Henry Dogger | 10 Jan 13:59 2013
Picon

Strange behavior in dial plan regarding permissions

Hi all,

 

We stumbled some time ago on a strange behavior in the dial plan regarding the dial permissions.

The situation is as follows:

 

We have a few dial plan rules e.g.

-          Mobile phones (required is the mobile call permission)

-          Local numbers (required is the local call permission)

-          International (required is the international call permission)

 

This all works as aspected, a user without the mobile call permission is not allowed to call mobile phones.

But part of our normal setup is a SIP connection between a sipXecs and a Asterisk, calls are being routed from asterisk to sipXecs and the other way around. (the reason why we use an Asterisk is because of the queue functionality, ACD in sipXecs is not satisfying and also openACD is still not good enough for us.)

Since registering the asterisk as a user on sipXecs is a problem we decided to create a dial rule in the dial plan with a (to all users on the system) unknown prefix (e.g. 666).

So the custom dial rule we created is 666 and 10 digits will result in a dial of the last 10 digits on the gateways configured for outbound calls.

The problems we get with this dial rule are:

-          The rule has to be on top of the other outbound dial rules (Mobile, Local and International in this example) to work, otherwise sipXecs responds with a unauthorized to Asterisk.

-          When this rule is active, all other outbound dial rules (Mobile, Local and International in this example) can be called by all users, even the users without the desired call permissions, so somehow this rule breaks the entire permissions system….

 

I am curious if this is normal behavior, or did we stumble upon a bug?

We are currently running on 4.4 updated till patch 16.

 

Kind regards,

 

Henry Dogger

Telecats BV

 

<div>
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hi all,<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US"><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span lang="EN-US">We stumbled some time ago on a strange behavior in the dial plan regarding the dial permissions.<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US">The situation is as follows:<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US"><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span lang="EN-US">We have a few dial plan rules e.g.<p></p></span></p>
<p class="MsoListParagraph"><span lang="EN-US"><span>-<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><span lang="EN-US">Mobile phones (required is the mobile call permission)<p></p></span></p>
<p class="MsoListParagraph"><span lang="EN-US"><span>-<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><span lang="EN-US">Local numbers (required is the local call permission)<p></p></span></p>
<p class="MsoListParagraph"><span lang="EN-US"><span>-<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><span lang="EN-US">International (required is the international call permission)<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US"><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span lang="EN-US">This all works as aspected, a user without the mobile call permission is not allowed to call mobile phones.<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US">But part of our normal setup is a SIP connection between a sipXecs and a Asterisk, calls are being routed from asterisk to sipXecs and the other way around. (the reason why we use an Asterisk is because of the queue functionality,
 ACD in sipXecs is not satisfying and also openACD is still not good enough for us.)<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US">Since registering the asterisk as a user on sipXecs is a problem we decided to create a dial rule in the dial plan with a (to all users on the system) unknown prefix (e.g. 666).<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US">So the custom dial rule we created is 666 and 10 digits will result in a dial of the last 10 digits on the gateways configured for outbound calls.<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US">The problems we get with this dial rule are:<p></p></span></p>
<p class="MsoListParagraph"><span lang="EN-US"><span>-<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><span lang="EN-US">The rule has to be on top of the other outbound dial rules (Mobile, Local and International in this example) to work, otherwise sipXecs responds with a unauthorized to Asterisk.<p></p></span></p>
<p class="MsoListParagraph"><span lang="EN-US"><span>-<span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</span></span></span><span lang="EN-US">When this rule is active, all other outbound dial rules (Mobile, Local and International in this example) can be called by all users, even the users without the desired call permissions, so somehow this rule
 breaks the entire permissions system&hellip;.<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US"><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span lang="EN-US">I am curious if this is normal behavior, or did we stumble upon a bug?<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US">We are currently running on 4.4 updated till patch 16.<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US"><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span lang="EN-US">Kind regards,<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US"><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span lang="EN-US">Henry Dogger<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US">Telecats BV<p></p></span></p>
<p class="MsoNormal"><span lang="EN-US"><p>&nbsp;</p></span></p>
</div>
</div>
Alan Worstell | 10 Jan 00:01 2013

Question about using Remote Worker Nat Traversal with a Freeswitch SBC

Hello,
Since it appears the feature to have the sipXbridge accept ITSP 
signaling on port 5060 didn't make it in to this release, I am looking 
in to setting up a Freeswitch SBC to handle the ITSP traffic. Since I 
also require the remote worker functionality, would I then have to have 
two separate public IP addresses for the SBC and the sipx server, or can 
the SBC pass through the remote SIP registration to the proxy? What is 
recommended for this type of setup?

Thanks,

--

-- 
Alan Worstell
A1 Networks - Systems Administrator
VTSP, dCAA, LPIC-1, Linux+, CLA, DCTS
(707)570-2021 x204
For support issues please email support <at> a-1networks.com or call 707-703-1050

Burleigh, Matt | 9 Jan 18:38 2013
Picon

multiple weaknesses in the parameter parsing code for Ruby on Rails

Does this affect SIPXECS 4.4 or 4.6?

 

https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/61bkgvnSGTQ

 

Multiple vulnerabilities in parameter parsing in Action Pack

There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application. This vulnerability has been assigned the CVE identifier CVE-2013-0156.

Versions Affected:  ALL versions
Not affected:       NONE
Fixed Versions:     3.2.11, 3.1.10, 3.0.19, 2.3.15

Impact
------
The parameter parsing code of Ruby on Rails allows applications to automatically cast values from strings to certain data types.  Unfortunately the type casting code supported certain conversions which were not suitable for performing on user-provided data including creating Symbols and parsing YAML.  These unsuitable conversions can be used by an attacker to compromise a Rails application.

Due to the critical nature of this vulnerability, and the fact that portions of it have been disclosed publicly, all users running an affected release should either upgrade or use one of the work arounds *immediately*.

Releases
--------
The 3.2.11, 3.1.10, 3.0.19 and 2.3.15 releases are available at the normal locations.

Workarounds
-----------
The work arounds differ depending on the Rails version you are using, and whether or not your application needs to support XML Parameters.

Disabling XML Entirely
----------------------
Users who don't need to support XML parameters should disable XML parsing entirely by placing one of the following snippets inside an application initializer.

Rails 3.2, 3.1 and 3.0
----------------------
ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::XML)

Rails 2.3
---------
ActionController::Base.param_parsers.delete(Mime::XML)


Removing YAML and Symbol support from the XML parser
----------------------------------------------------
If your application must continue to parse XML you must disable the YAML and Symbol type conversion from the Rails XML parser.  You should place one of the following code snippets in an application initializer to ensure your application isn't vulnerable.  You should also consider greatly reducing the value of REXML::Document.entity_expansion_limit to limit the risk of entity explosion attacks.

YAML Parameter Parsing
----------------------
Rails has also shipped with YAML parameter parsing code, this was only ever enabled by default in Rails 1.1.0, but  users who do enable it are vulnerable to all the exploits mentioned above..  There is no fix for YAML object injection, so if you have enabled it you must disable it immediately.

For 2.x apps, check whether your app sets `ActionController::Base.param_parsers[Mime::YAML] = :yaml` and snip that out if it does.

For 3.x apps do this to disable:

  ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::YAML)

Rails 3.2, 3.1, 3.0
---------

ActiveSupport::XmlMini::PARSING.delete("symbol")
ActiveSupport::XmlMini::PARSING.delete("yaml")

Rails 2.3
---------

ActiveSupport::CoreExtensions::Hash::Conversions::XML_PARSING.delete('symbol')
ActiveSupport::CoreExtensions::Hash::Conversions::XML_PARSING.delete('yaml')

Patches
-------
To aid users who aren't able to upgrade immediately we have provided patches for the two supported release series.  They are in git-am format and consist of a single changeset.

* 2-3-xml_parsing.patch - Patch for 2.3 series
* 3-0-xml_parsing.patch - Patch for 3.0 series
* 3-1-xml_parsing.patch - Patch for 3.1 series
* 3-2-xml_parsing.patch - Patch for 3.2 series

Please note that only the 3.1.x and 3.2.x series are supported at present.  Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases.

Credits
-------
This vulnerability was reported to us by numerous people, many thanks to Ben Murphy, Magnus Holm, Felix Wilhelm, Darcy Laycock, Jonathan Rudenberg, Bryan Helmkamp, Benoist Claassen and Charlie Somerville for reporting the issue to us and working with us to ensure the fixes worked.

 

 

<div><div class="WordSection1">
<p class="MsoNormal">Does this affect SIPXECS 4.4 or 4.6? <p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal"><a href="https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/61bkgvnSGTQ">https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/61bkgvnSGTQ</a><p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">Multiple vulnerabilities in parameter parsing in Action Pack <br><br>There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application. This vulnerability has been assigned the CVE identifier CVE-2013-0156. <br><br>Versions Affected: &nbsp;ALL versions <br>Not affected: &nbsp; &nbsp; &nbsp; NONE <br>Fixed Versions: &nbsp; &nbsp; 3.2.11, 3.1.10, 3.0.19, 2.3.15 <br><br>Impact <br>------ <br>The parameter parsing code of Ruby on Rails allows applications to automatically cast values from strings to certain data types. &nbsp;Unfortunately the type casting code supported certain conversions which were not suitable for performing on user-provided data including creating Symbols and parsing YAML. &nbsp;These unsuitable conversions can be used by an attacker to compromise a Rails application. <br><br>Due to the critical nature of this vulnerability, and the fact that portions of it have been disclosed publicly, all users running an affected release should either upgrade or use one of the work arounds *immediately*. <br><br>Releases <br>-------- <br>The 3.2.11, 3.1.10, 3.0.19 and 2.3.15 releases are available at the normal locations. <br><br>Workarounds <br>----------- <br>The work arounds differ depending on the Rails version you are using, and whether or not your application needs to support XML Parameters. <br><br>Disabling XML Entirely <br>---------------------- <br>Users who don't need to support XML parameters should disable XML parsing entirely by placing one of the following snippets inside an application initializer. <br><br>Rails 3.2, 3.1 and 3.0 <br>---------------------- <br>ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::XML) <br><br>Rails 2.3 <br>--------- <br>ActionController::Base.param_parsers.delete(Mime::XML) <br><br><br>Removing YAML and Symbol support from the XML parser <br>---------------------------------------------------- <br>If your application must continue to parse XML you must disable the YAML and Symbol type conversion from the Rails XML parser. &nbsp;You should place one of the following code snippets in an application initializer to ensure your application isn't vulnerable. &nbsp;You should also consider greatly reducing the value of REXML::Document.entity_expansion_limit to limit the risk of entity explosion attacks. <br><br>YAML Parameter Parsing <br>---------------------- <br>Rails has also shipped with YAML parameter parsing code, this was only ever enabled by default in Rails 1.1.0, but &nbsp;users who do enable it are vulnerable to all the exploits mentioned above.. &nbsp;There is no fix for YAML object injection, so if you have enabled it you must disable it immediately. <br><br>For 2.x apps, check whether your app sets `ActionController::Base.param_parsers[Mime::YAML] = :yaml` and snip that out if it does. <br><br>For 3.x apps do this to disable: <br><br>&nbsp; ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::YAML) <br><br>Rails 3.2, 3.1, 3.0 <br>--------- <br><br>ActiveSupport::XmlMini::PARSING.delete("symbol") <br>ActiveSupport::XmlMini::PARSING.delete("yaml") <br><br>Rails 2.3 <br>--------- <br><br>ActiveSupport::CoreExtensions::Hash::Conversions::XML_PARSING.delete('symbol') <br>ActiveSupport::CoreExtensions::Hash::Conversions::XML_PARSING.delete('yaml') <br><br>Patches <br>------- <br>To aid users who aren't able to upgrade immediately we have provided patches for the two supported release series. &nbsp;They are in git-am format and consist of a single changeset. <br><br>* 2-3-xml_parsing.patch - Patch for 2.3 series <br>* 3-0-xml_parsing.patch - Patch for 3.0 series <br>* 3-1-xml_parsing.patch - Patch for 3.1 series <br>* 3-2-xml_parsing.patch - Patch for 3.2 series <br><br>Please note that only the 3.1.x and 3.2.x series are supported at present. &nbsp;Users of earlier unsupported releases are advised to upgrade as soon as possible as we cannot guarantee the continued availability of security fixes for unsupported releases. <br><br>Credits <br>------- <br>This vulnerability was reported to us by numerous people, many thanks to Ben Murphy, Magnus Holm, Felix Wilhelm, Darcy Laycock, Jonathan Rudenberg, Bryan Helmkamp, Benoist Claassen and Charlie Somerville for reporting the issue to us and working with us to ensure the fixes worked.<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
</div></div>
Geoff Musgrave | 9 Jan 17:25 2013
Picon

One way audio with attended transfers to outside lines

Example: Outside caller calls in to sipx. Call is answered by Bria 3.4.4 user. Bria user performs a “Call first” (attended) transfer to sales person’s cell phone. This places the outside caller on hold and they hear hold music. The Bria user speaks to the sales person and then chooses “Transfer now” within the Bria application. Bria user see’s “Transfer Successful” and moves on. The sales person can hear the outside caller but the outside caller cannot hear the sales person.

 

Any of that make sense??

 

So I suspect my firewall or my ITSP but I can’t find anything in the firewall that would cause this as it was working last week. I’m testing with my ITSP in about a half hour and if we get anywhere I’ll pass along those results. But all the captures we’ve done so far don’t show any problems.

 

I’m posting here to get any insight into the matter that I may be overlooking.

 

Sipx 4.6 is behind a firewall and NAT and all internal users are behind NAT as well. Yum update says there are no packages to update so I assume I’m on the current/stable version of 4.6.

 

Our ITSP did recently require us to have a Gateway setup for inbound and a separate one for outbound however that was a few weeks ago.

 

Thanks in advance and please let me know of any suggestions or if you would like any additional information.

 

--

Geoff

<div>
<div class="WordSection1">
<p class="MsoNormal">Example: Outside caller calls in to sipx. Call is answered by Bria 3.4.4 user. Bria user performs a &ldquo;Call first&rdquo; (attended) transfer to sales person&rsquo;s cell phone. This places the outside caller on hold and they hear hold music. The Bria
 user speaks to the sales person and then chooses &ldquo;Transfer now&rdquo; within the Bria application. Bria user see&rsquo;s &ldquo;Transfer Successful&rdquo; and moves on. The sales person can hear the outside caller but the outside caller cannot hear the sales person.<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">Any of that make sense??<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">So I suspect my firewall or my ITSP but I can&rsquo;t find anything in the firewall that would cause this as it was working last week. I&rsquo;m testing with my ITSP in about a half hour and if we get anywhere I&rsquo;ll pass along those results. But all
 the captures we&rsquo;ve done so far don&rsquo;t show any problems. <p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">I&rsquo;m posting here to get any insight into the matter that I may be overlooking.<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">Sipx 4.6 is behind a firewall and NAT and all internal users are behind NAT as well. Yum update says there are no packages to update so I assume I&rsquo;m on the current/stable version of 4.6.<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">Our ITSP did recently require us to have a Gateway setup for inbound and a separate one for outbound however that was a few weeks ago.<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">Thanks in advance and please let me know of any suggestions or if you would like any additional information.<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">--<p></p></p>
<p class="MsoNormal">Geoff <p></p></p>
</div>
</div>
Jeff Ferrara | 9 Jan 03:21 2013
Picon

Polycom Auto Answer for Call Control Web Service

Hello,

We have implemented a click to dial feature on our CRM using the sipX 
Call Control Web Service.  A user clicks on the number in a record, 
their Polycom 335 phone rings and they answer it by picking up the 
handset to be connected to the dialled number.

  This works well when used with a normal handset, but when used with a 
headset our users would prefer for the call to be automatically answered 
so that the dialling process begins immediately without any input.

Does anyone have any ideas on how I could go about achieving this?

Thanks,
Jeff.
Nicholas Drayer | 9 Jan 00:03 2013

sipXproxy log issue

Hi all,

The sipX server we put in for a non-profit with only a couple of users is using the latest 4.6. We have a problem with every ~week or so some services going down: sipproxy and sipxsupervisor, requiring a sipXecs restart. I’ve noticed that the sipXproxy.log continually adds lines, as per the excerpt below (I’ve searched/replaced the name to host.domain.org). Is this saying what’s wrong? And does anyone have an idea what to do? Should I look at some other log file too? Right now, I’m living with it, and putting up a cron job to restart sipx every midnight L.

Thanks!
Nicholas Drayer

Dyrand Systems

 

"2013-01-08T21:57:43.720570Z":468:KERNEL:ERR:host.domain.org:SipServerBroker-4:7fee0e06f700:SipXProxy:"OsSSLServerSocket SSL_accept SSL handshake error:\n   SSL error: 5 'error:00000005:lib(0):func(0):DH lib'"

"2013-01-08T21:57:44.979650Z":469:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:57:44.979985Z":470:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:58:04.991393Z":471:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:58:04.991794Z":472:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:58:24.981564Z":473:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:58:24.984997Z":474:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:58:44.984206Z":475:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:58:44.985238Z":476:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:58:45.569897Z":477:KERNEL:ERR:host.domain.org:SipServerBroker-4:7fee0e06f700:SipXProxy:"OsSSLServerSocket SSL_accept SSL handshake error:\n   SSL error: 5 'error:00000005:lib(0):func(0):DH lib'"

"2013-01-08T21:59:04.985315Z":478:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:59:04.987293Z":479:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:59:24.998691Z":480:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:59:24.999063Z":481:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:59:44.989089Z":482:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:59:44.989675Z":483:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T21:59:57.413045Z":484:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"

"2013-01-08T21:59:57.463901Z":485:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"

"2013-01-08T22:00:04.990084Z":486:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T22:00:04.990836Z":487:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T22:00:15.364738Z":488:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"

"2013-01-08T22:00:15.471122Z":489:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"

"2013-01-08T22:00:24.990934Z":490:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

"2013-01-08T22:00:24.995302Z":491:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"

 

 

<div>
<div class="WordSection1">
<p class="MsoNormal">Hi all,<p></p></p>
<p class="MsoNormal">The sipX server we put in for a non-profit with only a couple of users is using the latest 4.6. We have a problem with every ~week or so some services going down: sipproxy and sipxsupervisor, requiring a sipXecs restart. I&rsquo;ve noticed that
 the sipXproxy.log continually adds lines, as per the excerpt below (I&rsquo;ve searched/replaced the name to host.domain.org). Is this saying what&rsquo;s wrong? And does anyone have an idea what to do? Should I look at some other log file too? Right now, I&rsquo;m living with
 it, and putting up a cron job to restart sipx every midnight <span>
L</span>.<p></p></p>
<p class="MsoNormal">Thanks!<br>
Nicholas Drayer<p></p></p>
<p class="MsoNormal">Dyrand Systems<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal">"2013-01-08T21:57:43.720570Z":468:KERNEL:ERR:host.domain.org:SipServerBroker-4:7fee0e06f700:SipXProxy:"OsSSLServerSocket SSL_accept SSL handshake error:\n&nbsp;&nbsp; SSL error: 5 'error:00000005:lib(0):func(0):DH lib'"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:57:44.979650Z":469:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:57:44.979985Z":470:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:58:04.991393Z":471:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:58:04.991794Z":472:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:58:24.981564Z":473:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:58:24.984997Z":474:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:58:44.984206Z":475:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:58:44.985238Z":476:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:58:45.569897Z":477:KERNEL:ERR:host.domain.org:SipServerBroker-4:7fee0e06f700:SipXProxy:"OsSSLServerSocket SSL_accept SSL handshake error:\n&nbsp;&nbsp; SSL error: 5 'error:00000005:lib(0):func(0):DH lib'"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:04.985315Z":478:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:04.987293Z":479:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:24.998691Z":480:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:24.999063Z":481:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:44.989089Z":482:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:44.989675Z":483:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:57.413045Z":484:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T21:59:57.463901Z":485:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T22:00:04.990084Z":486:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T22:00:04.990836Z":487:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T22:00:15.364738Z":488:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T22:00:15.471122Z":489:SIP:WARNING:host.domain.org:SipRouter-13:7fee06d12700:SipXProxy:"SipUserAgent::send PUBLISH request matches existing transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T22:00:24.990934Z":490:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal">"2013-01-08T22:00:24.995302Z":491:SIP:WARNING:host.domain.org:SipClientUdp-10:7fee0da69700:SipXProxy:"SipUserAgent::dispatch received response without transaction"<p></p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
<p class="MsoNormal"><p>&nbsp;</p></p>
</div>
</div>
mike | 8 Jan 18:50 2013
Picon

Certain calls failing (not sipx related exactly)

In fact, it’s likely not sipx related at all but I figured I’d ask here.
 
We get complaints now and then that certain calls never work. One good example would be when people post stuff on Craigslist and that CL complains that certain voip numbers don’t work. In fact, it is looking like most don’t with voip.ms and flowroute.
 
Wondering if anyone has any knowledge about this and if there is any way of fixing the problem, perhaps via the provider or some other means.
The calls don’t seem to even reach sipx so doesn’t seem to be sipx related?
 
Thanks.
 
 
<div>
<div dir="ltr">
<div>
<div>In fact, it&rsquo;s likely not sipx related at all but I figured I&rsquo;d ask 
here.</div>
<div>&nbsp;</div>
<div>We get complaints now and then that certain calls never work. One good 
example would be when people post stuff on Craigslist and that CL complains that 
certain voip numbers don&rsquo;t work. In fact, it is looking like most don&rsquo;t with 
voip.ms and flowroute.</div>
<div>&nbsp;</div>
<div>Wondering if anyone has any knowledge about this and if there is any way of 
fixing the problem, perhaps via the provider or some other means. </div>
<div>The calls don&rsquo;t seem to even reach sipx so doesn&rsquo;t seem to be sipx 
related?</div>
<div>&nbsp;</div>
<div>Thanks.</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
</div>
</div>
</div>
Jan Fricke | 8 Jan 14:00 2013
Picon

Query registrations from Linux console on 4.6

Hi,

until 4.4 I could grep /var/sipxdata/sipdb/registration.xml to get information about the phone registrations from a bash script. What is the easiest way to do that in 4.6?

 

Thanks…

 

_____________________________
Jan Fricke (B.Sc.)

IANT -
APPLIED NGN-TECHNOLOGIES

Turn-Key VoIP/UC Solutions and More...


Fon: +49 (5331) 6794 0
Fax: +49 (5331) 6794 499
Mail:
jan.fricke <at> iant.de
Web:
www.iant.de


IANT is eZuce Elite Partner for EMEA

IANT is Member of GROUPLINK

 

<div><div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hi,</span></p>
<p class="MsoNormal"><span lang="EN-US">until 4.4 I could grep /var/sipxdata/sipdb/registration.xml to get information about the phone registrations from a bash script. What is the easiest way to do that in 4.6?</span></p>
<p class="MsoNormal"><span lang="EN-US">&nbsp;</span></p>
<p class="MsoNormal"><span lang="EN-US">Thanks&hellip;</span></p>
<p class="MsoNormal"><span lang="EN-US">&nbsp;</span></p>
<p class="MsoNormal"><span lang="EN-US">_____________________________<br>
Jan Fricke (B.Sc.)<br><br></span><span lang="EN-US">IANT -<br>APPLIED NGN-TECHNOLOGIES <br><br></span><span lang="EN-US">Turn-Key VoIP/UC Solutions and More... <br><br><br></span><span lang="EN-US">Fon: +49 (5331) 6794 0<br>Fax: +49 (5331) 6794 499<br>Mail: </span><span><a href="mailto:jan.fricke <at> iant.de"><span lang="EN-US">jan.fricke <at> iant.de</span></a></span><span lang="EN-US"><br>
Web: </span><span><a href="http://www.iant.de/en/startseite" title="http://www.iant.de/"><span lang="EN-US">www.iant.de</span></a></span><span lang="EN-US"> <br><br><br></span><span lang="EN-US">IANT is <a href="http://www.ezuce.com/"><span>eZuce</span></a> Elite Partner for EMEA <br><br>IANT is Member of <a href="http://www.grouplink.de/"><span>GROUPLINK</span></a> </span><span lang="EN-US"></span></p>
<p class="MsoNormal"><span lang="EN-US">&nbsp;</span></p>
</div></div>
Elwin Formsma | 8 Jan 12:10 2013
Picon

SIPXCDR errors

Hi,

The following errors occur in the sipxcallresolver LOG. Sipxecs 4.4. Is this a known issue?

"2013-01-08T11:05:01.033231Z":20:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:05:01.040001Z":21:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:05:01.139580Z":22:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:05:21.199918Z":23:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:05:31.100696Z":24:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:05:51.331098Z":25:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:06:31.349482Z":26:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:06:31.367072Z":27:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:06:41.400521Z":28:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:06:51.405508Z":29:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:06:51.419459Z":30:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"
"2013-01-08T11:06:51.425822Z":31:CDR:ERR:xxx.nl:main:00000000:cdr:", ERROR:  null value in
column \"from_tag\" violates not-null constraint"

Kind regards,
Met vriendelijke groet,

Elwin Formsma
Telecats BV
-----
Elwin Formsma | Telecats bv | KvK Enschede 06069106 | Tel:   053 488 99 44 | Fax: 053 488 99 10 | E-mail:
e.formsma <at> telecats.nl |

Nathaniel Watkins | 8 Jan 05:14 2013

Download CDRs to .csv - bug/cap?

I wanted to quickly export several months of calls from the CDR to a .csv via the ‘Download’ link on the Historic tab of the CDR screen (to run some quick analysis requested by a user).  The file only outputs the first 25,000 records.

 

Version: 4.4.0-2012-10-19

 

 

 

Nathaniel Watkins
CIO - DoTCom
Garrett County Government/Board of Education
313 E. Alder Street, Room 105
Oakland, MD  21550
Telephone: 301-334-5001
Fax: 301-334-7605
E-mail: nwatkins <at> garrettcounty.org


This message and any files transmitted with it are intended only for the individual(s) or entity named. If you are not the intended individual(s) or entity named you are hereby notified that any disclosure, copying, distribution or reliance upon its contents is strictly prohibited. If you have received this in error, please notify the sender, delete the original, and destroy all copies. Email transmissions cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Garrett County Government therefore does not accept any liability for any errors or omissions in the contents of this message, which arise as a result of email transmission.


Garrett County Government,
203 South Fourth Street, Courthouse, Oakland, Maryland 21550 www.garrettcounty.org
<div>
<div class="WordSection1">
<p class="MsoNormal"><span>I wanted to quickly export several months of calls from the CDR to a .csv via the &lsquo;Download&rsquo; link on the Historic tab of the CDR screen (to run some quick analysis
 requested by a user).&nbsp; The file only outputs the first 25,000 records.<p></p></span></p>
<p class="MsoNormal"><span><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span>Version: 4.4.0-2012-10-19<p></p></span></p>
<p class="MsoNormal"><span><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span><p>&nbsp;</p></span></p>
<p class="MsoNormal"><span><p>&nbsp;</p></span></p>
<div>
<p class="MsoNormal"><span>Nathaniel Watkins<br></span><span>CIO - DoTCom<br>
Garrett County Government/Board of Education<br>
313 E. Alder Street, Room 105<br>
Oakland, MD&nbsp; 21550<br>
Telephone: 301-334-5001<br>
Fax: 301-334-7605<br>
E-mail: <a href="mailto:nwatkins <at> garrettcounty.org">nwatkins <at> garrettcounty.org</a></span><span><p></p></span></p>
</div>
</div>
<br>This message and any files transmitted with it are intended only for the individual(s) or entity named. If you are not the intended individual(s) or entity named you are hereby notified that any disclosure, copying,
 distribution or reliance upon its contents is strictly prohibited. If you have received this in error, please notify the sender, delete the original, and destroy all copies. Email transmissions cannot be guaranteed to be secure or error-free as information
 could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Garrett County Government therefore does not accept any liability for any errors or omissions in the contents of this message, which arise as a result of email
 transmission.<br><br><br>
Garrett County Government,<br>
203 South Fourth Street, Courthouse, Oakland, Maryland 21550 www.garrettcounty.org<br>
</div>
Kyle Haefner | 8 Jan 00:30 2013

Re: VIP extension

Hi Ali,


On Thu, Jan 3, 2013 at 12:08 PM, Ali Ardestani <ali.ardestani <at> pnmac.com> wrote:
Hi all,

Is there a way to implement extensions that not all other extensions can call (VIP extensions)?

I don't think this is possible, if an extension is registered it can be called.   You can use the /etc/sipxpbx/cidrules.xml file to rewrite outbound calls (including station to station) so that the VIP's number is not displayed.  Make sure to restart sipxproxy after any change.

example:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<items>
        <item extension="24500" rewrite="12933" />
        <item extension="24516" rewrite="12933" />
        <item extension="14401" rewrite="11012" />
</items>

 

Also is there a way to disable dialing out for a user alltogether (both internally and externally)

What you could do is make the phone's dialplan string not match anything and not time out and send the call.  You could even setup a group with this dial plan string and add phones you want to lock down to that group.



--
-- 
Ali S Ardestani   
Telephony Systems Engineer
Private National Mortgage Acceptance Company (PennyMac)
6101 Condor Drive
Moorpark, CA 93021





--
Kyle Haefner, M.S.
Communication Systems Programmer
Colorado State University
Fort Collins, CO
Phone: 970-491-1012
Email:  kyle.haefner <at> colostate.edu

01010010 01100101 01100001 01101100 00100000 01101101 01100101 01101110 00100000 01110000 01110010 01101111 01100111 01110010 01100001 01101101 00100000 01101001 01101110 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00101110
<div><div dir="ltr">Hi Ali,<br><div class="gmail_extra">
<br><br><div class="gmail_quote">On Thu, Jan 3, 2013 at 12:08 PM, Ali Ardestani <span dir="ltr">&lt;<a href="mailto:ali.ardestani <at> pnmac.com" target="_blank">ali.ardestani <at> pnmac.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote">

<div>
<div>Hi all,</div>
<div><br></div>
Is there a way to implement extensions that not all other extensions can call (VIP extensions)?</div>
</blockquote>
<div><br></div>
<div>I don't think this is possible, if an extension is registered it can be called. &nbsp; You can use the /etc/sipxpbx/cidrules.xml file to rewrite outbound calls (including station to station) so that the VIP's number is not displayed. &nbsp;Make sure to restart sipxproxy after any change.</div>
<div><br></div>
<div>example:</div>
<div><br></div>
<div>
<div>&lt;?xml version="1.0" encoding="UTF-8" standalone="yes"?&gt;</div>
<div>&lt;items&gt;</div>
<div>&nbsp; &nbsp; &nbsp; &nbsp; &lt;item extension="24500" rewrite="12933" /&gt;</div>
<div>&nbsp; &nbsp; &nbsp; &nbsp; &lt;item extension="24516" rewrite="12933" /&gt;</div>
<div>&nbsp; &nbsp; &nbsp; &nbsp; &lt;item extension="14401" rewrite="11012" /&gt;</div>
<div>&lt;/items&gt;</div>
<div><br></div>
</div>
<div>
&nbsp;</div>
<blockquote class="gmail_quote"><div>
<div><br></div>
<div>Also is there a way to disable dialing out for a user alltogether (both internally and externally)<br clear="all">
</div>
</div></blockquote>
<div><br></div>
<div>What you could do is make the phone's dialplan string not match anything and not time out and send the call. &nbsp;You could even setup a group with this dial plan string and add phones you want to lock down to that group.</div>
<div><br></div>
<div><br></div>
<blockquote class="gmail_quote">
<div>
<div>
<div><br></div>
-- <br><div>--&nbsp;</div>
<div>Ali S Ardestani &nbsp;&nbsp;</div>
<div>Telephony Systems Engineer</div>
<div>Private National Mortgage Acceptance Company (PennyMac)</div>
<div>6101 Condor Drive</div>
<div>Moorpark, CA 93021</div>
<div><br></div>
<div>
<a href="tel:%28805%29%20330-6004" value="+18053306004" target="_blank">(805) 330-6004</a> Office</div>
<div>
<a href="tel:%28818%29%20224-7442%20x2654" value="+18182247442" target="_blank">(818) 224-7442 x2654</a> Office</div>
<div>
<a href="tel:%28626%29%20817-3512" value="+16268173512" target="_blank">(626) 817-3512</a> Mobile</div>
<div>
<a href="tel:%28818%29%20224-7397" value="+18182247397" target="_blank">(818) 224-7397</a> Fax</div>
<div><br></div>
<div><a href="mailto:ali.ardestani <at> pnmac.com" target="_blank">ali.ardestani <at> pnmac.com</a></div>
</div>
</div>

</blockquote>
</div>
<br><br clear="all"><div><br></div>-- <br>Kyle Haefner, M.S.<br>Communication Systems Programmer<br>Colorado State University<br>Fort Collins, CO<br>Phone: 970-491-1012<br>Email: &nbsp;<a href="mailto:kyle.haefner <at> colostate.edu" target="_blank">kyle.haefner <at> colostate.edu</a><br><br>01010010 01100101 01100001 01101100 00100000 01101101 01100101 01101110 00100000 01110000 01110010 01101111 01100111 01110010 01100001 01101101 00100000 01101001 01101110 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00101110
</div>
</div></div>

Gmane