Re: [OpenSIPStack] domain rewriting question
Brought to you by:
joegenbaclor
Menu
▾
▴
Re: [OpenSIPStack] domain rewriting question
|
From: <jo...@op...> - 2008-10-20 10:24:33
|
Andre, Sorry for the late response. I fired up an instance opensbc just a while ago. Added [sip:*;from=sipphone.com] sip:proxy01.sipphone.com and the from rewrite worked. So I am not sure what you are reporting here. I can't reproduce it. I have attached the log for my test call. You will see the the call went in with From: joegen <sip:77...@th...>;tag=fc663e5c and went out as From: joegen <sip:77...@si...>;tag=fc663e5c Joegen Andre Mamitzsch wrote: > Hello Joegen, > > did you find some time to back-track the changes ? An update on that > would be highly appreciated. > > Regards, > > Andre > > Joegen E. Baclor schrieb: > >> Andre >> >> I will try to back-track the changes. That revision was checked in by >> another developer. I need to confer with him before I conuld confirm >> what really changed since then. >> >> Joegen >> >> André Mamitzsch wrote: >> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Hello Joegen, >>> >>> the rewrite of the domain in the from field seems to work until >>> 1.1.5-10. After that, and I compiled almost everything what I could get >>> from CVS, it is not working anymore. >>> >>> I tried to have a look at the differences in order to find out why it >>> changed and what was changed. I could identify that in Version 1.28 of >>> the Router.cxx the Feature: >>> >>> Router.cxx: * Added feature to rewrite the FROM domain to a specific >>> domain in the B2BUA routes >>> >>> was added. >>> >>> At the moment I' m unable to find a good starting point - if you could >>> give me a small hint please... >>> >>> Andre >>> >>> >>> Andre Mamitzsch schrieb: >>> >>> >>>> Hello Joegen, >>>> >>>> thanks for your reply. I'm with you regarding the 50/50 - I checked the >>>> RFC3261 this morning. >>>> >>>> > Never the less, I'll find time to make the domain rewrite for from >>>> > configurable via B2BUA Route as well. >>>> >>>> Please wait. I found something confusing today which I cannot explain >>>> yet. I disabled the "Rewrite-Request-URI" and "Rewrite-TO-URI" and >>>> things start working. The from field value ist replaced with the target >>>> domain (abc.net) while the to: field remains unchanged and contains the >>>> local domain value (xyz.net). >>>> >>>> I' m totally confused now - I need to overthink that and come back to >>>> you as soon as I verified the scenario. >>>> >>>> Regards, >>>> >>>> Andre >>>> >>>> >>>> jo...@op... schrieb: >>>> >>>> >>>>> Andre, >>>>> >>>>> I am 50/50 on this one. Half of the argument is as you have already >>>>> stated in this post. The other half is, this is the first time I have >>>>> encountered a GW that filters INVITE based on the from header. From is >>>>> a very weak form of identity assertion since it can be forged very >>>>> easily using any softphone. This is not mentioning that RFC 3261 not >>>>> only allows From to be forged easily but also allows it to be >>>>> anonymized. For example sip:ano...@an...valid to indicate >>>>> that you want your identity to be private is aperfectly valid from >>>>> header. Thus, an implementation that relies on From to assert identity >>>>> is tantamount to a multitude of interoperability issues. >>>>> >>>>> Never the less, I'll find time to make the domain rewrite for from >>>>> configurable via B2BUA Route as well. I guess these sorts of issues is >>>>> the main reason why SBC's are invented anyway. >>>>> >>>>> Joegen >>>>> >>>>> Andre Mamitzsch wrote: >>>>> >>>>> >>>>>> Hi, >>>>>> >>>>>> I just need some clarification regarding the domain rewriting concept of >>>>>> the OpenSBC. >>>>>> >>>>>> We are using the SBC in upper registration mode. The upper registration >>>>>> works fine, all register messages are "hijacked" and domain rewriting is >>>>>> performed. So, everything is fine here. >>>>>> >>>>>> >>>>>> If I try to place a call, I receive the message "forbidden AOR" since no >>>>>> rewriting in the From: field is performed while the domain in the To: >>>>>> is replaced as expected. >>>>>> >>>>>> In my opinion, the local domain (xyz.net) should be replaced by the >>>>>> target domain (abc.net) in the From: as well. Or am I wrong here ? >>>>>> >>>>>> Regards, >>>>>> >>>>>> Andre >>>>>> >>>>>> Our setup: >>>>>> >>>>>> >>>>>> +--------+ +-------+ +---------+ >>>>>> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >>>>>> +--------+ +-------+ +---------+ >>>>>> 192.168.10.3 10.70.3.200 10.70.5.85 >>>>>> 12...@si... sip.abc.net >>>>>> >>>>>> >>>>>> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >>>>>> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >>>>>> >>>>>> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 >>>>>> Forbidden AOR State: 3 >>>>>> >>>>>> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... >>>>>> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >>>>>> <sip:12...@si...>;tag=ed94ab1c >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >>>>>> <sip:78...@si...>;tag=1_1146_t160890_14h5 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >>>>>> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >>>>>> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >>>>>> <sip:123456@10.70.3.200:5060> >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, >>>>>> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>> >>>>>> ------------------------------------------------------------------------- >>>>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>>> _______________________________________________ >>>>>> opensipstack-devel mailing list >>>>>> ope...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>>> >>>>>> ------------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> No virus found in this incoming message. >>>>>> Checked by AVG - http://www.avg.com >>>>>> Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >>>>>> >>>>>> >>>>>> >>>>>> >>>>> ------------------------------------------------------------------------- >>>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>> _______________________________________________ >>>>> opensipstack-devel mailing list >>>>> ope...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>> >>>>> >>>> ------------------------------------------------------------------------- >>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> _______________________________________________ >>>> opensipstack-devel mailing list >>>> ope...@li... >>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>> >>>> >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1.4.7 (MingW32) >>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >>> >>> iD8DBQFI61SIQKZIuVrbkWoRAmYkAJ499q3C8J94fe6kOO3nM0fVr46IiwCfcnW+ >>> cRvR/59pqaqnzhqiilg0B84= >>> =WEQ/ >>> -----END PGP SIGNATURE----- >>> >>> ------------------------------------------------------------------------- >>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> opensipstack-devel mailing list >>> ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>> ------------------------------------------------------------------------ >>> >>> >>> No virus found in this incoming message. >>> Checked by AVG - http://www.avg.com >>> Version: 8.0.173 / Virus Database: 270.7.6/1711 - Release Date: 10/6/2008 5:37 PM >>> >>> >>> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >> Build the coolest Linux based applications with Moblin SDK & win great prizes >> Grand prize is a trip for two to an Open Source event anywhere in the world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >> > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.173 / Virus Database: 270.8.1/1733 - Release Date: 10/19/2008 6:02 PM > > |
