NoSpam a écrit :
Ton problème: error 503 Service Unavailable
Es tu sûr que le service est fonctionnel ?! Es tu sûr de la qualité de
ton lien ? Peux tu basculer en UDP pour tester ?
Le serveur en face ne répond pas en UDP. La réponse est donc non.
Un point me chagrine. À la requête du serveur de l'opérateur :
2023/07/03 11:00:47.087935 37.97.65.186:5070 -> 192.168.15.18:40055
OPTIONS sip:s@62.212.98.88:5060;transport=TCP SIP/2.0
Via: SIP/2.0/TCP 37.97.65.186:5070;branch=z9hG4bKZ67rt8U6937aK
Route: <sip:s@62.212.98.88:40055>;transport=TCP
Max-Forwards: 70
From: <sip:mod_sofia@37.97.65.186:5070>;tag=7Xp87eDtae20H
To: <sip:trunk-sip@systella2.buroticstore.eu>
Call-ID:
64f20903-cd7d-4d95-bbee-bac3e99029e2_4747c3c2-355c-4604-be14-d88ac29d89
48
CSeq: 348219426 OPTIONS
Contact: <sip:mod_sofia@37.97.65.186:5070>
User-Agent: Sewan_TRUNKFSC15
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE,
REGISTER, NOTIF
Y
Supported: path, replaces
Allow-Events: talk, hold, conference, refer
Content-Length: 0
mpon asterisk répond :
2023/07/03 11:00:47.088564 192.168.15.18:40055 -> 37.97.65.186:5070
SIP/2.0 404 Not Found
Via: SIP/2.0/TCP
37.97.65.186:5070;rport=5070;received=37.97.65.186;branch=z9hG4
bKZ67rt8U6937aK
Call-ID:
64f20903-cd7d-4d95-bbee-bac3e99029e2_4747c3c2-355c-4604-be14-d88ac29d89
48
From: <sip:mod_sofia@37.97.65.186>;tag=7Xp87eDtae20H
To: <sip:trunk-sip@systella2.buroticstore.eu>;tag=z9hG4bKZ67rt8U6937aK
CSeq: 348219426 OPTIONS
Accept: application/sdp, application/xpidf+xml,
application/cpim-pidf+xml, appli
cation/simple-message-summary, application/pidf+xml,
application/dialog-info+xml
, application/pidf+xml, application/dialog-info+xml,
application/simple-message-
summary, message/sipfrag;version=2.0
Allow: OPTIONS, REGISTER, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE,
CANCEL,
UPDATE, PRACK, REFER, MESSAGE
Supported: 100rel, timer, replaces, norefersub
Accept-Encoding: identity
Accept-Language: en
Server: Asterisk PBX 20.3.0~dfsg+~cs6.13.40431413-1
Content-Length: 0
Il faudrait voir avec Sewan le pourquoi de la réponse. Lié au problème
d'UTF8 car ton prénom est devenu Jool ... ?
Je vais voir avec eux.
Petite question connexe sur sngrep. Je trouve des choses comme ça :
[ ] 29 OPTIONS 100@1.1.1.1 100@1.1.1.1 1
[ ] 45 OPTIONS censysinspect@censys.io test.echo@sip5060.net 1
Quand je vais voir dedans, je peux trouver :
2023/07/03 10:30:06.796424 116.12.47.142:5102 -> 192.168.15.18:5060
OPTIONS sip:100@62.212.98.88 SIP/2.0
Via: SIP/2.0/UDP 116.12.47.142:5102;branch=z9hG4bK-1203353867;rport
Max-Forwards: 70
To: "sipvicious"<sip:100@1.1.1.1>
From:
"sipvicious"<sip:100@1.1.1.1>;tag=3365643436323538313363340132313430303536
303634
User-Agent: friendly-scanner
Call-ID: 681857140004342012871496
Contact: sip:100@116.12.47.142:5102
CSeq: 1 OPTIONS
Accept: application/sdp
Content-Length: 0
Je ne saisis pas comment ces paquets arrivent à passer le firewall.
Par
défaut, tout est fermé et je n'ouvre que le nécessaire. En particulier,
le 5060/UDP est censé être fermé.
Chain INPUT (policy DROP 18 packets, 1941 bytes)
pkts bytes target prot opt in out source
destination
889 99011 f2b-recidive tcp -- any any anywhere
anywhere
736 144K ACCEPT all -- lo any anywhere
anywhere
739 50821 ACCEPT all -- lan0 any anywhere
anywhere
12 1872 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:ssh
56 5214 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:smtp
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:domain
1 72 ACCEPT udp -- wan0 any anywhere
anywhere udp dpt:domain
33 4407 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:http
0 0 ACCEPT udp -- wan0 any anywhere
anywhere udp dpt:ntp
19 3508 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:https
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:submissions
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:submission
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:imaps
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:pop3s
0 0 ACCEPT udp -- wan0 any anywhere
anywhere udp dpt:openvpn
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:openvpn
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:cvspserver
0 0 ACCEPT udp -- wan0 any anywhere
anywhere udp dpt:2401
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:xmpp-client
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:git
0 0 ACCEPT icmp -- wan0 any anywhere
anywhere
0 0 ACCEPT udp -- wan0 any anywhere
anywhere udp dpt:10000
0 0 ACCEPT tcp -- wan0 any anywhere
anywhere tcp dpt:4443
0 0 ACCEPT udp -- wan0 any 37.97.65.0/24
anywhere udp
0 0 ACCEPT all -- wan0 any ns6-axfr.gandi.net
anywhere
9 3399 ACCEPT all -- any any anywhere
anywhere state RELATED,ESTABLISHED
0 0 DROP all -- any any anywhere
anywhere state INVALID
Bien cordialement,
JB