subject:"\[OpenSIPS\-Users\] check_source_address not working in 1.9"

[OpenSIPS-Users] check_source_address not working in 1.9

2013-04-12 Thread spady

Hi all, i am facing issue on using check_source_address 

Opensips v. : OpenSIPS (1.9.0-notls (i386/linux)) 

Database entries: 

mysql select * from address; 
++-+---+--+--+---+-+--+ 
| id | grp | ip| mask | port | proto | pattern | context_info | 
++-+---+--+--+---+-+--+ 
|  6 |   0 | 10.9.6.3  |   24 |0 | ANY   | |  | 
|  5 |   0 | 172.16.55.201 |   24 |0 | ANY   | |  | 
++-+---+--+--+---+-+--+ 


Subnet Dump: 

root@opensips:./opensipsctl fifo subnet_dump 
   0 0, 10.9.6.0, 255.255.255.0, 0 
   1 0, 172.16.55.0, 255.255.255.0, 0   

Address Relod log; 

Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: number of rows in address table: 2 
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple 10.9.6.3, 0, 24, 0 inserted
into subnet table 
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple 172.16.55.201, 0, 24, 0
inserted into subnet table 
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: address table reloaded successfully.



Call logs: 


Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:check_src_addr_3: Looking for : 0, 172.16.55.201, 53109, 2
in tables 
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:hash_match: no match in the hash table 
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:match_subnet_table: match found in the subnet table 



Snippet of code: 

if(!check_source_address(0)){ 
if (!proxy_authorize(, subscriber)) { 
proxy_challenge(, 0); 
exit; 


Any idea? 

Regards 



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-in-1-9-tp7585808.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working in 1.9

2013-04-12 Thread Bogdan-Andrei Iancu


Hello,

I see the logs saying :
DBG:permissions:match_subnet_table: match found in the subnet table

Have you checked the return code of the function, at script level ? it 
is true or false ?


Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com


On 04/12/2013 12:36 PM, spady wrote:

Hi all, i am facing issue on using check_source_address

Opensips v. : OpenSIPS (1.9.0-notls (i386/linux))

Database entries:

mysql  select * from address;
++-+---+--+--+---+-+--+
| id | grp | ip| mask | port | proto | pattern | context_info |
++-+---+--+--+---+-+--+
|  6 |   0 | 10.9.6.3  |   24 |0 | ANY   | |  |
|  5 |   0 | 172.16.55.201 |   24 |0 | ANY   | |  |
++-+---+--+--+---+-+--+


Subnet Dump:

root@opensips:./opensipsctl fifo subnet_dump
00, 10.9.6.0, 255.255.255.0, 0
10, 172.16.55.0, 255.255.255.0, 0

Address Relod log;

Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: number of rows in address table: 2
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple10.9.6.3, 0, 24, 0  inserted
into subnet table
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple172.16.55.201, 0, 24, 0
inserted into subnet table
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: address table reloaded successfully.



Call logs:


Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:check_src_addr_3: Looking for :0, 172.16.55.201, 53109, 2
in tables
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:hash_match: no match in the hash table
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:match_subnet_table: match found in the subnet table



Snippet of code:

if(!check_source_address(0)){
 if (!proxy_authorize(, subscriber)) {
 proxy_challenge(, 0);
 exit;


Any idea?

Regards



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-in-1-9-tp7585808.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working in 1.9

2013-04-12 Thread spady

Hi Bogdan, here snippet of used code:

*if(!check_source_address(0)){
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();
*

Using this i get *403 Forbidden auth ID*


Using this:

*if(check_source_address(0))*{
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();

i get:

407 Unauthorized!!






--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-in-1-9-tp7585808p7585810.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working in 1.9

2013-04-12 Thread Bogdan-Andrei Iancu


Hello,

I'm a bit confused, as what you are claiming is a bit of a nonces - you 
say that is with NOT or without, for the same src IP, you end up in the 
if() block all the time ?!?!


Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com


On 04/12/2013 03:41 PM, spady wrote:

Hi Bogdan, here snippet of used code:

*if(!check_source_address(0)){
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();
*

Using this i get *403 Forbidden auth ID*


Using this:

*if(check_source_address(0))*{
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();

i get:

407 Unauthorized!!






--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-in-1-9-tp7585808p7585810.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

[OpenSIPS-Users] check_source_address not working in 1.9

Re: [OpenSIPS-Users] check_source_address not working in 1.9

Re: [OpenSIPS-Users] check_source_address not working in 1.9

Re: [OpenSIPS-Users] check_source_address not working in 1.9

4 matches

Site Navigation

Mail list logo

Footer information