Re: [OpenSER-Users] call failed 403 forbiden

luzango mfupe Thu, 22 May 2008 03:57:08 -0700

Hi mates,
I still need your pointers regarding my problem in this post, today i have
attached  the routes suspected to be involved in this saga. From my config
file plz see below.


        # -----------------------------------------------------------------
        # Unauthorized relay
        # -----------------------------------------------------------------

        if (!is_uri_host_local()) {
                        if (is_from_local()) { # We prevent unauthorised
relays "clever guys we got u"
                                append_hf("P-hint: outbound\r\n");

                route(10);
                                # need to be authenticated
                        } else {
                                sl_send_reply("403", "Forbidden");
                        };
                        return;
        };

route[10] {
        #-------------------------------------------------------------
        # Default Message Handler with  Proxy Authentication
        # -----------------------------------------------------------------

        if(method=="ACK") {   #these you never proxy authenticate
                route(1);
                return;
        };
        if(method=="BYE" || method=="CANCEL") {   #these you never proxy
authenticate
                route(1);
                return;
        };

        xlog("L_INFO", "Proxy auth $fd $dP destination:$du $dd $ds");#

        if (!route(7)) { #verify the user
                return(0);
        };
 if (!is_user_in("From", "noauth")) { #no authentication required
                if (!proxy_authorize("","subscriber")) {
        proxy_challenge("","0");
                        return;
        } else if (!check_from()) {
                        sl_send_reply("403", "Use From=ID");
                        return;
                };
       #        consume_credentials();

        };

#       if (is_user_in("Credentials", "local")) {       # Uncomment to use
the group options
                route(1);
#       }else{
#               sl_send_reply("403", "Busted!!!, you are not allowed this
route");
#       };

return;
}

With Best Regards,
LU.


>
> Message: 3
> Date: Tue, 20 May 2008 17:38:50 +0200
> From: "luzango mfupe" <[EMAIL PROTECTED]>
> Subject: [OpenSER-Users] Call failed 403 Forbiden
> To: [email protected]
> Message-ID:
>        <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi mates,
> Everytime i do try to make my 2 xlite clients talk (which i correctly added
> them into the database), i encountered with the same problm, Openser
> perfoms
> authentication and return call failed 403 forbiden signal.
>
> My setup comprise of the first box with openser 1.3 and mediaproxy the
> second box with Mysql and two Xlite clients in two other boxes all are in
> an
> internal network, as far as am concerned my NetAdmin have already opened
> ports 5060 and 3306 for me. I need your right direction on this probm.
> below is my ngrep snapshot
>
> mzee:/# ngrep -d eth1 -W byline port 5060
> interface: eth1 (168.172.200.0/255.255.255.0)
> filter: (ip or ip6) and ( port 5060 )
> #
> U 168.172.200.70:1824 -> 168.172.200.87:5060
> INVITE sip:[EMAIL PROTECTED] <[EMAIL PROTECTED]> <
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> >SIP/2.0.
> Via: SIP/2.0/UDP 168.172.200.70:1824
> ;branch=z9hG4bK-d87543-ef08fb62b30f1a54-1--d87543-.
> Max-Forwards: 70.
> Contact: <sip:[EMAIL PROTECTED]:1824>.
> To: "musk"<sip:[EMAIL PROTECTED] <[EMAIL PROTECTED]><
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>>.
> From: "dream"<sip:[EMAIL PROTECTED]<[EMAIL PROTECTED]><
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>
> >;tag=af4bd714.
> Call-ID: OTAyNWJhOTdiZjBlNmUwNDYyZWI0YzdkM2JhZTUxMTU..
> CSeq: 1 INVITE.
> Session-Expires: 95.
> Min-SE: 90.
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE,
> SUBSCRIBE,
> INFO.
> Content-Type: application/sdp.
> Supported: timer.
> User-Agent: X-Lite release 1011s stamp 41150.
> Content-Length: 426.
> .
> v=0.
> o=- 9 2 IN IP4 168.172.200.70.
> s=CounterPath X-Lite 3.0.
> c=IN IP4 168.172.200.70.
> t=0 0.
> m=audio 52166 RTP/AVP 107 119 100 106 0 105 98 8 101.
> a=alt:1 1 : uZB2dYm+ NKBRK8Ep 168.172.200.70 52166.
> a=fmtp:101 0-15.
> a=rtpmap:107 BV32/16000.
> a=rtpmap:119 BV32-FEC/16000.
> a=rtpmap:100 SPEEX/16000.
> a=rtpmap:106 SPEEX-FEC/16000.
> a=rtpmap:105 SPEEX-FEC/8000.
> a=rtpmap:98 iLBC/8000.
> a=rtpmap:101 telephone-event/8000.
> a=sendrecv.
> #
> U 168.172.200.87:5060 -> 168.172.200.70:1824
> SIP/2.0 403 Forbidden.
> Via: SIP/2.0/UDP 168.172.200.70:1824
> ;branch=z9hG4bK-d87543-ef08fb62b30f1a54-1--d87543-.
> To: "musk"<sip:[EMAIL PROTECTED] <[EMAIL PROTECTED]><
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>
> >;tag=9a17bd4180f96d7136f8b30b25c6947e.d7e9.
> From: "dream"<sip:[EMAIL PROTECTED]<[EMAIL PROTECTED]><
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>
> >;tag=af4bd714.
> Call-ID: OTAyNWJhOTdiZjBlNmUwNDYyZWI0YzdkM2JhZTUxMTU..
> CSeq: 1 INVITE.
> Server: OpenSER (1.3.0-notls (i386/linux)).
> Content-Length: 0.
> .
> #
> U 168.172.200.70:1824 -> 168.172.200.87:5060
> ACK sip:[EMAIL PROTECTED] <[EMAIL PROTECTED]> <
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>
> SIP/2.0.
> Via: SIP/2.0/UDP 168.172.200.70:1824
> ;branch=z9hG4bK-d87543-ef08fb62b30f1a54-1--d87543-.
> To: "musk"<sip:[EMAIL PROTECTED] <[EMAIL PROTECTED]><
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>
> >;tag=9a17bd4180f96d7136f8b30b25c6947e.d7e9.
> From: "dream"<sip:[EMAIL PROTECTED]<[EMAIL PROTECTED]><
> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>
> >;tag=af4bd714.
> Call-ID: OTAyNWJhOTdiZjBlNmUwNDYyZWI0YzdkM2JhZTUxMTU..
> CSeq: 1 ACK.
> Content-Length: 0.
>
> WBR,
> LU.
>
>

_______________________________________________
Users mailing list
[email protected]
http://lists.openser.org/cgi-bin/mailman/listinfo/users

Re: [OpenSER-Users] call failed 403 forbiden

Reply via email to