Excellent, I owe you one. As always users always want more and more ;) I got this in the logs when I try to Dec 10 13:55:02 [11176] DBG:permissions:reload_address_table: invalid ip field in address table, ignoring entry 0 Dec 10 13:55:02 [11176] DBG:permissions:reload_address_table: invalid ip field in address table, ignoring entry 1
Here ID or IPAddress will be more useful for debugging purpose. Here is the trace for the failing call form same IP. Dec 10 14:03:09 [11772] DBG:core:parse_via: end of header reached, state=5 Dec 10 14:03:09 [11772] DBG:core:parse_headers: via found, flags=200 Dec 10 14:03:09 [11772] DBG:core:get_hdr_field: content_length=235 Dec 10 14:03:09 [11772] DBG:core:get_hdr_field: found end of header Dec 10 14:03:09 [11772] DBG:rr:find_first_route: No Route headers found Dec 10 14:03:09 [11772] DBG:rr:loose_route: There is no Route HF source ip is 65.211.120.237 and protocol is udp avp is <null> Dec 10 14:03:09 [11772] DBG:permissions:check_src_addr_3: Looking for : <0, 65.211.120.237, 5060, 1> in tables Dec 10 14:03:09 [11772] DBG:permissions:hash_match: no match in the hash table Dec 10 14:03:09 [11772] DBG:permissions:match_subnet_table: subnet table is empty Monitor Request not from trusted source from sip:[email protected]:5060;user=phone to sip:[email protected]:5060;user=phone;transport=UDP from IP 65.211.120.237 Dec 10 14:03:09 [11772] DBG:core:parse_headers: flags=ffffffffffffffff Dec 10 14:03:09 [11772] DBG:core:parse_headers: flags=ffffffffffffffff Dec 10 14:03:09 [11772] DBG:core:check_ip_address: params 65.211.120.237, 65.211.120.237, 0 Dec 10 14:03:09 [11772] DBG:core:destroy_avp_list: destroying list (nil) Dec 10 14:03:09 [11772] DBG:core:receive_msg: cleaning up Dec 10 14:03:09 [11771] DBG:core:parse_msg: SIP Request: Dump from address cache ../../sbin/opensipsctl fifo address_dump | grep "65.211.120.237" 12 <65.211.120.237,0, 0, 0, ^sip:.*$, NULL> Code in cfg file xlog(" source ip is $si and protocol is $proto avp is $avp(i:9)"); if (check_source_address("0","$avp(i:9)")) { Same Call from other IP works juts IP Dec 10 14:08:16 [11776] DBG:rr:loose_route: There is no Route HF source ip is 65.217.40.210 and protocol is udp avp is <null> Dec 10 14:08:16 [11776] DBG:permissions:check_src_addr_3: Looking for : <0, 65.217.40.210, 5060, 1> in tables Dec 10 14:08:16 [11776] DBG:permissions:hash_match: match found in the hash table ../../sbin/opensipsctl fifo address_dump | grep "65.217.40.210" 9 <65.217.40.210,0, 0, 0, ^sip:.*$, NULL> Best, -Jai On Thu, Dec 10, 2009 at 8:19 AM, Irina Stanescu <[email protected]>wrote: > Hi Jai, > > I modified the permissions module so that now any invalid db entry from > the address table is skipped. > I committed the change on trunk and also on the 1.6 branch. > > About the other issue you have found, what does the log say? > > > > Regards, > Irina Stanescu > > > Jai Rangi wrote: > > Bogda, > > Wow that was quick. Thank you, > > > > I found one more issue, > > I have this entry in address table > > 944 0 65.211.120.237 32 0 any ^sip:.*$ > /NULL/ 0 some > > descriptiond > > > > > > Here is a check in my route block > > if (check_source_address("0","$avp(i:9)")) { > > t_rely(); > > } else { > > xlog("Monitor Request not from trusted source from $fu to $ru from > > IP $si "); > > sl_send_reply("403", "Forbidden, we dont trust you"); > > } > > > > ../../sbin/opensipsctl fifo address_dump | grep "65.211.120.237" > > > > 12 <65.211.120.237,0, 0, 0, ^sip:.*$, NULL> > > > > I always get 403. > > Is there a limit in address table. > > > > -Jai > > > > > > On Thu, Dec 10, 2009 at 12:24 AM, Bogdan-Andrei Iancu > > <[email protected] <mailto:[email protected]>> wrote: > > > > Hi Jai, > > > > I think you are correct - the permission table should also be more > > permissive when comes to the errors and skip bogus entries. I will > ask > > the maintainer (Irina) to fix this problem. > > > > Thanks for the report, > > Bogdan > > > > Jai Rangi wrote: > > > Not sure if this this the right place for this post. May be I > should > > > post it on developers mailing list. Please suggest. > > > > > > Just installed opensip1.6 with Mysql, drouting and permissions > > module. > > > Did not take long to get it configure and get it going. > > Documentations > > > is wonderful. > > > While testing I noticed that, > > > > > > 1. If there is any invalid entry in dr_routing tables, and I reload > > > the dr_routing it spit the error for the mistyped/wrong entry and > > > loads rest of the valid entries. Same thing with startup. > > Opensip will > > > start up just fine even if there are some invalid rules in the > table > > > and throws the error with ruleid. > > > > > > 2. On the other hand address table does not work that way. If > > there is > > > any space (Typo) in the IP address, opensip wont start and wont > > reload > > > the address table. > > > I have to put the valid IP address, there is not option for dynamic > > > domain names. (For people who does not have static IP). Not only > > that > > > it does not even tell which IP has a problem that makes it even > > harder > > > to debug when you have thousands of IPs in the trusted tables. > > > > > > I was wondering if there is a work around for this. I would like > > > opensip to startup (or successful address_reload) with all the > valid > > > entries and throw an error for invalid entries. Also having the > > > ability to add an domain would be nice. > > > > > > Any thoughts?? > > > > > > -Jai > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > _______________________________________________ > > > Users mailing list > > > [email protected] <mailto:[email protected]> > > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > > > > > > -- > > Bogdan-Andrei Iancu > > www.voice-system.ro <http://www.voice-system.ro> > > > > > > _______________________________________________ > > Users mailing list > > [email protected] <mailto:[email protected]> > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Users mailing list > > [email protected] > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
