I followed tutorial on https://www.powerpbx.org/content/opensips-v24-debian-v8-mariadb-apache-v1
With minor tweaks for "Debian Buster" I have installed all components, services starts with no error, I created few subscribers from opensipscp, under alias I added DID number pointing username of sip device,
under routing added dr_gateway with type 1 and added ip address of DID provider trunk.
Inbound calls are fine.
Then I added IP's for my outbound trunks, set gateway type - 2
Added rules to include all outbound gateways for prefix starting 353
In dialplan I have added rule to translate from local format to E164, but it seem to not work
I can't get my head around how to succeed with outbound calls, I have spent whole weekend digging trough opensips documentation page and the book "Building Telephony Systems with OpenSIPS Second Edition" by Flavio-E.-Goncalves over and over again.
Here is debug output form opensips during call
DBG:dialplan:dp_translate_f: dpid is 10 partition is default
Dec 22 23:39:26 [892] DBG:dialplan:dp_get_svalue: searching 15
Dec 22 23:39:26 [892] DBG:dialplan:dp_translate_f: input is 0899000000
Dec 22 23:39:26 [892] DBG:dialplan:dp_translate_f: Checking with dpid 10
Dec 22 23:39:26 [892] DBG:dialplan:translate: No matching rule for input 0899000000
Dec 22 23:39:26 [892] DBG:dialplan:dp_translate_f: could not translate 0899000000 with dpid 10
Dec 22 23:39:26 [892] DBG:dialplan:dp_translate_f: dpid is 10 partition is default
Dec 22 23:39:26 [892] DBG:dialplan:dp_get_svalue: searching 15
Dec 22 23:39:26 [892] DBG:dialplan:dp_translate_f: input is 0899000000
Dec 22 23:39:26 [892] DBG:dialplan:dp_translate_f: Checking with dpid 10
Dec 22 23:39:26 [892] DBG:dialplan:translate: No matching rule for input 0899000000
Dec 22 23:39:26 [892] DBG:dialplan:dp_translate_f: could not translate 0899000000 with dpid 10
Dec 22 23:39:26 [892] DBG:registrar:parse_lookup_flags: final flags: 1
Dec 22 23:39:26 [892] DBG:registrar:lookup: '0899631338#example.ie' Not found in usrloc
Dialplan rule I am using is
MariaDB [opensips]> select * from dialplan;
+----+------+----+----------+----------------+-------------+-------------+-----------+---------+----------+----------------+
| id | dpid | pr | match_op | match_exp | match_flags | subst_exp | repl_exp | timerec | disabled | attrs |
+----+------+----+----------+----------------+-------------+-------------+-----------+---------+----------+----------------+
| 2 | 10 | 1 | 0 | ^089[0-9]{7}+$ | 0 | "^089(.+)$" | "35389\1" | NULL | 0 | IE Lyca Mobile |
+----+------+----+----------+----------------+-------------+-------------+-----------+---------+----------+----------------+
my gateway list
MariaDB [opensips]> select * from dr_gateways;
+----+------+------+-----------------+-------+------------+-------+------------+-------+--------+-------------+
| id | gwid | type | address | strip | pri_prefix | attrs | probe_mode | state | socket | description |
+----+------+------+-----------------+-------+------------+-------+------------+-------+--------+-------------+
| 1 | 1 | 1 | 1.1.1.1 | 0 | | | 0 | 0 | | inbound |
| 2 | 2 | 2 | 2.2.2.2 | 0 | | | 0 | 1 | | gw 1 |
| 3 | 3 | 2 | 3.3.3.3 | 0 | | | 0 | 0 | | gw 2 |
| 4 | 4 | 2 | 4.4.4.4 | 0 | | | 0 | 0 | | gw 3 |
| 5 | 5 | 2 | 5.5.5.5 | 0 | | | 0 | 0 | | gw 4 |
+----+------+------+-----------------+-------+------------+-------+------------+-------+--------+-------------+
Carriers
MariaDB [opensips]> select * from dr_carriers;
+----+-----------+---------+-------+-------+-------+-------------+
| id | carrierid | gwlist | flags | state | attrs | description |
+----+-----------+---------+-------+-------+-------+-------------+
| 1 | | 2,3,4,5 | 0 | 0 | | Provide |
+----+-----------+---------+-------+-------+-------+-------------+
DR Rules
MariaDB [opensips]> select * from dr_rules;
+--------+---------+--------+---------+----------+---------+---------+-------+-------------+
| ruleid | groupid | prefix | timerec | priority | routeid | gwlist | attrs | description |
+--------+---------+--------+---------+----------+---------+---------+-------+-------------+
| 1 | 0,1 | 353 | | 1 | | 2,3,4,5 | | IE |
+--------+---------+--------+---------+----------+---------+---------+-------+-------------+
1 row in set (0.001 sec)
my opensips.cfg file
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team#opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# http://www.opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
log_level=3
log_stderror=no
log_facility=LOG_LOCAL0
children=4
/* uncomment the following lines to enable debugging */
debug_mode=yes
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
/* comment the next line to enable the auto discovery of local aliases
based on reverse DNS on IPs */
auto_aliases=no
listen=udp:123.123.123.123:5060 # CUSTOMIZE ME
listen=tcp:123.123.123.123:5060 # CUSTOMIZE ME
####### Modules Section ########
#set module path
mpath="/usr/lib/x86_64-linux-gnu/opensips/modules/"
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### URI module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)
#### MYSQL module
loadmodule "db_mysql.so"
#### HTTPD module
loadmodule "httpd.so"
modparam("httpd", "port", 8888)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
modparam("registrar", "received_avp", "$avp(received_nh)")/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
#### AUTHentication modules
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db|uri", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
modparam("auth_db", "load_credentials", "")
#### ALIAS module
loadmodule "alias_db.so"
modparam("alias_db", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
#### DOMAIN module
loadmodule "domain.so"
modparam("domain", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
modparam("domain", "db_mode", 1) # Use caching
modparam("auth_db|usrloc|uri", "use_domain", 1)
#### PRESENCE modules
loadmodule "xcap.so"
loadmodule "presence.so"
loadmodule "presence_xml.so"
modparam("xcap|presence", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
modparam("presence_xml", "force_active", 1)
modparam("presence", "fallback2db", 0)
#### DIALOG module
loadmodule "dialog.so"
modparam("dialog", "dlg_match_mode", 1)
modparam("dialog", "default_timeout", 21600) # 6 hours timeout
modparam("dialog", "db_mode", 2)
modparam("dialog", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
#### NAT modules
loadmodule "nathelper.so"
modparam("nathelper", "natping_interval", 10)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "sipping_bflag", "SIP_PING_FLAG")
modparam("nathelper", "sipping_from", "sip:pinger#127.0.0.1") #CUSTOMIZE ME
modparam("nathelper", "received_avp", "$avp(received_nh)")
loadmodule "rtpengine.so"
modparam("rtpengine", "rtpengine_sock", "udp:localhost:2223") # CUSTOMIZE ME
#### DIALPLAN module
loadmodule "dialplan.so"
modparam("dialplan", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
#### DYNAMMIC ROUTING module
loadmodule "drouting.so"
modparam("drouting", "db_url",
"mysql://opensips:secret#localhost/opensips") # CUSTOMIZE ME
#### MI_HTTP module
loadmodule "mi_http.so"
loadmodule "mi_json.so"
loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"
####### Routing Logic ########
# main request routing logic
route{
# initial NAT handling; detect if the request comes from behind a NAT
# and apply contact fixing
force_rport();
if (nat_uac_test("23")) {
if (is_method("REGISTER")) {
fix_nated_register();
setbflag(NAT);
} else {
fix_nated_contact();
setflag(NAT);
}
}
if (!mf_process_maxfwd_header("10")) {
send_reply("483","Too Many Hops");
exit;
}
if (has_totag()) {
# handle hop-by-hop ACK (no routing required)
if ( is_method("ACK") && t_check_trans() ) {
t_relay();
exit;
}
# sequential request within a dialog should
# take the path determined by record-routing
if ( !loose_route() ) {
if (is_method("SUBSCRIBE") && is_myself("$rd")) {
# in-dialog subscribe requests
route(handle_presence);
exit;
}
# we do record-routing for all our traffic, so we should not
# receive any sequential requests without Route hdr.
send_reply("404","Not here");
exit;
}
# validate the sequential request against dialog
if ( $DLG_status!=NULL && !validate_dialog() ) {
xlog("In-Dialog $rm from $si (callid=$ci) is not valid according to dialog\n");
## exit;
}
if (is_method("BYE")) {
# do accounting even if the transaction fails
do_accounting("db","failed");
}
if (check_route_param("nat=yes"))
setflag(NAT);
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
exit;
}
# CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans())
t_relay();
exit;
}
# absorb retransmissions, but do not create transaction
t_check_trans();
if ( !(is_method("REGISTER") || is_from_gw() ) ) {
if (is_from_local()) {
# authenticate if from local subscriber
# authenticate all initial non-REGISTER request that pretend to be
# generated by local subscriber (domain from FROM URI is local)
if (!proxy_authorize("", "subscriber")) {
proxy_challenge("", "0");
exit;
}
if (!db_check_from()) {
send_reply("403","Forbidden auth ID");
exit;
}
consume_credentials();
# caller authenticated
} else {
# if caller is not local, then called number must be local
if (!is_uri_host_local()) {
send_reply("403","Relay Forbidden");
exit;
}
}
}
# preloaded route checking
if (loose_route()) {
xlog("L_ERR",
"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
if (!is_method("ACK"))
send_reply("403","Preload Route denied");
exit;
}
# record routing
if (!is_method("REGISTER|MESSAGE"))
record_route();
# account only INVITEs
if (is_method("INVITE")) {
# create dialog with timeout
if ( !create_dialog("B") ) {
send_reply("500","Internal Server Error");
exit;
}
do_accounting("db");
}
if (!is_uri_host_local()) {
append_hf("P-hint: outbound\r\n");
route(relay);
}
# requests for my domain
if( is_method("PUBLISH|SUBSCRIBE"))
route(handle_presence);
if (is_method("REGISTER")) {
# authenticate the REGISTER requests
if (!www_authorize("", "subscriber")) {
www_challenge("", "0");
exit;
}
if (!db_check_to()) {
send_reply("403","Forbidden auth ID");
exit;
}
if ($proto == "tcp")
setflag(TCP_PERSISTENT);
if (isflagset(NAT)) {
setbflag(SIP_PING_FLAG);
}
if (!save("location"))
sl_reply_error();
exit;
}
if ($rU==NULL) {
# request with no Username in RURI
send_reply("484","Address Incomplete");
exit;
}
# apply DB based aliases
alias_db_lookup("dbaliases");
**# apply transformations from dialplan table
dp_translate("10","$rU/$rU");
if (dp_translate("10","$rU/$rU") ) {
if (!do_routing("0")) {
send_reply("500","No PSTN Route found");
exit;
}
route(relay);
exit;
}**
# do lookup with method filtering
if (!lookup("location","m")) {
if (!db_does_uri_exist()) {
send_reply("420","Bad Extension");
exit;
}
# redirect to a different VM system
$du = "sip:127.0.0.2:5060"; # CUSTOMIZE ME
route(relay);
}
if (isbflagset(NAT)) setflag(NAT);
# when routing via usrloc, log the missed calls also
do_accounting("db","missed");
route(relay);
}
route[relay] {
# for INVITEs enable some additional helper routes
if (is_method("INVITE")) {
if (isflagset(NAT)) {
rtpengine_offer("ro");
}
t_on_branch("per_branch_ops");
t_on_reply("handle_nat");
t_on_failure("missed_call");
}
if (isflagset(NAT)) {
add_rr_param(";nat=yes");
}
if (!t_relay()) {
send_reply("500","Internal Error");
}
exit;
}
# Presence route
route[handle_presence]
{
if (!t_newtran()) {
sl_reply_error();
exit;
}
if(is_method("PUBLISH")) {
handle_publish();
} else
if( is_method("SUBSCRIBE")) {
handle_subscribe();
}
exit;
}
branch_route[per_branch_ops] {
xlog("new branch at $ru\n");
}
onreply_route[handle_nat] {
if (nat_uac_test("1"))
fix_nated_contact();
if ( isflagset(NAT) )
rtpengine_answer("ro");
xlog("incoming reply\n");
}
failure_route[missed_call] {
if (t_was_cancelled()) {
exit;
}
# uncomment the following lines if you want to block client
# redirect based on 3xx replies.
##if (t_check_status("3[0-9][0-9]")) {
##t_reply("404","Not found");
## exit;
##}
# redirect the failed to a different VM system
if (t_check_status("486|408")) {
$du = "sip:127.0.0.2:5060"; # CUSTOMIZE ME
# do not set the missed call flag again
route(relay);
}
}
local_route {
if (is_method("BYE") && $DLG_dir=="UPSTREAM") {
acc_db_request("200 Dialog Timeout", "acc");
}
}
In the dialplan table, you have added extra quotes around the dialplan.subst_exp and dialplan.repl_exp values. Instead of "^089(.+)$" and "35389\1", try to provision ^089(.+)$ and 35389\1. Another mistake is that you are using match_op == 0 (string match) instead of match_op == 1 (regex match). Please read the dialplan documentation carefully before provisioning data into any of the columns.
The drouting part looks good. It should properly route out the 353 prefix.
Related
I am setting up two local authoritative BIND DNS servers so that a client may communicate with virtual hosts on an apache server. One is the master (10.2.56.209) the other is the slave (10.2.56.186). I have the servers configured and they start, but I get this error in the log file on the slave when it tries to do the zone transfer from the master.
transfer of '2.10.in-addr.arpa/IN' from 10.2.56.209#53: failed to connect: host unreachable
transfer of '2.10.in-addr.arpa/IN' from 10.2.56.209#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.002 secs (0 bytes/sec)
Slave's named.conf file
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion no;
allow-transfer { none; };
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "cit.nku.edu" IN {
type slave;
file "cit.nku.edu";
masters{10.2.56.209; };
};
zone "2.10.in-addr.arpa" IN {
type slave;
file "2.10.in-addr.arpa";
masters{10.2.56.209; };
};
Master's named.conf file
options {
listen-on port 53 { 10.2.56.209; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
recursion no;
allow-transfer { none; };
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
zone "cit.nku.edu" IN {
type master;
file "cit.nku.edu";
allow-transfer { 10.2.56.186; };
notify yes;
};
# reverse zone
zone "2.10.in-addr.arpa" IN {
type master;
file "2.10.in-addr.arpa";
allow-transfer {localhost; 10.2.56.186;};
notify yes;
};
forward zone file on the master
$TTL 1H
# IN SOA ns1.cit.nku.edu. root.cit.nku.edu (
10 ; serial
1H ; refresh
15M ; retry
4W ; expire
1H ; Negative caching TTL of 1 hour
)
; Name servers
cit.nku.edu. IN NS ns1.cit.nku.edu.
cit.nku.edu. IN NS ns2.cit.nku.edu.
ns1 IN A 10.2.56.209
ns2 IN A 10.2.56.186
# IN A 10.2.62.33
www IN A 10.2.62.33
reverse zone file
$TTL 86400
$ORIGIN 2.10.IN-ADDR.ARPA.
# IN SOA ns1.cit.nku.edu. root.cit.nku.edu. (
10 ;Serial
3600 ;refresh
1800 ;retry
604800 ;expire
86400 ;minimum ttl
)
; Name Servers
IN NS ns1.cit.nku.edu.
IN NS ns2.cit.nku.edu.
IN PTR cit.nku.edu.
209.56 IN PTR ns1.cit.nku.edu.
186.56 IN PTR ns2.cit.nku.edu.
33.62 IN PTR www.cit.nku.edu.
I can ping them between each other and dig the host names (ns1, ns2), but I cannot dig the ip addresses themselves. I have added the corresponding entries in the /etc/hosts and /etc/hostname files. I can provide other documents if needed. Any help is appreciated.
I'm trying to configure my OpenSIPS server to allow TLS encrypted communications.
At first, I'm trying with the build-in certificates that OpenSIPS provide.
What I've done until now is generating a new Residential Script (opensips_residential.cfg) in which ENABLE_TCP & ENABLE_TLS have been enabled.
Now I have two configuration files, opensips.cfg with the follow lines:
#
# $Id$
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team#opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# http://www.opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
log_level=3
log_stderror=no
log_facility=LOG_LOCAL0
children=4
/* uncomment the following line to enable debugging */
#debug_mode=yes
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
/* comment the next line to enable the auto discovery of local aliases
based on revers DNS on IPs */
auto_aliases=no
listen=udp:192.168.1.57:5060 # CUSTOMIZE ME
####### Modules Section ########
#set module path
mpath="/usr/local//lib64/opensips/modules/"
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### URI module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "db_mode", 0)
#### REGISTRAR module
loadmodule "registrar.so"
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
#### UDP protocol
loadmodule "proto_udp.so"
####### Routing Logic ########
# main request routing logic
route{
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if (has_totag()) {
# sequential requests within a dialog should
# take the path determined by record-routing
if (loose_route()) {
if (is_method("BYE")) {
# do accunting, even if the transaction fails
do_accounting("log","failed");
} else if (is_method("INVITE")) {
# even if in most of the cases is useless, do RR for
# re-INVITEs alos, as some buggy clients do change route set
# during the dialog.
record_route();
}
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
} else {
if ( is_method("ACK") ) {
if ( t_check_trans() ) {
# non loose-route, but stateful ACK; must be an ACK after
# a 487 or e.g. 404 from upstream server
t_relay();
exit;
} else {
# ACK without matching transaction ->
# ignore and discard
exit;
}
}
sl_send_reply("404","Not here");
}
exit;
}
# CANCEL processing
if (is_method("CANCEL"))
{
if (t_check_trans())
t_relay();
exit;
}
t_check_trans();
if ( !(is_method("REGISTER") ) ) {
if (from_uri==myself)
{
} else {
# if caller is not local, then called number must be local
if (!uri==myself) {
send_reply("403","Rely forbidden");
exit;
}
}
}
# preloaded route checking
if (loose_route()) {
xlog("L_ERR",
"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
if (!is_method("ACK"))
sl_send_reply("403","Preload Route denied");
exit;
}
# record routing
if (!is_method("REGISTER|MESSAGE"))
record_route();
# account only INVITEs
if (is_method("INVITE")) {
do_accounting("log");
}
if (!uri==myself) {
append_hf("P-hint: outbound\r\n");
route(relay);
}
# requests for my domain
if (is_method("PUBLISH|SUBSCRIBE"))
{
sl_send_reply("503", "Service Unavailable");
exit;
}
if (is_method("REGISTER"))
{
if (!save("location"))
sl_reply_error();
exit;
}
if ($rU==NULL) {
# request with no Username in RURI
sl_send_reply("484","Address Incomplete");
exit;
}
# do lookup with method filtering
if (!lookup("location","m")) {
t_newtran();
t_reply("404", "Not Found");
exit;
}
# when routing via usrloc, log the missed calls also
do_accounting("log","missed");
route(relay);
}
route[relay] {
# for INVITEs enable some additional helper routes
if (is_method("INVITE")) {
t_on_branch("per_branch_ops");
t_on_reply("handle_nat");
t_on_failure("missed_call");
}
if (!t_relay()) {
send_reply("500","Internal Error");
};
exit;
}
branch_route[per_branch_ops] {
xlog("new branch at $ru\n");
}
onreply_route[handle_nat] {
xlog("incoming reply\n");
}
failure_route[missed_call] {
if (t_was_cancelled()) {
exit;
}
# uncomment the following lines if you want to block client
# redirect based on 3xx replies.
##if (t_check_status("3[0-9][0-9]")) {
##t_reply("404","Not found");
## exit;
##}
}
And the other configuration file is the one that I generated with menuconfig tool:
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team#opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# http://www.opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
log_level=3
log_stderror=no
log_facility=LOG_LOCAL0
children=4
/* uncomment the following lines to enable debugging */
#debug_mode=yes
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
/* comment the next line to enable the auto discovery of local aliases
based on revers DNS on IPs */
auto_aliases=no
listen=udp:192.168.1.57:5060 # CUSTOMIZE ME
listen=tcp:192.168.1.57:5060 # CUSTOMIZE ME
listen=tls:192.168.1.57:5061 # CUSTOMIZE ME
####### Modules Section ########
#set module path
mpath="/usr/local/lib/opensips/modules/"
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### URI module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "db_mode", 0)
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"
loadmodule "proto_tls.so"
modparam("proto_tls","verify_cert", "1")
modparam("proto_tls","require_cert", "0")
modparam("proto_tls","tls_method", "TLSv1")
modparam("proto_tls","certificate", "/usr/local/etc/opensips/tls/user/user-cert.pem")
modparam("proto_tls","private_key", "/usr/local/etc/opensips/tls/user/user-privkey.pem")
modparam("proto_tls","ca_list", "/usr/local/etc/opensips/tls/user/user-calist.pem")
####### Routing Logic ########
# main request routing logic
route{
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if (has_totag()) {
# sequential request withing a dialog should
# take the path determined by record-routing
if (loose_route()) {
if (is_method("BYE")) {
# do accounting even if the transaction fails
do_accounting("log","failed");
} else if (is_method("INVITE")) {
# even if in most of the cases is useless, do RR for
# re-INVITEs alos, as some buggy clients do change route set
# during the dialog.
record_route();
}
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
} else {
if ( is_method("ACK") ) {
if ( t_check_trans() ) {
# non loose-route, but stateful ACK; must be an ACK after
# a 487 or e.g. 404 from upstream server
t_relay();
exit;
} else {
# ACK without matching transaction ->
# ignore and discard
exit;
}
}
sl_send_reply("404","Not here");
}
exit;
}
# CANCEL processing
if (is_method("CANCEL"))
{
if (t_check_trans())
t_relay();
exit;
}
t_check_trans();
if ( !(is_method("REGISTER") ) ) {
if (from_uri==myself)
{
} else {
# if caller is not local, then called number must be local
if (!uri==myself) {
send_reply("403","Rely forbidden");
exit;
}
}
}
# preloaded route checking
if (loose_route()) {
xlog("L_ERR",
"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
if (!is_method("ACK"))
sl_send_reply("403","Preload Route denied");
exit;
}
# record routing
if (!is_method("REGISTER|MESSAGE"))
record_route();
# account only INVITEs
if (is_method("INVITE")) {
do_accounting("log");
}
if (!uri==myself) {
append_hf("P-hint: outbound\r\n");
# if you have some interdomain connections via TLS
## CUSTOMIZE IF NEEDED
##if ($rd=="tls_domain1.net"
## || $rd=="tls_domain2.net"
##) {
## force_send_socket(tls:127.0.0.1:5061); # CUSTOMIZE
##}
route(relay);
}
# requests for my domain
if (is_method("PUBLISH|SUBSCRIBE"))
{
sl_send_reply("503", "Service Unavailable");
exit;
}
if (is_method("REGISTER"))
{
if ( proto==TCP || proto==TLS || 0 ) setflag(TCP_PERSISTENT);
if (!save("location"))
sl_reply_error();
exit;
}
if ($rU==NULL) {
# request with no Username in RURI
sl_send_reply("484","Address Incomplete");
exit;
}
# do lookup with method filtering
if (!lookup("location","m")) {
t_newtran();
t_reply("404", "Not Found");
exit;
}
# when routing via usrloc, log the missed calls also
do_accounting("log","missed");
route(relay);
}
route[relay] {
# for INVITEs enable some additional helper routes
if (is_method("INVITE")) {
t_on_branch("per_branch_ops");
t_on_reply("handle_nat");
t_on_failure("missed_call");
}
if (!t_relay()) {
send_reply("500","Internal Error");
};
exit;
}
branch_route[per_branch_ops] {
xlog("new branch at $ru\n");
}
onreply_route[handle_nat] {
xlog("incoming reply\n");
}
failure_route[missed_call] {
if (t_was_cancelled()) {
exit;
}
# uncomment the following lines if you want to block client
# redirect based on 3xx replies.
##if (t_check_status("3[0-9][0-9]")) {
##t_reply("404","Not found");
## exit;
##}
}
I don't know if I have to replace my opensips.cfg file with opensips_residential.cfg. I have tried that and when I attempt to start my server with command 'opensipsctl start' I get several errors, I can provide them in another message if it's necessary.
If using opensipsctl start, look for the # STARTOPTIONS= variable in /usr/local/opensips/etc/opensipsctlrc, and define it as:
STARTOPTIONS="-f /path/to/opensips_residential.cfg"
When installing OpenSIPS from packages, note that the initscript's config file path becomes /etc/opensips/opensips.cfg, and you will have to edit/replace this file for changes to take effect.
Make sure you have your certs path setup properly, I also wouldn't use a self-signed cert. Go to letsencrypt get a cert and put the path on your opensips.cfg file. Replace your existing config with the new generated configuration.
I have the output from an nmap scan in a text file. Records are delimited by --. How can I extract certain fields and output them on a single line per record, with fields separated by a delimiter?
Here is a sample of the input file:
--
Nmap scan report for mail.mydomain.com (146.221.53.49)
Host is up (0.23s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-cert: Subject: commonName=mail.mydomain.com/organizationName=The Company & Co. LLC/stateOrProvinceName=Paris/countryName=FR
| Issuer: commonName=DigiCert Secure Server CA/organizationName=DigiCert Inc/countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2013-12-26T00:00:00+00:00
| Not valid after: 2015-01-21T12:00:00+00:00
| MD5: c528 4a28 4860 0a8c 112c 5f91 b63a 1d82
--
Nmap scan report for www.firstdomain.net (66.103.112.215)
Host is up (0.21s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-cert: Subject: commonName=*.firstdomain.net/organizationName=FIRSTDOMAIN Ltd./stateOrProvinceName=Sofia/countryName=RO
| Issuer: commonName=GeoTrust SSL CA - G2/organizationName=GeoTrust Inc./countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2014-09-28T23:00:00+00:00
| Not valid after: 2018-09-28T22:59:59+00:00
| MD5: ad44 e45f f677 14d9 bccf 8198 7002 457e
--
Nmap scan report for owa.second-domain.com.com.rs (156.113.124.14)
Host is up (0.21s latency).
PORT STATE SERVICE
443/tcp open https
| ssl-cert: Subject: commonName=owa.second-domain.com.com.rs/organizationName=Second Corporation LP/stateOrProvinceName=Malta/countryName=MT
| Issuer: commonName=VeriSign Class 3 Secure Server CA - G3/organizationName=VeriSign, Inc./countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2013-09-04T23:00:00+00:00
| Not valid after: 2014-11-04T23:59:59+00:00
| MD5: 7c54 3427 bc82 f94d 4448 3d19 6700 4fbe
--
Expected output:
146.221.53.49; mail.mydomain.com; The Company & Co. LLC; Paris; FR; DigiCert Secure Server CA; 2013-12-26; 2015-01-21; c528 4a28 4860 0a8c 112c 5f91 b63a 1d82
66.103.112.215; =*.firstdomain.net; FIRSTDOMAIN Ltd.; Sofia; RO; 2014-09-28; 2018-09-28; ad44 e45f f677 14d9 bccf 8198 7002 457e
As has been said, it is very much frowned upon to simply post a requirement and wait for a kindly soul to do your work for you. But this isn't a very straightforward task, and I believe the Nmap::Parser module expects XML for input, so here is something to get you started.
use strict;
use warnings 'all';
use 5.010;
use autodie;
use constant REQUIRED_FIELDS => qw/
host
name
organizationName
stateOrProvinceName
countryName
issuerCommonName
startDate
endDate
MD5
/;
open my $fh, '<', 'nmap.nmap';
my (#data, %item);
while (<$fh>) {
if (/\A--$/) {
push #data, { %item } if %item;
%item = ();
}
elsif ( m{Issuer:} ) {
$item{'issuer'.ucfirst $1} = $2 while m{(\w+)=([^/]+)(?<=\S)}g;
}
elsif ( m{Not valid (before|after):\s*([\d-]+)} ) {
my $key = $1 eq 'before' ? 'startDate' : 'endDate';
$item{$key} = $2;
}
elsif ( m{\ANmap scan report for ([\w.-]+)\s+\(([\d.]+)\)} ) {
$item{name} = $1;
$item{host} = $2;
}
elsif (m{(MD5):\s*([a-z0-9\s]+(?<=\S))}) {
$item{MD5} = $2;
}
else {
$item{$1} = $2 while m{(\w+)=([^/]+)(?<=\S)}g;
}
}
push #data, { %item } if %item;
for my $item (#data) {
print join('; ', #{$item}{(REQUIRED_FIELDS)}), "\n";
}
output
146.221.53.49; mail.mydomain.com; The Company & Co. LLC; Paris; FR; DigiCert Secure Server CA; 2013-12-26; 2015-01-21; c528 4a28 4860 0a8c 112c 5f91 b63a 1d82
66.103.112.215; www.firstdomain.net; FIRSTDOMAIN Ltd.; Sofia; RO; GeoTrust SSL CA - G2; 2014-09-28; 2018-09-28; ad44 e45f f677 14d9 bccf 8198 7002 457e
156.113.124.14; owa.second-domain.com.com.rs; Second Corporation LP; Malta; MT; VeriSign Class 3 Secure Server CA - G3; 2013-09-04; 2014-11-04; 7c54 3427 bc82 f94d 4448 3d19 6700 4fbe
Is it possible to send media rtp packets from one rtpproxy server to another rtpproxy server?
In my scenario , i am registering voip account via opensips proxy server. We have rtpproxy and opensips server hosted on same place. opensips changes c= and m= lines of SDP accordingly but when packet goes to voip switch , its rtpproxy server also changes SDP. So Peer1 is sending packets to hout hosted rtpproxy server and peer2 sending rtp packets to voip switch's rtpproxy server.
SIP packets : Peer <--> opensips <--> asterisk
RTP packets peer1 <--> rtpproxy1 =X= rtpproxy2 <-->peer2
here no connection between rtpproxy1 and rtpproxy 2 so no media transfer between peer1 and peer2. Please help to solve this problem.
my opensips.cfg file is as below.
#
# $Id: opensips.cfg 9742 2013-02-05 10:24:48Z vladut-paiu $
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team#opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# http://www.opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
debug=4
log_stderror=no
log_facility=LOG_LOCAL0
fork=yes
children=4
sip_warning=yes
mhomed=1
/* uncomment the following lines to enable debugging */
#debug=6
#fork=no
#log_stderror=yes
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
/* comment the next line to enable the auto discovery of local aliases
based on revers DNS on IPs */
auto_aliases=yes
#listen=udp:127.0.0.1:5060 # CUSTOMIZE ME
listen=udp:192.168.1.28:5080
disable_tcp=yes
listen=tcp:192.168.1.28:5080
disable_tls = yes
listen = tls:192.168.1.28:5081
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
tls_certificate = "/usr/local/etc/opensips/tls/server/server-cert.pem"
tls_private_key = "/usr/local/etc/opensips/tls/server/server-privkey.pem"
tls_ca_list = "/usr/local/etc/opensips/tls/server/server-calist.pem"
####### Modules Section ########
#set module path
mpath="/usr/local/lib64/opensips/modules/"
#### Auth db module
loadmodule "db_mysql.so"
loadmodule "auth_db.so"
loadmodule "auth.so"
modparam("auth_db", "db_url", "mysql://root:admin#localhost/opensips")
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "use_domain", 1)
modparam("auth", "nonce_expire", 300)
modparam("auth", "rpid_suffix", ";party=calling;id-type=subscriber;screen=yes")
modparam("auth", "rpid_avp", "$avp(rpid)")
# !! Nathelper
loadmodule "nathelper.so"
#loadmodule "nat_traversal.so"
loadmodule "rtpproxy.so"
loadmodule "textops.so"
# ----------------- setting module-specific parameters ---------------
modparam("rtpproxy", "rtpproxy_sock", "udp:192.168.1.28:7890")
# !! Nathelper
modparam("nathelper","sipping_bflag",7)
modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
modparam("nathelper", "force_socket", "udp:192.168.1.28:7890")
modparam("nathelper", "nortpproxy_str", "a=sdpmangled:yes\r\n")
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timer", 5)
modparam("tm", "fr_inv_timer", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### URI module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)
modparam("uri", "use_domain", 0)
modparam("uri", "db_url", "mysql://root:admin#localhost/opensips")
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc","nat_bflag",6)
modparam("usrloc", "db_mode", 0)
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
modparam("registrar", "default_expires", 3600)
modparam("registrar", "min_expires", 60)
modparam("registrar", "max_expires", 0)
modparam("registrar", "default_q", 0)
modparam("registrar", "case_sensitive", 0)
modparam("registrar", "received_param", "received")
modparam("registrar", "max_contacts", 0)
modparam("registrar", "retry_after", 0)
modparam("registrar", "received_avp", "$avp(i:801)")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
modparam("registrar","received_avp", "$avp(42)")
modparam("nathelper","received_avp", "$avp(42)")
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", "ACC_FAILED")
/* account triggers (flags) */
modparam("acc", "log_flag", "ACC_DO")
modparam("acc", "log_missed_flag", "ACC_MISSED")
loadmodule "dialog.so"
#loadmodule "load_balancer.so"
loadmodule "domain.so"
modparam("domain", "db_url","mysql://root:admin#localhost/opensips") # CUSTOMIZE ME
modparam("domain", "db_mode", 1) # Use caching
modparam("auth_db|usrloc|uri", "use_domain", 1)
loadmodule "drouting.so"
modparam("drouting", "db_url","mysql://root:admin#localhost/opensips") # CUSTOMIZE ME
loadmodule "event_route.so"
#loadmodule "mediaproxy.so"
loadmodule "alias_db.so"
modparam("alias_db", "db_url","mysql://root:admin#localhost/opensips") # CUSTOMIZE ME
loadmodule "dialplan.so"
modparam("dialplan", "db_url","mysql://root:admin#localhost/opensips") # CUSTOMIZE ME
#loadmodule "presence_xcapdiff.so"
#loadmodule "permissions.so"
####### Routing Logic ########
# main routing logic
# main request routing logic
route
{
#xlog("L_INFO","CVAPP: route($rm/$du/$fu/$tu)");
#script_trace( 1, "$rm from $si, ruri=$ru", "me");
#xlog("L_INFO", "route[0] New request - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
# -----------------------------------------------------------------
# Sanity Check Section
# -----------------------------------------------------------------
if (!mf_process_maxfwd_header("10"))
{
xlog("mf_process_maxfwd_header....... \n");
sl_send_reply("483", "Too Many Hops");
exit;
};
if (msg:len > 4096)
{
xlog(" method msg:len > 2048 \n");
sl_send_reply("513", "Message Overflow");
exit;
};
# -----------------------------------------------------------------
# Record Route Section
# -----------------------------------------------------------------
if (method!="REGISTER")
{
record_route();
}
else
{
if(nat_uac_test("19"))
{
record_route(";nat=yes");
}
else
{
record_route();
}
}
if (method=="BYE" || method=="CANCEL")
{
unforce_rtp_proxy();
}
# -----------------------------------------------------------------
# Loose Route Section nat_uac_test("3")
# -----------------------------------------------------------------
if (loose_route())
{
xlog(" method loose_route() \n");
if ((method=="INVITE" || method=="REFER") && !has_totag())
{
sl_send_reply("403", "Forbidden");
exit;
};
if (method=="INVITE")
{
fix_nated_sdp("1");
if (nat_uac_test("19"))
{
xlog(" method fix_nated_contact() \n");
#setflag(6);
setbflag(6);
setbflag(7);
setbflag(8);
force_rport();
fix_nated_contact("2");
};
rtpproxy_answer();
};
route(1);
exit;
};
#xlog("L_INFO","CVAPP: has_totag initial request");
/* if(loose_route())
{
if(!has_totag())
{
xlog("L_INFO", "route[0] Initial loose-routing rejected - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
sl_send_reply("403", "Initial Loose-Routing Rejected");
exit;
}
if(nat_uac_test("19") || search("^Route:.*;nat=yes"))
{
xlog("L_INFO", "route[0] Initial loose-routing 19 - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
fix_nated_contact();
setbflag(6);
}
xlog("loose_route route5....... \n");
route(5);
} */
/* else {
xlog("L_INFO","CVAPP: loose_route was false");
if ( is_method("ACK") ) {
xlog("L_INFO","CVAPP: is ACK");
if ( t_check_trans() ) {
xlog("L_INFO","CVAPP: found matching transaction");
# non loose-route, but stateful ACK; must be an ACK after
# a 487 or e.g. 404 from upstream server
t_relay();
exit;
} else {
xlog("L_INFO","CVAPP: no matching transaction");
# ACK without matching transaction ->
# ignore and discard
exit;
}
}
xlog("L_INFO","CVAPP: sending 404 Not here");
sl_send_reply("404","Not here");
}
*/
# -----------------------------------------------------------------
# Call Type Processing Section
# -----------------------------------------------------------------
if (uri!=myself)
{
#xlog("L_INFO", "uri!=myself1...........\n");
route(4);
route(1);
exit;
};
if (method=="ACK")
{
xlog(" method==ACK \n");
route(1);
exit;
}
if (method=="CANCEL")
{
xlog(" method==CANCEL \n");
route(1);
exit;
}
else if (method=="INVITE")
{
xlog(" method==INVITE \n");
route(3);
exit;
}
else if (method=="REGISTER")
{
xlog(" method==REGISTER \n");
route(2);
exit;
};
lookup("aliases");
if (uri!=myself)
{
xlog(" uri!=myself2... \n");
route(4);
route(1);
exit;
};
if (!lookup("location"))
{
xlog(" !lookup(location) \n");
sl_send_reply("404", "User Not Found");
exit;
};
route(1);
}
route[1]
{
# -----------------------------------------------------------------
# Default Message Handler
# -----------------------------------------------------------------
# if client or server know to be behind a NAT, enable relay
if (isflagset(6) || isflagset(7)) {
xlog("route[1] Default Message Handler \n");
force_rport();
fix_nated_contact();
rtpproxy_answer();
};
t_on_reply("1");
if (subst_uri('/(sip:.*);nat=yes/\1/')){
xlog("subst_uri ..............\n");
setbflag(6);
};
if (!t_relay())
{
if (method=="INVITE" && isbflagset(6))
{
unforce_rtp_proxy();
};
sl_reply_error();
};
}
route[2]
{
# -----------------------------------------------------------------
# REGISTER Message Handler
# ----------------------------------------------------------------
xlog("route[2] REGISTER Message Handler \n");
if (!search("^Contact:[ ]*\*") && nat_uac_test("19"))
{
xlog(" !search()...... \n");
#setflag(6);
setbflag(6);
setbflag(8);
#fix_nated_register();
fix_nated_contact();
force_rport();
};
sl_send_reply("100", "Trying");
if (!save("location"))
{
sl_reply_error();
};
}
route[3]
{
# -----------------------------------------------------------------
# INVITE Message Handler
# -----------------------------------------------------------------
#if (nat_uac_test("19"))
#{
# setflag(6);
#}
xlog("route[3] INVITE Message Handler \n");
#linha incluida por mim para fazer com que todo INVITE utilize o rtpproxy
#setflag(6);
setbflag(6);
setbflag(8);
lookup("aliases");
if (uri!=myself)
{
route(4);
route(1);
exit;
};
if (!lookup("location"))
{
sl_send_reply("404", "User Not Found");
exit;
};
route(4);
route(1);
}
route[4]
{
# -----------------------------------------------------------------
# NAT Traversal Section
# -----------------------------------------------------------------
if (isbflagset(6))
{
force_rport();
fix_nated_contact();
rtpproxy_answer();
}
}
route[5]
{
if(isbflagset(6))
{
xlog("L_INFO", "route[5] ...............");
if(!isflagset(22) && !search("^Content-Length:[ ]*0"))
{
setflag(22);
# force_rtp_proxy();
# fix_nated_sdp("9");
if(has_body("application/sdp"))
{
xlog("L_INFO", "has_body rtpproxy_answer IP...............");
#rtpproxy_offer();
fix_nated_sdp("10","192.168.1.28");
rtpproxy_answer("r","192.168.1.28");
}
}
# if (rtpproxy_offer())
# {
# t_on_reply("2");
# }
t_on_reply("2");
}
else
{
t_on_reply("1");
}
if(!isflagset(21))
{
t_on_failure("1");
}
if(isflagset(29))
{
append_branch();
}
/* if(is_present_hf("Proxy-Authorization"))
{
consume_credentials();
}
*/
xlog("L_INFO", "route[3] Request leaving server, D-URI='$du' - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
# no 100 (we already sent it) and no DNS blacklisting
# if(!t_relay("0x05"))
if(!t_relay())
{
sl_reply_error();
if(is_method("INVITE") && isbflagset(6))
{
xlog("L_INFO", "route[3] unforce rtp proxy\n");
unforce_rtp_proxy();
}
}
exit;
}
onreply_route[1]
{
#rtpproxy_answer();
#force_rport();
#fix_nated_contact();
#rtpproxy_answer();
#rtpproxy_offer("i");
#rtpproxy_answer("cowf","192.168.1.28");
if (is_method("INVITE") || is_method("ACK") )
{
if(has_body("application/sdp"))
{
$var(mline) = $(rb{sdp.line,m});
xlog("The first m line in the SDP body is $var(mline)\n");
force_rport();
#fix_nated_contact();
fix_nated_sdp("3");
rtpproxy_offer("i");
}
}
#rtpproxy_answer("cowf","192.168.1.28");
if (isbflagset(6) && status=~"2[0-9][0-9]")
{
if (!search("^Content-Length:[ ]*0"))
{
xlog("onreply_route[1] if1 \n");
rtpproxy_answer();
};
};
if (nat_uac_test("1"))
{
xlog("onreply_route[1] if2 \n");
fix_nated_contact();
};
}
onreply_route[2]
{
xlog("L_INFO", "onreply_route[2] NAT-Reply - S=$rs D=$rr F=$fu T=$tu IP=$si ID=$ci\n");
if(nat_uac_test("1"))
{
fix_nated_contact();
}
if(isbflagset(6) && status=~"2[0-9][0-9]")
{
if(!search("^Content-Length:[ ]*0"))
{
#force_rtp_proxy();
xlog("L_INFO", "onreply_route[2] - calling rtpproxy_answer()\n");
#fix_nated_sdp("3");
rtpproxy_answer();
}
}
exit;
}
failure_route[1]{
xlog("failure_route[1] if2 \n");
}
Change rtpproxy_offer(i) to rtpproxy_offer("corw") in your onreply_route[2] function.
rtpproxy_offer("corw");
When the first SIP proxy receives the initial INVITE, it will allocate ports on the first rtpproxy and modify the SDP body so that traffic destinated to the UAC is sent to this rtpproxy. When the INVITE reaches the second SIP proxy (or B2BUA if it is Asterisk), it will allocate ports on the second rtpproxy and modify the SDP body so that traffic destinated to the UAC is sent to this rtpproxy. The opposite will also happen when replies with SDP body are received by the proxies.
Therefore, the traffic will flow as follows:
UAC <-> rtpproxy1 <-> rtpproxy2 <-> UAS
And, there is no special configuration for the two rtpproxy to send each other traffic. Each rtpproxy is simply seen by the other as the UA (UAS or UAC).
I was able to connect opensips and rtpproxy server. I am able to call without rtpproxy / I configured opensip.cfg file for rtpproxy and opensip connection but i am getting error when i call any number.
Apr 12 19:15:46 jpc /usr/local/sbin/opensips[8099]: ERROR:rtpproxy:force_rtp_proxy: Unable to parse body
Apr 12 19:15:46 jpc rtpproxy[8076]: DBUG:handle_command: received command "8097_5 Lc0,8,101 EmT25eujw9 66.109.20.153 17242 zTZujAf~s;1 as232a3dd2;1"
Apr 12 19:15:46 jpc rtpproxy[8076]: INFO:handle_command: lookup request failed: session EmT25eujw9, tags zTZujAf~s;1/as232a3dd2;1 not found
Apr 12 19:15:46 jpc rtpproxy[8076]: DBUG:doreply: sending reply "8097_5 0 27.113.254.248#012"
Apr 12 19:15:46 jpc /usr/local/sbin/opensips[8097]: ERROR:rtpproxy:force_rtp_proxy_body: incorrect port 0 in reply from rtp proxy
Apr 12 19:15:46 jpc /usr/local/sbin/opensips[8099]: ERROR:rtpproxy:force_rtp_proxy: Unable to parse body
Apr 12 19:15:46 jpc /usr/local/sbin/opensips[8097]: ERROR:rtpproxy:force_rtp_proxy: Unable to parse body
Apr 12 19:16:02 jpc /usr/local/sbin/opensips[8096]: ERROR:rtpproxy:force_rtp_proxy: Unable to parse body
Apr 12 19:16:07 jpc rtpproxy[8076]: DBUG:handle_command: received command "8097_6 D EmT25eujw9 as232a3dd2 zTZujAf~s"
Apr 12 19:16:07 jpc rtpproxy[8076]: INFO:handle_command: delete request failed: session EmT25eujw9, tags as232a3dd2/zTZujAf~s not found
Apr 12 19:16:07 jpc rtpproxy[8076]: DBUG:doreply: sending reply "8097_6 E8#012"
Apr 12 19:16:07 jpc /usr/local/sbin/opensips[8100]: ERROR:rtpproxy:force_rtp_proxy: Unable to parse body
Please help. How can i resolve this error?
My opensips.cfg file is as below :
#
# $Id: opensips.cfg 9742 2013-02-05 10:24:48Z vladut-paiu $
#
# OpenSIPS residential configuration script
# by OpenSIPS Solutions <team#opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
# the "Residential" scenario.
# You can enable / disable more features / functionalities by
# re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
# http://www.opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#
####### Global Parameters #########
debug=3
log_stderror=no
log_facility=LOG_LOCAL0
fork=yes
children=4
/* uncomment the following lines to enable debugging */
#debug=6
#fork=no
#log_stderror=yes
/* uncomment the next line to enable the auto temporary blacklisting of
not available destinations (default disabled) */
#disable_dns_blacklist=no
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
lookup failures (default disabled) */
#dns_try_ipv6=yes
/* comment the next line to enable the auto discovery of local aliases
based on revers DNS on IPs */
auto_aliases=yes
#listen=udp:127.0.0.1:5060 # CUSTOMIZE ME
listen=udp:192.168.1.28:5080
disable_tcp=yes
listen=tcp:192.168.1.28:5080
disable_tls = yes
listen = tls:192.168.1.28:5081
tls_verify_server = 1
tls_verify_client = 1
tls_require_client_certificate = 0
tls_method = TLSv1
tls_certificate = "/usr/local/etc/opensips/tls/server/server-cert.pem"
tls_private_key = "/usr/local/etc/opensips/tls/server/server-privkey.pem"
tls_ca_list = "/usr/local/etc/opensips/tls/server/server-calist.pem"
####### Modules Section ########
#set module path
mpath="/usr/local/lib64/opensips/modules/"
#### Auth db module
loadmodule "db_mysql.so"
loadmodule "auth_db.so"
loadmodule "auth.so"
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "use_domain", 1)
modparam("auth_db", "db_url", "mysql://root:admin#localhost/opensips")
# !! Nathelper
loadmodule "nathelper.so"
#loadmodule "nat_traversal.so"
loadmodule "rtpproxy.so"
loadmodule "textops.so"
# ----------------- setting module-specific parameters ---------------
modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:7890")
# !! Nathelper
modparam("nathelper","sipping_bflag",8)
modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timer", 5)
modparam("tm", "fr_inv_timer", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)
#### MAX ForWarD module
loadmodule "maxfwd.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### URI module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc","nat_bflag",6)
modparam("usrloc", "db_mode", 0)
#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
modparam("registrar","received_avp", "$avp(42)")
modparam("nathelper","received_avp", "$avp(42)")
mhomed=1
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", "ACC_FAILED")
/* account triggers (flags) */
modparam("acc", "log_flag", "ACC_DO")
modparam("acc", "log_missed_flag", "ACC_MISSED")
####### Routing Logic ########
# main routing logic
route
{
# -----------------------------------------------------------------
# Sanity Check Section
# -----------------------------------------------------------------
if (!mf_process_maxfwd_header("10"))
{
sl_send_reply("483", "Too Many Hops");
exit;
};
if (msg:len > max_len)
{
sl_send_reply("513", "Message Overflow");
exit;
};
# -----------------------------------------------------------------
# Record Route Section
# -----------------------------------------------------------------
if (method!="REGISTER")
{
record_route();
};
if (method=="BYE" || method=="CANCEL")
{
unforce_rtp_proxy();
}
# -----------------------------------------------------------------
# Loose Route Section nat_uac_test("3")
# -----------------------------------------------------------------
if (loose_route())
{
if ((method=="INVITE" || method=="REFER") && !has_totag())
{
sl_send_reply("403", "Forbidden");
exit;
};
if (method=="INVITE")
{
if (nat_uac_test("19"))
{
#setflag(6);
setbflag(6);
setbflag(8);
force_rport();
fix_nated_contact();
};
rtpproxy_answer();
};
route(1);
exit;
};
# -----------------------------------------------------------------
# Call Type Processing Section
# -----------------------------------------------------------------
if (uri!=myself)
{
route(4);
route(1);
exit;
};
if (method=="ACK")
{
route(1);
exit;
}
if (method=="CANCEL")
{
route(1);
exit;
}
else if (method=="INVITE")
{
route(3);
exit;
}
else if (method=="REGISTER")
{
route(2);
exit;
};
lookup("aliases");
if (uri!=myself)
{
route(4);
route(1);
exit;
};
if (!lookup("location"))
{
sl_send_reply("404", "User Not Found");
exit;
};
route(1);
}
route[1]
{
# -----------------------------------------------------------------
# Default Message Handler
# -----------------------------------------------------------------
# if client or server know to be behind a NAT, enable relay
if (isflagset(6) || isflagset(7)) {
force_rport();
fix_nated_contact();
rtpproxy_answer();
};
t_on_reply("1");
if (!t_relay())
{
if (method=="INVITE" && isbflagset(6))
{
unforce_rtp_proxy();
};
sl_reply_error();
};
}
route[2]
{
# -----------------------------------------------------------------
# REGISTER Message Handler
# ----------------------------------------------------------------
xlog("route[2] REGISTER Message Handler \n");
if (!search("^Contact:[ ]*\*") && nat_uac_test("19"))
{
#setflag(6);
setbflag(6);
setbflag(8);
#fix_nated_register();
fix_nated_contact();
force_rport();
};
sl_send_reply("100", "Trying");
if (!save("location"))
{
sl_reply_error();
};
}
route[3]
{
# -----------------------------------------------------------------
# INVITE Message Handler
# -----------------------------------------------------------------
#if (nat_uac_test("19"))
#{
# setflag(6);
#}
xlog("route[3] INVITE Message Handler \n");
#linha incluida por mim para fazer com que todo INVITE utilize o rtpproxy
#setflag(6);
setbflag(6);
setbflag(8);
lookup("aliases");
if (uri!=myself)
{
route(4);
route(1);
exit;
};
if (!lookup("location"))
{
sl_send_reply("404", "User Not Found");
exit;
};
route(4);
route(1);
}
route[4]
{
# -----------------------------------------------------------------
# NAT Traversal Section
# -----------------------------------------------------------------
if (isbflagset(6))
{
force_rport();
fix_nated_contact();
rtpproxy_answer();
}
}
onreply_route[1]
{
#rtpproxy_answer();
force_rport();
fix_nated_contact();
rtpproxy_answer();
#rtpproxy_offer();
if (isbflagset(6) && status=~"(180)|(183)|2[0-9][0-9]")
{
xlog("onreply_route[1] if1 \n");
if (!search("^Content-Length:[ ]*0"))
{
rtpproxy_answer();
};
};
if (nat_uac_test("1"))
{
xlog("onreply_route[1] if2 \n");
fix_nated_contact();
};
}
#=================================================================================
/*
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
};
if (msg:len >= 2048 ) {
sl_send_reply("513", "Message too big");
exit;
};
# !! Nathelper
# Special handling for NATed clients; first, NAT test is
# executed: it looks for via!=received and RFC1918 addresses
# in Contact (may fail if line-folding is used); also,
# the received test should, if completed, should check all
# vias for rpesence of received
if (nat_uac_test("3")) {
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (is_method("REGISTER") || !is_present_hf("Record-Route")) {
log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and majority is
# smart enough to be symmetric. In some phones it takes a configuration
# option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is
# called "symmetric media" and "symmetric signalling".
fix_nated_contact(); # Rewrite contact with source IP of signalling
if ( is_method("INVITE") ) {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setbflag(6); # Mark as NATed
# if you want sip nat pinging
# setbflag(8);
};
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!is_method("REGISTER")) record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
exit;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
exit;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
# if (!www_authorize("siphub.org", "subscriber")) {
# www_challenge("siphub.org", "0");
# return;
# };
save("location");
exit;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
exit;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
exit;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# !! Nathelper
if (uri=~"[#:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){
sl_send_reply("479", "We don't forward to private IP addresses");
exit;
};
# if client or server know to be behind a NAT, enable relay
if (isbflagset(6)) {
force_rtp_proxy();
};
# NAT processing of replies; apply to all transactions (for example,
# re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isbflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
*/
You need dump packet which result error "unable parse body"
Very likly that is packet without any rtp data.
You SHOULD NOT use rtpproxy_offer/rtpproxy_answer for such packets.