Hello Hakan,
I have attached my openser.cfg file if you can see any error:
DB entry is:
select * from trusted where src_ip = '82.113.11.12';
+--------------+-------+--------------+------+
| src_ip | proto | from_pattern | tag |
+--------------+-------+--------------+------+
| 82.113.11.12 | udp | ^sip:[EMAIL PROTECTED] | NULL |
+--------------+-------+--------------+------+
=====
# ------------------ module loading ----------------------------------
loadmodule "/usr/local/lib/openser/modules/mysql.so"
loadmodule "/usr/local/lib/openser/modules/sl.so"
loadmodule "/usr/local/lib/openser/modules/tm.so"
loadmodule "/usr/local/lib/openser/modules/rr.so"
loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
loadmodule "/usr/local/lib/openser/modules/usrloc.so"
loadmodule "/usr/local/lib/openser/modules/registrar.so"
loadmodule "/usr/local/lib/openser/modules/textops.so"
loadmodule "/usr/local/lib/openser/modules/permissions.so"
loadmodule "/usr/local/lib/openser/modules/auth.so"
loadmodule "/usr/local/lib/openser/modules/auth_db.so"
loadmodule "/usr/local/lib/openser/modules/nathelper.so"
loadmodule "/usr/local/lib/openser/modules/uri_db.so"
loadmodule "/usr/local/lib/openser/modules/uri.so"
loadmodule "/usr/local/lib/openser/modules/dispatcher.so"
# ----------------- setting module-specific parameters ---------------
#---- Permissions_Module_Parameters -----
modparam("permissions", "db_mode", 0)
modparam("permissions", "trusted_table", "trusted")
modparam("permissions", "source_col", "src_ip")
modparam("permissions", "proto_col", "proto")
modparam("permissions", "from_col", "from_pattern")
modparam("permissions", "db_url", "mysql://openser:[EMAIL PROTECTED]/openser")
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://openser:[EMAIL PROTECTED]/openser")
modparam("auth_db", "use_domain", 1)
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock")
modparam( "registrar", "append_branches", 1 )
modparam( "registrar", "desc_time_order", 1 )
modparam( "registrar", "nat_flag", 6 )
modparam("usrloc", "db_mode", 2)
##modparam("rr", "enable_full_lr", 1)
####### end old ser
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route {
###########
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
return;
};
if (msg:len > max_len) {
sl_send_reply("513", "Message Overflow");
return;
};
###############
if ( method != "REGISTER" ) {
record_route();
};
if ( nat_uac_test( "3" ) ) {
setflag( 6 );
force_rport();
fix_nated_contact();
};
if ( method=="INVITE" ) {
force_rtp_proxy();
};
if ( loose_route() ) {
route( 1 );
return;
};
if ( uri == myself ) {
if ( method == "REGISTER" ) {
if ( ! www_authorize( "", "subscriber" ) ) {
www_challenge( "", "0" );
return;
};
if ( ! check_to() ) {
sl_send_reply( "403", "Authentication user must match username" );
return;
};
save( "location" );
return;
};
if (allow_trusted()) {
if ( uri =~ "sip:[EMAIL PROTECTED]" ) {
if ( src_ip == 82.113.11.12){
prefix("2333");
};
prefix("11");
ds_select_dst( "1", "0" );
route( 1 );
return;
}
};
} else {
if ( method == "INVITE" ) {
sl_send_reply( "403", "Host part forbidden" );
return;
};
};
route( 1 );
}
route[1] {
t_on_reply( "1" );
if ( ! t_relay() ) {
sl_reply_error();
};
}
onreply_route[1] {
if ( status =~ "(180)|(183)|2[0-9][0-9]" ) {
if ( ! search( "^Content-Length:\ +0" ) ) {
force_rtp_proxy();
};
};
if ( nat_uac_test( "3" ) ) {
force_rport();
fix_nated_contact();
};
}
I have attached my openser.cfg file if you can see any error:
DB entry is:
select * from trusted where src_ip = '82.113.11.12';
+--------------+-------+--------------+------+
| src_ip | proto | from_pattern | tag |
+--------------+-------+--------------+------+
| 82.113.11.12 | udp | ^sip:[EMAIL PROTECTED] | NULL |
+--------------+-------+--------------+------+
=====
# ------------------ module loading ----------------------------------
loadmodule "/usr/local/lib/openser/modules/mysql.so"
loadmodule "/usr/local/lib/openser/modules/sl.so"
loadmodule "/usr/local/lib/openser/modules/tm.so"
loadmodule "/usr/local/lib/openser/modules/rr.so"
loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
loadmodule "/usr/local/lib/openser/modules/usrloc.so"
loadmodule "/usr/local/lib/openser/modules/registrar.so"
loadmodule "/usr/local/lib/openser/modules/textops.so"
loadmodule "/usr/local/lib/openser/modules/permissions.so"
loadmodule "/usr/local/lib/openser/modules/auth.so"
loadmodule "/usr/local/lib/openser/modules/auth_db.so"
loadmodule "/usr/local/lib/openser/modules/nathelper.so"
loadmodule "/usr/local/lib/openser/modules/uri_db.so"
loadmodule "/usr/local/lib/openser/modules/uri.so"
loadmodule "/usr/local/lib/openser/modules/dispatcher.so"
# ----------------- setting module-specific parameters ---------------
#---- Permissions_Module_Parameters -----
modparam("permissions", "db_mode", 0)
modparam("permissions", "trusted_table", "trusted")
modparam("permissions", "source_col", "src_ip")
modparam("permissions", "proto_col", "proto")
modparam("permissions", "from_col", "from_pattern")
modparam("permissions", "db_url", "mysql://openser:[EMAIL PROTECTED]/openser")
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://openser:[EMAIL PROTECTED]/openser")
modparam("auth_db", "use_domain", 1)
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock")
modparam( "registrar", "append_branches", 1 )
modparam( "registrar", "desc_time_order", 1 )
modparam( "registrar", "nat_flag", 6 )
modparam("usrloc", "db_mode", 2)
##modparam("rr", "enable_full_lr", 1)
####### end old ser
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route {
###########
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
return;
};
if (msg:len > max_len) {
sl_send_reply("513", "Message Overflow");
return;
};
###############
if ( method != "REGISTER" ) {
record_route();
};
if ( nat_uac_test( "3" ) ) {
setflag( 6 );
force_rport();
fix_nated_contact();
};
if ( method=="INVITE" ) {
force_rtp_proxy();
};
if ( loose_route() ) {
route( 1 );
return;
};
if ( uri == myself ) {
if ( method == "REGISTER" ) {
if ( ! www_authorize( "", "subscriber" ) ) {
www_challenge( "", "0" );
return;
};
if ( ! check_to() ) {
sl_send_reply( "403", "Authentication user must match username" );
return;
};
save( "location" );
return;
};
if (allow_trusted()) {
if ( uri =~ "sip:[EMAIL PROTECTED]" ) {
if ( src_ip == 82.113.11.12){
prefix("2333");
};
prefix("11");
ds_select_dst( "1", "0" );
route( 1 );
return;
}
};
} else {
if ( method == "INVITE" ) {
sl_send_reply( "403", "Host part forbidden" );
return;
};
};
route( 1 );
}
route[1] {
t_on_reply( "1" );
if ( ! t_relay() ) {
sl_reply_error();
};
}
onreply_route[1] {
if ( status =~ "(180)|(183)|2[0-9][0-9]" ) {
if ( ! search( "^Content-Length:\ +0" ) ) {
force_rtp_proxy();
};
};
if ( nat_uac_test( "3" ) ) {
force_rport();
fix_nated_contact();
};
}
##=================
-----Original Message-----
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [email protected]
Sent: Mon, 14 Aug 2006 8:10 AM
Subject: Re: [Users] Module for Config files
You can use permissions module.
this is an example of with
trusted_table.....
loadmodule
"/usr/local/lib/openser/modules/permissions.so"
modparam("permissions", "db_url", "postgres or mysql://username:[EMAIL PROTECTED]/dbname")
#---- Permissions_Module_Parameters
-----
modparam("permissions", "db_mode", 0)
modparam("permissions", "trusted_table", "trusted")
modparam("permissions", "source_col", "src_ip")
modparam("permissions", "proto_col", "proto")
modparam("permissions", "from_col", "from_pattern")
modparam("permissions", "db_mode", 0)
modparam("permissions", "trusted_table", "trusted")
modparam("permissions", "source_col", "src_ip")
modparam("permissions", "proto_col", "proto")
modparam("permissions", "from_col", "from_pattern")
route[3] {
#
-----------------------------------------------------------------
# INVITE Message Handler
# -----------------------------------------------------------------
# INVITE Message Handler
# -----------------------------------------------------------------
if
(allow_trusted()) {
route(4); # NAT Traversal
Section
route(5); # PSTN Handler
return;
};
route(5); # PSTN Handler
return;
};
Welcome to psql 7.4.13, the PostgreSQL interactive
terminal.
Type: \copyright for distribution
terms
\h for help with SQL commands
\? for help on internal slash commands
\g or terminate with semicolon to execute query
\q to quit
\h for help with SQL commands
\? for help on internal slash commands
\g or terminate with semicolon to execute query
\q to quit
dbname=> select * from
trusted;
src_ip | proto | from_pattern
-----------------+-------+-------------------------------
10.1.1.5 | udp | ^sip:[EMAIL PROTECTED]
src_ip | proto | from_pattern
-----------------+-------+-------------------------------
10.1.1.5 | udp | ^sip:[EMAIL PROTECTED]
Regards,
Hakan.
----- Original Message -----
From: [EMAIL PROTECTED]Sent: Monday, August 14, 2006 5:39 PMSubject: [Users] Module for Config files
Hi All,
I am using the following if statement to allow certain calls from pre authorized IPs.
if ( method == "INVITE" && src_ip != 195.xxx.xxx.xx && src_ip != 195.xxx.xxx.xx && src_ip != 195.xxx.xxx.xx && src_ip != 195.xxx.xxx.xx) {
My issues is the number of IPs that need to be authorized this way is getting large and was wondering if there's a module that can be used to read config date from a config file ?
regards,
Ron
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/users
