Re: [OpenSIPS-Users] attack from friendly-scanner

2012-10-09 Thread SamyGo 
Hi,

Very nice suggestions by Brett. I remember there are regular thread like
these on the mailing lists and people share a lot of experiences. AFAIR
there was some service which contains the IP addresses of known attackers
available for users. OP needs to do some searching in this regard to
collect more ideas.

* Nothing is _NOT_ CPU cycles free *

I'm not sure about sip vicious but if I were to detect and hack a SIP
server I'd first start by sending OPTIONS on its ports. Mostly that's where
things kick off. Changing the user-agent field is nothing big, so question
is how do you know a hacker is about to get angry !!

I'd say it needs a time populated repository and a well crafted shell
script to maintain the list of Hacker IPs captured in the past and use it
across all the servers or devices. Let me explain the idea.

* ii)* - For any incoming packets one needs to look-up the hacker's listing
and detect if a known hacker or not.
 *i)* - Take fail2ban for example, or pike module , or iptables rate limit
mechanism to initially detect a new born hacker trying to access your sip
server (yes will take few minutes to finally conclude that a particular
source IP is hacker) - Store that IP in your hacker's listing.
*iii)* - Use an intelligent script to share the detected hacker's IP across
all the other SIP servers and router devices/firewall to block the traffic
at network layer.

*Critical Exceptions:*
Always ensure that the IP which is going to get blocked across the whole
network perimeter is not your own server or within the same subnet as
your's. It shouldn't be localhost as well.(Hint: IP spoofing)

*Focus on Security rather Friendly-scanner:*
*
*
One need to secure each and everything when it comes to security, just one
layer security  i.e fail2ban or iptables or pike module is never enough.
Like Brett said you can drop packets once detected a "very friendly
scanner", how about a customer who wants to toy with your service ! how
about a massive DoS attack !! drop() won't help alone. iptables needs to be
there to stop the packets from even reaching the SIP server app, then again
why should the server's NIC be chocked up by that massive DoS ! your
firewall or networking device should stop the packets from entering the
network !

This is just not enough: How about a different unique new tool which sends
malicious or malformed SIP packets to crash the server !! its just one
packet but malformed -- all the above measures WILL fail !! Obviously needs
to go one step ahead and use SNORT or anything like IDS+IPS to verify that
the packet going through the network is not malformed.

Thats pretty much it for now. There are things which I've forgotten to
write at the moment OR might not even know which I expect some one else may
like to add.

Networks and Data Security is a huge field, and VoIP security alone has
hundreds of book on the topic.

*Interesting threads to read: *
*
*
http://lists.opensips.org/pipermail/users/2010-November/015243.html
http://lists.opensips.org/pipermail/users/2011-June/018271.html
Read: http://blog.sipvicious.org/ to know more about the tool we all face
every once a while.
Fail2ban for openSIPS :: http://www.opensips.org/Resources/DocsTutFail2ban


--
Best Regards
Sammy








On Mon, Oct 8, 2012 at 6:31 PM, Brett Nemeroff  wrote:

> First of all,
> This is an attack from sipvicious. It is an *attack*. It will be very high
> rate (cps) and you do *not* want to use anything that consumes resources to
> attempt to block it.
>
> First recommendation is to use iptables. In addition, you *should* put a
> check in your config for friendly-scanner and drop() the packet. Do not
> reply with a sip code. You want to be invisible to the attacker. If you
> reply with a sip code, they'll just scan you attempting to find a request
> combination that will return a usable result.
>
> 1. Do whatever you can to not use CPU resources to block this
> 2. Don't look like a SIP server to source IPs you do not recognize
>
> I guarantee, if you look like a SIP server, you will get brutally attacked
> from unsolicited sources.
>
> Read up on the fail2ban docs for asterisk. They have some good ideas in
> there on how to perform intrusion detection and how to automatically add
> offending traffic to fail2ban. You can do something similar in OpenSIPs.
>
> I would be very curious to hear about other people's experiences using the
> Pike module to block this type of traffic. For what it's worth, I've seen
> attack traffic high enough in bandwidth to saturate a pretty beefy internet
> connection and I've even seen it crash routers. If you can avoid them
> finding you in the first place, that would be a much better option.
> -Brett
>
>
> On Mon, Oct 8, 2012 at 7:53 AM, Engineer voip  wrote:
>
>> Hi,
>> I'm trying to use pike module and i'm using the script above, but when i
>> execute this command " opensipsctl fifo pike_list"
>> i don't get any address blocked
>> My opensips config is:
>>
>> loadmodule "pike.so"
>> mo

Re: [OpenSIPS-Users] paid help installing OpenSip

2012-10-09 Thread tapas 
Hi,

I can do it . But I need to know details of work.

Tapas

On Tue, Oct 9, 2012 at 9:13 AM, Carlos Cruz wrote:

> Is anyone with experience installing and using OpenSips available to
> assist in installing OpenSips and help with interfacing OpenSips Management
> module with a custom web application done in Flex / ActionScript.
>
> ** **
>
> This is for paid help / support.
>
> ** **
>
> Thank!
>
> Carlos
>
> ** **
>
> ** **
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] attack from friendly-scanner

2012-10-09 Thread Engineer voip 
Hi All,
thank you for your reply, Know i want to simulate an attacker to test if my
fail2ban and pike module  works good.
someone has an idea to do that?

2012/10/9 SamyGo 

> Hi,
>
> Very nice suggestions by Brett. I remember there are regular thread like
> these on the mailing lists and people share a lot of experiences. AFAIR
> there was some service which contains the IP addresses of known attackers
> available for users. OP needs to do some searching in this regard to
> collect more ideas.
>
> * Nothing is _NOT_ CPU cycles free *
>
> I'm not sure about sip vicious but if I were to detect and hack a SIP
> server I'd first start by sending OPTIONS on its ports. Mostly that's where
> things kick off. Changing the user-agent field is nothing big, so question
> is how do you know a hacker is about to get angry !!
>
> I'd say it needs a time populated repository and a well crafted shell
> script to maintain the list of Hacker IPs captured in the past and use it
> across all the servers or devices. Let me explain the idea.
>
> * ii)* - For any incoming packets one needs to look-up the hacker's
> listing and detect if a known hacker or not.
>  *i)* - Take fail2ban for example, or pike module , or iptables rate
> limit mechanism to initially detect a new born hacker trying to access your
> sip server (yes will take few minutes to finally conclude that a particular
> source IP is hacker) - Store that IP in your hacker's listing.
> *iii)* - Use an intelligent script to share the detected hacker's IP
> across all the other SIP servers and router devices/firewall to block the
> traffic at network layer.
>
> *Critical Exceptions:*
> Always ensure that the IP which is going to get blocked across the whole
> network perimeter is not your own server or within the same subnet as
> your's. It shouldn't be localhost as well.(Hint: IP spoofing)
>
> *Focus on Security rather Friendly-scanner:*
> *
> *
> One need to secure each and everything when it comes to security, just one
> layer security  i.e fail2ban or iptables or pike module is never enough.
> Like Brett said you can drop packets once detected a "very friendly
> scanner", how about a customer who wants to toy with your service ! how
> about a massive DoS attack !! drop() won't help alone. iptables needs to be
> there to stop the packets from even reaching the SIP server app, then again
> why should the server's NIC be chocked up by that massive DoS ! your
> firewall or networking device should stop the packets from entering the
> network !
>
> This is just not enough: How about a different unique new tool which sends
> malicious or malformed SIP packets to crash the server !! its just one
> packet but malformed -- all the above measures WILL fail !! Obviously needs
> to go one step ahead and use SNORT or anything like IDS+IPS to verify that
> the packet going through the network is not malformed.
>
> Thats pretty much it for now. There are things which I've forgotten to
> write at the moment OR might not even know which I expect some one else may
> like to add.
>
> Networks and Data Security is a huge field, and VoIP security alone has
> hundreds of book on the topic.
>
> *Interesting threads to read: *
> *
> *
> http://lists.opensips.org/pipermail/users/2010-November/015243.html
> http://lists.opensips.org/pipermail/users/2011-June/018271.html
> Read: http://blog.sipvicious.org/ to know more about the tool we all face
> every once a while.
> Fail2ban for openSIPS :: http://www.opensips.org/Resources/DocsTutFail2ban
>
>
> --
> Best Regards
> Sammy
>
>
>
>
>
>
>
>
> On Mon, Oct 8, 2012 at 6:31 PM, Brett Nemeroff  wrote:
>
>> First of all,
>> This is an attack from sipvicious. It is an *attack*. It will be very
>> high rate (cps) and you do *not* want to use anything that consumes
>> resources to attempt to block it.
>>
>> First recommendation is to use iptables. In addition, you *should* put a
>> check in your config for friendly-scanner and drop() the packet. Do not
>> reply with a sip code. You want to be invisible to the attacker. If you
>> reply with a sip code, they'll just scan you attempting to find a request
>> combination that will return a usable result.
>>
>> 1. Do whatever you can to not use CPU resources to block this
>> 2. Don't look like a SIP server to source IPs you do not recognize
>>
>> I guarantee, if you look like a SIP server, you will get brutally
>> attacked from unsolicited sources.
>>
>> Read up on the fail2ban docs for asterisk. They have some good ideas in
>> there on how to perform intrusion detection and how to automatically add
>> offending traffic to fail2ban. You can do something similar in OpenSIPs.
>>
>> I would be very curious to hear about other people's experiences using
>> the Pike module to block this type of traffic. For what it's worth, I've
>> seen attack traffic high enough in bandwidth to saturate a pretty beefy
>> internet connection and I've even seen it crash routers. If you can avoid
>> them finding you in the first

Re: [OpenSIPS-Users] attack from friendly-scanner

2012-10-09 Thread qasimak...@gmail.com 
Advise: Read threads initiated by you thoroughly.

Read: http://blog.sipvicious.org/ to know more about the tool we all face
> every once a while.
>

Regards,
Qasim

On Tue, Oct 9, 2012 at 2:27 PM, Engineer voip  wrote:

> Hi All,
> thank you for your reply, Know i want to simulate an attacker to test if
> my fail2ban and pike module  works good.
> someone has an idea to do that?
>
> 2012/10/9 SamyGo 
>
>> Hi,
>>
>> Very nice suggestions by Brett. I remember there are regular thread like
>> these on the mailing lists and people share a lot of experiences. AFAIR
>> there was some service which contains the IP addresses of known attackers
>> available for users. OP needs to do some searching in this regard to
>> collect more ideas.
>>
>> * Nothing is _NOT_ CPU cycles free *
>>
>> I'm not sure about sip vicious but if I were to detect and hack a SIP
>> server I'd first start by sending OPTIONS on its ports. Mostly that's where
>> things kick off. Changing the user-agent field is nothing big, so question
>> is how do you know a hacker is about to get angry !!
>>
>> I'd say it needs a time populated repository and a well crafted shell
>> script to maintain the list of Hacker IPs captured in the past and use it
>> across all the servers or devices. Let me explain the idea.
>>
>> * ii)* - For any incoming packets one needs to look-up the hacker's
>> listing and detect if a known hacker or not.
>>  *i)* - Take fail2ban for example, or pike module , or iptables rate
>> limit mechanism to initially detect a new born hacker trying to access your
>> sip server (yes will take few minutes to finally conclude that a particular
>> source IP is hacker) - Store that IP in your hacker's listing.
>> *iii)* - Use an intelligent script to share the detected hacker's IP
>> across all the other SIP servers and router devices/firewall to block the
>> traffic at network layer.
>>
>> *Critical Exceptions:*
>> Always ensure that the IP which is going to get blocked across the whole
>> network perimeter is not your own server or within the same subnet as
>> your's. It shouldn't be localhost as well.(Hint: IP spoofing)
>>
>> *Focus on Security rather Friendly-scanner:*
>> *
>> *
>> One need to secure each and everything when it comes to security, just
>> one layer security  i.e fail2ban or iptables or pike module is never
>> enough. Like Brett said you can drop packets once detected a "very friendly
>> scanner", how about a customer who wants to toy with your service ! how
>> about a massive DoS attack !! drop() won't help alone. iptables needs to be
>> there to stop the packets from even reaching the SIP server app, then again
>> why should the server's NIC be chocked up by that massive DoS ! your
>> firewall or networking device should stop the packets from entering the
>> network !
>>
>> This is just not enough: How about a different unique new tool which
>> sends malicious or malformed SIP packets to crash the server !! its just
>> one packet but malformed -- all the above measures WILL fail !! Obviously
>> needs to go one step ahead and use SNORT or anything like IDS+IPS to verify
>> that the packet going through the network is not malformed.
>>
>> Thats pretty much it for now. There are things which I've forgotten to
>> write at the moment OR might not even know which I expect some one else may
>> like to add.
>>
>> Networks and Data Security is a huge field, and VoIP security alone has
>> hundreds of book on the topic.
>>
>> *Interesting threads to read: *
>> *
>> *
>> http://lists.opensips.org/pipermail/users/2010-November/015243.html
>> http://lists.opensips.org/pipermail/users/2011-June/018271.html
>> Read: http://blog.sipvicious.org/ to know more about the tool we all
>> face every once a while.
>> Fail2ban for openSIPS ::
>> http://www.opensips.org/Resources/DocsTutFail2ban
>>
>>
>> --
>> Best Regards
>> Sammy
>>
>>
>>
>>
>>
>>
>>
>>
>> On Mon, Oct 8, 2012 at 6:31 PM, Brett Nemeroff wrote:
>>
>>> First of all,
>>> This is an attack from sipvicious. It is an *attack*. It will be very
>>> high rate (cps) and you do *not* want to use anything that consumes
>>> resources to attempt to block it.
>>>
>>> First recommendation is to use iptables. In addition, you *should* put a
>>> check in your config for friendly-scanner and drop() the packet. Do not
>>> reply with a sip code. You want to be invisible to the attacker. If you
>>> reply with a sip code, they'll just scan you attempting to find a request
>>> combination that will return a usable result.
>>>
>>> 1. Do whatever you can to not use CPU resources to block this
>>> 2. Don't look like a SIP server to source IPs you do not recognize
>>>
>>> I guarantee, if you look like a SIP server, you will get brutally
>>> attacked from unsolicited sources.
>>>
>>> Read up on the fail2ban docs for asterisk. They have some good ideas in
>>> there on how to perform intrusion detection and how to automatically add
>>> offending traffic to fail2ban. You can do something similar in OpenSIPs.

Re: [OpenSIPS-Users] paid help installing OpenSip

2012-10-09 Thread Carlos Cruz 
 

Tapas, in order not to clutter the list, send me your email to
car...@nbtbizcapital.com 

 

Carlos

 

From: users-boun...@lists.opensips.org
[mailto:users-boun...@lists.opensips.org] On Behalf Of tapas
Sent: Tuesday, October 09, 2012 4:11 AM
To: OpenSIPS users mailling list
Subject: Re: [OpenSIPS-Users] paid help installing OpenSip

 

Hi,

I can do it . But I need to know details of work.

Tapas

On Tue, Oct 9, 2012 at 9:13 AM, Carlos Cruz 
wrote:

Is anyone with experience installing and using OpenSips available to assist
in installing OpenSips and help with interfacing OpenSips Management module
with a custom web application done in Flex / ActionScript.

 

This is for paid help / support.

 

Thank!

Carlos

 

 


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

 

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] call a standard phone and mobile at the same time

2012-10-09 Thread Adrian Georgescu 
You cannot control the behavior of the GSM operators. They may decide to play a 
prompt and practically answer the call without returning any code when the 
target device is out of coverage, voicemail box may kick in or not, roaming or 
other scenarios you are not even aware about.  If instead of a response code, 
you end-up being connected or in early media, OpenSIPS cannot retarget the call 
in all situations. Thinks work random and fail for unknown reasons due to 
un-deterministic  behavior of the GSM operators involved.

Adrian

On Oct 9, 2012, at 2:40 PM, Schneur Rosenberg wrote:

> If you disable voicemail on the mobile phone through the carrier then you 
> should get a busy signal from the carrier, if you also disable call waiting 
> then you should also get busy a busy signal from the carrier, its not really 
> required if you don't mind being disturbed by the beep , this might not 
> always be a solution because you loose voicemail and call waiting on your 
> phone.
> 
> Another solution might be to send the call through a Asterisk server and use 
> the amd (answering machine detection) function.
> 
> On Oct 8, 2012 11:17 PM, "Adrian Georgescu"  wrote:
> There is no standard for communicating signaling information from a non-IP 
> network like GSM to a SIP based network. What you try to achieve is close to 
> impossible unless you own both networks and are able to set up some 
> proprietary signaling mechanism between them.
> 
> Adrian
>  
> On Oct 8, 2012, at 10:56 PM, Engineer voip wrote:
> 
>> Hi,
>> I want to associate a mobile phone number to each desktop phone and want to 
>> ringing at the same time the desktop phone and mobile phone:
>> ** if the mobile phone is off service or already in communication (call 
>> falls on the responder) the opensips ignore this mobile and keep ringing the 
>> desktop phone.
>> 
>> i hope this is clear
>> 
>> 2012/10/8 Duane Larson 
>> Can you explain in more detail what you are trying to do?  
>> 
>> 
>> On Mon, Oct 8, 2012 at 8:32 AM, Engineer voip  wrote:
>> Hello,
>> I do that and its good but if user A hangs up the call, the user B is 
>> hanging too.
>> I want when user A hangs up or responder,  the user B can take the call!
>> have you an idea to resolve that?
>> 
>> 2012/10/8 Vlad Paiu 
>> Hello,
>> 
>> This is the usual SIP parallel forking, so yes this can be done with 
>> OpenSIPS 1.8. See the append_branch() function at [1] .
>> 
>> [1] http://www.opensips.org/Resources/DocsCoreFcn18#toc106
>> 
>> Regards,
>> Vlad Paiu
>> OpenSIPS Developer
>> http://www.opensips-solutions.com 
>> 
>> On 10/08/2012 12:00 AM, Engineer voip wrote:
>>> Hi All,
>>> It is possible to call a standard (fix) phone and mobile phone at the same 
>>> time with OpenSIPS 1.8 ??
>>> 
>>> -- 
>>> 
>>> Best Regards.
>>> 
>>> 
>>> 
>>> ___
>>> Users mailing list
>>> Users@lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> 
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> 
>> 
>> 
>> 
>> -- 
>> 
>> Best Regards.
>> 
>> 
>> 
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> 
>> 
>> 
>> 
>> -- 
>> --
>> *--*--*--*--*--*
>> Duane
>> *--*--*--*--*--*
>> --
>> 
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>> 
>> 
>> 
>> 
>> -- 
>> 
>> Best Regards.
>> 
>> 
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> 
> 
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> 
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Migrating dispatcher module from 1.6.4 to 1.8.1

2012-10-09 Thread Adam Raszynski 
Hi

I have exactly the same problem with dispatcher module and MySQL

after succesfoul ds_select_dst i get error:

ERROR:core:new_avp: invalid AVP name!
ERROR:core:add_avp: Failed to create new avp structure

resulting 503 response back to UAC

I'm using 1.8.0-notls version from debian apt repository for 1.8 branch,
checked out yesterday

When this patch will be commited to apt repository?



2012/9/11 Diego Barberio 

> Hi Bogdan,
>
> Its working on my lab now. I will try in production and let you know.
>
> Thanks a lot for your support.
> Diego
>
>
> On Tue, Sep 11, 2012 at 5:21 AM, Bogdan-Andrei Iancu 
> wrote:
>
>> **
>> Thanks Diego,
>>
>> Please try the attached patch - let me know if (a) the error goes away
>> and (b) dispatching work fine.
>>
>> Regards,
>>
>> Bogdan-Andrei Iancu
>> OpenSIPS Founder and Developerhttp://www.opensips-solutions.com
>>
>>
>> On 09/11/2012 01:17 AM, Diego Barberio wrote:
>>
>> Hi Bogdan,
>>
>> Sorry for my delay. I'm attaching the log you requested
>>
>> Thanks a lot
>> Diego
>>
>> On Thu, Sep 6, 2012 at 3:56 AM, Bogdan-Andrei Iancu 
>> wrote:
>>
>>>  Hi Diego,
>>>
>>> Try to run opensips in full debug (debug=6) and post somewhere the
>>> output (during startup and during the call attempt).
>>>
>>> Regards,
>>>
>>> Bogdan-Andrei Iancu
>>> OpenSIPS Founder and Developerhttp://www.opensips-solutions.com
>>>
>>>
>>>   On 09/03/2012 07:41 PM, Diego Barberio wrote:
>>>
>>> Hi Bogdan,
>>>
>>> No, I don't see any errors like that.
>>>
>>> Below is the result of cat /var/log/messages after starting opensips and
>>> placing one call:
>>>
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> NOTICE:core:main: version: opensips 1.8.1-notls (i386/linux)
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]: INFO:core:main:
>>> using 32 Mb shared memory
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]: INFO:core:main:
>>> using 2 Mb private memory per process
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:maxfwd:mod_init: initializing...
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:sl:mod_init: Initializing StateLess engine
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:tm:mod_init: TM - initializing...
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> NOTICE:signaling:mod_init: initializing module ...
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:options:mod_init: initializing...
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:sipmsgops:mod_init: initializing...
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:core:probe_max_sock_buff: using rcv buffer of 512 kb
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:core:probe_max_sock_buff: using snd buffer of 255 kb
>>> Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
>>> INFO:core:init_sock_keepalive: -- TCP keepalive enabled on socket
>>> Sep  3 09:57:58 BARNEY opensips: INFO:core:daemonize: pre-daemon process
>>> exiting with 0
>>> Sep  3 10:04:38 BARNEY /usr/local/sbin/opensips[11505]:
>>> INFO:core:probe_max_sock_buff: using snd buffer of 255 kb
>>> Sep  3 10:04:38 BARNEY /usr/local/sbin/opensips[11505]:
>>> INFO:core:init_sock_keepalive: -- TCP keepalive enabled on socket
>>> Sep  3 10:04:38 BARNEY /usr/local/sbin/opensips[11501]:
>>> ERROR:core:new_avp: invalid AVP name!
>>> Sep  3 10:04:38 BARNEY /usr/local/sbin/opensips[11501]:
>>> ERROR:core:add_avp: Failed to create new avp structure
>>>
>>> Thanks
>>> Diego
>>>
>>> On Mon, Sep 3, 2012 at 11:23 AM, Bogdan-Andrei Iancu <
>>> bog...@opensips.org> wrote:
>>>
  Diego, what about :  do you see any error actually reported by the
 dispatcher module (should look like "ERROR:dispatcher:..") .

 Regards,

 Bogdan-Andrei Iancu
 OpenSIPS Founder and Developerhttp://www.opensips-solutions.com


   On 09/03/2012 05:07 PM, Diego Barberio wrote:

 Hi Bogdan,

 Thanks for your response. The errrors only pop up when doing
 ds_select_dst()

 I'm able to reproduce this problem in my lab with only one destination
 and using mysql as database. I left the "socket" field in (null) and
 "attrs" is an empty string
 It seems the startup is ok:

 Sep  3 09:57:58 BARNEY opensips: WARNING:core:fix_socket_list: could
 not rev. resolve 192.168.2.154
 Sep  3 09:57:58 BARNEY opensips: WARNING:core:fix_socket_list: could
 not rev. resolve 192.168.2.154
 Sep  3 09:57:58 BARNEY opensips: INFO:core:init_tcp: using epoll_lt as
 the TCP io watch method (auto detected)
 Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]:
 NOTICE:core:main: version: opensips 1.8.1-notls (i386/linux)
 Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]: INFO:core:main:
 using 32 Mb shared memory
 Sep  3 09:57:58 BARNEY /usr/local/sbin/opensips[11491]: INFO:core:main:
 using 2 Mb private memory per p

[OpenSIPS-Users] Proxying - Hiding Caller From Callee

2012-10-09 Thread David Wylie 
Hello - this is my first post (to any user list, let alone this one).

I'd like to hide my clients from my suppliers, ensuring only my IP address
is ever given out.
Is it possible to completely remove the caller's IP addresses (public and,
if NATed, private) from all the headers?
NAT traversal seems to just add information, not remove it. No matter what
I do I always seem to have the caller's IP in a Via and contact header.
I seem to be able to remove it from the SDP body with rtpproxy_manage().

I appreciate this is probably unusual, but separating the parties is
essential to staying in the value chain.

Thanks for any help.
David.
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] attack from friendly-scanner

2012-10-09 Thread Brett Nemeroff 
Sammy,
Thanks for the detailed and well thought out replies. Of course nothing is
CPU free. However, if you use a method that uses a lot of CPU, such as a
per call source IP db lookup, it's going to totally hose the box up. Point
is, you need to be able to handle an intrusion without tying up critical
system resources if at all possible.

iptables with fail2ban is a good way to block, but it's not without it's
problems. By the time you block in fail2ban, they already know you are a
SIP server. You are now "on their hit list". So the "drop()" suggestion is
to prevent your box from appearing to be alive and "juicy".

Keep in mind, even with fail2ban and iptables, the traffic is still hitting
your box and using up valuable network resources. The higher up in the
network stack you can block the offender the better.

I do think that a community ran sipvicious list would probably be good.
Something similar to Vipul's Razor. However, there is a horrible
opportunity for this to be abused and it would require some policing. On
that note, nothing stops you from using fail2ban to create your own pool of
offenders. I like to make one of my fail2ban actions be a http request to
another server.. That OTHER server is also running fail2ban, detects the
http hits and logs the request (which contains the original offender's IP)
into a central DB I can use for blocking.

As Sammy said, this is a very complicated issue and as of about 2-3 years
ago has become an issue we all deal with on a regular basis and it's a big
pain. I'd love to see something a little more unified as a system to block
this kind of traffic.

Just keep in mind, if you arn't being attacked, you *will* be attacked. You
can delay the point in which you are attacked by hiding. Or ultimately
don't put your server out there where just anyone can hit it. :)

-Brett



On Tue, Oct 9, 2012 at 2:11 AM, SamyGo  wrote:

> Hi,
>
> Very nice suggestions by Brett. I remember there are regular thread like
> these on the mailing lists and people share a lot of experiences. AFAIR
> there was some service which contains the IP addresses of known attackers
> available for users. OP needs to do some searching in this regard to
> collect more ideas.
>
> * Nothing is _NOT_ CPU cycles free *
>
> I'm not sure about sip vicious but if I were to detect and hack a SIP
> server I'd first start by sending OPTIONS on its ports. Mostly that's where
> things kick off. Changing the user-agent field is nothing big, so question
> is how do you know a hacker is about to get angry !!
>
> I'd say it needs a time populated repository and a well crafted shell
> script to maintain the list of Hacker IPs captured in the past and use it
> across all the servers or devices. Let me explain the idea.
>
> * ii)* - For any incoming packets one needs to look-up the hacker's
> listing and detect if a known hacker or not.
>  *i)* - Take fail2ban for example, or pike module , or iptables rate
> limit mechanism to initially detect a new born hacker trying to access your
> sip server (yes will take few minutes to finally conclude that a particular
> source IP is hacker) - Store that IP in your hacker's listing.
> *iii)* - Use an intelligent script to share the detected hacker's IP
> across all the other SIP servers and router devices/firewall to block the
> traffic at network layer.
>
> *Critical Exceptions:*
> Always ensure that the IP which is going to get blocked across the whole
> network perimeter is not your own server or within the same subnet as
> your's. It shouldn't be localhost as well.(Hint: IP spoofing)
>
> *Focus on Security rather Friendly-scanner:*
> *
> *
> One need to secure each and everything when it comes to security, just one
> layer security  i.e fail2ban or iptables or pike module is never enough.
> Like Brett said you can drop packets once detected a "very friendly
> scanner", how about a customer who wants to toy with your service ! how
> about a massive DoS attack !! drop() won't help alone. iptables needs to be
> there to stop the packets from even reaching the SIP server app, then again
> why should the server's NIC be chocked up by that massive DoS ! your
> firewall or networking device should stop the packets from entering the
> network !
>
> This is just not enough: How about a different unique new tool which sends
> malicious or malformed SIP packets to crash the server !! its just one
> packet but malformed -- all the above measures WILL fail !! Obviously needs
> to go one step ahead and use SNORT or anything like IDS+IPS to verify that
> the packet going through the network is not malformed.
>
> Thats pretty much it for now. There are things which I've forgotten to
> write at the moment OR might not even know which I expect some one else may
> like to add.
>
> Networks and Data Security is a huge field, and VoIP security alone has
> hundreds of book on the topic.
>
> *Interesting threads to read: *
> *
> *
> http://lists.opensips.org/pipermail/users/2010-November/015243.htm

Re: [OpenSIPS-Users] attack from friendly-scanner

2012-10-09 Thread SamyGo 
Hi,

Just a quick reply while I can : *Honeypot*
Attract flies and kill them. An intelligently created honeypot-network
across VoIP-Friends/Colleagues can be a very useful and beautiful thing.

Hope to reply in detail later if needed (lesser chances as Brett has
already covered pretty much everything).

I hope OP has his question answered.

Thanks,
Sammy


On Tue, Oct 9, 2012 at 9:42 PM, Brett Nemeroff  wrote:

> Sammy,
> Thanks for the detailed and well thought out replies. Of course nothing is
> CPU free. However, if you use a method that uses a lot of CPU, such as a
> per call source IP db lookup, it's going to totally hose the box up. Point
> is, you need to be able to handle an intrusion without tying up critical
> system resources if at all possible.
>
> iptables with fail2ban is a good way to block, but it's not without it's
> problems. By the time you block in fail2ban, they already know you are a
> SIP server. You are now "on their hit list". So the "drop()" suggestion is
> to prevent your box from appearing to be alive and "juicy".
>
> Keep in mind, even with fail2ban and iptables, the traffic is still
> hitting your box and using up valuable network resources. The higher up in
> the network stack you can block the offender the better.
>
> I do think that a community ran sipvicious list would probably be good.
> Something similar to Vipul's Razor. However, there is a horrible
> opportunity for this to be abused and it would require some policing. On
> that note, nothing stops you from using fail2ban to create your own pool of
> offenders. I like to make one of my fail2ban actions be a http request to
> another server.. That OTHER server is also running fail2ban, detects the
> http hits and logs the request (which contains the original offender's IP)
> into a central DB I can use for blocking.
>
> As Sammy said, this is a very complicated issue and as of about 2-3 years
> ago has become an issue we all deal with on a regular basis and it's a big
> pain. I'd love to see something a little more unified as a system to block
> this kind of traffic.
>
> Just keep in mind, if you arn't being attacked, you *will* be attacked.
> You can delay the point in which you are attacked by hiding. Or ultimately
> don't put your server out there where just anyone can hit it. :)
>
> -Brett
>
>
>
> On Tue, Oct 9, 2012 at 2:11 AM, SamyGo  wrote:
>
>> Hi,
>>
>> Very nice suggestions by Brett. I remember there are regular thread like
>> these on the mailing lists and people share a lot of experiences. AFAIR
>> there was some service which contains the IP addresses of known attackers
>> available for users. OP needs to do some searching in this regard to
>> collect more ideas.
>>
>> * Nothing is _NOT_ CPU cycles free *
>>
>> I'm not sure about sip vicious but if I were to detect and hack a SIP
>> server I'd first start by sending OPTIONS on its ports. Mostly that's where
>> things kick off. Changing the user-agent field is nothing big, so question
>> is how do you know a hacker is about to get angry !!
>>
>> I'd say it needs a time populated repository and a well crafted shell
>> script to maintain the list of Hacker IPs captured in the past and use it
>> across all the servers or devices. Let me explain the idea.
>>
>> * ii)* - For any incoming packets one needs to look-up the hacker's
>> listing and detect if a known hacker or not.
>>  *i)* - Take fail2ban for example, or pike module , or iptables rate
>> limit mechanism to initially detect a new born hacker trying to access your
>> sip server (yes will take few minutes to finally conclude that a particular
>> source IP is hacker) - Store that IP in your hacker's listing.
>> *iii)* - Use an intelligent script to share the detected hacker's IP
>> across all the other SIP servers and router devices/firewall to block the
>> traffic at network layer.
>>
>> *Critical Exceptions:*
>> Always ensure that the IP which is going to get blocked across the whole
>> network perimeter is not your own server or within the same subnet as
>> your's. It shouldn't be localhost as well.(Hint: IP spoofing)
>>
>> *Focus on Security rather Friendly-scanner:*
>> *
>> *
>> One need to secure each and everything when it comes to security, just
>> one layer security  i.e fail2ban or iptables or pike module is never
>> enough. Like Brett said you can drop packets once detected a "very friendly
>> scanner", how about a customer who wants to toy with your service ! how
>> about a massive DoS attack !! drop() won't help alone. iptables needs to be
>> there to stop the packets from even reaching the SIP server app, then again
>> why should the server's NIC be chocked up by that massive DoS ! your
>> firewall or networking device should stop the packets from entering the
>> network !
>>
>> This is just not enough: How about a different unique new tool which
>> sends malicious or malformed SIP packets to crash the server !! its just
>> one packet but malformed -- all the above measures WILL fail !! Obvi

Re: [OpenSIPS-Users] Proxying - Hiding Caller From Callee

2012-10-09 Thread David Wylie 
Not sure if this will reply properly?!

Apologies for that question, it is one of the most vague and unhelpful I've
ever committed to paper.
I'll try and formulate a better one with examples on what I've done.

In the mean time, feel free to ignore it (or if you can shed light with
such little info then great).
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] attack from friendly-scanner

2012-10-09 Thread Adam Raszynski 
I use the following code on all my production OpenSIPS servers.
It's CPU friendly and avoids being spotted by bots searching for open-relay
VoIP servers.

route{
 # put it at the very beginning of route section
 if($ua=~"friendly-scanner") {
xlog("L_ERROR", "Auth error for $fU@$fd from $si method $rm
user-agent (friendly-scanner)\n");
drop();
exit;
 }
(...)

Since I added that code problem with friendly scanner is over.
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK response under high load

2012-10-09 Thread Diego Barberio 
Hi Binan,

Thank's to Bogdan's patch I was able to run opensips 1.8.1. However, the
problem with TCP under highload is still present.

Do you have any other ideas?

Thanks
Diego

On Mon, Sep 10, 2012 at 4:59 PM, Diego Barberio <
diego.barbe...@redmondsoftware.com> wrote:

> Hi Binan,
>
> I tried upgrading to 1.8.1 but I'm having some issues I'm duscussin with
> Bogdan on the following thread:
>
> http://lists.opensips.org/pipermail/users/2012-August/022764.html
>
> Thanks
> Diego
>
>
> On Mon, Sep 10, 2012 at 4:47 PM, Binan AL Halabi 
> wrote:
>
>> hi Diego,
>>
>> 1- As you dont have state in database so you dont need to check that.
>> 2- Why you dont upgrade to opensips 1.8.1 ? since it contains TCP fix.
>>
>> Regards.
>> //Binan
>>
>> --- On *Mon, 9/10/12, Binan AL Halabi * wrote:
>>
>>
>> From: Binan AL Halabi 
>>
>> Subject: Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK
>> response under high load
>> To: "OpenSIPS users mailling list" 
>> Date: Monday, September 10, 2012, 12:19 PM
>>
>>
>> If you have
>>
>> --- On *Mon, 9/10/12, Diego Barberio 
>> * wrote:
>>
>>
>> From: Diego Barberio 
>> Subject: Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK
>> response under high load
>> To: "OpenSIPS users mailling list" 
>> Date: Monday, September 10, 2012, 10:51 AM
>>
>> Hi Binan,
>>
>> I understand what do you say with "play around TCP connection lifetime"
>> however I don't get the part you say "check the database". I don't have any
>> database, opensips is working without any DB.
>> Which database are you talking about?
>>
>> Thanks
>> Diego
>>
>> On Mon, Sep 10, 2012 at 1:37 PM, Binan AL Halabi > > wrote:
>>
>> Hi Diego,
>> play around TCP connection lifetime, you could find something.
>>
>> one thing more check the database during the busy hour and see if
>> something expired.
>>
>> //Binan
>>
>>
>> --- On *Mon, 9/10/12, Diego Barberio 
>> * wrote:
>>
>>
>> From: Diego Barberio 
>> Subject: Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK
>> response under high load
>> To: "OpenSIPS users mailling list" 
>> Date: Monday, September 10, 2012, 6:39 AM
>>
>>
>> Hi All,
>>
>> I'm still having this issue. However, I went on with my investigation and
>> I've discovered that this issue only happens with my SIP over TCP
>> connections (I have 10 TCP connections)
>> I've upgraded to version:
>> Server:: OpenSIPS (1.7.2-notls (i386/linux))
>>
>> And the issue is still there.
>>
>>
>> Do you have any other ideas? (Disabling TCP is not an option)
>>
>> Thanks
>> Diego
>>
>>
>>
>>
>>
>> From: 
>> users-boun...@lists.opensips.org
>> [mailto:users-boun...@lists.opensips.org]
>> On Behalf Of Ali Pey
>> Sent: viernes, 10 de agosto de 2012 01:30 p.m.
>> To: OpenSIPS users mailling list
>> Subject: Re: [OpenSIPS-Users] Opensips 1.6.4 doesn't send an OK response
>> under high load
>>
>>
>>
>> I can't think of anything else.
>>
>>
>>
>> Dear opensips team,
>>
>>
>>
>> Hope you had a good flight-terminator :)
>>
>> Can you take a look at this please?
>>
>>
>>
>> Thanks,
>>
>> Ali Pey
>>
>>
>>
>>
>>
>> On Fri, Aug 10, 2012 at 12:05 PM, Diego Barberio
>> http://mc/compose?to=diego.barbe...@redmondsoftware.com>>
>> wrote:
>>
>> Hi Ali,
>>
>>
>>
>> Thanks again for rour feedbak.
>>
>> Unfortunately that's not the case. I'm attaching an example with the same
>> Via that works perfectly.
>>
>>
>>
>> Also, opensips works perfectly all day and only stops sending some OKs
>> during peak hour.
>>
>>
>>
>> Do you have any other idea?
>>
>>
>>
>> Thanks
>>
>> Diego
>>
>>
>>
>> From: 
>> users-boun...@lists.opensips.org
>> [mailto:users-boun...@lists.opensips.org]
>> On Behalf Of Ali Pey
>> Sent: viernes, 10 de agosto de 2012 11:00 a.m.
>>
>>
>> To: OpenSIPS users mailling list
>> Subject: Re: [OpenSIPS-Users] Opensips 1.6.4 doesn't send an OK response
>> under high load
>>
>>
>>
>> Hi Diego,
>>
>>
>>
>> I looked at your pcap file and I see that your second via has this:
>>
>> BC01.MBCSCR4.MSS.IMS.TIGO.COM.GT
>>
>>
>>
>> Is this a valid address? Maybe opensips can not resolve it so it ignores
>> the
>> via. Have you tried adding it to /etc/hosts.
>>
>>
>>
>> Compare a good 200OK with one of these and see if there is any difference.
>>
>>
>>
>> Regards,
>>
>> Ali Pey
>>
>> On Fri, Aug 10, 2012 at 9:20 AM, Diego Barberio
>> http://mc/compose?to=diego.barbe...@redmondsoftware.com>>
>> wrote:
>>
>> Hi Ali,
>>
>>
>>
>> I removed set the debug flag to 0 and added the "-" before the file path,
>> and I sill have the same issue.
>>
>> Is there any other thing I can try?
>>
>>
>>
>> Thanks
>>
>> Diego
>>
>>
>>
>> From: 
>> users-boun...@lists.opensips.org
>> [mailto:users-boun...@lists.opensips.org

Re: [OpenSIPS-Users] Need Hint for Opensips as UDP/TCP Proxy

2012-10-09 Thread spady 
Any idea?



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/Need-Hint-for-Opensips-as-UDP-TCP-Proxy-tp7582137p7582175.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

[OpenSIPS-Users] duplicate information in sip_trace table

2012-10-09 Thread Dragomir Haralambiev 
Hello ,

I see duplicate information in sip_trace table (Opensips: 1.8.1):
one line with traced_user=empty;
other traced_user=$avp(trace_id).

How to setup Opensips to remove traced_user=empty ?
Here is part of opensips.cfg:

modparam("siptrace", "db_url", "mysql://user:password@localhost/opensips")
modparam("siptrace", "trace_on", 1)
modparam("siptrace", "enable_ack_trace", 1)
modparam("siptrace", "traced_user_avp", "$avp(trace_id)")
..
if (is_method("INVITE")) {
. receive $avp(trace_id) from radius_send_auth ...
   if ( $avp(trace_id) ) {
xlog("L_ERR", "Trace ON. Trace_id=$avp(trace_id)\n");
sip_trace();
}
.
}

Best regards,
PlayMen
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK response under high load

2012-10-09 Thread Binan AL Halabi 


Do the following to increase TCP performance:

1- Increase the number of  available local ports:  

                echo 1024 65000 > /proc/sys/net/ipv4/ip_local_port_range

2- Increase the amount of memory associated with socket buffers (socket input 
and output queues):
For input queues:

                echo 262143 > /proc/sys/net/core/rmem_max 

                echo 262143 > /proc/sys/net/core/rmem_default
And wmem_max , wmem_default for output queues.

3- TCP stack

            echo 0 > /proc/sys/net/ipv4/tcp_sack 

            echo 0 > /proc/sys/net/ipv4/tcp_timestamps 

4- opensips memory pool is well configured : 
http://www.opensips.org/Resources/DocsTsMem


// Binan



 Från: Diego Barberio 
Till: OpenSIPS users mailling list  
Skickat: tisdag, 9 oktober 2012 20:08
Ämne: Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK response under 
high load
 

Hi Binan,

Thank's to Bogdan's patch I was able to run opensips 1.8.1. However, the 
problem with TCP under highload is still present.

Do you have any other ideas?

Thanks
Diego


On Mon, Sep 10, 2012 at 4:59 PM, Diego Barberio 
 wrote:

Hi Binan,
>
>I tried upgrading to 1.8.1 but I'm having some issues I'm duscussin with 
>Bogdan on the following thread:
>
>http://lists.opensips.org/pipermail/users/2012-August/022764.html
>
>Thanks
>Diego
>
>
>
>On Mon, Sep 10, 2012 at 4:47 PM, Binan AL Halabi  
>wrote:
>
>hi Diego,
>>
>>1- As you dont have state in database so you dont need to check that.
>>2- Why you dont upgrade to opensips 1.8.1 ? since it contains TCP fix.
>>
>>Regards.
>>//Binan
>>
>>--- On Mon, 9/10/12, Binan AL Halabi  wrote:
>>
>>
>>>From: Binan AL Halabi 
>>>
>>>Subject: Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK response 
>>>under high load
>>>To: "OpenSIPS users mailling list" 
>>>Date: Monday, September 10, 2012, 12:19 PM
>>>
>>>
>>>
>>>If you have
>>>
>>>--- On Mon, 9/10/12, Diego Barberio  
>>>wrote:
>>>
>>>
From: Diego Barberio 
Subject: Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK 
response under high load
To: "OpenSIPS users mailling list" 
Date: Monday, September 10, 2012, 10:51 AM


Hi Binan,

I understand what do you say with "play around TCP connection lifetime" 
however I don't get the part you say "check the database". I don't have any 
database, opensips is working without any DB.
Which database are you talking about?

Thanks
Diego


On Mon, Sep 10, 2012 at 1:37 PM, Binan AL Halabi  
wrote:

Hi Diego,
>play around TCP connection lifetime, you could find something.
>
>one thing more check the database during the busy hour and see if 
>something expired.
>
>//Binan
>
>
>--- On Mon, 9/10/12, Diego Barberio  
>wrote:
>
>
>>From: Diego Barberio 
>>Subject: Re: [OpenSIPS-Users] FW: Opensips 1.6.4 doesn't send an OK 
>>response under high load
>>To: "OpenSIPS users mailling list" 
>>Date: Monday, September 10, 2012, 6:39 AM
>>
>>
>>
>>Hi All,
>>
>>I'm still having this issue. However, I went on with my investigation and 
>>I've discovered that this issue only happens with my SIP over TCP 
>>connections
 (I have 10 TCP connections)
>>I've upgraded to version:
>>Server:: OpenSIPS (1.7.2-notls (i386/linux))
>>
>>And the issue is still there.
>>
>>
>>Do you have any other ideas? (Disabling TCP is not an option)
>>
>>Thanks
>>Diego
>>
>>
>>
>>
>>>
>>>
>>>
>>>From: users-boun...@lists.opensips.org
>>>[mailto:users-boun...@lists.opensips.org] On Behalf Of Ali Pey
>>>Sent: viernes, 10 de agosto de 2012 01:30 p.m.
>>>To: OpenSIPS users mailling list
>>>Subject: Re: [OpenSIPS-Users] Opensips 1.6.4 doesn't send an OK response
>>>under high load
>>>
>>>
>>>
>>>I can't think of anything else.
>>>
>>>
>>>
>>>Dear opensips team,
>>>
>>>
>>>
>>>Hope you had a good flight-terminator :)
>>>
>>>Can you take a look at this please?
>>>
>>>
>>>
>>>Thanks,
>>>
>>>Ali Pey
>>>
>>>
>>>
>>>
>>>
>>>On Fri, Aug 10, 2012 at 12:05 PM, Diego Barberio
>>> wrote:
>>>
>>>Hi Ali,
>>>
>>>
>>>
>>>Thanks again for rour feedbak.
>>>
>>>Unfortunately that's not the case. I'm attaching an example with the same
>>>Via that works perfectly.
>>>
>>>
>>>
>>>Also, opensips works perfectly all day and only stops sending some OKs
>>>during peak hour.
>>>
>>>
>>>
>>>Do you have any other idea?
>>>
>>>
>>>
>>>Thanks
>>>
>>>Diego
>>>
>>>
>>>
>>>From: users-boun...@lists.opensips.org
>>>[mailto:users-boun...@lists.opensips.org] On Behalf Of Ali Pey
>>>Sent: viernes, 10 de agosto de 2012 11:00 a.m.
>>>
>>>
>

Re: [OpenSIPS-Users] Proxying - Hiding Caller From Callee

2012-10-09 Thread Ali Pey 
Hi David,

As I take it you need to manipulate your from header. There are a few easy
ways you can achieve this. Check out the textops module:

http://www.opensips.org/html/docs/modules/1.8.x/textops.html

Regards,
Ali Pey


On Tue, Oct 9, 2012 at 1:24 PM, David Wylie wrote:

> Not sure if this will reply properly?!
>
> Apologies for that question, it is one of the most vague and unhelpful
> I've ever committed to paper.
> I'll try and formulate a better one with examples on what I've done.
>
> In the mean time, feel free to ignore it (or if you can shed light with
> such little info then great).
>
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Need Hint for Opensips as UDP/TCP Proxy

2012-10-09 Thread Binan AL Halabi 
Hi spady,

If  is_audio_on_hold() function returned true, this means the received message 
has an SDP body and at least one audio stream on hold.  
http://www.opensips.org/html/docs/modules/devel/sipmsgops.html#id292843

// Binan



 Från: spady 
Till: users@lists.opensips.org 
Skickat: tisdag, 9 oktober 2012 22:39
Ämne: Re: [OpenSIPS-Users] Need Hint for Opensips as UDP/TCP Proxy
 
Any idea?



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/Need-Hint-for-Opensips-as-UDP-TCP-Proxy-tp7582137p7582175.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] Proxying - Hiding Caller From Callee

2012-10-09 Thread Ali Pey 
Also check out these to places. You can use the uac module or directly
change the from uri username:

http://www.opensips.org/html/docs/modules/devel/uac.html
http://www.opensips.org/Resources/DocsCoreVar18#toc45

Regards,
Ali Pey

On Tue, Oct 9, 2012 at 6:56 PM, Ali Pey  wrote:

> Hi David,
>
> As I take it you need to manipulate your from header. There are a few easy
> ways you can achieve this. Check out the textops module:
>
> http://www.opensips.org/html/docs/modules/1.8.x/textops.html
>
> Regards,
> Ali Pey
>
>
> On Tue, Oct 9, 2012 at 1:24 PM, David Wylie wrote:
>
>> Not sure if this will reply properly?!
>>
>> Apologies for that question, it is one of the most vague and unhelpful
>> I've ever committed to paper.
>> I'll try and formulate a better one with examples on what I've done.
>>
>> In the mean time, feel free to ignore it (or if you can shed light with
>> such little info then great).
>>
>>
>>
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users