subject:"Re\: \[OpenSIPS\-Users\] check_source

Re: [OpenSIPS-Users] check_source_address()

2019-05-07 Thread Mark Farmer

Thanks for everyones input on this. Removal of the domain name routing
resolved the issue.

Mark.


On Fri, 26 Apr 2019 at 14:28, Mark Farmer  wrote:

> Thanks Ben, that seems to be the case. I will update the list with the
> results.
>
> Mark.
>
>
> On Fri, 26 Apr 2019 at 14:09, Ben Newlin  wrote:
>
>> It would cause the issue if they are sending all requests to that domain,
>> including sequential requests like re-invite, and ignoring the Contact
>> provided in the 200 OK. That is not correct according to RFC 3261, but I
>> have seen many carriers do this.
>>
>>
>>
>> Ben Newlin
>>
>>
>>
>> *From: *Users  on behalf of Mark
>> Farmer 
>> *Reply-To: *OpenSIPS users mailling list 
>> *Date: *Friday, April 26, 2019 at 8:59 AM
>> *To: *OpenSIPS users mailling list 
>> *Subject: *Re: [OpenSIPS-Users] check_source_address()
>>
>>
>>
>> Thank you, that makes sense now. I will keep that in mind for the future.
>>
>> In the meantime I have raised a query with our provider.
>>
>>
>>
>> Additionally, I realised this morning that at our request, our provider
>> is sending calls to us via a domain name instead of an IP. Would that
>> likely cause the issue even if they are using RFC 3261? I have asked for it
>> to be removed.
>>
>>
>>
>> Best regards
>>
>> Mark.
>>
>>
>>
>>
>>
>>
>>
>> On Thu, 25 Apr 2019 at 16:50, Liviu Chircu  wrote:
>>
>> On 25.04.2019 17:11, Mark Farmer wrote:
>>
>> Thanks so much for helping with this.
>>
>>
>>
>> I have applied the suggested config but the result is the same. OpenSIPS
>> routes the RE-INVITE to itself and it never gets routed back to the
>> Asterisk box.
>>
>> If the 2nd Route header in the RE-INVITE is the IP of the other interface
>> - will that not always be the case? It's as though the 2nd Route header
>> needs to be changed to have the IP of the Asterisk server.
>>
>>
>>
>> Sanitized RE-INVITE from provider:
>>
>>
>>
>> INVITE sip:aster...@my.host.name:5060 SIP/2.0
>>
>>
>>
>> If OpenSIPS identifies "my.host.name:5060" as a local domain, this will
>> screw up the routing,
>> as it will go from loose (RFC 3261) to strict (old, deprecated RFC 2543
>> mechanism).  Notice how
>> its not preserving the R-URI when it routes to itself as should happen
>> with RFC 3261 routing,
>> because it has fallen back to RFC 2543 routing.
>>
>> Your provider needs to follow RFC 3261 and use as Re-INVITE Request-URI
>> the exact Contact
>> advertised by the caller: 
>> , and not confuse your routing engine
>> with a random target such as: INVITE sip:aster...@my.host.name:5060.
>>
>> --
>>
>> Liviu Chircu
>>
>> OpenSIPS Developer
>>
>> http://www.opensips-solutions.com
>>
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>>
>> --
>>
>> Mark Farmer
>> farm...@gmail.com
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>
>
> --
> Mark Farmer
> farm...@gmail.com
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-26 Thread Mark Farmer

Thanks Ben, that seems to be the case. I will update the list with the
results.

Mark.


On Fri, 26 Apr 2019 at 14:09, Ben Newlin  wrote:

> It would cause the issue if they are sending all requests to that domain,
> including sequential requests like re-invite, and ignoring the Contact
> provided in the 200 OK. That is not correct according to RFC 3261, but I
> have seen many carriers do this.
>
>
>
> Ben Newlin
>
>
>
> *From: *Users  on behalf of Mark Farmer
> 
> *Reply-To: *OpenSIPS users mailling list 
> *Date: *Friday, April 26, 2019 at 8:59 AM
> *To: *OpenSIPS users mailling list 
> *Subject: *Re: [OpenSIPS-Users] check_source_address()
>
>
>
> Thank you, that makes sense now. I will keep that in mind for the future.
>
> In the meantime I have raised a query with our provider.
>
>
>
> Additionally, I realised this morning that at our request, our provider is
> sending calls to us via a domain name instead of an IP. Would that likely
> cause the issue even if they are using RFC 3261? I have asked for it to be
> removed.
>
>
>
> Best regards
>
> Mark.
>
>
>
>
>
>
>
> On Thu, 25 Apr 2019 at 16:50, Liviu Chircu  wrote:
>
> On 25.04.2019 17:11, Mark Farmer wrote:
>
> Thanks so much for helping with this.
>
>
>
> I have applied the suggested config but the result is the same. OpenSIPS
> routes the RE-INVITE to itself and it never gets routed back to the
> Asterisk box.
>
> If the 2nd Route header in the RE-INVITE is the IP of the other interface
> - will that not always be the case? It's as though the 2nd Route header
> needs to be changed to have the IP of the Asterisk server.
>
>
>
> Sanitized RE-INVITE from provider:
>
>
>
> INVITE sip:aster...@my.host.name:5060 SIP/2.0
>
>
>
> If OpenSIPS identifies "my.host.name:5060" as a local domain, this will
> screw up the routing,
> as it will go from loose (RFC 3261) to strict (old, deprecated RFC 2543
> mechanism).  Notice how
> its not preserving the R-URI when it routes to itself as should happen
> with RFC 3261 routing,
> because it has fallen back to RFC 2543 routing.
>
> Your provider needs to follow RFC 3261 and use as Re-INVITE Request-URI
> the exact Contact
> advertised by the caller: 
> , and not confuse your routing engine
> with a random target such as: INVITE sip:aster...@my.host.name:5060.
>
> --
>
> Liviu Chircu
>
> OpenSIPS Developer
>
> http://www.opensips-solutions.com
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
>
> --
>
> Mark Farmer
> farm...@gmail.com
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-26 Thread Ben Newlin

It would cause the issue if they are sending all requests to that domain, 
including sequential requests like re-invite, and ignoring the Contact provided 
in the 200 OK. That is not correct according to RFC 3261, but I have seen many 
carriers do this.

Ben Newlin

From: Users  on behalf of Mark Farmer 

Reply-To: OpenSIPS users mailling list 
Date: Friday, April 26, 2019 at 8:59 AM
To: OpenSIPS users mailling list 
Subject: Re: [OpenSIPS-Users] check_source_address()

Thank you, that makes sense now. I will keep that in mind for the future.
In the meantime I have raised a query with our provider.

Additionally, I realised this morning that at our request, our provider is 
sending calls to us via a domain name instead of an IP. Would that likely cause 
the issue even if they are using RFC 3261? I have asked for it to be removed.

Best regards
Mark.



On Thu, 25 Apr 2019 at 16:50, Liviu Chircu 
mailto:li...@opensips.org>> wrote:
On 25.04.2019 17:11, Mark Farmer wrote:
Thanks so much for helping with this.

I have applied the suggested config but the result is the same. OpenSIPS routes 
the RE-INVITE to itself and it never gets routed back to the Asterisk box.
If the 2nd Route header in the RE-INVITE is the IP of the other interface - 
will that not always be the case? It's as though the 2nd Route header needs to 
be changed to have the IP of the Asterisk server.

Sanitized RE-INVITE from provider:

INVITE sip:aster...@my.host.name:5060<http://sip:aster...@my.host.name:5060> 
SIP/2.0


If OpenSIPS identifies "my.host.name:5060<http://my.host.name:5060>" as a local 
domain, this will screw up the routing,
as it will go from loose (RFC 3261) to strict (old, deprecated RFC 2543 
mechanism).  Notice how
its not preserving the R-URI when it routes to itself as should happen with RFC 
3261 routing,
because it has fallen back to RFC 2543 routing.

Your provider needs to follow RFC 3261 and use as Re-INVITE Request-URI the 
exact Contact
advertised by the caller: 
<mailto:sip:asterisk@10.98.0.102:5060>, and not 
confuse your routing engine
with a random target such as: INVITE 
sip:aster...@my.host.name:5060<mailto:sip:aster...@my.host.name:5060>.

--

Liviu Chircu

OpenSIPS Developer

http://www.opensips-solutions.com<http://www.opensips-solutions.com>
___
Users mailing list
Users@lists.opensips.org<mailto:Users@lists.opensips.org>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users<http://lists.opensips.org/cgi-bin/mailman/listinfo/users>


--
Mark Farmer
farm...@gmail.com<mailto:farm...@gmail.com>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-26 Thread Mark Farmer

Thank you, that makes sense now. I will keep that in mind for the future.
In the meantime I have raised a query with our provider.

Additionally, I realised this morning that at our request, our provider is
sending calls to us via a domain name instead of an IP. Would that likely
cause the issue even if they are using RFC 3261? I have asked for it to be
removed.

Best regards
Mark.



On Thu, 25 Apr 2019 at 16:50, Liviu Chircu  wrote:

> On 25.04.2019 17:11, Mark Farmer wrote:
>
> Thanks so much for helping with this.
>
> I have applied the suggested config but the result is the same. OpenSIPS
> routes the RE-INVITE to itself and it never gets routed back to the
> Asterisk box.
> If the 2nd Route header in the RE-INVITE is the IP of the other interface
> - will that not always be the case? It's as though the 2nd Route header
> needs to be changed to have the IP of the Asterisk server.
>
> Sanitized RE-INVITE from provider:
>
> INVITE sip:aster...@my.host.name:5060 SIP/2.0
>
> If OpenSIPS identifies "my.host.name:5060" as a local domain, this will
> screw up the routing,
> as it will go from loose (RFC 3261) to strict (old, deprecated RFC 2543
> mechanism).  Notice how
> its not preserving the R-URI when it routes to itself as should happen
> with RFC 3261 routing,
> because it has fallen back to RFC 2543 routing.
>
> Your provider needs to follow RFC 3261 and use as Re-INVITE Request-URI
> the exact Contact
> advertised by the caller: 
> , and not confuse your routing engine
> with a random target such as: INVITE sip:aster...@my.host.name:5060.
>
> --
> Liviu Chircu
> OpenSIPS Developerhttp://www.opensips-solutions.com
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-25 Thread Liviu Chircu


On 25.04.2019 17:11, Mark Farmer wrote:

Thanks so much for helping with this.

I have applied the suggested config but the result is the same. 
OpenSIPS routes the RE-INVITE to itself and it never gets routed back 
to the Asterisk box.
If the 2nd Route header in the RE-INVITE is the IP of the other 
interface - will that not always be the case? It's as though the 2nd 
Route header needs to be changed to have the IP of the Asterisk server.


Sanitized RE-INVITE from provider:

INVITE sip:aster...@my.host.name:5060 
 SIP/2.0


If OpenSIPS identifies "my.host.name:5060" as a local domain, this will 
screw up the routing,
as it will go from loose (RFC 3261) to strict (old, deprecated RFC 2543 
mechanism).  Notice how
its not preserving the R-URI when it routes to itself as should happen 
with RFC 3261 routing,

because it has fallen back to RFC 2543 routing.

Your provider needs to follow RFC 3261 and use as Re-INVITE Request-URI 
the exact Contact
advertised by the caller: , and not 
confuse your routing engine

with a random target such as:INVITE sip:aster...@my.host.name:5060.

--
Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-25 Thread Mark Farmer

Thanks so much for helping with this.

I have applied the suggested config but the result is the same. OpenSIPS
routes the RE-INVITE to itself and it never gets routed back to the
Asterisk box.
If the 2nd Route header in the RE-INVITE is the IP of the other interface -
will that not always be the case? It's as though the 2nd Route header needs
to be changed to have the IP of the Asterisk server.

Sanitized RE-INVITE from provider:

INVITE sip:aster...@my.host.name:5060 SIP/2.0
Max-Forwards: 67
Session-Expires: 1800;refresher=uac
Min-SE: 600
Supported: timer
Route:

Route:

To: "Test User" ;tag=26907c86-afbc-4626-b8f2-fb901de15f17
From: ;tag=3765189400-415903398
Call-ID: 4dfc3a95-7488-448c-b015-438e806eccae
CSeq: 2 INVITE
Allow: UPDATE,INFO,OPTIONS,BYE,INVITE,ACK,CANCEL
Via:
SIP/2.0/UDP 
prov.ider.ip.addr:5060;branch=z9hG4bK66abd71f0399f743ce9ff2e625aeb636
Contact: 
Content-Type: application/sdp
Accept: application/sdp
Content-Length: 263

v=0
o=sbc-uk-bs13b 454176 454177 IN IP4 prov.ider.ip.addr
s=sip call
c=IN IP4 prov.ider.ip.addr
t=0 0
a=sendonly
m=audio 42458 RTP/AVP 8 101
b=RR:3000
b=RS:1000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ptime:20
a=maxptime:40

---

And the next Re-INVITE to itself:

INVITE
sip:10.98.0.53;r2=on;lr;ftag=26907c86-afbc-4626-b8f2-fb901de15f17;did=7e4.6832a52
SIP/2.0
Max-Forwards: 66
Session-Expires: 1800;refresher=uac
Min-SE: 600
Supported: timer
To: "Test User" ;tag=26907c86-afbc-4626-b8f2-fb901de15f17
From: ;tag=3765189400-415903398
Call-ID: 4dfc3a95-7488-448c-b015-438e806eccae
CSeq: 2 INVITE
Allow: UPDATE,INFO,OPTIONS,BYE,INVITE,ACK,CANCEL
Via: SIP/2.0/UDP 109.234.226.243:5060;branch=z9hG4bKc156.ac684935.0
Via: SIP/2.0/UDP 147.152.17.42:5060
;branch=z9hG4bK66abd71f0399f743ce9ff2e625aeb636
Contact: 
Content-Type: application/sdp
Accept: application/sdp
Content-Length: 263

v=0
o=sbc-uk-bs13b 454176 454177 IN IP4 prov.ider.ip.addr
s=sip call
c=IN IP4 prov.ider.ip.addr
t=0 0
a=sendonly
m=audio 42458 RTP/AVP 8 101
b=RR:3000
b=RS:1000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ptime:20
a=maxptime:40

-

Perhaps I'm missing the point?

Mark.


On Thu, 25 Apr 2019 at 14:10, Liviu Chircu  wrote:

> On 24.04.2019 20:10, Mark Farmer wrote:
> > Sure, I'll send the pcap off list.
>
> It seems you are performing an interface switching operation when
> routing out,
> which leads to a double Record-Route header.  While this is completely
> fine,
> you should be aware that OpenSIPS handles a double RR'ed mid-dialog
> request by
> routing the request to itself exactly once, as it consumes the top-level
> Route
> header field.
>
> So, you definitely don't have to provision and mark OpenSIPS as a trunk,
> since
> that will likely break some other logic of your script (e.g. I see it
> now returns
> 404 in the pcap).  Rather, just extend your possible sources of traffic
> and keep
> applying loose_route() to those mid-dialog requests, then route them out:
>
> if (check_source_address("1","$avp(trunk_attrs)")) {
>  # request comes from trunks
>  xlog ("MF - $rm FROM $avp(trunk_attrs)");
>  setflag(IS_TRUNK);
> } else if (has_totag() && is_myself("$si")) {
>  setflag(IS_MYSELF);
> } else {
>  send_reply("403", "Forbidden");
>  exit;
> }
>
> if (has_totag()) {
>  ...
>  if (!loose_route())
>  send_reply("404", "Not Here");
>  else
>  t_relay();
>  exit;
> }
>
> Regards,
>
> --
> Liviu Chircu
> OpenSIPS Developer
> http://www.opensips-solutions.com
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-25 Thread Liviu Chircu


On 24.04.2019 20:10, Mark Farmer wrote:

Sure, I'll send the pcap off list.


It seems you are performing an interface switching operation when 
routing out,

which leads to a double Record-Route header.  While this is completely fine,
you should be aware that OpenSIPS handles a double RR'ed mid-dialog 
request by
routing the request to itself exactly once, as it consumes the top-level 
Route

header field.

So, you definitely don't have to provision and mark OpenSIPS as a trunk, 
since
that will likely break some other logic of your script (e.g. I see it 
now returns
404 in the pcap).  Rather, just extend your possible sources of traffic 
and keep

applying loose_route() to those mid-dialog requests, then route them out:

if (check_source_address("1","$avp(trunk_attrs)")) {
    # request comes from trunks
    xlog ("MF - $rm FROM $avp(trunk_attrs)");
    setflag(IS_TRUNK);
} else if (has_totag() && is_myself("$si")) {
    setflag(IS_MYSELF);
} else {
    send_reply("403", "Forbidden");
    exit;
}

if (has_totag()) {
    ...
    if (!loose_route())
    send_reply("404", "Not Here");
    else
        t_relay();
    exit;
}

Regards,

--
Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-24 Thread Mark Farmer

Sure, I'll send the pcap off list.

TIA
Mark.


On Wed, 24 Apr 2019 at 17:47, Liviu Chircu  wrote:

> From what I understand, your OpenSIPS ends up routing those mid-dialog
> requests to itself!  This is definitely bogus, unless there is some
> spiraling logic involved, which I doubt to be the case.  Can you upload
> text file or pcap with a network capture of your call attempt, so we can
> figure out what's broken over there?
>
> Liviu Chircu
> OpenSIPS Developerhttp://www.opensips-solutions.com
>
> On 24.04.2019 18:48, Mark Farmer wrote:
>
> Hi, thanks for the reply.
>
> I added the xlog which told me that it was trying to find permissions for
> itself - this is an mhomed server. That seems a bit odd to me but I added
> the permissions and the 403 responses stopped. - Is this the correct thing
> to do?
>
> The issue I have now is that the RE-INVITES are not making it across the
> OpenSIPS server to the next hop which is an Asterisk server (via a
> different NIC). I think the issue is that Asterisk does not add a
> Record-Route header on the initial INVITE and so loose_route() doesn't know
> where to relay the message.
>
> This is my rr module config:
> loadmodule "rr.so"
> modparam("rr", "append_fromtag", 1)
> modparam("rr", "enable_double_rr", 1)
>
> Any ideas on how to get my RE_INVITES working please?
>
> Many thanks
> Mark.
>
>
> On Tue, 23 Apr 2019 at 12:43, Liviu Chircu  wrote:
>
>> Hi, Mark!
>>
>> The best way to proceed is to add an xlog("checking $si:$sp\n") before
>> check_source_address(), then some useful xlog() messages on each if branch,
>> so we can confirm the theory that this is an OpenSIPS issue, and not a
>> problem specific to your setup.
>>
>> Liviu Chircu
>> OpenSIPS Developerhttp://www.opensips-solutions.com
>>
>> On 23.04.2019 14:18, Mark Farmer wrote:
>>
>> Should've added I'm running OpenSIPS 2.4.4
>>
>> Mark.
>>
>>
>> On Tue, 23 Apr 2019 at 12:10, Mark Farmer  wrote:
>>
>>> Hi everyone,
>>>
>>> I'm seeing some odd behaviour in tha initial requests are allowed but
>>> RE-INVITES are resulting in 403. From my logging I can see the INVITE
>>> coming in so I think it must be matching. Why would it not obey and route
>>> the request?
>>>
>>> This is the bit of my request route that identifies the source:
>>>
>>> if (check_source_address("1","$avp(trunk_attrs)")) {
>>> # request comes from trunks
>>> xlog ("MF - $rm FROM $avp(trunk_attrs)");
>>> setflag(IS_TRUNK);
>>> } else {
>>> send_reply("403","Forbidden");
>>> exit;
>>> }
>>>
>>> Many thanks
>>> Mark.
>>>
>>> --
>>> Mark Farmer
>>> farm...@gmail.com
>>>
>>
>>
>> --
>> Mark Farmer
>> farm...@gmail.com
>>
>> ___
>> Users mailing 
>> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>> ___
>> Users mailing list
>> Users@lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>
>
> --
> Mark Farmer
> farm...@gmail.com
>
> ___
> Users mailing 
> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-24 Thread Liviu Chircu

From what I understand, your OpenSIPS ends up routing those mid-dialog 
requests to itself!  This is definitely bogus, unless there is some 
spiraling logic involved, which I doubt to be the case.  Can you upload 
text file or pcap with a network capture of your call attempt, so we can 
figure out what's broken over there?


Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com

On 24.04.2019 18:48, Mark Farmer wrote:

Hi, thanks for the reply.

I added the xlog which told me that it was trying to find permissions 
for itself - this is an mhomed server. That seems a bit odd to me but 
I added the permissions and the 403 responses stopped. - Is this the 
correct thing to do?


The issue I have now is that the RE-INVITES are not making it across 
the OpenSIPS server to the next hop which is an Asterisk server (via a 
different NIC). I think the issue is that Asterisk does not add a 
Record-Route header on the initial INVITE and so loose_route() doesn't 
know where to relay the message.


This is my rr module config:
loadmodule "rr.so"
modparam("rr", "append_fromtag", 1)
modparam("rr", "enable_double_rr", 1)

Any ideas on how to get my RE_INVITES working please?

Many thanks
Mark.


On Tue, 23 Apr 2019 at 12:43, Liviu Chircu > wrote:


Hi, Mark!

The best way to proceed is to add an xlog("checking $si:$sp\n")
before check_source_address(), then some useful xlog() messages on
each if branch, so we can confirm the theory that this is an
OpenSIPS issue, and not a problem specific to your setup.

Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com

On 23.04.2019 14:18, Mark Farmer wrote:

Should've added I'm running OpenSIPS 2.4.4

Mark.


On Tue, 23 Apr 2019 at 12:10, Mark Farmer mailto:farm...@gmail.com>> wrote:

Hi everyone,

I'm seeing some odd behaviour in tha initial requests are
allowed but RE-INVITES are resulting in 403. From my logging
I can see the INVITE coming in so I think it must be
matching. Why would it not obey and route the request?

This is the bit of my request route that identifies the source:

if (check_source_address("1","$avp(trunk_attrs)")) {
                # request comes from trunks
                xlog ("MF - $rm FROM $avp(trunk_attrs)");
                setflag(IS_TRUNK);
        } else {
send_reply("403","Forbidden");
                exit;
        }

Many thanks
Mark.

-- 
Mark Farmer

farm...@gmail.com 



-- 
Mark Farmer

farm...@gmail.com 

___
Users mailing list
Users@lists.opensips.org  
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

___
Users mailing list
Users@lists.opensips.org 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



--
Mark Farmer
farm...@gmail.com 

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-24 Thread Mark Farmer

Hi, thanks for the reply.

I added the xlog which told me that it was trying to find permissions for
itself - this is an mhomed server. That seems a bit odd to me but I added
the permissions and the 403 responses stopped. - Is this the correct thing
to do?

The issue I have now is that the RE-INVITES are not making it across the
OpenSIPS server to the next hop which is an Asterisk server (via a
different NIC). I think the issue is that Asterisk does not add a
Record-Route header on the initial INVITE and so loose_route() doesn't know
where to relay the message.

This is my rr module config:
loadmodule "rr.so"
modparam("rr", "append_fromtag", 1)
modparam("rr", "enable_double_rr", 1)

Any ideas on how to get my RE_INVITES working please?

Many thanks
Mark.


On Tue, 23 Apr 2019 at 12:43, Liviu Chircu  wrote:

> Hi, Mark!
>
> The best way to proceed is to add an xlog("checking $si:$sp\n") before
> check_source_address(), then some useful xlog() messages on each if branch,
> so we can confirm the theory that this is an OpenSIPS issue, and not a
> problem specific to your setup.
>
> Liviu Chircu
> OpenSIPS Developerhttp://www.opensips-solutions.com
>
> On 23.04.2019 14:18, Mark Farmer wrote:
>
> Should've added I'm running OpenSIPS 2.4.4
>
> Mark.
>
>
> On Tue, 23 Apr 2019 at 12:10, Mark Farmer  wrote:
>
>> Hi everyone,
>>
>> I'm seeing some odd behaviour in tha initial requests are allowed but
>> RE-INVITES are resulting in 403. From my logging I can see the INVITE
>> coming in so I think it must be matching. Why would it not obey and route
>> the request?
>>
>> This is the bit of my request route that identifies the source:
>>
>> if (check_source_address("1","$avp(trunk_attrs)")) {
>> # request comes from trunks
>> xlog ("MF - $rm FROM $avp(trunk_attrs)");
>> setflag(IS_TRUNK);
>> } else {
>> send_reply("403","Forbidden");
>> exit;
>> }
>>
>> Many thanks
>> Mark.
>>
>> --
>> Mark Farmer
>> farm...@gmail.com
>>
>
>
> --
> Mark Farmer
> farm...@gmail.com
>
> ___
> Users mailing 
> listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-23 Thread Liviu Chircu


Hi, Mark!

The best way to proceed is to add an xlog("checking $si:$sp\n") before 
check_source_address(), then some useful xlog() messages on each if 
branch, so we can confirm the theory that this is an OpenSIPS issue, and 
not a problem specific to your setup.


Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com

On 23.04.2019 14:18, Mark Farmer wrote:

Should've added I'm running OpenSIPS 2.4.4

Mark.


On Tue, 23 Apr 2019 at 12:10, Mark Farmer > wrote:


Hi everyone,

I'm seeing some odd behaviour in tha initial requests are allowed
but RE-INVITES are resulting in 403. From my logging I can see the
INVITE coming in so I think it must be matching. Why would it not
obey and route the request?

This is the bit of my request route that identifies the source:

if (check_source_address("1","$avp(trunk_attrs)")) {
                # request comes from trunks
                xlog ("MF - $rm FROM $avp(trunk_attrs)");
                setflag(IS_TRUNK);
        } else {
                send_reply("403","Forbidden");
                exit;
        }

Many thanks
Mark.

-- 
Mark Farmer

farm...@gmail.com 



--
Mark Farmer
farm...@gmail.com 

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

2019-04-23 Thread Mark Farmer

Should've added I'm running OpenSIPS 2.4.4

Mark.


On Tue, 23 Apr 2019 at 12:10, Mark Farmer  wrote:

> Hi everyone,
>
> I'm seeing some odd behaviour in tha initial requests are allowed but
> RE-INVITES are resulting in 403. From my logging I can see the INVITE
> coming in so I think it must be matching. Why would it not obey and route
> the request?
>
> This is the bit of my request route that identifies the source:
>
> if (check_source_address("1","$avp(trunk_attrs)")) {
> # request comes from trunks
> xlog ("MF - $rm FROM $avp(trunk_attrs)");
> setflag(IS_TRUNK);
> } else {
> send_reply("403","Forbidden");
> exit;
> }
>
> Many thanks
> Mark.
>
> --
> Mark Farmer
> farm...@gmail.com
>


-- 
Mark Farmer
farm...@gmail.com
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working in 1.9

2013-04-12 Thread Bogdan-Andrei Iancu


Hello,

I see the logs saying :
DBG:permissions:match_subnet_table: match found in the subnet table

Have you checked the return code of the function, at script level ? it 
is true or false ?


Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com


On 04/12/2013 12:36 PM, spady wrote:

Hi all, i am facing issue on using check_source_address

Opensips v. : OpenSIPS (1.9.0-notls (i386/linux))

Database entries:

mysql  select * from address;
++-+---+--+--+---+-+--+
| id | grp | ip| mask | port | proto | pattern | context_info |
++-+---+--+--+---+-+--+
|  6 |   0 | 10.9.6.3  |   24 |0 | ANY   | |  |
|  5 |   0 | 172.16.55.201 |   24 |0 | ANY   | |  |
++-+---+--+--+---+-+--+


Subnet Dump:

root@opensips:./opensipsctl fifo subnet_dump
00, 10.9.6.0, 255.255.255.0, 0
10, 172.16.55.0, 255.255.255.0, 0

Address Relod log;

Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: number of rows in address table: 2
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple10.9.6.3, 0, 24, 0  inserted
into subnet table
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple172.16.55.201, 0, 24, 0
inserted into subnet table
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: address table reloaded successfully.



Call logs:


Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:check_src_addr_3: Looking for :0, 172.16.55.201, 53109, 2
in tables
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:hash_match: no match in the hash table
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:match_subnet_table: match found in the subnet table



Snippet of code:

if(!check_source_address(0)){
 if (!proxy_authorize(, subscriber)) {
 proxy_challenge(, 0);
 exit;


Any idea?

Regards



--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-in-1-9-tp7585808.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working in 1.9

2013-04-12 Thread spady

Hi Bogdan, here snippet of used code:

*if(!check_source_address(0)){
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();
*

Using this i get *403 Forbidden auth ID*


Using this:

*if(check_source_address(0))*{
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();

i get:

407 Unauthorized!!






--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-in-1-9-tp7585808p7585810.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working in 1.9

2013-04-12 Thread Bogdan-Andrei Iancu


Hello,

I'm a bit confused, as what you are claiming is a bit of a nonces - you 
say that is with NOT or without, for the same src IP, you end up in the 
if() block all the time ?!?!


Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com


On 04/12/2013 03:41 PM, spady wrote:

Hi Bogdan, here snippet of used code:

*if(!check_source_address(0)){
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();
*

Using this i get *403 Forbidden auth ID*


Using this:

*if(check_source_address(0))*{
xlog(LOG: Controllo dell'IP sorgente!\n );
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
}
}   
if (!db_check_from()) {
sl_send_reply(403,Forbidden auth ID);
exit;
}

consume_credentials();

i get:

407 Unauthorized!!






--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-in-1-9-tp7585808p7585810.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2013-04-10 Thread spady

Hi all, i would arise this post because it's happening same thing to me.

Opensips v. : OpenSIPS (1.9.0-notls (i386/linux))

Database entries:

mysql select * from address;
++-+---+--+--+---+-+--+
| id | grp | ip| mask | port | proto | pattern | context_info |
++-+---+--+--+---+-+--+
|  6 |   0 | 10.9.6.3  |   24 |0 | ANY   | |  |
|  5 |   0 | 172.16.55.201 |   24 |0 | ANY   | |  |
++-+---+--+--+---+-+--+


Subnet Dump:

root@opensips:./opensipsctl fifo subnet_dump
   0 0, 10.9.6.0, 255.255.255.0, 0
   1 0, 172.16.55.0, 255.255.255.0, 0   

Address Relod log;

*Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: number of rows in address table: 2
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple 10.9.6.3, 0, 24, 0 inserted
into subnet table
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: Tuple 172.16.55.201, 0, 24, 0
inserted into subnet table
Apr 10 10:50:44 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2812]:
DBG:permissions:reload_address_table: address table reloaded successfully.*



Call logs:


*Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:check_src_addr_3: Looking for : 0, 172.16.55.201, 53109, 2
in tables
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:hash_match: no match in the hash table
Apr 10 10:52:00 opensips
/usr/local/opensips_proxy_1.9.0/sbin/opensips[2819]:
DBG:permissions:match_subnet_table: match found in the subnet table *
   


Snippet of code:

*if(!check_source_address(0)){
if (!proxy_authorize(, subscriber)) {
proxy_challenge(, 0);
exit;
*

Any idea?

Regards





--
View this message in context: 
http://opensips-open-sip-server.1449251.n2.nabble.com/check-source-address-not-working-with-upgrade-tp7247511p7585766.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2012-02-03 Thread Duane Larson

Răzvan has fixed this issue with the latest trunk.  I have tested and all
is good now.

Thanks Razvan and Ovidiu.




On Thu, Feb 2, 2012 at 1:03 PM, duane.lar...@gmail.com wrote:

 I talked a little with Ovidiu offline so I went ahead and opened a bug
 ticket.


 Ticket is
 3483337 check_source_address broken in latest trunk Open 2012-02-02 nobody
 duanelarson123 None 5

 Thanks for the help Ovidiu.





 On , Duane Larson duane.lar...@gmail.com wrote:
  Yeah.  It is the first one in the list (Number 15 in the dump).  Like I
 said this worked before I upgraded.
 
  On Thu, Feb 2, 2012 at 10:56 AM, Ovidiu Sas o...@voipembedded.com
 wrote:
 
  The subnet is empty because you don't have any subnets (the mask is
 
  set to 32 and therefore you have full IP matching).  Is the message
 
  source IP in the address_dump?
 
 
 
  Regards,
 
  Ovidiu Sas
 
 
 
  --
 
  VoIP Embedded, Inc.
 
  http://www.voipembedded.com
 
 
 
 
  On Thu, Feb 2, 2012 at 11:52 AM, Duane Larson duane.lar...@gmail.com
 wrote:
 
   This is what I see
 
  
 
   Proxy01:/var/log# opensipsctl fifo address_dump
 
 15
 
 20
 
 34
 
 50
 
 63
 
 85
 
   Proxy01:/var/log#
 
   Proxy01:/var/log#
 
   Proxy01:/var/log#
 
   Proxy01:/var/log#
 
   Proxy01:/var/log# opensipsctl fifo subnet_dump
 
  
 
  
 
   So the subnet_dump is empty.
 
  
 
  
 
  
 
  
 
   On Thu, Feb 2, 2012 at 10:48 AM, Ovidiu Sas o...@voipembedded.com
 wrote:
 
  
 
   Check the in memory cache:
 
  
 http://www.opensips.org/html/docs/modules/devel/permissions.html#id293903
 
   See address_dump and subnet_dump.
 
  
 
   At start up, opensips will cache everything in memory.
 
  
 
   Regards,
 
   Ovidiu Sas
 
  
 
   --
 
   VoIP Embedded, Inc.
 
   http://www.voipembedded.com
 
  
 
  
 
   On Thu, Feb 2, 2012 at 11:38 AM,  duane.lar...@gmail.com wrote:
 
I just upgraded my b2bua opensips server to the latest trunk
 version and
 
now
 
my if statements using check_source_address from the permissions
 
module
 
isn't working. I have the following set up
 
   
 
loadmodule permissions.so
 
   
 
   
 modparam(permissions,db_url,mysql://adfasdf:dfasdf...@108.xxx.xxx.xxx
 /opensips)
 
   
 
   
 
if (check_source_address(2) || check_source_address(3) ||
 
check_source_address(4)) {
 
   
 
The INVITE comes from my SIP Proxy and worked before the upgrade
 without
 
issue
 
   
 
   
 
   
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:check_src_addr_3: Looking for :
5060,
 
1 in tables
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:hash_match: specified group does not exist in hash
 table
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:match_subnet_table: subnet table is empty
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:check_src_addr_3: Looking for :
5060,
 
1 in tables
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:hash_match: specified group does not exist in hash
 table
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:match_subnet_table: subnet table is empty
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:check_src_addr_3: Looking for :
5060,
 
1 in tables
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:hash_match: specified group does not exist in hash
 table
 
Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 
DBG:permissions:match_subnet_table: subnet table is empty
 
   
 
   
 
   
 
   
 
This is what I have in the database
 
Proxy01:/var/log# opensipsctl db show address
 
   
 
   
 +-+-++--+--+---+-+--+
 
| id | grp | ip | mask | port | proto | pattern | context_info |
 
   
 
   
 +-+-++--+--+---+-+--+
 
| 3 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
 
| 258 | 4 | 64.XXX.XXX.15 | 32 | 5060 | any | NULL | NULL |
 
| 1 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 
| 2 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 
| 257 | 3 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 
| 4 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
 
   
 
   
 +-+-++--+--+---+-+--+
 
   
 
   
 
   
 
I am not sure if OpenSIPS is really querying the mysql database
 because
 
I
 
don't really see any connections from the server when a call is
 made.
 
How
 
could this be possible? When I start OpenSIPS I see that it talks
 to the
 
database.
 
___
 
Users mailing list
 
Users@lists.opensips.org
 
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2012-02-02 Thread Ryan Bullock

I will chime into say that I ran into the same issue when attempting
to upgrade to the latest trunk. I just have not had time to open a bug
and get a test setup to do in-depth trouble shooting.

On Thu, Feb 2, 2012 at 8:38 AM,  duane.lar...@gmail.com wrote:
 I just upgraded my b2bua opensips server to the latest trunk version and now
 my if statements using check_source_address from the permissions module
 isn't working. I have the following set up

 loadmodule permissions.so
 modparam(permissions,db_url,mysql://adfasdf:dfasdf...@108.xxx.xxx.xxx/opensips)


 if (check_source_address(2) || check_source_address(3) ||
 check_source_address(4)) {

 The INVITE comes from my SIP Proxy and worked before the upgrade without
 issue



 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:check_src_addr_3: Looking for : 2, 173.XXX.XXX.XXX, 5060,
 1 in tables
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:hash_match: specified group does not exist in hash table
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:match_subnet_table: subnet table is empty
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:check_src_addr_3: Looking for : 3, 173.XXX.XXX.XXX, 5060,
 1 in tables
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:hash_match: specified group does not exist in hash table
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:match_subnet_table: subnet table is empty
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:check_src_addr_3: Looking for : 4, 173.XXX.XXX.XXX, 5060,
 1 in tables
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:hash_match: specified group does not exist in hash table
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:match_subnet_table: subnet table is empty




 This is what I have in the database
 Proxy01:/var/log# opensipsctl db show address
 +-+-++--+--+---+-+--+
 | id | grp | ip | mask | port | proto | pattern | context_info |
 +-+-++--+--+---+-+--+
 | 3 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
 | 258 | 4 | 64.XXX.XXX.15 | 32 | 5060 | any | NULL | NULL |
 | 1 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 | 2 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 | 257 | 3 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 | 4 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
 +-+-++--+--+---+-+--+



 I am not sure if OpenSIPS is really querying the mysql database because I
 don't really see any connections from the server when a call is made. How
 could this be possible? When I start OpenSIPS I see that it talks to the
 database.
 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2012-02-02 Thread Duane Larson

Hmmm.  That would suck if its a bug.  Just to follow up on my last email
here is what I see when I start OpenSIPS.  You can see that OpenSIPS grabs
all the info from the address table


Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: number of rows in address table: 6
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: Tuple 216.82.224.202, 2, 5060, 0, ,
 inserted into address hash table
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: Tuple 64.2.142.15, 4, 5060, 0, , 
inserted into address hash table
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: Tuple 173.XXX.XXX.63, 10, 5060, 0, ,
 inserted into address hash table
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: Tuple 173.XXX.XXX.10, 10, 5060, 0, ,
 inserted into address hash table
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: Tuple 173.XXX.XXX.107, 3, 5060, 0, ,
 inserted into address hash table
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: Tuple 216.82.225.202, 2, 5060, 0, ,
 inserted into address hash table
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_columns: freeing result columns at 0x7fd95d243710
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_rows: freeing 6 rows
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_row: freeing row values at 0x7fd95d244248
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_row: freeing row values at 0x7fd95d244348
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_row: freeing row values at 0x7fd95d28
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_row: freeing row values at 0x7fd95d244548
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_row: freeing row values at 0x7fd95d244648
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_row: freeing row values at 0x7fd95d244748
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_rows: freeing rows at 0x7fd95d2441e8
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:db_free_result: freeing result set at 0x7fd95d2358e8
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:permissions:reload_address_table: address table reloaded successfully.
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]:
DBG:core:pool_remove: removing connection from the pool
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]: DBG:core:init_mod:
register MI for permissions
Feb  2 10:39:32 proxy01 /usr/local/sbin/opensips[14584]: DBG:core:init_mod:
initializing module uri





On Thu, Feb 2, 2012 at 10:43 AM, Ryan Bullock rrb3...@gmail.com wrote:

 I will chime into say that I ran into the same issue when attempting
 to upgrade to the latest trunk. I just have not had time to open a bug
 and get a test setup to do in-depth trouble shooting.

 On Thu, Feb 2, 2012 at 8:38 AM,  duane.lar...@gmail.com wrote:
  I just upgraded my b2bua opensips server to the latest trunk version and
 now
  my if statements using check_source_address from the permissions module
  isn't working. I have the following set up
 
  loadmodule permissions.so
 
 modparam(permissions,db_url,mysql://adfasdf:dfasdf...@108.xxx.xxx.xxx
 /opensips)
 
 
  if (check_source_address(2) || check_source_address(3) ||
  check_source_address(4)) {
 
  The INVITE comes from my SIP Proxy and worked before the upgrade without
  issue
 
 
 
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:check_src_addr_3: Looking for : 2, 173.XXX.XXX.XXX,
 5060,
  1 in tables
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:hash_match: specified group does not exist in hash table
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:match_subnet_table: subnet table is empty
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:check_src_addr_3: Looking for : 3, 173.XXX.XXX.XXX,
 5060,
  1 in tables
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:hash_match: specified group does not exist in hash table
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:match_subnet_table: subnet table is empty
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:check_src_addr_3: Looking for : 4, 173.XXX.XXX.XXX,
 5060,
  1 in tables
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:hash_match: specified group does not exist in hash table
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:match_subnet_table: subnet table is empty
 
 
 
 
  This is what I have in the database

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2012-02-02 Thread Ovidiu Sas

Check the in memory cache:
http://www.opensips.org/html/docs/modules/devel/permissions.html#id293903
See address_dump and subnet_dump.

At start up, opensips will cache everything in memory.

Regards,
Ovidiu Sas

--
VoIP Embedded, Inc.
http://www.voipembedded.com


On Thu, Feb 2, 2012 at 11:38 AM,  duane.lar...@gmail.com wrote:
 I just upgraded my b2bua opensips server to the latest trunk version and now
 my if statements using check_source_address from the permissions module
 isn't working. I have the following set up

 loadmodule permissions.so
 modparam(permissions,db_url,mysql://adfasdf:dfasdf...@108.xxx.xxx.xxx/opensips)


 if (check_source_address(2) || check_source_address(3) ||
 check_source_address(4)) {

 The INVITE comes from my SIP Proxy and worked before the upgrade without
 issue



 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:check_src_addr_3: Looking for : 2, 173.XXX.XXX.XXX, 5060,
 1 in tables
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:hash_match: specified group does not exist in hash table
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:match_subnet_table: subnet table is empty
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:check_src_addr_3: Looking for : 3, 173.XXX.XXX.XXX, 5060,
 1 in tables
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:hash_match: specified group does not exist in hash table
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:match_subnet_table: subnet table is empty
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:check_src_addr_3: Looking for : 4, 173.XXX.XXX.XXX, 5060,
 1 in tables
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:hash_match: specified group does not exist in hash table
 Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
 DBG:permissions:match_subnet_table: subnet table is empty




 This is what I have in the database
 Proxy01:/var/log# opensipsctl db show address
 +-+-++--+--+---+-+--+
 | id | grp | ip | mask | port | proto | pattern | context_info |
 +-+-++--+--+---+-+--+
 | 3 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
 | 258 | 4 | 64.XXX.XXX.15 | 32 | 5060 | any | NULL | NULL |
 | 1 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 | 2 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 | 257 | 3 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
 | 4 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
 +-+-++--+--+---+-+--+



 I am not sure if OpenSIPS is really querying the mysql database because I
 don't really see any connections from the server when a call is made. How
 could this be possible? When I start OpenSIPS I see that it talks to the
 database.
 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2012-02-02 Thread Duane Larson

This is what I see

Proxy01:/var/log# opensipsctl fifo address_dump
  15 173.XXX.XXX.XXX,3, 5060, 0, NULL, NULL
  20 216.82.224.202,2, 5060, 0, NULL, NULL
  34 64.2.142.15,4, 5060, 0, NULL, NULL
  50 216.82.225.202,2, 5060, 0, NULL, NULL
  63 173.XXX.XXX.XXX,10, 5060, 0, NULL, NULL
  85 173.XXX.XXX.XXX,10, 5060, 0, NULL, NULL
Proxy01:/var/log#
Proxy01:/var/log#
Proxy01:/var/log#
Proxy01:/var/log#
Proxy01:/var/log# opensipsctl fifo subnet_dump


So the subnet_dump is empty.




On Thu, Feb 2, 2012 at 10:48 AM, Ovidiu Sas o...@voipembedded.com wrote:

 Check the in memory cache:
 http://www.opensips.org/html/docs/modules/devel/permissions.html#id293903
 See address_dump and subnet_dump.

 At start up, opensips will cache everything in memory.

 Regards,
 Ovidiu Sas

 --
 VoIP Embedded, Inc.
 http://www.voipembedded.com


 On Thu, Feb 2, 2012 at 11:38 AM,  duane.lar...@gmail.com wrote:
  I just upgraded my b2bua opensips server to the latest trunk version and
 now
  my if statements using check_source_address from the permissions module
  isn't working. I have the following set up
 
  loadmodule permissions.so
 
 modparam(permissions,db_url,mysql://adfasdf:dfasdf...@108.xxx.xxx.xxx
 /opensips)
 
 
  if (check_source_address(2) || check_source_address(3) ||
  check_source_address(4)) {
 
  The INVITE comes from my SIP Proxy and worked before the upgrade without
  issue
 
 
 
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:check_src_addr_3: Looking for : 2, 173.XXX.XXX.XXX,
 5060,
  1 in tables
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:hash_match: specified group does not exist in hash table
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:match_subnet_table: subnet table is empty
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:check_src_addr_3: Looking for : 3, 173.XXX.XXX.XXX,
 5060,
  1 in tables
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:hash_match: specified group does not exist in hash table
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:match_subnet_table: subnet table is empty
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:check_src_addr_3: Looking for : 4, 173.XXX.XXX.XXX,
 5060,
  1 in tables
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:hash_match: specified group does not exist in hash table
  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
  DBG:permissions:match_subnet_table: subnet table is empty
 
 
 
 
  This is what I have in the database
  Proxy01:/var/log# opensipsctl db show address
 
 +-+-++--+--+---+-+--+
  | id | grp | ip | mask | port | proto | pattern | context_info |
 
 +-+-++--+--+---+-+--+
  | 3 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
  | 258 | 4 | 64.XXX.XXX.15 | 32 | 5060 | any | NULL | NULL |
  | 1 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
  | 2 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
  | 257 | 3 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
  | 4 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
 
 +-+-++--+--+---+-+--+
 
 
 
  I am not sure if OpenSIPS is really querying the mysql database because I
  don't really see any connections from the server when a call is made. How
  could this be possible? When I start OpenSIPS I see that it talks to the
  database.
  ___
  Users mailing list
  Users@lists.opensips.org
  http://lists.opensips.org/cgi-bin/mailman/listinfo/users
 

 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users




-- 
--
*--*--*--*--*--*
Duane
*--*--*--*--*--*
--
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2012-02-02 Thread Duane Larson

Yeah.  It is the first one in the list (Number 15 in the dump).  Like I
said this worked before I upgraded.

On Thu, Feb 2, 2012 at 10:56 AM, Ovidiu Sas o...@voipembedded.com wrote:

 The subnet is empty because you don't have any subnets (the mask is
 set to 32 and therefore you have full IP matching).  Is the message
 source IP in the address_dump?

 Regards,
 Ovidiu Sas

 --
 VoIP Embedded, Inc.
 http://www.voipembedded.com

 On Thu, Feb 2, 2012 at 11:52 AM, Duane Larson duane.lar...@gmail.com
 wrote:
  This is what I see
 
  Proxy01:/var/log# opensipsctl fifo address_dump
15 173.XXX.XXX.XXX,3, 5060, 0, NULL, NULL
20 216.82.224.202,2, 5060, 0, NULL, NULL
34 64.2.142.15,4, 5060, 0, NULL, NULL
50 216.82.225.202,2, 5060, 0, NULL, NULL
63 173.XXX.XXX.XXX,10, 5060, 0, NULL, NULL
85 173.XXX.XXX.XXX,10, 5060, 0, NULL, NULL
  Proxy01:/var/log#
  Proxy01:/var/log#
  Proxy01:/var/log#
  Proxy01:/var/log#
  Proxy01:/var/log# opensipsctl fifo subnet_dump
 
 
  So the subnet_dump is empty.
 
 
 
 
  On Thu, Feb 2, 2012 at 10:48 AM, Ovidiu Sas o...@voipembedded.com
 wrote:
 
  Check the in memory cache:
 
 http://www.opensips.org/html/docs/modules/devel/permissions.html#id293903
  See address_dump and subnet_dump.
 
  At start up, opensips will cache everything in memory.
 
  Regards,
  Ovidiu Sas
 
  --
  VoIP Embedded, Inc.
  http://www.voipembedded.com
 
 
  On Thu, Feb 2, 2012 at 11:38 AM,  duane.lar...@gmail.com wrote:
   I just upgraded my b2bua opensips server to the latest trunk version
 and
   now
   my if statements using check_source_address from the permissions
   module
   isn't working. I have the following set up
  
   loadmodule permissions.so
  
  
 modparam(permissions,db_url,mysql://adfasdf:dfasdf...@108.xxx.xxx.xxx
 /opensips)
  
  
   if (check_source_address(2) || check_source_address(3) ||
   check_source_address(4)) {
  
   The INVITE comes from my SIP Proxy and worked before the upgrade
 without
   issue
  
  
  
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:check_src_addr_3: Looking for : 2, 173.XXX.XXX.XXX,
   5060,
   1 in tables
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:hash_match: specified group does not exist in hash
 table
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:match_subnet_table: subnet table is empty
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:check_src_addr_3: Looking for : 3, 173.XXX.XXX.XXX,
   5060,
   1 in tables
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:hash_match: specified group does not exist in hash
 table
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:match_subnet_table: subnet table is empty
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:check_src_addr_3: Looking for : 4, 173.XXX.XXX.XXX,
   5060,
   1 in tables
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:hash_match: specified group does not exist in hash
 table
   Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:
   DBG:permissions:match_subnet_table: subnet table is empty
  
  
  
  
   This is what I have in the database
   Proxy01:/var/log# opensipsctl db show address
  
  
 +-+-++--+--+---+-+--+
   | id | grp | ip | mask | port | proto | pattern | context_info |
  
  
 +-+-++--+--+---+-+--+
   | 3 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
   | 258 | 4 | 64.XXX.XXX.15 | 32 | 5060 | any | NULL | NULL |
   | 1 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
   | 2 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
   | 257 | 3 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |
   | 4 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |
  
  
 +-+-++--+--+---+-+--+
  
  
  
   I am not sure if OpenSIPS is really querying the mysql database
 because
   I
   don't really see any connections from the server when a call is made.
   How
   could this be possible? When I start OpenSIPS I see that it talks to
 the
   database.
   ___
   Users mailing list
   Users@lists.opensips.org
   http://lists.opensips.org/cgi-bin/mailman/listinfo/users
  
 
  ___
  Users mailing list
  Users@lists.opensips.org
  http://lists.opensips.org/cgi-bin/mailman/listinfo/users
 
 
 
 
  --
  --
  *--*--*--*--*--*
  Duane
  *--*--*--*--*--*
  --
 
  ___
  Users mailing list
  Users@lists.opensips.org
  http://lists.opensips.org/cgi-bin/mailman/listinfo/users
 

 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users




-- 
--

Re: [OpenSIPS-Users] check_source_address not working with upgrade

2012-02-02 Thread duane . larson

I talked a little with Ovidiu offline so I went ahead and opened a bug  
ticket.



Ticket is
3483337 check_source_address broken in latest trunk Open 2012-02-02 nobody  
duanelarson123 None 5


Thanks for the help Ovidiu.




On , Duane Larson duane.lar...@gmail.com wrote:
Yeah. It is the first one in the list (Number 15 in the dump). Like I  
said this worked before I upgraded.



On Thu, Feb 2, 2012 at 10:56 AM, Ovidiu Sas o...@voipembedded.com wrote:



The subnet is empty because you don't have any subnets (the mask is



set to 32 and therefore you have full IP matching). Is the message



source IP in the address_dump?





Regards,



Ovidiu Sas





--



VoIP Embedded, Inc.



http://www.voipembedded.com





On Thu, Feb 2, 2012 at 11:52 AM, Duane Larson duane.lar...@gmail.com  
wrote:



 This is what I see







 Proxy01:/var/log# opensipsctl fifo address_dump



 15



 20



 34



 50



 63



 85



 Proxy01:/var/log#



 Proxy01:/var/log#



 Proxy01:/var/log#



 Proxy01:/var/log#



 Proxy01:/var/log# opensipsctl fifo subnet_dump











 So the subnet_dump is empty.


















 On Thu, Feb 2, 2012 at 10:48 AM, Ovidiu Sas o...@voipembedded.com  
wrote:







 Check the in memory cache:


  
http://www.opensips.org/html/docs/modules/devel/permissions.html#id293903



 See address_dump and subnet_dump.







 At start up, opensips will cache everything in memory.







 Regards,



 Ovidiu Sas







 --



 VoIP Embedded, Inc.



 http://www.voipembedded.com











 On Thu, Feb 2, 2012 at 11:38 AM, duane.lar...@gmail.com wrote:


  I just upgraded my b2bua opensips server to the latest trunk version  
and



  now



  my if statements using check_source_address from the permissions



  module



  isn't working. I have the following set up



 



  loadmodule permissions.so



 


   
modparam(permissions,db_url,mysql://adfasdf:dfasdf...@108.xxx.xxx.xxx/opensips)



 



 



  if (check_source_address(2) || check_source_address(3) ||



  check_source_address(4)) {



 


  The INVITE comes from my SIP Proxy and worked before the upgrade  
without



  issue



 



 



 



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:



  DBG:permissions:check_src_addr_3: Looking for :
  5060,



  1 in tables



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:


  DBG:permissions:hash_match: specified group does not exist in hash  
table



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:



  DBG:permissions:match_subnet_table: subnet table is empty



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:



  DBG:permissions:check_src_addr_3: Looking for :
  5060,



  1 in tables



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:


  DBG:permissions:hash_match: specified group does not exist in hash  
table



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:



  DBG:permissions:match_subnet_table: subnet table is empty



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:



  DBG:permissions:check_src_addr_3: Looking for :
  5060,



  1 in tables



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:


  DBG:permissions:hash_match: specified group does not exist in hash  
table



  Feb 1 22:41:01 proxy01 /usr/local/sbin/opensips[30163]:



  DBG:permissions:match_subnet_table: subnet table is empty



 



 



 



 



  This is what I have in the database



  Proxy01:/var/log# opensipsctl db show address



 


   
+-+-++--+--+---+-+--+



  | id | grp | ip | mask | port | proto | pattern | context_info |



 


   
+-+-++--+--+---+-+--+



  | 3 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |



  | 258 | 4 | 64.XXX.XXX.15 | 32 | 5060 | any | NULL | NULL |



  | 1 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |



  | 2 | 10 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |



  | 257 | 3 | 173.XXX.XXX.XXX | 32 | 5060 | any | NULL | NULL |



  | 4 | 2 | 216.XXX.XXX.202 | 32 | 5060 | any | NULL | NULL |



 


   
+-+-++--+--+---+-+--+



 



 



 


  I am not sure if OpenSIPS is really querying the mysql database  
because



  I



  don't really see any connections from the server when a call is made.



  How


  could this be possible? When I start OpenSIPS I see that it talks to  
the



  database.



  ___



  Users mailing list



  Users@lists.opensips.org



  http://lists.opensips.org/cgi-bin/mailman/listinfo/users



 







 ___



 Users mailing list



 Users@lists.opensips.org



 http://lists.opensips.org/cgi-bin/mailman/listinfo/users



















 --



 --



 *--*--*--*--*--*



 Duane



 *--*--*--*--*--*



 --







 ___



 Users mailing list

Re: [OpenSIPS-Users] check_source_address() failures

2009-10-14 Thread Irina Stanescu

Hi Jeff,
There was a problem with the check_address_source function. It has been
fixed starting with rev 6262. Please update and let me know if you find any
other problems.

Thank you!

Irina Stanescu

On Wed, Oct 14, 2009 at 1:19 AM, Brad Bendy brad.be...@benganetworks.comwrote:

 I know on mine I had to set port to 5060 (5068 in your case) or whatever
 you want, otherwise it would not work for me.

 Im sure you can use a * for any port number as well, but I have not
 tried that.

 Jeff Pyle wrote:
  Hello,
 
  A request arrives at Opensips 1.6 from address 175.88.228.19:5068 on
 UDP.
  The address table contains:
 
 
 ++-+--+--+--+---+--+--+
  | id | grp | ip   | mask | port | proto | pattern  | context_info
 |
 
 ++-+--+--+--+---+--+--+
  | 38 |  10 | 175.88.228.0 |   24 |0 | udp   | ^sip:.*$ | src_test
 |
 
 ++-+--+--+--+---+--+--+
 
  I would expect if(check_source_address(10)) to succeed, yet it does
 not.
  Any thoughts?
 
  I'm using check_source_address() elsewhere in my config to emulate the
 old
  allow_trusted, and that works just fine.
 
 
  Thanks,
  Jeff
 
 
  ___
  Users mailing list
  Users@lists.opensips.org
  http://lists.opensips.org/cgi-bin/mailman/listinfo/users
 


 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address() failures

2009-10-14 Thread Jeff Pyle

Hi Irina,

The update seems to have taken care of the problem.  Thanks.  I’m noticing an 
issue with check_address I’ll put in a separate message.


- Jeff



On 10/14/09 10:05 AM, Irina Stanescu ironmi...@gmail.com wrote:

Hi Jeff,

There was a problem with the check_address_source function. It has been fixed 
starting with rev 6262. Please update and let me know if you find any other 
problems.

Thank you!

Irina Stanescu

On Wed, Oct 14, 2009 at 1:19 AM, Brad Bendy brad.be...@benganetworks.com 
wrote:
I know on mine I had to set port to 5060 (5068 in your case) or whatever
you want, otherwise it would not work for me.

Im sure you can use a * for any port number as well, but I have not
tried that.

Jeff Pyle wrote:
 Hello,

 A request arrives at Opensips 1.6 from address 175.88.228.19:5068 
 http://175.88.228.19:5068  on UDP.
 The address table contains:

 ++-+--+--+--+---+--+--+
 | id | grp | ip   | mask | port | proto | pattern  | context_info |
 ++-+--+--+--+---+--+--+
 | 38 |  10 | 175.88.228.0 |   24 |0 | udp   | ^sip:.*$ | src_test |
 ++-+--+--+--+---+--+--+

 I would expect if(check_source_address(10)) to succeed, yet it does not.
 Any thoughts?

 I'm using check_source_address() elsewhere in my config to emulate the old
 allow_trusted, and that works just fine.


 Thanks,
 Jeff


 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users



___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address() failures

2009-10-13 Thread Brad Bendy

I know on mine I had to set port to 5060 (5068 in your case) or whatever 
you want, otherwise it would not work for me.

Im sure you can use a * for any port number as well, but I have not 
tried that.

Jeff Pyle wrote:
 Hello,

 A request arrives at Opensips 1.6 from address 175.88.228.19:5068 on UDP.
 The address table contains:

 ++-+--+--+--+---+--+--+
 | id | grp | ip   | mask | port | proto | pattern  | context_info |
 ++-+--+--+--+---+--+--+
 | 38 |  10 | 175.88.228.0 |   24 |0 | udp   | ^sip:.*$ | src_test |
 ++-+--+--+--+---+--+--+

 I would expect if(check_source_address(10)) to succeed, yet it does not.
 Any thoughts?

 I'm using check_source_address() elsewhere in my config to emulate the old
 allow_trusted, and that works just fine.


 Thanks,
 Jeff


 ___
 Users mailing list
 Users@lists.opensips.org
 http://lists.opensips.org/cgi-bin/mailman/listinfo/users
   


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address()

Re: [OpenSIPS-Users] check_source_address not working in 1.9

Re: [OpenSIPS-Users] check_source_address not working in 1.9

Re: [OpenSIPS-Users] check_source_address not working in 1.9

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address not working with upgrade

Re: [OpenSIPS-Users] check_source_address() failures

Re: [OpenSIPS-Users] check_source_address() failures

Re: [OpenSIPS-Users] check_source_address() failures

26 matches

Site Navigation

Mail list logo

Footer information