Polycom's PVX
Mike Zinner
Video Network Design Engineer
651-556-0769 - Desk
651-335-8108 - Cell
6512237614 - E164 Video
156.98.61.35 - IP Video
Mike.Zinner@xxxxxxxxxxx
________________________________________
From: openh323gk-users-request@xxxxxxxxxxxxxxxxxxxxx [openh323gk-users-request@xxxxxxxxxxxxxxxxxxxxx]
Sent: Saturday, July 24, 2010 3:53 PM
To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Openh323gk-users Digest, Vol 50, Issue 3
Send Openh323gk-users mailing list submissions to
openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/openh323gk-users
or, via email, send a message with subject or body 'help' to
openh323gk-users-request@xxxxxxxxxxxxxxxxxxxxx
You can reach the person managing the list at
openh323gk-users-owner@xxxxxxxxxxxxxxxxxxxxx
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Openh323gk-users digest..."
Today's Topics:
1. Videoconferencing software - Mirial vs. PacPhone - strange
behaviour in PrefixAuth on Mirial's part (pierlu)
2. [RewriteCLI] Source IP to CLID (manager IT conino)
----------------------------------------------------------------------
Message: 1
Date: Thu, 22 Jul 2010 11:26:42 +0200
From: pierlu <pierlu@xxxxxxxxx>
Subject: Videoconferencing software - Mirial vs.
PacPhone - strange behaviour in PrefixAuth on Mirial's part
To: GNU Gatekeeper Users <Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx>
Message-ID:
<AANLkTikEU1C36TbT32cuNVxVReNm9L8O2Ql7BKnr9sAk@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
I am testing Mirial Softphone, to use it instead of (or alongside) PacPhone
(btw does anyone know about good h.323 videoconferencing software -not
necesaarely free- which does not have complex licencing systems and which
works as "pure" H.323 client?)
But I get a strange behaviour when using Mirial.
Even tho Mirial registers on GnuGk fine (using the same H323 number and the
same IP as PacPhone), Prefix Auth on GnuGk does not work correctly and calls
are denied.
These are the logs when client (number 41100) tries to make a call to number
491 (an MCU room).
-----PacPhone
2.3.1---------------------------------------------------------------------------------------
2010/07/22 09:36:46.453 5 job.cxx(190) JOB Starting Job ARQ at
Worker thread 1480
2010/07/22 09:36:46.453 1 RasSrv.cxx(354) RAS ARQ Received from
10.1.10.12:5000
2010/07/22 09:36:46.453 5 gkauth.cxx(2079) GKAUTH Prefix auth rule
'allow alias:^411' matched
2010/07/22 09:36:46.453 4 gkauth.cxx(2281) GKAUTH PrefixAuth rule
matched and accepted destination prefix '491' for alias '491'
2010/07/22 09:36:46.453 3 gkauth.cxx(1030) GKAUTH PrefixAuth ARQ check
ok
2010/07/22 09:36:46.453 3 RasSrv.cxx(2661) GK ARQ will request
bandwith of 50000
2010/07/22 09:36:46.453 5 Routing.h(184) ROUTING Checking policy
Explicit for the request ARQ 5050
2010/07/22 09:36:46.453 5 Routing.h(184) ROUTING Checking policy
Internal for the request ARQ 5050
2010/07/22 09:36:46.453 2 RasTbl.cxx(1199) RASTBL Gateway 8718_endp
matched by prefix 49, priority: 1
2010/07/22 09:36:46.453 4 RasTbl.cxx(1636) RASTBL Prefix match for
gateways: 10.1.10.11:1720
2010/07/22 09:36:46.453 5 Routing.h(190) ROUTING Policy Internal
applied to the request ARQ 5050
2010/07/22 09:36:46.468 2 RasTbl.cxx(3382) CallTable::Insert(CALL)
Call No. 200, total sessions : 1
-----Mirial
7.0.5---------------------------------------------------------------------------------------
2010/07/22 09:41:57.781 5 job.cxx(190) JOB Starting Job ARQ at
Worker thread 1480
2010/07/22 09:41:57.781 1 RasSrv.cxx(354) RAS ARQ Received from
10.1.10.12:1719
2010/07/22 09:41:57.781 4 gkauth.cxx(2298) GKAUTH PrefixAuth rule
matched and could not reject or accept destination prefix '491' for alias
'491'
2010/07/22 09:41:57.781 4 gkauth.cxx(2298) GKAUTH PrefixAuth rule
matched and could not reject or accept destination prefix '4' for alias
'491'
2010/07/22 09:41:57.781 4 gkauth.cxx(2314) GKAUTH PrefixAuth could not
reject or accept the request
2010/07/22 09:41:57.781 5 gksql.cxx(387) SQLAuth Executing query:
SELECT action FROM regole WHERE (numero_chiamato='491' AND
numero_chiamante='41100') OR 'angelucci'='InternalMakeCallEP' ;
2010/07/22 09:41:57.781 3 sqlauth.cxx(245) SQLAUTH SQLAuth(ARQ from
10.1.10.12 CRV=17847): query returned no rows
2010/07/22 09:41:57.781 3 gkauth.cxx(1035) GKAUTH SQLAuth ARQ check
failed
2010/07/22 09:41:57.781 2 RasSrv.cxx(394) ARJ|10.1.10.12:1720
|491:dialedDigits|41100:dialedDigits=angelucci:h323_ID|false|resourceUnavailable|1f-79-69-3e-d5-01-19-10-8b-5a-02-01-51-12-10-60;
2010/07/22 09:41:57.781 3 RasSrv.cxx(236) RAS Send to 10.1.10.12:1719
---------------------------------------------------------------------------------------------------------
As you can see, PacPhone passes the PrefixAuth rule, while Mirial does not.
And i cannot understand why. (Of course the clients are not active
simultaneously)
This is ARQ's configuration in Gnugk (version 2.3.2, Build(Jun 29 2010,
14:43:16) Sys(Server 2003 i586 (Model=3 Stepping=4) v5.2.3790))
------------------------------
[Gatekeeper::Auth]
PrefixAuth=alternative;ARQ
SQLAuth=sufficient;ARQ
[PrefixAuth]
491=allow alias:^411
8=allow alias:^4
3=allow alias:^41100
2=allow alias:^41100
1=allow alias:^41100
4=allow alias:^41100
9=allow alias:^41100
41100=allow alias:^4
------------------------------
These are the ips
---------------------------------
Terminal IP: 10.1.10.12
Gk IP: 10.1.10.10
MCU IP: 10.1.10.11
---------------------------------
In the attachments, the registrationsRequest and registrationConfirm for
both clients as retrieved from Gnugk log (the main difference to me seems
only that Mirial is sending H323 alias too alongside the dialedDigits
information).
What's going on? What's that's not working?
Thanks,
pierlu.
-------------- next part --------------
An HTML attachment was scrubbed...
-------------- next part --------------
------------------------------------------------------------------------------
registrationRequest {
requestSeqNum = 51702
protocolIdentifier = 0.0.8.2250.0.6
discoveryComplete = true
callSignalAddress = 1 entries {
[0]=ipAddress {
ip = 4 octets {
1a 97 79 3c ..y<
}
port = 1720
}
}
rasAddress = 1 entries {
[0]=ipAddress {
ip = 4 octets {
1a 97 79 3c ..y<
}
port = 1719
}
}
terminalType = {
vendor = {
vendor = {
t35CountryCode = 89
t35Extension = 0
manufacturerCode = 17484
}
productId = 16 octets {
44 79 6c 6f 67 69 63 20 4d 69 72 69 61 6c 00 00 Dylogic Mirial..
}
versionId = 8 octets {
37 2e 30 2e 32 35 00 00 7.0.25..
}
}
terminal = {
}
mc = false
undefinedNode = false
}
terminalAlias = 2 entries {
[0]=h323_ID 9 characters {
0061 006e 0067 0065 006c 0075 0063 0063 angelucc
0069 i
}
[1]=dialedDigits "41100"
}
gatekeeperIdentifier = 6 characters {
0047 004e 0055 0067 006b 0032 GNUgk2
}
endpointVendor = {
vendor = {
t35CountryCode = 89
t35Extension = 0
manufacturerCode = 17484
}
productId = 16 octets {
44 79 6c 6f 67 69 63 20 4d 69 72 69 61 6c 00 00 Dylogic Mirial..
}
versionId = 8 octets {
37 2e 30 2e 32 35 00 00 7.0.25..
}
}
keepAlive = false
willSupplyUUIEs = true
maintainConnection = false
supportsAltGK = <<null>>
usageReportingCapability = {
nonStandardUsageTypes = 0 entries {
}
startTime = <<null>>
endTime = <<null>>
terminationCause = <<null>>
}
callCreditCapability = {
canEnforceDurationLimit = true
}
}
------------------------------------------------------------------------------
registrationConfirm {
requestSeqNum = 26662
protocolIdentifier = 0.0.8.2250.0.6
nonStandardData = {
nonStandardIdentifier = h221NonStandard {
t35CountryCode = 138
t35Extension = 2
manufacturerCode = 2
}
data = 5 octets {
4e 6f 4e 41 54 NoNAT
}
}
callSignalAddress = 1 entries {
[0]=ipAddress {
ip = 4 octets {
a0 01 a0 a2 ..n,
}
port = 1721
}
}
terminalAlias = 2 entries {
[0]=h323_ID 9 characters {
0061 006e 0067 0065 006c 0075 0063 0063 angelucc
0069 i
}
[1]=dialedDigits "41100"
}
gatekeeperIdentifier = 6 characters {
0047 004e 0055 0067 006b 0032 GNUgk2
}
endpointIdentifier = 9 characters {
0038 0037 0037 0039 005f 0065 006e 0064 8779_end
0070 p
}
timeToLive = 60
willRespondToIRR = false
maintainConnection = false
serviceControl = 1 entries {
[0]={
sessionId = 0
contents = callCreditServiceControl {
callStartingPoint = connect <<null>>
}
reason = open <<null>>
}
}
}
-------------- next part --------------
---------------------------------------------------------------------------------
registrationRequest {
requestSeqNum = 19728
protocolIdentifier = 0.0.8.2250.0.6
discoveryComplete = true
callSignalAddress = 1 entries {
[0]=ipAddress {
ip = 4 octets {
1a 97 79 3c ..y<
}
port = 1720
}
}
rasAddress = 1 entries {
[0]=ipAddress {
ip = 4 octets {
1a 97 79 3c ..y<
}
port = 5000
}
}
terminalType = {
vendor = {
vendor = {
t35CountryCode = 156
t35Extension = 0
manufacturerCode = 1
}
productId = 18 octets {
53 70 72 61 6e 74 6f 20 50 61 63 50 68 6f 6e 65 Spranto PacPhone
00 00 ..
}
versionId = 7 octets {
32 2e 33 2e 31 00 00 2.3.1..
}
}
terminal = {
}
mc = false
undefinedNode = false
}
terminalAlias = 1 entries {
[0]=dialedDigits "41100"
}
gatekeeperIdentifier = 7 characters {
0047 004e 0055 0067 006b 0032 0000 GNUgk2
}
endpointVendor = {
vendor = {
t35CountryCode = 156
t35Extension = 0
manufacturerCode = 1
}
productId = 18 octets {
53 70 72 61 6e 74 6f 20 50 61 63 50 68 6f 6e 65 Spranto PacPhone
00 00 ..
}
versionId = 7 octets {
32 2e 33 2e 31 00 00 2.3.1..
}
}
timeToLive = 2100
tokens = 1 entries {
[0]={
tokenOID = 1.2.840.113548.10.1.2.1
timeStamp = 1279785517
challenge = 16 octets {
e4 33 80 a3 59 cb 85 83 53 dc 3f 98 7d bb 2c 4e .3..Y...S.?.}.,N
}
random = 55
generalID = 6 characters {
0034 0031 0031 0030 0030 0000 41100
}
}
}
cryptoTokens = 2 entries {
[0]=nestedcryptoToken cryptoHashedToken {
tokenOID = 0.0.8.235.0.2.1
hashedVals = {
tokenOID = 0.0.8.235.0.2.5
timeStamp = 1279785517
random = 422858245
generalID = 7 characters {
0047 004e 0055 0067 006b 0032 0000 GNUgk2
}
sendersID = 6 characters {
0034 0031 0031 0030 0030 0000 41100
}
}
token = {
algorithmOID = 0.0.8.235.0.2.6
paramS = {
}
hash = Hex: d9 db 73 4c 02 48 9b cc 8e 51 ad 3a
}
}
[1]=cryptoEPPwdHash {
alias = dialedDigits "41100"
timeStamp = 1279785517
token = {
algorithmOID = 1.2.840.113549.2.5
paramS = {
}
hash = Hex: 21 d4 35 ef 75 9c 9f 50 ed f0 32 f3 65 26 a6 35
}
}
}
keepAlive = false
willSupplyUUIEs = true
maintainConnection = false
supportsAltGK = <<null>>
usageReportingCapability = {
nonStandardUsageTypes = 0 entries {
}
startTime = <<null>>
endTime = <<null>>
terminationCause = <<null>>
}
callCreditCapability = {
canDisplayAmountString = true
canEnforceDurationLimit = true
}
featureSet = {
replacementFeatureSet = false
supportedFeatures = 2 entries {
[0]={
id = standard 23
parameters = 3 entries {
[0]={
id = standard 1
content = bool true
}
[1]={
id = standard 2
content = bool true
}
[2]={
id = standard 7
content = bool true
}
}
}
[1]={
id = oid 1.3.6.1.4.1.17090.0.6
parameters = 2 entries {
[0]={
id = oid 1.3.6.1.4.1.17090.0.6.1
content = number8 0
}
[1]={
id = oid 1.3.6.1.4.1.17090.0.6.2
content = bool false
}
}
}
}
}
}
------------------------------------------------------------------------------
registrationConfirm {
requestSeqNum = 40602
protocolIdentifier = 0.0.8.2250.0.6
nonStandardData = {
nonStandardIdentifier = h221NonStandard {
t35CountryCode = 138
t35Extension = 2
manufacturerCode = 2
}
data = 5 octets {
4e 6f 4e 41 54 NoNAT
}
}
callSignalAddress = 1 entries {
[0]=ipAddress {
ip = 4 octets {
a0 01 a0 a2 ..n,
}
port = 1721
}
}
terminalAlias = 1 entries {
[0]=dialedDigits "41100"
}
gatekeeperIdentifier = 6 characters {
0047 004e 0055 0067 006b 0032 GNUgk2
}
endpointIdentifier = 9 characters {
0038 0037 0038 0030 005f 0065 006e 0064 8780_end
0070 p
}
timeToLive = 60
willRespondToIRR = false
maintainConnection = false
serviceControl = 1 entries {
[0]={
sessionId = 0
contents = callCreditServiceControl {
callStartingPoint = connect <<null>>
}
reason = open <<null>>
}
}
featureSet = {
replacementFeatureSet = false
supportedFeatures = 1 entries {
[0]={
id = oid 1.3.6.1.4.1.17090.0.6
}
}
}
}
------------------------------
Message: 2
Date: Fri, 16 Jul 2010 13:54:55 +0200
From: "manager IT conino" <gm@xxxxxxxxxxxxx>
Subject: [RewriteCLI] Source IP to CLID
To: <openh323gk-users@xxxxxxxxxxxxxxxxxxxxx>
Message-ID: <B83319BD009445619013F2C74877766B@dell92izur1tro>
Content-Type: text/plain; charset="iso-8859-2"
Hello
I need write source ip to clid amd I do this like that:
[RewriteCLI]
in:192.168.0.1=any=192.168.0.1
and everything work fine.
But
Can it posibille to set cli automatic. mean when ip soure is x.x.x.x then write this to clid like:
[RewriteCLI]
in:x.x.x.x=any=$in
Please Help
IT Manager of Conino L.T.D
phone:224937014,224937007
ICQ number: 619538873
email: gm@xxxxxxxxxxxxx
-------------- next part --------------
An HTML attachment was scrubbed...
------------------------------
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
------------------------------
_______________________________________________
Openh323gk-users mailing list
Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openh323gk-users
End of Openh323gk-users Digest, Vol 50, Issue 3
***********************************************
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________________
Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/
