Hi Reda,

my pitfall was that the probing takes 30seconds until the gateway is active
until startup. So if i test it right after kamctl restart the gateway
was inactive.

Now i seems that my working multihomed config needs some help to fix
nat for dispatching. For locatet user it works, for dispatching i run
into nat-nightmare again
(wrong Contact Header on private ip side and so one)....

Any hints?


# Main SIP request routing logic
# - processing of any incoming SIP request starts with this route
# - note: this is the same as route { ... }
request_route {
  xlog("begin routing\n");
  setflag(1); # log this msg

  #acc:
  setflag(2);
  setflag(3);
  setflag(4);

        # -----------------------------------------------------------------
        # Sanity Check Section
        # -----------------------------------------------------------------
        # per request initial checks
        route(REQINIT);

        # -----------------------------------------------------------------
        # Record Route Section
        # -----------------------------------------------------------------
        if (method!="REGISTER") {
          record_route();
        };

        if (method=="BYE" || method=="CANCEL") {
                unforce_rtp_proxy();
                xlog("L_DBG","BYE OR CANCEL. Dialog lifetime:
$DLG_lifetime Status: $DLG_status\n");
                if ($DLG_status==5)
                {
                        route(6);
                }
        }

        # -----------------------------------------------------------------
        # Loose Route Section
        # -----------------------------------------------------------------
        if (loose_route()) {
                xlog("loose_route ***************\n");
                if ((method=="INVITE" || method=="REFER") && !has_totag()) {
                        sl_send_reply("403", "Forbidden");
                        return;
                };

                if (method=="BYE" && $DLG_status==5)
                {
                        xlog("L_DBG","BYE. Dialog lifetime: $DLG_lifetime 
Status: $DLG_status\n");
                        route(6);
                }

                if (method=="INVITE") {
                        route(5);       

                        if (!proxy_authorize("$td","subscriber")) {
                           proxy_challenge("$td","0");
                           return;
                        } else if (!check_from()) {
                           sl_send_reply("403", "Use From=ID");
                           return;
                        };

                        consume_credentials();                  
                        setflag(6);
                        force_rport();
                        fix_nated_contact();

                        if (dst_ip == 172.20.100.74){
                            rtpproxy_manage("fiewc","212.59.42.189");
                        }
                        else
                        {
                            rtpproxy_manage("feiwc","172.20.100.74");
                        }
              };
          route(1);
          return;
        };


        if (method=="CANCEL")
        {
                xlog("L_DBG","CANCEL. Dialog lifetime: $DLG_lifetime
Status: $DLG_status\n");
                route(6);       
        }

        # -----------------------------------------------------------------
        # Call Type Processing Section
        # -----------------------------------------------------------------
        xlog("call type processing\n");
        if (uri!=myself) {
                route(4);
                route(1);
                return;
        };

        if (method=="ACK") {
                route(1);
                return;
        } else if (method=="CANCEL") {
                route(1);
                return;
        } else if (method=="INVITE") {
                route(5);       
                route(3);
                return;
        } else  if (method=="REGISTER") {
                route(2);
                return;
        };

        xlog("lookup aliases\n");
        lookup("aliases");
        if (uri!=myself) {
                route(4);
                route(1);
                return;
        };

        xlog("!lookup location\n");
        if (!lookup("location")) {
                sl_send_reply("404", "User Not Found");
                return;
        };

        route(1);
        
}

route[1] {

        # -----------------------------------------------------------------
        # Default Message Handler
        # -----------------------------------------------------------------

        t_on_reply("1");

        if (!t_relay()) {
                if (method=="INVITE" && isflagset(6)) {
                        unforce_rtp_proxy();
                };
                sl_reply_error();
        };
}

route[2] {

        # -----------------------------------------------------------------
        # REGISTER Message Handler
        # ----------------------------------------------------------------

        setflag(6);
        fix_nated_register();
        force_rport();

        sl_send_reply("100", "Trying");

        if (!www_authorize("$td","subscriber")) {
          www_challenge("$td","0");
          return;
        };

        if (!check_to()) {
          sl_send_reply("401", "Unauthorized");
          return;
        };

        consume_credentials();
        
        if (!save("location")) {
           log(1,"Error :-(.\n");
           sl_reply_error();
        };
}

route[3] {

        # -----------------------------------------------------------------
        # INVITE Message Handler
        # -----------------------------------------------------------------
        xlog("route-3\n");
        setflag(6);
        
        lookup("aliases");
        if (uri!=myself) {
                route(4);
                route(1);
                return;
        };


#!ifdef WITH_DISPATCHER
        if (!lookup("location")) {
                if(ds_select_domain("1", "4")) {
                xlog("DISPATCHER ds_select_dst\n");
                route(4);
                #route(1);
                forward();
                return;
                }
        }
#!endif

        if (!lookup("location")) {
                xlog("404 User not found\n");
                sl_send_reply("404", "User Not Found");
                return;
        };

        route(4);
        route(1);
}

route[4] {

        # -----------------------------------------------------------------
        # NAT Traversal Section
        # -----------------------------------------------------------------

        force_rport();
        fix_nated_contact();
        if (dst_ip == 172.20.100.74){
            xlog("INVITE 4  intern extern\n");
            rtpproxy_manage("fiewc","222.222.222.222");
        }
        else
        {
            xlog("INVITE 4 extern intern\n");
            rtpproxy_manage("feiwc","172.20.100.74");
        }
}

route[5] {

        # ----------------------------------------------------------------
        # Save here CDR Variables
        # ----------------------------------------------------------------

        #save sourceIP
        $sht(a=>$ci::srcip) = $si;
        $sht(a=>$ci::fromdplname) = $fn;
        $sht(a=>$ci::touri) = $tu;
        $sht(a=>$ci::fromuri) = $fu;
        $sht(a=>$ci::useragent) = $ua;
}

route[6] {

        # ----------------------------------------------------------------
        # Write CDR via Perl and free previously CDR Variables
        # ----------------------------------------------------------------

        #save variables from htable in AVPs, so we can access them from perl
(without memory leak)
        $avp(s:4com_srcip)=$sht(a=>$ci::srcip);
        $avp(s:4com_fromdplname)=$sht(a=>$ci::fromdplname);
        $avp(s:4com_touri)=$sht(a=>$ci::touri);
        $avp(s:4com_fromuri)=$sht(a=>$ci::fromuri);
        $avp(s:4com_useragent)=$sht(a=>$ci::useragent);
        $avp(s:4com_invtrytime)=$sht(a=>$ci::invtrytime);

        #write CDR
        perl_exec("write_cdr");

        #free all variables saved in hashtable
        sht_rm_name_re("a=>$ci::.*");
                
}


onreply_route[1] {

        rtpproxy_manage("fwc");
        fix_nated_contact();

        #if (is_gflag("0")) log(1,"-- 0 ist gesetzt.\n");
        #if (is_gflag("1")) log(1,"-- 1 ist gesetzt.\n");
        #if (is_gflag("2")) log(1,"-- 2 ist gesetzt.\n");
        #if (is_gflag("3")) log(1,"-- 3 ist gesetzt.\n");

        #if (is_gflag("1"))
        #{
        #  log(1,"Recording this Call\n");
        #  start_recording();
        #}
        #else
        #{
        #  log(1,"NOT recording this Call\n");
        #}

        xlog("L_DBG", "-- Status: $rs  METHOD $rm Reason $rr\n");
        if ($rm=="INVITE")
        {
                xlog("L_DBG", "Method is INVITE\n");
                if ($rs=~"1[0-9][0-9]")
                {
                        xlog("L_DBG", "Status is in 100-class Trying\n");
                        $sht(a=>$ci::invtrytime) = $Ts;
                        #perl_exec("got_invite_trying");        
                }
                else if ($rs=~"4[0-9][0-9]")
                {
                        xlog("L_DBG", "Status is in 400-class - 
ClientErrors\n");
                        #xlog("L_DBG", "SI aus shared: $sht(a=>$ci::srcip)\n");
                        #perl_exec("write_cdr");
                        #sht_rm_name_re("a=>$ci::.*");
                        route(6);
                }
        }
}

####
# Per SIP request initial checks
route[REQINIT] {
#!ifdef WITH_ANTIFLOOD
        # flood dection from same IP and traffic ban for a while
        # be sure you exclude checking trusted peers, such as pstn gateways
        # - local host excluded (e.g., loop to self)
        if(src_ip!=myself)
        {
                if($sht(ipban=>$si)!=$null)
                {
                        # ip is already blocked
                        xdbg("request from blocked IP - $rm from $fu 
(IP:$si:$sp)\n");
                        exit;
                }
                if (!pike_check_req())
                {
                        xlog("L_ALERT","ALERT: pike blocking $rm from $fu 
(IP:$si:$sp)\n");
                        $sht(ipban=>$si) = 1;
                        exit;
                }
        }
#!endif

        if (!mf_process_maxfwd_header("10")) {
                sl_send_reply("483","Too Many Hops");
                exit;
        }

        if(!sanity_check("1511", "7"))
        {
                xlog("Malformed SIP message from $si:$sp\n");
                exit;
        }
}

-- 
Mit freundlichen Grüßen
*Karsten Horsmann*

_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

Reply via email to