[Users] 403 Forbidden-----onsip configs testing. user not able to register

ram talk2ram at gmail.com
Tue Aug 22 19:44:33 CEST 2006


Hi all

iam trying to read the getting started document from onsip
when iam configuring pstn-gw.cfg
with the below config

when the X-lite user try to loging , SIP/2.0 403 Forbidden, in the Log of
X-lite

what is wrong , even i have changed AVP after reading module configs in
openser.

any one suggest me what is wrong iam doing here

Ram

-----------------
openser.cfg
#
# $Id: openser.cfg,v 1.6 2006/02/15 18:23:46 bogdan_iancu Exp $
#
# simple quick-start config script
#

# ----------- global configuration parameters ------------------------

debug=9            # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no    # (cmd line: -E)

/* Uncomment these lines to enter debugging mode
#fork=no
#log_stderror=yes
*/

check_via=no    # (cmd. line: -v)
dns=no          # (cmd. line: -r)
rev_dns=no      # (cmd. line: -R)
listen=myip
port=5060
children=4
fifo="/tmp/openser_fifo"
fifo_db_url="mysql://openser:openserrw@localhost/openser"


# ------------------ module loading ----------------------------------


loadmodule "/usr/local/lib/openser/modules/mysql.so"
loadmodule "/usr/local/lib/openser/modules/sl.so"
loadmodule "/usr/local/lib/openser/modules/tm.so"
loadmodule "/usr/local/lib/openser/modules/rr.so"
loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
loadmodule "/usr/local/lib/openser/modules/usrloc.so"
loadmodule "/usr/local/lib/openser/modules/registrar.so"
loadmodule "/usr/local/lib/openser/modules/textops.so"
loadmodule "/usr/local/lib/openser/modules/auth.so"
loadmodule "/usr/local/lib/openser/modules/auth_db.so"
loadmodule "/usr/local/lib/openser/modules/uri.so"
loadmodule "/usr/local/lib/openser/modules/uri_db.so"
loadmodule "/usr/local/lib/openser/modules/domain.so"
loadmodule "/usr/local/lib/openser/modules/mediaproxy.so"
loadmodule "/usr/local/lib/openser/modules/nathelper.so"
loadmodule "/usr/local/lib/openser/modules/avpops.so"
loadmodule "/usr/local/lib/openser/modules/permissions.so"

modparam("auth_db|permissions|uri_db|usrloc","db_url", "
mysql://openser:openserrw@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")

modparam("nathelper", "rtpproxy_disable", 1)
modparam("nathelper", "natping_interval", 0)

modparam("mediaproxy","natping_interval", 30)
modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock")
modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients")
modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")

modparam("usrloc", "db_mode", 2)
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")

modparam("registrar", "nat_flag", 6)

modparam("rr", "enable_full_lr", 1)

modparam("tm", "fr_timer_avp", "i:25")
modparam("tm", "fr_inv_timer_avp", "i:25")

modparam("permissions", "db_mode", 1)
modparam("permissions", "trusted_table", "trusted")

route {

        # -----------------------------------------------------------------
        # Sanity Check Section
        # -----------------------------------------------------------------
        if (!mf_process_maxfwd_header("10")) {
                sl_send_reply("483", "Too Many Hops");
                return;
        };

        if (msg:len > max_len) {
                sl_send_reply("513", "Message Overflow");
                return;
        };

        # -----------------------------------------------------------------
        # Record Route Section
        # -----------------------------------------------------------------
        if (method=="INVITE" && client_nat_test("3")) {
                # INSERT YOUR IP ADDRESS HERE
                record_route_preset("myproxyip:5060;nat=yes");
        } else if (method!="REGISTER") {
                record_route();
        };

        # -----------------------------------------------------------------
        # Call Tear Down Section
        # -----------------------------------------------------------------
        if (method=="BYE" || method=="CANCEL") {
                end_media_session();
        };

        # -----------------------------------------------------------------
        # Loose Route Section
        # -----------------------------------------------------------------
        if (loose_route()) {

                if (has_totag() && (method=="INVITE" || method=="ACK")) {

                        if
(client_nat_test("3")||search("^Route:.*;nat=yes")){
                                setflag(6);
                                use_media_proxy();
                        };
                };

                route(1);
                return;
        };

        # -----------------------------------------------------------------
        # Call Type Processing Section
        # -----------------------------------------------------------------
        if (!is_uri_host_local()) {
                if (is_from_local() || allow_trusted()) {
                        route(4);
                        route(1);
                } else {
                        sl_send_reply("403", "Forbidden");
                };
                return;
        };

        if (method=="CANCEL") {
                route(1);
                return;
        } else if (method=="INVITE") {
                route(3);
                return;
        } else  if (method=="REGISTER") {
                route(2);
                return;
        };

        lookup("aliases");
        if (uri!=myself) {
                route(4);
                route(1);
                return;
        };

        if (!lookup("location")) {
                sl_send_reply("404", "User Not Found");
                return;
        };

        route(1);
}

route[1] {

        # -----------------------------------------------------------------
        # Default Message Handler
        # -----------------------------------------------------------------

        t_on_reply("1");

        if (!t_relay()) {

                if (method=="INVITE" || method=="ACK") {
                        end_media_session();
                };

                sl_reply_error();
        };
}

route[2] {

        # -----------------------------------------------------------------
        # REGISTER Message Handler
        # -----------------------------------------------------------------

        sl_send_reply("100", "Trying");

        if (!search("^Contact:[ ]*\*") && client_nat_test("7")) {
                setflag(6);
                fix_nated_register();
                force_rport();
        };

        if (!www_authorize("","subscriber")) {
                www_challenge("","0");
                return;
        };

        if (!check_to()) {
                sl_send_reply("401", "Unauthorized");
                return;
        };

        consume_credentials();

        if (!save("location")) {
                sl_reply_error();
        };
}

route[3] {

        # -----------------------------------------------------------------
        # INVITE Message Handler
        # -----------------------------------------------------------------

        if (!allow_trusted()) {

                if (!proxy_authorize("","subscriber")) {
                        proxy_challenge("","0");
                        return;
                } else if (!check_from()) {
                        sl_send_reply("403", "Use From=ID");
                        return;
                };

                consume_credentials();
        };

        if (client_nat_test("3")) {
                setflag(7);
                force_rport();
                fix_nated_contact();
        };

        if (uri=~"^sip:1[0-9]{10}@") {
                strip(1);
        };

        lookup("aliases");
        if (uri!=myself) {
                route(4);
                route(1);
                return;
        };

        if (uri=~"^sip:011[0-9]*@") {           # International PSTN
                route(4);
                route(5);
                return;
        };

        if (!lookup("location")) {
                if (uri=~"^sip:[0-9]{10}@") {   # Domestic PSTN
                        route(4);
                        route(5);
                        return;
                };

                sl_send_reply("404", "User Not Found");
                return;
        };

        route(4);
        route(1);
}

route[4] {

        # -----------------------------------------------------------------
        # NAT Traversal Section
        # -----------------------------------------------------------------

        if (isflagset(6) || isflagset(7)) {
                use_media_proxy();
        };
}

route[5] {

        # -----------------------------------------------------------------
        # PSTN Handler
        # -----------------------------------------------------------------

        rewritehost("mygateway:5060"); # INSERT YOUR PSTN GATEWAY IP ADDRESS

     #   avp_write("i:45", "inv_timeout");

        route(4);
        route(1);
}

onreply_route[1] {

        if ((isflagset(6) || isflagset(7)) &&
            (status=~"(180)|(183)|2[0-9][0-9]")) {

                if (!search("^Content-Length:[ ]*0")) {
                        use_media_proxy();
                };
        };

        if (client_nat_test("1")) {
                fix_nated_contact();
        };
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kamailio.org/pipermail/users/attachments/20060822/8c056fe3/attachment.htm 


More information about the Users mailing list