Hi, I've configured OpenSIPs with Radius and now working to configure NAT on OpenSIPs using module mod_nathelper. After configuring, I'm getting following errors as listed down below;
Apr 1 11:53:31 rose /usr/local/sbin/opensips[11386]: ERROR:nathelper:select_rtpp_node: script error -no valid set selected Apr 1 11:53:31 rose /usr/local/sbin/opensips[11386]: ERROR:nathelper:force_rtp_proxy_body: no available proxies Apr 1 11:53:46 rose /usr/local/sbin/opensips[11382]: ERROR:nathelper:select_rtpp_node: script error -no valid set selected Apr 1 11:53:46 rose /usr/local/sbin/opensips[11382]: ERROR:nathelper:unforce_rtp_proxy_f: no available proxies Apr 1 11:53:46 rose /usr/local/sbin/opensips[11386]: ERROR:nathelper:force_rtp_proxy: Unable to parse body And the configuration of OpenSIPs is listed below; loadmodule "dispatcher.so" #loadmodule "auth_diameter.so" loadmodule "aaa_radius.so" loadmodule "auth_aaa.so" loadmodule "permissions.so" loadmodule "nathelper.so" #--------------------------------Settings For Radius------------------------------------- #modparam("auth_diameter", "diameter_client_host", "localhost") modparam("aaa_radius", "radius_config","/usr/etc/radiusclient-ng/radiusclient.conf") modparam("acc", "aaa_url", "radius:/usr/etc/radiusclient-ng/radiusclient.conf") modparam("acc", "aaa_flag", 2) modparam("acc", "aaa_missed_flag", 3) modparam("acc", "aaa_extra", "User-Name=$Au; \ Calling-Station-Id=$from; \ Called-Station-Id=$to; \ Sip-Translated-Request-URI=$ruri; \ Sip-RPid=$avp(s:rpid); \ Source-IP=$si; \ Source-Port=$sp; \ Canonical-URI=$avp(s:can_uri); \ Billing-Party=$avp(s:billing_party); \ Divert-Reason=$avp(s:divert_reason); \ X-RTP-Stat=$hdr(X-RTP-Stat); \ Contact=$hdr(contact); \ Event=$hdr(event); \ SIP-Proxy-IP=$avp(s:sip_proxy_ip); \ ENUM-TLD=$avp(s:enum_tld)") modparam("auth_aaa","aaa_url","radius:/usr/etc/radiusclient-ng/radiusclient.conf") modparam("auth", "rpid_prefix", "<sip:") modparam("auth", "rpid_suffix", "@rose.vopium.com>;screen=yes;privacy=off") modparam("auth", "rpid_avp", "$avp(s:rpid)") #modparam("uri","service_type",10) # ----------------- setting module-specific parameters --------------- modparam("permissions", "db_url", "mysql://opensips:opensip...@localhost /opensips") #----------------- setting NAT module parameters --------------------- modparam("nathelper","ping_nated_only",1) modparam("nathelper", "natping_interval", 30) modparam("nathelper","natping_processes",1) modparam("nathelper","rtpproxy_sock","") modparam("nathelper","received_avp","$avp(i:42)") #modparam("nathelper", "sipping_bflag", 7) modparam("usrloc", "nat_bflag", 6) route{ if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } #NAT detection log("######################################### Go to Route 3 for NAT Detection #####################################"); route(3); if (has_totag()) { if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } else if (is_method("INVITE")) { record_route(); } route(1); } else { if ( is_method("ACK") ) { if ( t_check_trans() ) { t_relay(); exit; } else { exit; } } sl_send_reply("404","Not here"); } exit; } # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; } t_check_trans(); # authenticate if from local subscriber (uncomment to enable auth) # authenticate all initial non-REGISTER request that pretend to be # generated by local subscriber (domain from FROM URI is local) ##if (!(method=="REGISTER") && from_uri==myself) /*no multidomain version*/ ##if (!(method=="REGISTER") && is_from_local()) /*multidomain version*/ ##{ ## if (!proxy_authorize("", "subscriber")) { ## proxy_challenge("", "0"); ## exit; ## } ## if (!check_from()) { ## sl_send_reply("403","Forbidden auth ID"); ## exit; ## } ## ## consume_credentials(); ## # caller authenticated ##} # preloaded route checking if (loose_route()) { xlog("L_ERR", "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]"); if (!is_method("ACK")) sl_send_reply("403","Preload Route denied"); exit; } # record routing if (!is_method("REGISTER|MESSAGE")) record_route(); #$avp(i:27)=check_source_address("0"); #xlog("Check Source Address from Address TABLE : $(avp(i:27))\n"); $avp(s:checksrc) = check_source_address("0"); log("###########################################################################################\n"); xlog("Check Source Address from Address TABLE Where Value 1 is Equal to True: $(avp(s:checksrc))\n"); log("###########################################################################################\n"); xlog("incoming from $si : $sp \n"); if (check_source_address("0")) { if (is_method("INVITE")){ log("#################### INVITE FUNCTION 1 ####################"); setflag(1); # do accounting } } if (!uri==myself) ## replace with following line if multi-domain support is used ##if (!is_uri_host_local()) { append_hf("P-hint: outbound\r\n"); # if you have some interdomain connections via TLS ##if($rd=="tls_domain1.net") { ## t_relay("tls:domain1.net"); ## exit; ##} else if($rd=="tls_domain2.net") { ## t_relay("tls:domain2.net"); ## exit; ##} route(1); } if(uri==myself) { log("########################################### URI == MYSELF ########################################"); if(method=="REGISTER") { route(2); } append_hf("P-hint: usrloc applied\r\n"); } # requests for my domain ## uncomment this if you want to enable presence server ## and comment the next 'if' block ## NOTE: uncomment also the definition of route[2] from below ##if( is_method("PUBLISH|SUBSCRIBE")) ## route(2); if (is_method("PUBLISH")) { sl_send_reply("503", "Service Unavailable"); exit; } if (is_method("REGISTER")) { route(2); } if ($rU==NULL) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # apply DB based aliases (uncomment to enable) ##alias_db_lookup("dbaliases"); # do lookup with method filtering if (!lookup("location","m")) { switch ($retcode) { case -1: log("############################# LOOKUP LOCATION FLAG -1 PASS #################################"); #ds_select_dst("1","4"); log("############################# DO ACCOUNTING ON RADIUS ######################################"); setflag(2); log("############################# SEND CALL TO ASTERISK #######################################"); rewritehostport("11.22.33.44:5060"); #forward(); log("############################# CALL IS GOING IN STATEFULL MANNER ############################"); t_relay(); log("############################# CALL ROUTING TO ROUTE 1 ######################################"); route(1); exit; case -3: log("############################ LOOKUP LOCATION FLAG -3 PASS #################################"); t_newtran(); t_reply("404", "Not Found"); exit; case -2: log("############################ LOOKUP LOCATION FLAG -2 PASS #################################"); sl_send_reply("405", "Method Not Allowed"); exit; } } # when routing via usrloc, log the missed calls also setflag(2); log("############################# LOOKUP LOCATION FLAG 1 PASS ########################################"); route(1); } route[1] { # for INVITEs enable some additional helper routes if (is_method("INVITE")) { log("################################ INVITE ROUTE 1 Function ##################################"); t_on_branch("2"); t_on_reply("2"); t_on_failure("1"); } if (subst_uri('/(sip:.*);nat=yes/\1/')){ log("################################ IF SUBSTR CONTAINS NAT=YES ################################"); setbflag(6); }; if (isflagset(5)||isbflagset(6)) { log("################################ CHECK FLAGSET AND ROUTE TO 4 ###############################"); route(4); } if (!t_relay()) { sl_reply_error(); }; exit; } route[2] { log("######################################## AAA-REGISTRATION #######################################"); if (!aaa_www_authorize("rose.vopium.com")) { www_challenge("rose.vopium.com", "1"); return; # #exit; } if(isflagset(5)) { log("################################### IF FLAG SET IS 5 ##################################"); # set branch flag -- when someone will call this user # the INVITE will have branch flag 6 set after lookup("location") setbflag(6); # if you want OPTIONS natpings uncomment next # setbflag(7); } if (!save("location")) sl_reply_error(); exit; } route[3] { log("################################ FUNCTION ROUTE 3 NAT DETECTION ################################"); force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); }; setflag(5); }; } route[4] { log("################################ FUNCTION ROUTE 4 RTP PROXY ################################"); if (is_method("BYE")) { unforce_rtp_proxy(); } else if (is_method("INVITE")){ force_rtp_proxy(); #t_on_failure("2"); t_on_failure("3"); }; if (isflagset(5)) search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); #t_on_reply("1"); t_on_reply("3"); } branch_route[2] { xlog("new branch at $ru\n"); } onreply_route[2] { xlog("incoming reply\n"); } failure_route[1] { if (t_was_cancelled()) { exit; } } failure_route[3] { log("################################ FAILURE ROUTE 3 FUNCTION ################################"); if (isbflagset(6) || isflagset(5)) { unforce_rtp_proxy(); } } onreply_route[3] { log("################################ ONREPLY ROUTE 3 FUNCTION ################################"); if ((isflagset(5) || isbflagset(6)) && status=~"(183)|(2[0-9][0-9])") { force_rtp_proxy(); } search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); if (isbflagset(6)) { fix_nated_contact(); } exit; } Kindly state, how can I resolve this error in my above configuration. Please advise. -- Regards, Ahmed Munir
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users