Can you please send us captured messages which cause these warnings?
(use e.g. ethereal or ngrep to capture them).
What SER version are you using?
Thanks,
-jiri
At 03:15 PM 8/4/2003, Gary Brewer wrote:
>Hello,
>
>I am trying to get the SIP Express Router going on FreeBSD 4.8 Release.
>
>When I try to connect to the SIP server from MSN messenger 5.0.0149 I get
>the following error message shown below, numerous times!
>
>Any ideas :)
>
>Gary
>
>
>Aug 4 15:08:32 sniper ./ser[618]: ERROR: get_hdr_field: bad header
>Aug 4 15:08:32 sniper ./ser[618]: ERROR: build_res_buf_from_sip_req:
>alas, parse_headers failed
>
>
>
>_______________________________________________
>Serusers mailing list
>serusers(a)lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
--
Jiri Kuthan http://iptel.org/~jiri/
Hello,
I am trying to get the SIP Express Router going on FreeBSD 4.8 Release.
When I try to connect to the SIP server from MSN messenger 5.0.0149 I get
the following error message shown below, numerous times!
Any ideas :)
Gary
Aug 4 15:08:32 sniper ./ser[618]: ERROR: get_hdr_field: bad header
Aug 4 15:08:32 sniper ./ser[618]: ERROR: build_res_buf_from_sip_req:
alas, parse_headers failed
Madan,
These are some instructions. I copy to the list so that it can be of use
for more people:
1. You need to download and install radiusclient from
http://www.mcs.de/~lf/radius/.
2. Compile ser and modules (make sure to compile auth_radius module too).
3. Download the latest version of freeradius (0.9.0). The previous one,
0.8.1, crashed when performing digest authentication. You can find it in:
http://www.freeradius.org/
4. Don't be confused with the radius client and the radius server side.
SER only uses the client side (radiusclient) to build radius requests.
Therefore, the line
modparam("auth_radius", "radius_config","/usr/local/etc/raddb/clients.conf")
is incorrect and should be something like this (depending on where you
installed radiusclient)
modparam("auth_radius", "radius_config",
"/usr/local/etc/radiusclient/radiusclient.conf")
5. Authenticate users from all realms:
Instead of...
if (radius_www_authorize("mydomain", "subscriber")) {
www_challenge("mydomain", "0");
break;
};
do not specify domain name....
if (method=="REGISTER") {
log(1, "REGISTER: Authenticating user\n");
if (!radius_www_authorize("")) {
log(1, "REGISTER: challenging user\n");
www_challenge("", "0");
break;
};
save("location");
break;
};
6. With these changes, you should see RADIUS messages being generated to
your radius server. You then only need to have something like this in your
"users" file (radius server):
jaime Auth-Type := Digest, User-Password = "jaime"
Reply-Message = "Hello!"
The server will have to be configured to know what "Digest" authentication
is. Read rlm_digest in docs to find out how to do it.
In your config, you have 2 if (method==REGISTER). I think you should avoid
the 2nd and merge the 2 conditions somehow, since the 2nd
if(method==REGISTER) does never get called???
7. For accounting, compile acc module with radius support. For that,
uncomment one of the lines in the Makefile.
8. You will probably need to change some "#includes" in
<ser_directory>/sip_router/modules/acc/dict.h, to be the same than
<ser_directory>/sip_router/etc/radiusclient.h.
9. In SER config file, set accounting flags for INVITE and BYE/CANCEL, and
you should be able to see logs generated in your radius server.
This is my ser config file:
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=no
log_stderror=yes # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "./modules/mysql/mysql.so"
loadmodule "./modules/sl/sl.so"
loadmodule "./modules/tm/tm.so"
loadmodule "./modules/rr/rr.so"
loadmodule "./modules/maxfwd/maxfwd.so"
loadmodule "./modules/usrloc/usrloc.so"
loadmodule "./modules/registrar/registrar.so"
loadmodule "./modules/uri/uri.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "./modules/auth/auth.so"
loadmodule "./modules/auth_db/auth_db.so"
loadmodule "modules/acc/acc.so"
loadmodule "./modules/auth_radius/auth_radius.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 2)
modparam("auth_radius", "radius_config",
"/usr/local/etc/radiusclient/radiusclient.conf")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
modparam("acc", "log_level", 1)
modparam("acc", "radius_flag", 1)
# ------------------------- request routing logic -------------------
alias=domain.com
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (len_gt( max_len )) {
sl_send_reply("513", "Message too big");
break;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
record_route();
# loose-route processing
# if (loose_route()) {
# t_relay();
# break;
# };
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (method=="REGISTER") {
log(1, "REGISTER: Authenticating user\n");
if (!radius_www_authorize("")) {
log(1, "REGISTER: challenging user\n");
www_challenge("", "0");
break;
};
save("location");
break;
};
if (method=="INVITE") {
log(1, "INVITE\n");
setflag(1); /* set for accounting (the same value as in
log_flag!) */
};
if (method=="MESSAGE") {
log(1, "MESSAGE\n");
setflag(1); /* set for accounting (the same value as in
log_flag!) */
};
if (method=="BYE" || method=="CANCEL") {
log (1, "BYE or CANCEL\n");
setflag(1);
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
if (!t_relay()) {
sl_reply_error();
break;
};
}
---------------------------------------------------------------
I hope it helps,
Jaime
> ah! finally i got somebody who can help me, Jaime you know what i was
> thinking to drop this and move to another :-) because i had enough of
> it..its been week on this stuff
>
> so i have done plane vanilla freeradius configuration with default
> database/structure , i know this has to be changed but problem is ser
> does nt even communicate with radius :-(
>
> i have compiled ser latest from cvs
> but when i use radius_www_authorise i got lot of errors on same config
> line where radius comes into picture like missing load module etc
> etc..once it worked as well without any errors but with that any user
> was able to register...i.e no auth
>
> to make my life easier i would need your help right from the scratch
>
> what all i need to do with ser
>
> need config file wrt radius
>
> need freeradius config with wrt ser like table/db structures, sql.conf
> etc
> i know i m asking a lot , but please help me out :-)
> i would really oblige your help
>
> regards,
> Madan
>
> P.S:- if you ever need help on dns/webservers/mail server please let me
> know :-)
>
>
> log-
>
> Aug 4 16:33:29 sip ser: parse error (106,62-63): unknown command,
> missing loadmodule?
>
>
>
> here is my ser.cfg file
> -------------------------------------------------------
>
> #
> # $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $
> #
> # simple quick-start config script
> #
>
> # ----------- global configuration parameters ------------------------
>
> #debug=3 # debug level (cmd line: -dddddddddd)
> #fork=yes
> #log_stderror=no # (cmd line: -E)
>
> /* Uncomment these lines to enter debugging mode
> debug=7
> fork=no
> log_stderror=yes
> */
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> port=5060
> children=4
> fifo="/tmp/ser_fifo"
>
> # ------------------ module loading ----------------------------------
>
> # Uncomment this if you want to use SQL database
> loadmodule "/usr/local/lib/ser/modules/mysql.so"
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
> loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
> #loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
> loadmodule "/usr/local/lib/ser/modules/uri.so"
> # Uncomment this if you want digest authentication
> # mysql.so must be loaded !
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>
> # ----------------- setting module-specific parameters ---------------
>
> # -- usrloc params --
>
> #modparam("usrloc", "db_mode", 0)
>
> # Uncomment this if you want to use SQL database
> # for persistent storage and comment the previous line
> modparam("usrloc", "db_mode", 1)
> modparam("auth_radius",
> "radius_config","/usr/local/etc/raddb/clients.conf")
> #modparam("uri_radius", "service_type", 11)
> # -- auth params --
> # Uncomment if you are using auth module
> #
> modparam("auth_db", "calculate_ha1", yes)
>
> # If you set "calculate_ha1" parameter to yes (which true in this
> config), # uncomment also the following parameter)
> #
> modparam("auth_db", "password_column", "password")
> modparam("usrloc", "db_url", "sql://root:heslo@localhost/ser")
> # -- rr params --
> # add value to ;lr param to make some broken UAs happy
> modparam("rr", "enable_full_lr", 1)
>
> # ------------------------- request routing logic -------------------
>
> # main routing logic
>
> route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> break;
> };
> if (len_gt( max_len )) {
> sl_send_reply("513", "Message too big");
> break;
> };
>
> # we record-route all messages -- to make sure that
> # subsequent messages will go through our proxy; that's
> # particularly good if upstream and downstream entities
> # use different transport protocol
> record_route();
> # loose-route processing
> if (loose_route()) {
> t_relay();
> break;
> };
>
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following command
> # with proper names and addresses in it)
> if (uri=~"sip.net4india.com") {
>
> if (method=="REGISTER") {
>
> # Uncomment this if you want to use digest authentication
> # if (!www_authorize("mydomain", "subscriber")) {
> if (radius_www_authorize("mydomain", "subscriber")) {
> www_challenge("mydomain", "0");
> break;
> };
>
> save("location");
> break;
> };
>
> ##LOGGING FOR TESTING
> if (method=="REGISTER") {
>
>
> log(1, "REGISTER received\n");
> } else {
> log(1, "non-REGISTER received\n");
> };
> if (uri=~"sip:.*[@:]mydomain") {
> log(1, "request for mydomain\n");
> } else {
> log(1, "request for other domain received\n");
> };
>
>
> # native SIP destinations are handled using our USRLOC DB
> if (!lookup("location")) {
> sl_send_reply("404", "Not Found");
> break;
> };
> #};
> # forward to current uri now; use stateful forwarding; that
> # works reliably even if we forward from TCP to UDP
> if (!t_relay()) {
> sl_reply_error();
> };
>
> };
> }
>
>
>
>
>
>
> ----- Original Message -----
> From: <jaime(a)umtstrial.co.uk>
> To: <madan.r(a)net4india.net>
> Sent: Monday, August 04, 2003 3:50 PM
> Subject: Re: ser radius conf
>
>
>> Hi Madan,
>>
>> I was able to use FreeRadius for authentication and accounting. Let me
>> know how far you are with your config and I'll try to guide you.
>>
>> Jaime
>>
>> > Hi Jaime
>> > got ur email id from ser mailing lsit
>> > need ur help if you were able to configure the ser sip with free
>> radius
>> >
>> > regards,
>> > madan
Using the howto
8.2. Relaying PSTN in ser.cfg
The following is an extremely simple sample of how to relay a call from
a SIP client to the PSTN
# attempt handoff to PSTN
if(uri=~"^sip:9[0-9]*@mydomain.com"){
log("Forwarding to PSTN\n");
# The following line is not liked
t_relay_to( "192.168.0.2", "5060");
break;
};
gives:-
Aug 4 11:25:51 Sheriff ser: parse error (124,28-29): unknown command,
missing loadmodule?
Am I missing a module?
--
Dave Cotton <dcotton(a)linuxautrement.com>
> -----Original Message-----
> From: Nils Ohlmeier [mailto:nils@iptel.org]
...
> there will be a new module availble for our customers shortly
> which handles
> the replication of registers much more intelligent.
> It stores the missed Register from the "down" period and
> updates the recovered
> server with informations which are required by this server to
> be up-to-date
> again.
Sounds interesting, but what means "for our customers?" No open source?
regards,
Klaus
try this:
http://www.iptel.org/ser/doc/prerelease/x1026.html#AEN1032
> -----Original Message-----
> From: Dave Cotton [mailto:dcotton@linuxautrement.com]
> Sent: Monday, August 04, 2003 12:52 PM
> To: Serusers List
> Subject: Re: [Serusers] Relaying to PSTN
>
>
> On Mon, 2003-08-04 at 12:29, Daniel-Constantin Mierla wrote:
> > Hello,
> > check if you have tm and print modules loaded (if you use
> the same piece
> > of config as below). Otherwise, send us line 124 from your
> config file.
> >
> > Daniel
> >
> Effectively that was my line 124
> > >t_relay_to( "192.168.0.2", "5060")
>
> But since I mailed the list I've found a reference to
> t_relay_to_udp, if
> I use that I no longer get this error, and ser starts with 24
> processes
> accompanied by 48 mysql processes, having never seen ser working
> correctly so I have no idea if this is supposed to happen.
>
> Now I get good old 483 too many hops.
>
> --
> Dave Cotton <dcotton(a)linuxautrement.com>
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
>
Hi List
i m using Sip EXpress router (0.8.12dev-t11 (i386/linux) from latest cvs
and i m trying hard to get it working with free radius
i have installed freeradius but not sure how to get it working with ser
if i user radius_www_authorize i get following in logs
##
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: unknown
cmd 1073986580
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: dead
child 3
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: unknown
cmd 1073986580
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: dead
child 4
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: unknown
cmd 1073986580
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: dead
child 5
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: unknown
cmd 1073986580
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: dead
child 6
Aug 4 16:32:51 sip /usr/local/sbin/ser[15048]: BUG: tcp_main_loop: unknown
cmd 1073986580
Aug 4 16:33:29 sip ser: parse error (106,62-63): unknown command, missing
loadmodule?
------ which module is missing here
i m attaching my ser.cfg file please let me know where am getting it wrong
------------------------------ser.cfg--------------------------
#
# $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 1)
modparam("auth_radius", "radius_config","/usr/local/etc/raddb/clients.conf")
#modparam("uri_radius", "service_type", 11)
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
modparam("usrloc", "db_url", "sql://root:heslo@localhost/ser")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (len_gt( max_len )) {
sl_send_reply("513", "Message too big");
break;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
record_route();
# loose-route processing
if (loose_route()) {
t_relay();
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri=~"sip.net4india.com") {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
# if (!www_authorize("mydomain", "subscriber")) {
if (radius_www_authorize("mydomain", "subscriber")) {
www_challenge("mydomain", "0");
break;
};
save("location");
break;
};
##LOGGING FOR TESTING
if (method=="REGISTER") {
log(1, "REGISTER received\n");
} else {
log(1, "non-REGISTER received\n");
};
if (uri=~"sip:.*[@:]mydomain") {
log(1, "request for mydomain\n");
} else {
log(1, "request for other domain received\n");
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
#};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
if (!t_relay()) {
sl_reply_error();
};
};
}
here is another thing hitting me hard :-(
i believe this related to sql query being made to radius db by ser
if you can let me know how to go abt it i'll be very obliged,
Aug 2 19:07:05 sip ./ser[29111]: submit_query(): Unknown column
'username'in 'field list'
Aug 2 19:07:05 sip ./ser[29111]: submit_query(): Error while submitting
query
Aug 2 19:07:05 sip ./ser[29111]: preload_udomain(): Error while doing
db_query
Aug 2 19:07:05 sip ./ser[29111]: register_udomain(): Error while preloading
domain 'location'
Aug 2 19:07:05 sip ./ser[29111]: domain_fixup(): Error while registering
domain
--Madan
