Thread: [OpenSIPStack] domain rewriting question
Brought to you by:
joegenbaclor
Menu
▾
▴
opensipstack-devel
|
From: Andre M. <an...@ma...> - 2008-10-01 21:04:57
|
Hi, I just need some clarification regarding the domain rewriting concept of the OpenSBC. We are using the SBC in upper registration mode. The upper registration works fine, all register messages are "hijacked" and domain rewriting is performed. So, everything is fine here. If I try to place a call, I receive the message "forbidden AOR" since no rewriting in the From: field is performed while the domain in the To: is replaced as expected. In my opinion, the local domain (xyz.net) should be replaced by the target domain (abc.net) in the From: as well. Or am I wrong here ? Regards, Andre Our setup: +--------+ +-------+ +---------+ + SIP UA +------------------+ oSBC +-------------------+ SIP Net + +--------+ +-------+ +---------+ 192.168.10.3 10.70.3.200 10.70.5.85 12...@si... sip.abc.net 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) Event(SIPMessage) - SIP/2.0 403 Forbidden AOR 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 Forbidden AOR State: 3 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" <sip:12...@si...>;tag=ed94ab1c 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" <sip:78...@si...>;tag=1_1146_t160890_14h5 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: <sip:123456@10.70.3.200:5060> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] |
|
From: <jo...@op...> - 2008-10-02 02:02:16
|
Andre, I am 50/50 on this one. Half of the argument is as you have already stated in this post. The other half is, this is the first time I have encountered a GW that filters INVITE based on the from header. From is a very weak form of identity assertion since it can be forged very easily using any softphone. This is not mentioning that RFC 3261 not only allows From to be forged easily but also allows it to be anonymized. For example sip:ano...@an...valid to indicate that you want your identity to be private is aperfectly valid from header. Thus, an implementation that relies on From to assert identity is tantamount to a multitude of interoperability issues. Never the less, I'll find time to make the domain rewrite for from configurable via B2BUA Route as well. I guess these sorts of issues is the main reason why SBC's are invented anyway. Joegen Andre Mamitzsch wrote: > Hi, > > I just need some clarification regarding the domain rewriting concept of > the OpenSBC. > > We are using the SBC in upper registration mode. The upper registration > works fine, all register messages are "hijacked" and domain rewriting is > performed. So, everything is fine here. > > > If I try to place a call, I receive the message "forbidden AOR" since no > rewriting in the From: field is performed while the domain in the To: > is replaced as expected. > > In my opinion, the local domain (xyz.net) should be replaced by the > target domain (abc.net) in the From: as well. Or am I wrong here ? > > Regards, > > Andre > > Our setup: > > > +--------+ +-------+ +---------+ > + SIP UA +------------------+ oSBC +-------------------+ SIP Net + > +--------+ +-------+ +---------+ > 192.168.10.3 10.70.3.200 10.70.5.85 > 12...@si... sip.abc.net > > > 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) > Event(SIPMessage) - SIP/2.0 403 Forbidden AOR > > 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 > Forbidden AOR State: 3 > > 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... > SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" > <sip:12...@si...>;tag=ed94ab1c > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" > <sip:78...@si...>;tag=1_1146_t160890_14h5 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP > 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: > ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: > <sip:123456@10.70.3.200:5060> > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, > OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM > > |
|
From: Andre M. <an...@ma...> - 2008-10-02 13:12:58
|
Hello Joegen, thanks for your reply. I'm with you regarding the 50/50 - I checked the RFC3261 this morning. > Never the less, I'll find time to make the domain rewrite for from > configurable via B2BUA Route as well. Please wait. I found something confusing today which I cannot explain yet. I disabled the "Rewrite-Request-URI" and "Rewrite-TO-URI" and things start working. The from field value ist replaced with the target domain (abc.net) while the to: field remains unchanged and contains the local domain value (xyz.net). I' m totally confused now - I need to overthink that and come back to you as soon as I verified the scenario. Regards, Andre jo...@op... schrieb: > Andre, > > I am 50/50 on this one. Half of the argument is as you have already > stated in this post. The other half is, this is the first time I have > encountered a GW that filters INVITE based on the from header. From is > a very weak form of identity assertion since it can be forged very > easily using any softphone. This is not mentioning that RFC 3261 not > only allows From to be forged easily but also allows it to be > anonymized. For example sip:ano...@an...valid to indicate > that you want your identity to be private is aperfectly valid from > header. Thus, an implementation that relies on From to assert identity > is tantamount to a multitude of interoperability issues. > > Never the less, I'll find time to make the domain rewrite for from > configurable via B2BUA Route as well. I guess these sorts of issues is > the main reason why SBC's are invented anyway. > > Joegen > > Andre Mamitzsch wrote: >> Hi, >> >> I just need some clarification regarding the domain rewriting concept of >> the OpenSBC. >> >> We are using the SBC in upper registration mode. The upper registration >> works fine, all register messages are "hijacked" and domain rewriting is >> performed. So, everything is fine here. >> >> >> If I try to place a call, I receive the message "forbidden AOR" since no >> rewriting in the From: field is performed while the domain in the To: >> is replaced as expected. >> >> In my opinion, the local domain (xyz.net) should be replaced by the >> target domain (abc.net) in the From: as well. Or am I wrong here ? >> >> Regards, >> >> Andre >> >> Our setup: >> >> >> +--------+ +-------+ +---------+ >> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >> +--------+ +-------+ +---------+ >> 192.168.10.3 10.70.3.200 10.70.5.85 >> 12...@si... sip.abc.net >> >> >> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >> >> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 >> Forbidden AOR State: 3 >> >> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... >> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >> <sip:12...@si...>;tag=ed94ab1c >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >> <sip:78...@si...>;tag=1_1146_t160890_14h5 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >> <sip:123456@10.70.3.200:5060> >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, >> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >> >> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >> Build the coolest Linux based applications with Moblin SDK & win great prizes >> Grand prize is a trip for two to an Open Source event anywhere in the world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >> >> ------------------------------------------------------------------------ >> >> >> No virus found in this incoming message. >> Checked by AVG - http://www.avg.com >> Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >> >> > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel |
|
From: André M. <an...@ma...> - 2008-10-07 12:49:24
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Joegen, the rewrite of the domain in the from field seems to work until 1.1.5-10. After that, and I compiled almost everything what I could get from CVS, it is not working anymore. I tried to have a look at the differences in order to find out why it changed and what was changed. I could identify that in Version 1.28 of the Router.cxx the Feature: Router.cxx: * Added feature to rewrite the FROM domain to a specific domain in the B2BUA routes was added. At the moment I' m unable to find a good starting point - if you could give me a small hint please... Andre Andre Mamitzsch schrieb: > Hello Joegen, > > thanks for your reply. I'm with you regarding the 50/50 - I checked the > RFC3261 this morning. > > > Never the less, I'll find time to make the domain rewrite for from > > configurable via B2BUA Route as well. > > Please wait. I found something confusing today which I cannot explain > yet. I disabled the "Rewrite-Request-URI" and "Rewrite-TO-URI" and > things start working. The from field value ist replaced with the target > domain (abc.net) while the to: field remains unchanged and contains the > local domain value (xyz.net). > > I' m totally confused now - I need to overthink that and come back to > you as soon as I verified the scenario. > > Regards, > > Andre > > > jo...@op... schrieb: >> Andre, >> >> I am 50/50 on this one. Half of the argument is as you have already >> stated in this post. The other half is, this is the first time I have >> encountered a GW that filters INVITE based on the from header. From is >> a very weak form of identity assertion since it can be forged very >> easily using any softphone. This is not mentioning that RFC 3261 not >> only allows From to be forged easily but also allows it to be >> anonymized. For example sip:ano...@an...valid to indicate >> that you want your identity to be private is aperfectly valid from >> header. Thus, an implementation that relies on From to assert identity >> is tantamount to a multitude of interoperability issues. >> >> Never the less, I'll find time to make the domain rewrite for from >> configurable via B2BUA Route as well. I guess these sorts of issues is >> the main reason why SBC's are invented anyway. >> >> Joegen >> >> Andre Mamitzsch wrote: >>> Hi, >>> >>> I just need some clarification regarding the domain rewriting concept of >>> the OpenSBC. >>> >>> We are using the SBC in upper registration mode. The upper registration >>> works fine, all register messages are "hijacked" and domain rewriting is >>> performed. So, everything is fine here. >>> >>> >>> If I try to place a call, I receive the message "forbidden AOR" since no >>> rewriting in the From: field is performed while the domain in the To: >>> is replaced as expected. >>> >>> In my opinion, the local domain (xyz.net) should be replaced by the >>> target domain (abc.net) in the From: as well. Or am I wrong here ? >>> >>> Regards, >>> >>> Andre >>> >>> Our setup: >>> >>> >>> +--------+ +-------+ +---------+ >>> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >>> +--------+ +-------+ +---------+ >>> 192.168.10.3 10.70.3.200 10.70.5.85 >>> 12...@si... sip.abc.net >>> >>> >>> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >>> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >>> >>> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 >>> Forbidden AOR State: 3 >>> >>> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... >>> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >>> <sip:12...@si...>;tag=ed94ab1c >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >>> <sip:78...@si...>;tag=1_1146_t160890_14h5 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >>> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >>> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >>> <sip:123456@10.70.3.200:5060> >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, >>> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>> >>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>> >>> ------------------------------------------------------------------------- >>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> opensipstack-devel mailing list >>> ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>> >>> ------------------------------------------------------------------------ >>> >>> >>> No virus found in this incoming message. >>> Checked by AVG - http://www.avg.com >>> Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >>> >>> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >> Build the coolest Linux based applications with Moblin SDK & win great prizes >> Grand prize is a trip for two to an Open Source event anywhere in the world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFI61SIQKZIuVrbkWoRAmYkAJ499q3C8J94fe6kOO3nM0fVr46IiwCfcnW+ cRvR/59pqaqnzhqiilg0B84= =WEQ/ -----END PGP SIGNATURE----- |
|
From: Joegen E. B. <joe...@gm...> - 2008-10-08 02:10:46
|
Andre I will try to back-track the changes. That revision was checked in by another developer. I need to confer with him before I conuld confirm what really changed since then. Joegen André Mamitzsch wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello Joegen, > > the rewrite of the domain in the from field seems to work until > 1.1.5-10. After that, and I compiled almost everything what I could get > from CVS, it is not working anymore. > > I tried to have a look at the differences in order to find out why it > changed and what was changed. I could identify that in Version 1.28 of > the Router.cxx the Feature: > > Router.cxx: * Added feature to rewrite the FROM domain to a specific > domain in the B2BUA routes > > was added. > > At the moment I' m unable to find a good starting point - if you could > give me a small hint please... > > Andre > > > Andre Mamitzsch schrieb: > >> Hello Joegen, >> >> thanks for your reply. I'm with you regarding the 50/50 - I checked the >> RFC3261 this morning. >> >> > Never the less, I'll find time to make the domain rewrite for from >> > configurable via B2BUA Route as well. >> >> Please wait. I found something confusing today which I cannot explain >> yet. I disabled the "Rewrite-Request-URI" and "Rewrite-TO-URI" and >> things start working. The from field value ist replaced with the target >> domain (abc.net) while the to: field remains unchanged and contains the >> local domain value (xyz.net). >> >> I' m totally confused now - I need to overthink that and come back to >> you as soon as I verified the scenario. >> >> Regards, >> >> Andre >> >> >> jo...@op... schrieb: >> >>> Andre, >>> >>> I am 50/50 on this one. Half of the argument is as you have already >>> stated in this post. The other half is, this is the first time I have >>> encountered a GW that filters INVITE based on the from header. From is >>> a very weak form of identity assertion since it can be forged very >>> easily using any softphone. This is not mentioning that RFC 3261 not >>> only allows From to be forged easily but also allows it to be >>> anonymized. For example sip:ano...@an...valid to indicate >>> that you want your identity to be private is aperfectly valid from >>> header. Thus, an implementation that relies on From to assert identity >>> is tantamount to a multitude of interoperability issues. >>> >>> Never the less, I'll find time to make the domain rewrite for from >>> configurable via B2BUA Route as well. I guess these sorts of issues is >>> the main reason why SBC's are invented anyway. >>> >>> Joegen >>> >>> Andre Mamitzsch wrote: >>> >>>> Hi, >>>> >>>> I just need some clarification regarding the domain rewriting concept of >>>> the OpenSBC. >>>> >>>> We are using the SBC in upper registration mode. The upper registration >>>> works fine, all register messages are "hijacked" and domain rewriting is >>>> performed. So, everything is fine here. >>>> >>>> >>>> If I try to place a call, I receive the message "forbidden AOR" since no >>>> rewriting in the From: field is performed while the domain in the To: >>>> is replaced as expected. >>>> >>>> In my opinion, the local domain (xyz.net) should be replaced by the >>>> target domain (abc.net) in the From: as well. Or am I wrong here ? >>>> >>>> Regards, >>>> >>>> Andre >>>> >>>> Our setup: >>>> >>>> >>>> +--------+ +-------+ +---------+ >>>> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >>>> +--------+ +-------+ +---------+ >>>> 192.168.10.3 10.70.3.200 10.70.5.85 >>>> 12...@si... sip.abc.net >>>> >>>> >>>> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >>>> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >>>> >>>> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 >>>> Forbidden AOR State: 3 >>>> >>>> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... >>>> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >>>> <sip:12...@si...>;tag=ed94ab1c >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >>>> <sip:78...@si...>;tag=1_1146_t160890_14h5 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >>>> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >>>> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >>>> <sip:123456@10.70.3.200:5060> >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, >>>> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>> >>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>> >>>> ------------------------------------------------------------------------- >>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> _______________________________________________ >>>> opensipstack-devel mailing list >>>> ope...@li... >>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> No virus found in this incoming message. >>>> Checked by AVG - http://www.avg.com >>>> Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >>>> >>>> >>>> >>> ------------------------------------------------------------------------- >>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> opensipstack-devel mailing list >>> ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >> Build the coolest Linux based applications with Moblin SDK & win great prizes >> Grand prize is a trip for two to an Open Source event anywhere in the world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >> > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFI61SIQKZIuVrbkWoRAmYkAJ499q3C8J94fe6kOO3nM0fVr46IiwCfcnW+ > cRvR/59pqaqnzhqiilg0B84= > =WEQ/ > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.173 / Virus Database: 270.7.6/1711 - Release Date: 10/6/2008 5:37 PM > > |
|
From: Andre M. <an...@ma...> - 2008-10-18 17:04:43
|
Hello Joegen, did you find some time to back-track the changes ? An update on that would be highly appreciated. Regards, Andre Joegen E. Baclor schrieb: > Andre > > I will try to back-track the changes. That revision was checked in by > another developer. I need to confer with him before I conuld confirm > what really changed since then. > > Joegen > > André Mamitzsch wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hello Joegen, >> >> the rewrite of the domain in the from field seems to work until >> 1.1.5-10. After that, and I compiled almost everything what I could get >> from CVS, it is not working anymore. >> >> I tried to have a look at the differences in order to find out why it >> changed and what was changed. I could identify that in Version 1.28 of >> the Router.cxx the Feature: >> >> Router.cxx: * Added feature to rewrite the FROM domain to a specific >> domain in the B2BUA routes >> >> was added. >> >> At the moment I' m unable to find a good starting point - if you could >> give me a small hint please... >> >> Andre >> >> >> Andre Mamitzsch schrieb: >> >>> Hello Joegen, >>> >>> thanks for your reply. I'm with you regarding the 50/50 - I checked the >>> RFC3261 this morning. >>> >>> > Never the less, I'll find time to make the domain rewrite for from >>> > configurable via B2BUA Route as well. >>> >>> Please wait. I found something confusing today which I cannot explain >>> yet. I disabled the "Rewrite-Request-URI" and "Rewrite-TO-URI" and >>> things start working. The from field value ist replaced with the target >>> domain (abc.net) while the to: field remains unchanged and contains the >>> local domain value (xyz.net). >>> >>> I' m totally confused now - I need to overthink that and come back to >>> you as soon as I verified the scenario. >>> >>> Regards, >>> >>> Andre >>> >>> >>> jo...@op... schrieb: >>> >>>> Andre, >>>> >>>> I am 50/50 on this one. Half of the argument is as you have already >>>> stated in this post. The other half is, this is the first time I have >>>> encountered a GW that filters INVITE based on the from header. From is >>>> a very weak form of identity assertion since it can be forged very >>>> easily using any softphone. This is not mentioning that RFC 3261 not >>>> only allows From to be forged easily but also allows it to be >>>> anonymized. For example sip:ano...@an...valid to indicate >>>> that you want your identity to be private is aperfectly valid from >>>> header. Thus, an implementation that relies on From to assert identity >>>> is tantamount to a multitude of interoperability issues. >>>> >>>> Never the less, I'll find time to make the domain rewrite for from >>>> configurable via B2BUA Route as well. I guess these sorts of issues is >>>> the main reason why SBC's are invented anyway. >>>> >>>> Joegen >>>> >>>> Andre Mamitzsch wrote: >>>> >>>>> Hi, >>>>> >>>>> I just need some clarification regarding the domain rewriting concept of >>>>> the OpenSBC. >>>>> >>>>> We are using the SBC in upper registration mode. The upper registration >>>>> works fine, all register messages are "hijacked" and domain rewriting is >>>>> performed. So, everything is fine here. >>>>> >>>>> >>>>> If I try to place a call, I receive the message "forbidden AOR" since no >>>>> rewriting in the From: field is performed while the domain in the To: >>>>> is replaced as expected. >>>>> >>>>> In my opinion, the local domain (xyz.net) should be replaced by the >>>>> target domain (abc.net) in the From: as well. Or am I wrong here ? >>>>> >>>>> Regards, >>>>> >>>>> Andre >>>>> >>>>> Our setup: >>>>> >>>>> >>>>> +--------+ +-------+ +---------+ >>>>> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >>>>> +--------+ +-------+ +---------+ >>>>> 192.168.10.3 10.70.3.200 10.70.5.85 >>>>> 12...@si... sip.abc.net >>>>> >>>>> >>>>> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >>>>> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >>>>> >>>>> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 >>>>> Forbidden AOR State: 3 >>>>> >>>>> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... >>>>> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >>>>> <sip:12...@si...>;tag=ed94ab1c >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >>>>> <sip:78...@si...>;tag=1_1146_t160890_14h5 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >>>>> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >>>>> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >>>>> <sip:123456@10.70.3.200:5060> >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, >>>>> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>> >>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>> >>>>> ------------------------------------------------------------------------- >>>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>> _______________________________________________ >>>>> opensipstack-devel mailing list >>>>> ope...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>> >>>>> ------------------------------------------------------------------------ >>>>> >>>>> >>>>> No virus found in this incoming message. >>>>> Checked by AVG - http://www.avg.com >>>>> Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >>>>> >>>>> >>>>> >>>> ------------------------------------------------------------------------- >>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> _______________________________________________ >>>> opensipstack-devel mailing list >>>> ope...@li... >>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>> >>> ------------------------------------------------------------------------- >>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> opensipstack-devel mailing list >>> ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.7 (MingW32) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >> >> iD8DBQFI61SIQKZIuVrbkWoRAmYkAJ499q3C8J94fe6kOO3nM0fVr46IiwCfcnW+ >> cRvR/59pqaqnzhqiilg0B84= >> =WEQ/ >> -----END PGP SIGNATURE----- >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >> Build the coolest Linux based applications with Moblin SDK & win great prizes >> Grand prize is a trip for two to an Open Source event anywhere in the world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >> ------------------------------------------------------------------------ >> >> >> No virus found in this incoming message. >> Checked by AVG - http://www.avg.com >> Version: 8.0.173 / Virus Database: 270.7.6/1711 - Release Date: 10/6/2008 5:37 PM >> >> > > > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel |
|
From: <jo...@op...> - 2008-10-20 10:24:33
Attachments:
rewrite-from.log
|
Andre, Sorry for the late response. I fired up an instance opensbc just a while ago. Added [sip:*;from=sipphone.com] sip:proxy01.sipphone.com and the from rewrite worked. So I am not sure what you are reporting here. I can't reproduce it. I have attached the log for my test call. You will see the the call went in with From: joegen <sip:77...@th...>;tag=fc663e5c and went out as From: joegen <sip:77...@si...>;tag=fc663e5c Joegen Andre Mamitzsch wrote: > Hello Joegen, > > did you find some time to back-track the changes ? An update on that > would be highly appreciated. > > Regards, > > Andre > > Joegen E. Baclor schrieb: > >> Andre >> >> I will try to back-track the changes. That revision was checked in by >> another developer. I need to confer with him before I conuld confirm >> what really changed since then. >> >> Joegen >> >> André Mamitzsch wrote: >> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Hello Joegen, >>> >>> the rewrite of the domain in the from field seems to work until >>> 1.1.5-10. After that, and I compiled almost everything what I could get >>> from CVS, it is not working anymore. >>> >>> I tried to have a look at the differences in order to find out why it >>> changed and what was changed. I could identify that in Version 1.28 of >>> the Router.cxx the Feature: >>> >>> Router.cxx: * Added feature to rewrite the FROM domain to a specific >>> domain in the B2BUA routes >>> >>> was added. >>> >>> At the moment I' m unable to find a good starting point - if you could >>> give me a small hint please... >>> >>> Andre >>> >>> >>> Andre Mamitzsch schrieb: >>> >>> >>>> Hello Joegen, >>>> >>>> thanks for your reply. I'm with you regarding the 50/50 - I checked the >>>> RFC3261 this morning. >>>> >>>> > Never the less, I'll find time to make the domain rewrite for from >>>> > configurable via B2BUA Route as well. >>>> >>>> Please wait. I found something confusing today which I cannot explain >>>> yet. I disabled the "Rewrite-Request-URI" and "Rewrite-TO-URI" and >>>> things start working. The from field value ist replaced with the target >>>> domain (abc.net) while the to: field remains unchanged and contains the >>>> local domain value (xyz.net). >>>> >>>> I' m totally confused now - I need to overthink that and come back to >>>> you as soon as I verified the scenario. >>>> >>>> Regards, >>>> >>>> Andre >>>> >>>> >>>> jo...@op... schrieb: >>>> >>>> >>>>> Andre, >>>>> >>>>> I am 50/50 on this one. Half of the argument is as you have already >>>>> stated in this post. The other half is, this is the first time I have >>>>> encountered a GW that filters INVITE based on the from header. From is >>>>> a very weak form of identity assertion since it can be forged very >>>>> easily using any softphone. This is not mentioning that RFC 3261 not >>>>> only allows From to be forged easily but also allows it to be >>>>> anonymized. For example sip:ano...@an...valid to indicate >>>>> that you want your identity to be private is aperfectly valid from >>>>> header. Thus, an implementation that relies on From to assert identity >>>>> is tantamount to a multitude of interoperability issues. >>>>> >>>>> Never the less, I'll find time to make the domain rewrite for from >>>>> configurable via B2BUA Route as well. I guess these sorts of issues is >>>>> the main reason why SBC's are invented anyway. >>>>> >>>>> Joegen >>>>> >>>>> Andre Mamitzsch wrote: >>>>> >>>>> >>>>>> Hi, >>>>>> >>>>>> I just need some clarification regarding the domain rewriting concept of >>>>>> the OpenSBC. >>>>>> >>>>>> We are using the SBC in upper registration mode. The upper registration >>>>>> works fine, all register messages are "hijacked" and domain rewriting is >>>>>> performed. So, everything is fine here. >>>>>> >>>>>> >>>>>> If I try to place a call, I receive the message "forbidden AOR" since no >>>>>> rewriting in the From: field is performed while the domain in the To: >>>>>> is replaced as expected. >>>>>> >>>>>> In my opinion, the local domain (xyz.net) should be replaced by the >>>>>> target domain (abc.net) in the From: as well. Or am I wrong here ? >>>>>> >>>>>> Regards, >>>>>> >>>>>> Andre >>>>>> >>>>>> Our setup: >>>>>> >>>>>> >>>>>> +--------+ +-------+ +---------+ >>>>>> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >>>>>> +--------+ +-------+ +---------+ >>>>>> 192.168.10.3 10.70.3.200 10.70.5.85 >>>>>> 12...@si... sip.abc.net >>>>>> >>>>>> >>>>>> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >>>>>> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >>>>>> >>>>>> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 >>>>>> Forbidden AOR State: 3 >>>>>> >>>>>> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... >>>>>> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >>>>>> <sip:12...@si...>;tag=ed94ab1c >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >>>>>> <sip:78...@si...>;tag=1_1146_t160890_14h5 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >>>>>> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >>>>>> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >>>>>> <sip:123456@10.70.3.200:5060> >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, >>>>>> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>> >>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>> >>>>>> ------------------------------------------------------------------------- >>>>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>>> _______________________________________________ >>>>>> opensipstack-devel mailing list >>>>>> ope...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>>> >>>>>> ------------------------------------------------------------------------ >>>>>> >>>>>> >>>>>> No virus found in this incoming message. >>>>>> Checked by AVG - http://www.avg.com >>>>>> Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >>>>>> >>>>>> >>>>>> >>>>>> >>>>> ------------------------------------------------------------------------- >>>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>> _______________________________________________ >>>>> opensipstack-devel mailing list >>>>> ope...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>> >>>>> >>>> ------------------------------------------------------------------------- >>>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>>> Grand prize is a trip for two to an Open Source event anywhere in the world >>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> _______________________________________________ >>>> opensipstack-devel mailing list >>>> ope...@li... >>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>> >>>> >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1.4.7 (MingW32) >>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >>> >>> iD8DBQFI61SIQKZIuVrbkWoRAmYkAJ499q3C8J94fe6kOO3nM0fVr46IiwCfcnW+ >>> cRvR/59pqaqnzhqiilg0B84= >>> =WEQ/ >>> -----END PGP SIGNATURE----- >>> >>> ------------------------------------------------------------------------- >>> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >>> Build the coolest Linux based applications with Moblin SDK & win great prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> opensipstack-devel mailing list >>> ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>> ------------------------------------------------------------------------ >>> >>> >>> No virus found in this incoming message. >>> Checked by AVG - http://www.avg.com >>> Version: 8.0.173 / Virus Database: 270.7.6/1711 - Release Date: 10/6/2008 5:37 PM >>> >>> >>> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge >> Build the coolest Linux based applications with Moblin SDK & win great prizes >> Grand prize is a trip for two to an Open Source event anywhere in the world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >> > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.173 / Virus Database: 270.8.1/1733 - Release Date: 10/19/2008 6:02 PM > > |
|
From: Andre M. <an...@ma...> - 2008-10-20 16:02:51
|
Hello Joegen, many thanks for the reply - I read it and I immediately found the problem. I missed the ";from=sipphone.com" statement in the route configuration - it's working now. Many thanks again ! Andre jo...@op... schrieb: > Andre, > > Sorry for the late response. I fired up an instance opensbc just a > while ago. Added [sip:*;from=sipphone.com] sip:proxy01.sipphone.com and > the from rewrite worked. So I am not sure what you are reporting here. > I can't reproduce it. I have attached the log for my test call. You > will see the the call went in with > From: joegen <sip:77...@th...>;tag=fc663e5c > and went out as > From: joegen <sip:77...@si...>;tag=fc663e5c > > > Joegen > > Andre Mamitzsch wrote: >> Hello Joegen, >> >> did you find some time to back-track the changes ? An update on that >> would be highly appreciated. >> >> Regards, >> >> Andre >> >> Joegen E. Baclor schrieb: >> >>> Andre >>> >>> I will try to back-track the changes. That revision was checked in >>> by another developer. I need to confer with him before I conuld >>> confirm what really changed since then. >>> Joegen >>> >>> André Mamitzsch wrote: >>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Hello Joegen, >>>> >>>> the rewrite of the domain in the from field seems to work until >>>> 1.1.5-10. After that, and I compiled almost everything what I could get >>>> from CVS, it is not working anymore. >>>> >>>> I tried to have a look at the differences in order to find out why it >>>> changed and what was changed. I could identify that in Version 1.28 of >>>> the Router.cxx the Feature: >>>> >>>> Router.cxx: * Added feature to rewrite the FROM domain to a specific >>>> domain in the B2BUA routes >>>> >>>> was added. >>>> >>>> At the moment I' m unable to find a good starting point - if you could >>>> give me a small hint please... >>>> >>>> Andre >>>> >>>> >>>> Andre Mamitzsch schrieb: >>>> >>>>> Hello Joegen, >>>>> >>>>> thanks for your reply. I'm with you regarding the 50/50 - I checked >>>>> the RFC3261 this morning. >>>>> >>>>> > Never the less, I'll find time to make the domain rewrite for from >>>>> > configurable via B2BUA Route as well. >>>>> >>>>> Please wait. I found something confusing today which I cannot >>>>> explain yet. I disabled the "Rewrite-Request-URI" and >>>>> "Rewrite-TO-URI" and things start working. The from field value ist >>>>> replaced with the target domain (abc.net) while the to: field >>>>> remains unchanged and contains the local domain value (xyz.net). >>>>> >>>>> I' m totally confused now - I need to overthink that and come back >>>>> to you as soon as I verified the scenario. >>>>> >>>>> Regards, >>>>> >>>>> Andre >>>>> >>>>> >>>>> jo...@op... schrieb: >>>>> >>>>>> Andre, >>>>>> >>>>>> I am 50/50 on this one. Half of the argument is as you have >>>>>> already stated in this post. The other half is, this is the first >>>>>> time I have encountered a GW that filters INVITE based on the from >>>>>> header. From is a very weak form of identity assertion since it >>>>>> can be forged very easily using any softphone. This is not >>>>>> mentioning that RFC 3261 not only allows From to be forged easily >>>>>> but also allows it to be anonymized. For example >>>>>> sip:ano...@an...valid to indicate that you want your >>>>>> identity to be private is aperfectly valid from header. Thus, an >>>>>> implementation that relies on From to assert identity is >>>>>> tantamount to a multitude of interoperability issues. >>>>>> >>>>>> Never the less, I'll find time to make the domain rewrite for from >>>>>> configurable via B2BUA Route as well. I guess these sorts of >>>>>> issues is the main reason why SBC's are invented anyway. >>>>>> >>>>>> Joegen >>>>>> >>>>>> Andre Mamitzsch wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I just need some clarification regarding the domain rewriting >>>>>>> concept of the OpenSBC. >>>>>>> >>>>>>> We are using the SBC in upper registration mode. The upper >>>>>>> registration works fine, all register messages are "hijacked" and >>>>>>> domain rewriting is performed. So, everything is fine here. >>>>>>> >>>>>>> >>>>>>> If I try to place a call, I receive the message "forbidden AOR" >>>>>>> since no rewriting in the From: field is performed while the >>>>>>> domain in the To: is replaced as expected. >>>>>>> >>>>>>> In my opinion, the local domain (xyz.net) should be replaced by >>>>>>> the target domain (abc.net) in the From: as well. Or am I wrong >>>>>>> here ? >>>>>>> >>>>>>> Regards, >>>>>>> >>>>>>> Andre >>>>>>> >>>>>>> Our setup: >>>>>>> >>>>>>> >>>>>>> +--------+ +-------+ +---------+ >>>>>>> + SIP UA +------------------+ oSBC +-------------------+ SIP Net + >>>>>>> +--------+ +-------+ +---------+ >>>>>>> 192.168.10.3 10.70.3.200 10.70.5.85 >>>>>>> 12...@si... sip.abc.net >>>>>>> >>>>>>> >>>>>>> 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) >>>>>>> Event(SIPMessage) - SIP/2.0 403 Forbidden AOR >>>>>>> >>>>>>> 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) >>>>>>> SIP/2.0 403 >>>>>>> Forbidden AOR State: 3 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK >>>>>>> sip:78...@si... >>>>>>> SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 >>>>>>> bytes=656 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK >>>>>>> sip:78...@si... SIP/2.0 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" >>>>>>> <sip:12...@si...>;tag=ed94ab1c >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" >>>>>>> <sip:78...@si...>;tag=1_1146_t160890_14h5 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP >>>>>>> 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport >>>>>>> >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: >>>>>>> ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: >>>>>>> <sip:123456@10.70.3.200:5060> >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC >>>>>>> v1.1.5-13 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, >>>>>>> CANCEL, >>>>>>> OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>>> >>>>>>> 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] >>>>>>> >>>>>>> ------------------------------------------------------------------------- >>>>>>> >>>>>>> This SF.Net email is sponsored by the Moblin Your Move >>>>>>> Developer's challenge >>>>>>> Build the coolest Linux based applications with Moblin SDK & win >>>>>>> great prizes >>>>>>> Grand prize is a trip for two to an Open Source event anywhere in >>>>>>> the world >>>>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>>>> _______________________________________________ >>>>>>> opensipstack-devel mailing list >>>>>>> ope...@li... >>>>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>>>> >>>>>>> ------------------------------------------------------------------------ >>>>>>> >>>>>>> >>>>>>> >>>>>>> No virus found in this incoming message. >>>>>>> Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus >>>>>>> Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM >>>>>>> >>>>>>> >>>>>> ------------------------------------------------------------------------- >>>>>> >>>>>> This SF.Net email is sponsored by the Moblin Your Move Developer's >>>>>> challenge >>>>>> Build the coolest Linux based applications with Moblin SDK & win >>>>>> great prizes >>>>>> Grand prize is a trip for two to an Open Source event anywhere in >>>>>> the world >>>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>>> _______________________________________________ >>>>>> opensipstack-devel mailing list >>>>>> ope...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>>> >>>>> ------------------------------------------------------------------------- >>>>> >>>>> This SF.Net email is sponsored by the Moblin Your Move Developer's >>>>> challenge >>>>> Build the coolest Linux based applications with Moblin SDK & win >>>>> great prizes >>>>> Grand prize is a trip for two to an Open Source event anywhere in >>>>> the world >>>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>>> _______________________________________________ >>>>> opensipstack-devel mailing list >>>>> ope...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>>> >>>> -----BEGIN PGP SIGNATURE----- >>>> Version: GnuPG v1.4.7 (MingW32) >>>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >>>> >>>> iD8DBQFI61SIQKZIuVrbkWoRAmYkAJ499q3C8J94fe6kOO3nM0fVr46IiwCfcnW+ >>>> cRvR/59pqaqnzhqiilg0B84= >>>> =WEQ/ >>>> -----END PGP SIGNATURE----- >>>> >>>> ------------------------------------------------------------------------- >>>> >>>> This SF.Net email is sponsored by the Moblin Your Move Developer's >>>> challenge >>>> Build the coolest Linux based applications with Moblin SDK & win >>>> great prizes >>>> Grand prize is a trip for two to an Open Source event anywhere in >>>> the world >>>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>>> _______________________________________________ >>>> opensipstack-devel mailing list >>>> ope...@li... >>>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> >>>> No virus found in this incoming message. >>>> Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus >>>> Database: 270.7.6/1711 - Release Date: 10/6/2008 5:37 PM >>>> >>>> >>> >>> ------------------------------------------------------------------------- >>> >>> This SF.Net email is sponsored by the Moblin Your Move Developer's >>> challenge >>> Build the coolest Linux based applications with Moblin SDK & win >>> great prizes >>> Grand prize is a trip for two to an Open Source event anywhere in the >>> world >>> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >>> _______________________________________________ >>> opensipstack-devel mailing list >>> ope...@li... >>> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >>> >> >> ------------------------------------------------------------------------- >> This SF.Net email is sponsored by the Moblin Your Move Developer's >> challenge >> Build the coolest Linux based applications with Moblin SDK & win great >> prizes >> Grand prize is a trip for two to an Open Source event anywhere in the >> world >> http://moblin-contest.org/redirect.php?banner_id=100&url=/ >> _______________________________________________ >> opensipstack-devel mailing list >> ope...@li... >> https://lists.sourceforge.net/lists/listinfo/opensipstack-devel >> >> ------------------------------------------------------------------------ >> >> >> No virus found in this incoming message. >> Checked by AVG - http://www.avg.com Version: 8.0.173 / Virus Database: >> 270.8.1/1733 - Release Date: 10/19/2008 6:02 PM >> >> > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > > > ------------------------------------------------------------------------ > > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X