Re: [OpenSIPStack] domain rewriting question
Brought to you by:
joegenbaclor
Menu
▾
▴
Re: [OpenSIPStack] domain rewriting question
|
From: André M. <an...@ma...> - 2008-10-07 12:49:24
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Joegen, the rewrite of the domain in the from field seems to work until 1.1.5-10. After that, and I compiled almost everything what I could get from CVS, it is not working anymore. I tried to have a look at the differences in order to find out why it changed and what was changed. I could identify that in Version 1.28 of the Router.cxx the Feature: Router.cxx: * Added feature to rewrite the FROM domain to a specific domain in the B2BUA routes was added. At the moment I' m unable to find a good starting point - if you could give me a small hint please... Andre Andre Mamitzsch schrieb: > Hello Joegen, > > thanks for your reply. I'm with you regarding the 50/50 - I checked the > RFC3261 this morning. > > > Never the less, I'll find time to make the domain rewrite for from > > configurable via B2BUA Route as well. > > Please wait. I found something confusing today which I cannot explain > yet. I disabled the "Rewrite-Request-URI" and "Rewrite-TO-URI" and > things start working. The from field value ist replaced with the target > domain (abc.net) while the to: field remains unchanged and contains the > local domain value (xyz.net). > > I' m totally confused now - I need to overthink that and come back to > you as soon as I verified the scenario. > > Regards, > > Andre > > > jo...@op... schrieb: >> Andre, >> >> I am 50/50 on this one. Half of the argument is as you have already >> stated in this post. The other half is, this is the first time I have >> encountered a GW that filters INVITE based on the from header. From is >> a very weak form of identity assertion since it can be forged very >> easily using any softphone. This is not mentioning that RFC 3261 not >> only allows From to be forged easily but also allows it to be >> anonymized. For example sip:ano...@an...valid to indicate >> that you want your identity to be private is aperfectly valid from >> header. Thus, an implementation that relies on From to assert identity >> is tantamount to a multitude of interoperability issues. >> >> Never the less, I'll find time to make the domain rewrite for from >> configurable via B2BUA Route as well. I guess these sorts of issues is >> the main reason why SBC's are invented anyway. >> >> Joegen >> >> Andre Mamitzsch wrote: >>> Hi, >>> >>> I just need some clarification regarding the domain rewriting concept of >>> the OpenSBC. >>> >>> We are using the SBC in upper registration mode. The upper registration >>> works fine, all register messages are "hijacked" and domain rewriting is >>> performed. So, everything is fine here. >>> >>> >>> If I try to place a call, I receive the message "forbidden AOR" since no >>> rewriting in the From: field is performed while the domain in the To: >>> is replaced as expected. >>> >>> In my opinion, the local domain (xyz.net) should be replaced by the >>> target domain (abc.net) in the From: as well. Or am I wrong here ? >>> >>> Regards, >>> >>> Andre >>> >>> Our setup: >>> >>> >>> +--------+ +-------+ +---------+ >>> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >>> +--------+ +-------+ +---------+ >>> 192.168.10.3 10.70.3.200 10.70.5.85 >>> 12...@si... sip.abc.net >>> >>> >>> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >>> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >>> >>> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 >>> Forbidden AOR State: 3 >>> >>> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... >>> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >>> <sip:12...@si...>;tag=ed94ab1c >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >>> <sip:78...@si...>;tag=1_1146_t160890_14h5 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >>> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >>> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >>> <sip:123456@10.70.3.200:5060> >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, >>> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>> >>> ------------------------------------------------------------------------- >>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> opensipstack-devel mailing list >>> ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>> >>> ------------------------------------------------------------------------ >>> >>> >>> No virus found in this incoming message. >>> Checked by AVG - http://www.avg.com >>> Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >>> >>> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >> Build the coolest Linux based applications with Moblin SDK & win great prizes >> Grand prize is a trip for two to an Open Source event anywhere in the world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFI61SIQKZIuVrbkWoRAmYkAJ499q3C8J94fe6kOO3nM0fVr46IiwCfcnW+ cRvR/59pqaqnzhqiilg0B84= =WEQ/ -----END PGP SIGNATURE----- |
