>}</div><div><div>branch_route[2] {</div><div> xlog("new branch at $ru\n");</div><div>}</div><div><br></div><div><br>
</div><div>onreply_route[2] {</div><div> xlog("incoming reply\n");</div><div>}</div><div><br></div><div><br></div><div>failure_route[1] {</div><div> if (t_was_cancelled()) {</div><div> exit;</div>
<div> }</div><div><br></div><div>}</div><div><br></div><div><br></div><div>Kindly assist me, how can I permit or deny user from source IP ? Because on machine A, check_source_address() function is working perfectly but I haven't integrated FreeRadius with OpenSIPs. Please sort out my problem as your earliest.</div>
</div></div></div></div></div></div></div><div><br></div><div> </div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Date: Thu, 18 Mar 2010 18:38:29 +0200<br>
From: Bogdan-Andrei Iancu <<a href="mailto:bogdan@voice-system.ro">bogdan@voice-system.ro</a>><br>
Subject: Re: [OpenSIPS-Users] Check Live Peers on OpenSIPS<br>
To: OpenSIPS users mailling list <<a href="mailto:users@lists.opensips.org">users@lists.opensips.org</a>><br>
Message-ID: <<a href="mailto:4BA25705.10506@voice-system.ro">4BA25705.10506@voice-system.ro</a>><br>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed<br>
<br>
Hi Ahmed,<br>
<br>
Ahmed Munir wrote:<br>
> Hi Bogdan,<br>
><br>
> Thanks for reply. I forgot to mention earlier that for I'm using<br>
> OpenSIPS + FreeRadius, where radius is doing accounting and<br>
> authentication. I used aaa_does_uri_exist() function as well, but<br>
> seems not working or making mistake while implementing it. On other<br>
> hand using lookup("location",m) function, on retcode = -1, I<br>
> redirected the INVITE to GW, using Dispatcher. But though thanks for<br>
> your suggestion and I'll consider it.<br>
><br>
> Few things I want to ask you, as I listed below;<br>
> 1-How can I forward SIP INVITE request to other SIP machine in state<br>
> full manner ?<br>
simply do:<br>
# set new destination in RURI<br>
$rd= "11.22.33.44";<br>
# send it out in stateful mode<br>
t_relay();<br>
exit;<br>
<br>
> 2- While accounting using radius, when user A (registered on OpenSIPS)<br>
> calls the user B who is located at GW side, accounting doesn't take<br>
> place. On the other hand when user B (from GW) calls user A (to<br>
> OpenSIPS), accounting take place. I want to know its cause? Because I<br>
> want its accounting on both sides.<br>
take care and check where you set in script the acc flag - maybe you are<br>
setting it only if lookup is successful.<br>
<br>
Regards,<br>
Bogdan<br>
><br>
> Kindly advise me at your earliest.<br>
><br>
><br>
> ------------------------------<br>
><br>
> Message: 6<br>
> Date: Thu, 18 Mar 2010 10:23:27 +0200<br>
> From: Bogdan-Andrei Iancu <<a href="mailto:bogdan@voice-system.ro">bogdan@voice-system.ro</a><br>
> <mailto:<a href="mailto:bogdan@voice-system.ro">bogdan@voice-system.ro</a>>><br>
> Subject: Re: [OpenSIPS-Users] Check Live Peers on OpenSIPS<br>
> To: OpenSIPS users mailling list <<a href="mailto:users@lists.opensips.org">users@lists.opensips.org</a><br>
> <mailto:<a href="mailto:users@lists.opensips.org">users@lists.opensips.org</a>>><br>
> Message-ID: <<a href="mailto:4BA1E2FF.3060702@voice-system.ro">4BA1E2FF.3060702@voice-system.ro</a><br>
> <mailto:<a href="mailto:4BA1E2FF.3060702@voice-system.ro">4BA1E2FF.3060702@voice-system.ro</a>>><br>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed<br>
><br>
> Hi Ahmed,<br>
><br>
> if the destination number (called number) is not a local subscriber (a<br>
> SIP user), you simply route the call to a PSTN GW (you do this<br>
> re-route<br>
> from the script)<br>
><br>
> To check if a user is a local subscriber, you can either check a<br>
> pattern<br>
> (like all my local users are alphanumeric, or all starts with 3345*,<br>
> etc), either simply check if the user does exists in the subscriber<br>
> table (see the URI module, the db_does_uri_exists() function:<br>
> <a href="http://www.opensips.org/html/docs/modules/1.6.x/uri.html#id271131" target="_blank">http://www.opensips.org/html/docs/modules/1.6.x/uri.html#id271131</a><br>
><br>
> Regards,<br>
> Bogdan<br>
><br>
> Ahmed Munir wrote:<br>
> > Hi,<br>
> ><br>
> > I want to know how can I check the peers of source and destination<br>
> > phones? Like if both phones are located (registered) on one<br>
> > UAS(OpenSIPS) can call SIP-SIP, if any one phone is registered<br>
> on UAS<br>
> > and other is on PSTN, call will be re-routed to SIP-PSTN. In case of<br>
> > SIP-SIP, lookup("location") function works and I need to know<br>
> how can<br>
> > I forward call to SIP-PSTN ?<br>
> ><br>
> > Kindly advise me the method/ function can used for it.<br>
> ><br>
> > --<br>
> > Regards,<br>
> ><br>
> > Ahmed Munir<br>
> ><br>
> ><br>
> ><br>
> ------------------------------------------------------------------------<br>
> ><br>
> > _______________________________________________<br>
> > Users mailing list<br>
> > <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a> <mailto:<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>><br>
> > <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
> ><br>
><br>
><br>
> --<br>
> Bogdan-Andrei Iancu<br>
> <a href="http://www.voice-system.ro" target="_blank">www.voice-system.ro</a> <<a href="http://www.voice-system.ro" target="_blank">http://www.voice-system.ro</a>><br>
><br>
><br>
><br>
><br>
> --<br>
> Regards,<br>
><br>
> Ahmed Munir<br>
><br>
><br>
> ------------------------------------------------------------------------<br>
><br>
> _______________________________________________<br>
> Users mailing list<br>
> <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
> <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
><br>
<br>
<br>
--<br>
Bogdan-Andrei Iancu<br>
<a href="http://www.voice-system.ro" target="_blank">www.voice-system.ro</a><br>
<br>
<br>
<br>
<br></blockquote></div><br>-- <br>Regards,<br><br>Ahmed Munir<br><br><br>