<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<font face="monospace">Hi Alberto,<br>
<br>
There is no automatic way to do the inbound detection (via the
registrar module). What you can do is to use the permissions
module, with the address table as a view over the registrant
table, so you do the inbound IP auth.<br>
<br>
Regards,<br>
</font>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com">https://www.opensips-solutions.com</a>
<a class="moz-txt-link-freetext" href="https://www.siphub.com">https://www.siphub.com</a></pre>
<div class="moz-cite-prefix">On 25.09.2024 14:00, Alberto wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CANoA6_KGwsz2os3BVg3SngTHvESawmqxCLB6hF-mJUEWsXDc8g@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div>Thanks,</div>
<div><br>
</div>
<div>So, for n1, after ip auth I can validate the contact
matches one of the contacts used to register, but there's no
function to do that automatically.</div>
<div>So in the case where opensips is keeping 2 registrations up
to the same server, it's up to me to validate which one was
used.</div>
<div><br>
</div>
<div>n2, thanks again, I got it working by loading the
credentials with avp_db_query.</div>
<div><br>
</div>
<div>Regards</div>
<div>A<br>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, 23 Sept 2024 at 07:52,
Bogdan-Andrei Iancu <<a href="mailto:bogdan@opensips.org"
moz-do-not-send="true" class="moz-txt-link-freetext">bogdan@opensips.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div> <font face="monospace">Hi,<br>
<br>
1) The Registrant OpenSIPS should do an IP auth for the
Remote SIP provider. OpenSIPS knows the server it
registered with, so it should be able to do IP auth<br>
<br>
2) there is notthing standard about loading the
credentials, you can do it in any way that works for you,
like having them hard coded in cfg (if the same
credentials are to be used for the all calls), or loading
them from DB (using sqlops module), or HTTP rest query.<br>
<br>
Regards,<br>
</font>
<pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a href="https://www.opensips-solutions.com" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">https://www.opensips-solutions.com</a>
<a href="https://www.siphub.com" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">https://www.siphub.com</a></pre>
<div>On 22.09.2024 03:10, Alberto wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>Hi,</div>
<div><br>
</div>
<div>I'm trying to put together a simple script to use
uac_registrant</div>
<div>So I have:</div>
<div>LEFT SIP SERVERS <-[ip authentication]->
OPENSIPS <-[uac_registrant]-> REMOTE SIP
PROVIDER<br>
</div>
<div><br>
</div>
<div>Here's the 2 problems I still have:</div>
<div>I have the users for the remote sip provider in the
registrant table, and opensips is already able to
register to this remote sip provider,but:</div>
<div>- When an INVITE comes from the remote sip provider
I register to, how do I validate which user is it
related to? Where should I store avp, and how should I
load them?</div>
<div>- When an INVITE comes from the left sip servers
and I have to call the remote sip provider, how do I
load the credentials from the database to authenticate
the INVITE to the remote sip provider?<br>
</div>
<div><br>
</div>
<div>I'm using the address table for the left sip
servers and check_address, but I've stripped all that
from my example below.</div>
<div>I hope this makes sense, thank you.</div>
<div><br>
</div>
<div>Here is a short example script I'm working with<br>
</div>
<div><br>
</div>
<div>#######<br>
</div>
<div>debug_mode=no<br>
<br>
log_level=2<br>
xlog_level=2<br>
log_stdout=yes<br>
stderror_enabled=yes<br>
syslog_facility=LOG_LOCAL0<br>
<br>
auto_aliases=no<br>
<br>
server_signature=yes<br>
<br>
socket=udp:<a href="http://0.0.0.0:5060"
target="_blank" moz-do-not-send="true">0.0.0.0:5060</a><br>
<br>
mpath="/usr/lib64/opensips/modules/"<br>
<br>
loadmodule "db_mysql.so"<br>
<br>
loadmodule "signaling.so"<br>
<br>
loadmodule "sl.so"<br>
<br>
loadmodule "tm.so"<br>
modparam("tm", "auto_100trying", 0)<br>
modparam("tm", "fr_inv_timeout", 120)<br>
modparam("tm", "fr_timeout", 30)<br>
modparam("tm", "onreply_avp_mode", 1)<br>
modparam("tm", "restart_fr_on_each_reply", 0)<br>
<br>
loadmodule "rr.so"<br>
modparam("rr", "append_fromtag", 1)<br>
<br>
loadmodule "dialog.so"<br>
modparam("dialog", "default_timeout", 14400)<br>
modparam("dialog", "dlg_match_mode", 1)<br>
modparam("dialog", "enable_stats", 1)<br>
modparam("dialog", "profiles_with_value", "caller")<br>
<br>
loadmodule "sipmsgops.so"<br>
<br>
loadmodule "usrloc.so"<br>
<br>
loadmodule "registrar.so"<br>
<br>
loadmodule "uac_auth.so"<br>
modparam("uac_auth", "credential",
"username:domain:password")<br>
<br>
loadmodule "uac_registrant.so"<br>
modparam("uac_registrant", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips")<br>
<br>
loadmodule "proto_udp.so"<br>
<br>
route {<br>
if (has_totag()) {<br>
if (loose_route()) {<br>
if ($DLG_status != NULL &&
!validate_dialog()) {<br>
exit;<br>
}<br>
} else {<br>
if (is_method("ACK")) {<br>
if (t_check_trans()) {<br>
t_relay();<br>
}<br>
exit;<br>
}<br>
<br>
sl_send_reply(404, "Not Found");<br>
exit;<br>
}<br>
<br>
t_relay();<br>
<br>
exit;<br>
}<br>
<br>
if (is_method("CANCEL")) {<br>
if (t_check_trans()) {<br>
t_relay();<br>
}<br>
exit;<br>
}<br>
<br>
t_check_trans();<br>
<br>
if (is_method("INVITE")) {<br>
if (!create_dialog("B")) {<br>
sl_send_reply(500, "Internal Server Error");<br>
exit;<br>
}<br>
}<br>
<br>
route(relay);<br>
}<br>
<br>
route[relay] {<br>
if (is_method("INVITE")) {</div>
<div> # VALIDATE THIS RELATES TO A USER IN THE
UAC_REGISTRANT TABLE AND LOAD AVPS<br>
</div>
<div> # OR LOAD CREDENTIALS TO SEND INVITE ONWARD TO
THE REMOTE SIP PROVIDER<br>
</div>
<div><br>
</div>
<div> t_on_failure("invite_failure_route");<br>
}<br>
<br>
if (!t_relay()) {<br>
sl_send_reply(500, "Internal Error");<br>
}<br>
<br>
exit;<br>
}<br>
<br>
failure_route[invite_failure_route] {<br>
if (t_was_cancelled()) {<br>
exit;<br>
}<br>
<br>
if (t_check_status("3[0-9][0-9]")) {<br>
t_reply(404, "Not found");<br>
exit;<br>
}<br>
}<br>
</div>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opensips.org" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">Users@lists.opensips.org</a>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</div>
</blockquote>
</div>
</blockquote>
<br>
</body>
</html>