[OpenSIPS-Users] NAT Contact address issues with Nokia Mobile
oso che bol
ndlgroup1 at gmail.com
Tue Mar 31 14:25:45 CEST 2009
Dear Bogdan
I change the config of NATed REGISTER request to:
* if (nat_uac_test("19")) {
if (is_method("REGISTER") || !search("^Record-Route")) {
log("LOG: HTK Someone trying to register from private IP,
rewriting\n");
fix_nated_contact(); # Rewrite contact with source IP of
signalling
force_rport(); # Add rport parameter to topmost Via
setbflag(6); # Mark as NATed
if (method=="INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
force_rport(); # Add rport parameter to topmost Via
setbflag(6); # Mark as NATed
};
};*
Output of "opensipsctl ul show":
*[root at LN]# opensipsctl ul show
database engine 'MYSQL' loaded
Control engine 'FIFO' loaded
entering fifo_cmd ul_dump
Mar 31 07:17:27 [6412] DBG:mi_fifo:mi_parse_node: end of input tree
Mar 31 07:17:27 [6412] DBG:mi_fifo:mi_fifo_server: done parsing the mi tree
Domain:: aliases table=512 records=0 max_slot=0
Domain:: location table=512 records=2 max_slot=1
AOR:: 5000
Contact:: sip:5000 at 77.69.220.94:5060;transport=UDP Q=
Expires:: 1038
Callid:: A9AOj5F5oIeDS04U53IMr4_65zZvf5
Cseq:: 6049
User-agent:: E66-1 RM-343 102.07.81
State:: CS_SYNC
Flags:: 0
Cflag:: 64
Socket:: udp:174.132.X.Y:5060
Methods:: 4294967295
AOR:: 6000
Contact:: sip:6000 at 58.186.156.135:11370;rinstance=dbe921dccef4bee4
Q=
Expires:: 1060
Callid:: MDdmOTVkNzAzODAxN2JiMjk0MTk1NTEwNThjOWE2ZTM.
Cseq:: 6
User-agent:: X-Lite release 1100l stamp 47546
State:: CS_SYNC
Flags:: 0
Cflag:: 64
Socket:: udp:174.132.X.Y:5060
Methods:: 5951
FIFO command was:
:ul_dump:opensips_receiver_6568*
Could you please explain why with mobile user 5000, the contact *
sip:5000 at 77.69.220.94:5060;transport=UDP *and with X-Lite User 6000 the
contact is *6000 at 58.186.156.135:11370;rinstance=dbe921dccef4bee4*
How fix_nated_register() differ with fix_nated_register(), do we need to
call fix_nated_register() at REGISTER processing?
Thanks and Regards,
-LN
On Tue, Mar 31, 2009 at 6:19 PM, Bogdan-Andrei Iancu <bogdan at voice-system.ro
> wrote:
> Hi,
>
> if the online-user info is correct, it looks like the fix_nated_register()
> is not done.
>
> Please post the output of "opensipsctl ul show", for that specific user.
>
> Also test by using xlog if the at register time your processing gets inside
> the "if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) {".
>
> Regards,
> Bogdan
>
> oso che bol wrote:
>
>> Dear All,
>>
>> I use Opensips 1.4.1 with rtpproxy 1.2 for NAT support.
>>
>> I use X-Lite which is Behind NAT, register to OpenSIPs proxy, Opensips
>> store right contact address. But, when i use Nokia E66 to register to
>> Opensips, the contact address is bellow:
>> Online SIP Users
>> Username Domain Contact Expires User Agent
>> 5000 *sip:5000 at 192.168.1.100 <sip%3A5000 at 192.168.1.100> <mailto:
>> sip%3A5000 at 192.168.1.100 <sip%253A5000 at 192.168.1.100>>;transport=UDP*
>> 2009-03-30 07:20:24.0 E66-1 RM-343 102.07.81
>>
>> User 5000 do not store with external IP address of its (external address
>> not 192.168.1.100). Do you have any ideas about this?
>>
>> Bellow is my Opensips.conf
>>
>> Thanks and Regards,
>>
>> -LN
>>
>> Opensips.conf
>>
>> ==================
>>
>> ####### Global Parameters #########
>>
>> debug=4
>> log_stderror=yes
>> log_facility=LOG_LOCAL0
>>
>> fork=yes
>> children=4
>>
>> /* uncomment the following lines to enable debugging */
>> #debug=6
>> #fork=no
>> #log_stderror=yes
>>
>> #disable_tcp=yes
>> #disable_dns_blacklist=no
>> #dns_try_ipv6=yes
>> #auto_aliases=no
>>
>> /* uncomment the following lines to enable TLS support (default off) */
>> #disable_tls = no
>> #listen = tls:your_IP:5061
>> #tls_verify_server = 1
>> #tls_verify_client = 1
>> #tls_require_client_certificate = 0
>> #tls_method = TLSv1
>> #tls_certificate = "//etc/opensips/tls/user/user-cert.pem"
>> #tls_private_key = "//etc/opensips/tls/user/user-privkey.pem"
>> #tls_ca_list = "//etc/opensips/tls/user/user-calist.pem"
>>
>>
>> port=5060
>> listen=udp:MY_OPENSIP_IP:5060
>>
>>
>> ####### Modules Section ########
>>
>> #set module path
>> mpath="//lib/opensips/modules/"
>>
>> /* uncomment next line for MySQL DB support */
>> loadmodule "db_mysql.so"
>> loadmodule "sl.so"
>> loadmodule "tm.so"
>> loadmodule "rr.so"
>> loadmodule "maxfwd.so"
>> loadmodule "usrloc.so"
>> loadmodule "registrar.so"
>> loadmodule "textops.so"
>> loadmodule "mi_fifo.so"
>> loadmodule "uri_db.so"
>> loadmodule "uri.so"
>> loadmodule "xlog.so"
>> loadmodule "acc.so"
>> loadmodule "auth.so"
>> loadmodule "auth_db.so"
>>
>> #loadmodule "presence.so"
>> #loadmodule "presence_xml.so"
>>
>> loadmodule "nathelper.so"
>> loadmodule "avpops.so"
>> ######################
>>
>>
>> modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
>> modparam("rr", "enable_full_lr", 1)
>> modparam("rr", "append_fromtag", 0)
>> modparam("registrar", "method_filtering", 1)
>>
>> /* uncomment the next line to disable parallel forking via location */
>> # modparam("registrar", "append_branches", 0)
>> /* uncomment the next line not to allow more than 10 contacts per AOR */
>> #modparam("registrar", "max_contacts", 10)
>> modparam("uri_db", "use_uri_table", 1)
>> modparam("uri_db", "db_url", "mysql://sermyadmin:secret@MY_DATABASE_IP
>> /sermyadmin")
>> #them for bug9, like guide in bug9
>> modparam("uri_db", "db_table", "uri")
>>
>>
>> # ----- acc params -----
>> /* what sepcial events should be accounted ? */
>> modparam("acc", "early_media", 1)
>> modparam("acc", "report_ack", 1)
>> modparam("acc", "report_cancels", 1)
>> modparam("acc", "detect_direction", 0)
>> modparam("acc", "failed_transaction_flag", 3)
>> modparam("acc", "log_flag", 1)
>> modparam("acc", "log_missed_flag", 2)
>> modparam("acc", "db_flag", 1)
>> modparam("acc", "db_missed_flag", 2)
>>
>> modparam("usrloc", "db_mode", 2)
>> modparam("usrloc", "db_url",
>> "mysql://sermyadmin:secret@MY_DATABASE_IP/sermyadmin")
>>
>> modparam("auth_db", "calculate_ha1", yes)
>> modparam("auth_db", "password_column", "password")
>> modparam("auth_db|permission", "db_url",
>> "mysql://sermyadmin:secret@MY_DATABASE_IP/sermyadmin")
>>
>> modparam("avpops", "avp_url", "mysql://sermyadmin:secret@MY_DATABASE_IP
>> /sermyadmin")
>> modparam("avpops", "avp_table", "usr_preferences")
>>
>> #try for fix error of Mobile Address
>> modparam("registrar", "received_avp", "$avp(s:rcv)")
>> modparam("nathelper", "received_avp", "$avp(s:rcv)")
>>
>> #Theo guide
>> http://www.opensips.org/html/docs/modules/1.4.x/registrar.html
>> modparam("usrloc", "nat_bflag", 6)
>> modparam("nathelper", "ping_nated_only", 1)
>> modparam("nathelper", "sipping_bflag", 8)
>>
>> #modparam("nathelper", "rtpproxy_sock", "udp:MY_RTPPROXY_IP:7890")
>> modparam("nathelper", "force_socket", "udp:MY_RTPPROXY_IP:7890")
>> modparam("nathelper", "natping_interval", 89)
>> modparam("nathelper", "sipping_from", "sip:1000 at MY_OPENSIP_IP")
>>
>>
>> # main request routing logic
>>
>> route {
>>
>> # -----------------------------------------------------------------
>> # Sanity Check Section
>> # -----------------------------------------------------------------
>> if (!mf_process_maxfwd_header("10")) {
>> sl_send_reply("483", "Too Many Hops");
>> exit;
>> }
>>
>> if (msg:len > max_len) {
>> sl_send_reply("513", "Message Overflow");
>> exit;
>> }
>>
>> # -----------------------------------------------------------------
>> # Record Route Section
>> # -----------------------------------------------------------------
>> if (method!="REGISTER") {
>> record_route();
>> }
>>
>> if (method=="BYE" || method=="CANCEL") {
>> unforce_rtp_proxy();
>> }
>>
>> # -----------------------------------------------------------------
>> # Loose Route Section
>> # -----------------------------------------------------------------
>> if (loose_route()) {
>>
>> if ((method=="INVITE" || method=="REFER") && !has_totag()) {
>> sl_send_reply("403", "Forbidden");
>> exit;
>> }
>>
>> if (method=="INVITE") {
>>
>> if (!proxy_authorize("MY_OPENSIPS_IP","subscriber")) {
>> proxy_challenge("MY_OPENSIPS_IP","0");
>> exit;
>> } else if (!check_from()) {
>> sl_send_reply("403", "Use From=ID");
>> exit;
>> }
>> consume_credentials();
>>
>> if (nat_uac_test("19")) {
>> setflag(6);
>> force_rport();
>> fix_nated_contact();
>> }
>> force_rtp_proxy("l");
>> }
>> route(1);
>> exit;
>> }
>>
>> # -----------------------------------------------------------------
>> # Call Type Processing Section
>> # -----------------------------------------------------------------
>> if (uri!=myself) {
>> route(4);
>> route(1);
>> exit;
>> }
>>
>> if (method=="ACK") {
>> route(1);
>> exit;
>> } else if (method=="CANCEL") {
>> route(1);
>> exit;
>> } else if (method=="INVITE") {
>> route(3);
>> exit;
>> } else if (method=="REGISTER") {
>> route(2);
>> exit;
>> }
>>
>> lookup("aliases");
>> if (uri!=myself) {
>> route(4);
>> route(1);
>> exit;
>> }
>>
>> if (!lookup("location")) {
>> sl_send_reply("404", "User Not Found");
>> exit;
>> }
>>
>> route(1);
>> }
>>
>> route[1] {
>>
>> # -----------------------------------------------------------------
>> # Default Message Handler
>> # -----------------------------------------------------------------
>>
>> t_on_reply("1");
>>
>> if (!t_relay()) {
>> if (method=="INVITE" && isflagset(6)) {
>> unforce_rtp_proxy();
>> };
>> sl_reply_error();
>> }
>> }
>>
>> route[2] {
>>
>> # -----------------------------------------------------------------
>> # REGISTER Message Handler
>> # ----------------------------------------------------------------
>>
>> if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) {
>> setflag(6);
>> fix_nated_register();
>> force_rport();
>> }
>>
>> sl_send_reply("100", "Trying");
>>
>> if (!www_authorize("MY_OPENSIPS_IP","subscriber")) {
>> www_challenge("MY_OPENSIPS_IP","0");
>> exit;
>> }
>>
>> #if (!check_to()) {
>> # sl_send_reply("401", "Unauthorized Loi Ngo");
>> # exit;
>> #}
>>
>> consume_credentials();
>>
>> if (!save("location")) {
>> sl_reply_error();
>> };
>> }
>>
>> route[3] {
>>
>> # -----------------------------------------------------------------
>> # INVITE Message Handler
>> # -----------------------------------------------------------------
>> #Drop because error Use From=ID when call. Open
>> #if (!proxy_authorize("","subscriber")) {
>> # proxy_challenge("","0");
>> # exit;
>> #} else if (!check_from()) {
>> # sl_send_reply("403", "Use From=ID");
>> # exit;
>> #}
>>
>> #consume_credentials();
>>
>> if (nat_uac_test("19")) {
>> setflag(6);
>> }
>>
>> lookup("aliases");
>> if (uri!=myself) {
>> route(4);
>> route(1);
>> exit;
>> }
>>
>> if (!lookup("location")) {
>> sl_send_reply("404", "User Not Found");
>> exit;
>> }
>>
>> route(4);
>> route(1);
>> }
>>
>> route[4] {
>>
>> # -----------------------------------------------------------------
>> # NAT Traversal Section
>> # -----------------------------------------------------------------
>>
>> if (isflagset(6)) {
>> force_rport();
>> fix_nated_contact();
>> force_rtp_proxy();
>> }
>> }
>>
>> onreply_route[1] {
>>
>> if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") {
>> if (!search("^Content-Length:[ ]*0")) {
>> force_rtp_proxy();
>> }
>> }
>>
>> if (nat_uac_test("1")) {
>> fix_nated_contact();
>> }
>> }
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20090331/2e57339b/attachment-0001.htm
More information about the Users
mailing list