sr-users September 2003

sr-users@lists.kamailio.org

86 participants
209 discussions

by Dovid

My understanding is that loose_route() checks for a Route header field. The standard cfg entry will then relay the SIP request. Let's take the following scenario. I have a PSTN gateway which listens on port 5060 and accepts to that port only from my SIP proxy. Normally the proxy takes care of authentication and authorization and if approved, forwards to the gateway. What if someone were to send an INVITE to my proxy with a header: Route: <sip:phone-number@pstn-gateway>? Would the proxy forward it, and the gateway then set up the call? Thanks in advance. Dovid

21 years, 1 month

[Serusers] re: Problems with accounting - can't get stop records

by jaime.gil＠orange.co.uk

Steven, This was the config used: # # $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=3 # debug level (cmd line: -dddddddddd) fork=no log_stderror=yes # (cmd line: -E) /* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "./modules/mysql/mysql.so" loadmodule "./modules/sl/sl.so" loadmodule "./modules/tm/tm.so" loadmodule "./modules/rr/rr.so" loadmodule "./modules/maxfwd/maxfwd.so" loadmodule "./modules/usrloc/usrloc.so" loadmodule "./modules/registrar/registrar.so" loadmodule "./modules/uri/uri.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "./modules/auth/auth.so" loadmodule "./modules/auth_db/auth_db.so" loadmodule "modules/acc/acc.so" loadmodule "./modules/auth_radius/auth_radius.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- modparam("usrloc", "db_mode", 2) modparam("auth_radius", "radius_config", "/usr/local/etc/radiusclient/radiusclient.conf") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) modparam("acc", "log_level", 1) modparam("acc", "radius_flag", 1) # ------------------------- request routing logic ------------------- alias=xxxxx.orange.co.uk # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (len_gt( max_len )) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing # if (loose_route()) { # t_relay(); # break; # }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (method=="REGISTER") { log(1, "REGISTER: Authenticating user\n"); if (!radius_www_authorize("")) { log(1, "REGISTER: challenging user\n"); www_challenge("", "0"); break; }; save("location"); break; }; if (method=="INVITE") { log(1, "INVITE\n"); setflag(1); /* set for accounting (the same value as in log_flag!) */ }; if (method=="MESSAGE") { log(1, "MESSAGE\n"); setflag(1); /* set for accounting (the same value as in log_flag!) */ }; if (method=="BYE" || method=="CANCEL") { log (1, "BYE or CANCEL\n"); setflag(1); }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; if (!t_relay()) { sl_reply_error(); break; }; } "Steven R. Bunin" <steve(a)solaas.com> on 29/09/2003 19:01:55 To: Jaime GIL/EN/HTLUK@HTLUK cc: serusers(a)lists.iptel.org Subject: re: Problems with accounting - can't get stop records Jaime, Thanks for the resposne.. I have my loose_route shut off. I think the problem may have to do with an error message I am receiving which is "ERROR: reply cannot be parsed" from my stderr. Do you have a working version of a script that works with 0.8.11 and gets stop records I could look at? It should give me a hand.. I know I am so close to solving this but it is a struggle. Steve jaime.gil(a)orange.co.uk wrote: > Steven, > > I remember having the same problem. In my case, the problem seemed to be in the > loose_route processing. I don't know what it has to do with the accounting > module, but commenting out this part made the trick in my case. > > Jaime > > "Steven R. Bunin" <steve(a)solaas.com> on 26/09/2003 17:11:41 > > To: serusers(a)lists.iptel.org > cc: (bcc: Jaime GIL/EN/HTLUK) > > Subject: [Serusers] Re: Serusers Digest, Vol 5, Issue 63 > > Hi all, > > I have successfully gotten radius authentication working and I started getting > Radius Start records for accounting but I am not sure what I am doing wrong in > regards to getting radius Stop records. > > Below is the area I believe has the most affect on Radius Acccounting from my > Log File. Any suggestions would be appreciated and if it would help to see the > full Config file I will send it as well. > > record_route(); > > if (method=="REGISTER") { > > # Uncomment this if you want to use digest authentication > if (!radius_www_authorize("")) { > www_challenge("", "0"); > break; > }; > > save("location"); > break; > }; > > if (method =="INVITE") > { > log(1,"INVITE\n"); > setflag(1); > }; > if (method=="MESSAGE") { > log(1,"MESSAGE\n"); > setflag(1); > }; > if (method=="BYE"){ > log (1, "BYE or CANCEL\n"); > setflag(1); > }; > if (method=="CANCEL"){ > log (1, "BYE or CANCEL\n"); > setflag(1); > }; > > Thanks in advance, > > Steve > > _______________________________________________ > Serusers mailing list > serusers(a)lists.iptel.org > http://lists.iptel.org/mailman/listinfo/serusers > > ------------------------------------------------------------------------ > Name: att1.eml > att1.eml Type: Internet E-Mail Message (message/rfc822) > Encoding: base64 > > ------------------------------------------------------------------------ > > ******************************************************************************* > Important. > Confidentiality: This communication is intended for the above-named person and > may be confidential and/or legally privileged. Any opinions expressed in this > communication are not necessarily those of the company. If it has come to you > in error you must take no action based on it, nor must you copy or show it to > anyone; please delete/destroy and inform the sender immediately. > > Monitoring/Viruses > Orange may monitor all incoming and outgoing emails in line with current > legislation. Although we have taken steps to ensure that this email and > attachments are free from any virus, we advise that in keeping with good > computing practice the recipient should ensure they are actually virus free. > > Orange PCS Limited is a subsidiary of Orange SA and is registered in England No > 2178917, with its address at St James Court, Great Park Road, Almondsbury Park, > Bradley Stoke, Bristol BS32 4QJ. > ******************************************************************************* -- Steven R. Bunin - Managing Partner SOLAAS LLC 10 East 39th Street Suite 1125 New York, NY 10016 (+001) 212-532-6700 Cellular: 646-739-7000 Fax (+001) 212-532-6776 http://www.solaas.com -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ******************************************************************************* Important. Confidentiality: This communication is intended for the above-named person and may be confidential and/or legally privileged. Any opinions expressed in this communication are not necessarily those of the company. If it has come to you in error you must take no action based on it, nor must you copy or show it to anyone; please delete/destroy and inform the sender immediately. Monitoring/Viruses Orange may monitor all incoming and outgoing emails in line with current legislation. Although we have taken steps to ensure that this email and attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free. Orange PCS Limited is a subsidiary of Orange SA and is registered in England No 2178917, with its address at St James Court, Great Park Road, Almondsbury Park, Bradley Stoke, Bristol BS32 4QJ. *******************************************************************************

21 years, 1 month

[Serusers] Re: Serusers Digest, Vol 5, Issue 63

by Steven R. Bunin

Hi all, I have successfully gotten radius authentication working and I started getting Radius Start records for accounting but I am not sure what I am doing wrong in regards to getting radius Stop records. Below is the area I believe has the most affect on Radius Acccounting from my Log File. Any suggestions would be appreciated and if it would help to see the full Config file I will send it as well. record_route(); if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!radius_www_authorize("")) { www_challenge("", "0"); break; }; save("location"); break; }; if (method =="INVITE") { log(1,"INVITE\n"); setflag(1); }; if (method=="MESSAGE") { log(1,"MESSAGE\n"); setflag(1); }; if (method=="BYE"){ log (1, "BYE or CANCEL\n"); setflag(1); }; if (method=="CANCEL"){ log (1, "BYE or CANCEL\n"); setflag(1); }; Thanks in advance, Steve

21 years, 1 month

[Serusers] Please Help....!!!! Proxy and SERWEB

by Shirley Toh

Hi, I am facing a few problem, please help: 1. I have installed Serweb in my Linux server, I try to register as a new user but the data is not inserted into the database. Please advice what can this problem be and files that i can checked. And also on my system I am unable to login but using other system I am able to login into the admin and user page. 2. I have installed sipsak to see the status of the server but I am not very sure how to start it as the guide is very limited as I need to check whether the ser is up and running fine with ppl coming in. 3. Please advice whether the proxy is already residing in the SER or I need to actually installed the proxy and where can I find the proxy server? 4. I like to confirm the sip address is my username@mydomain right? *Have a nice day (",)* Regards, Shirley

21 years, 1 month

[Serusers] Serweb

by Rami Francis

Hello All, On what port should I access the serweb to configure my IPtel, following the IP-address of the machine, what would be the port to use in the browser. Thank you

21 years, 1 month

[Serusers] rtpproxy

by Dovid

Does anyone know of a working site to download rtpproxy? https://demo.portaone.com/~sobomax/PortaSIP is not responding. (Does anyone have a copy to send me?) Dovid

21 years, 1 month

RE: [Serusers] SER/SIP & RADIUS/Auth-Type = Digest

by Steve Dolloff

I have installed freeradius according to the "HOW TO" for radius and now I am seeing the following error. I assume that since I am seeing errors on both servers that it is a problem with either the dictionary or the client. Here are the new error logs... any ideas? rad_recv: Access-Request packet from host 209.242.100.153:33612, id=103, length=148 User-Name = "sdolloff" Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7" Digest-Attributes = "\001\017voip2.test.net" Digest-Attributes = "\002\006test" Digest-Attributes = "\003\010INVITE" Digest-Attributes = "\004\034sip:5555551212@example.com" Digest-Attributes = "\006\005MD5" Digest-Attributes = "\n\nsdolloff" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "chap" returns noop rlm_eap: EAP-Message not found modcall[authorize]: module "eap" returns noop rlm_digest: Converting Digest-Attributes to something sane... Digest-Realm = "voip2.test.net" Digest-Nonce = "test" Digest-Method = "INVITE" Digest-Uri = "sip:5555551212@example.com" Digest-Algorithm = "MD5" Digest-User-Name = "sdolloff" rlm_digest: Adding Auth-Type = DIGEST modcall[authorize]: module "digest" returns ok rlm_realm: No '@' in User-Name = "sdolloff", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok modcall[authorize]: module "mschap" returns noop modcall: group authorize returns ok rad_check_password: Found Auth-Type DIGEST auth: type "digest" modcall: entering group authenticate rlm_digest: Configuration item "User-Password" is required for authentication. modcall[authenticate]: module "digest" returns invalid modcall: group authenticate returns invalid auth: Failed to validate the user. Delaying request 6 for 1 seconds Finished request 6 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 103 to 209.242.100.153:33612 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 6 ID 103 with timestamp 3f79e7dc Nothing to do. Sleeping until we see a request. Subject: Re: [Serusers] SER/SIP & RADIUS/Auth-Type = Digest On (30.09.03 13:54), Steve Dolloff wrote: > 209.242.100.153 for 'sdolloff(a)voip2.test.net' is ignored;no password > or CHAP password is used Your RADIUS server has to support Digest Authentication, and the line above seems to indicate that it does not do that. If you can change your Radius server software, give Freeradius or Radiator (commercial, but excellent) a try. If you can not, try to educate your existing server to do CHAP-Type authentication. hope that helps. Alex Mayrhofer nic.at

21 years, 1 month

[Serusers] serweb not working?

by H�kan

My problem is when I go to http://my.domain/admin/index.php I get this information:- Warning: Access denied for user: 'ser(a)sip.sm6tpn.mine.nu' (Using password: YES) in /var/www/phplib/db_mysql.inc on line 73 Database error: pconnect(192.168.10.121, ser, $Password) failed. MySQL Error: () Session halted. I have installd ser-0.8.11-0.i386.rpm ser-jabber-0.8.11-0.i386.rpm ser-mysql-0.8.11-0.i386.rpm php-4.1.2-7.i386.rpm php-mysql-4.1.2-7.i386.rpm mysql-server-3.23.49-3.i386.rpm apache-1.3.27-5.i386.rpm I run RedHat 7.3 kernel 2.4.20-20.7 I can logging in as ser and serro in mysql. the ser db is there too. I have folowed Dan Austins SER HowTo but no luck :-( Please help me. My head is hurting ;-) regardes Hakan.

21 years, 1 month

[Serusers] RE: ser and enum (bind) issue

by Marc Archer

Hi all, My issue got sorted on the bind mailing list. FYI, I needed a zone file like the following to get the query to work: localhost A 127.0.0.1 $ORIGIN 8.6.4.e164.arpa. 9 IN NAPTR 100 10 "u" "e2u+sip" "!^.*$!sip:4251@aastra.com!" . Cheers, Marc

21 years, 1 month

[Serusers] SER/SIP & RADIUS/Auth-Type = Digest

by Steve Dolloff

I am trying to get radius authentication working with ser. I believe that I have set up the radiusclient and dictionary files correctly. This is the response that I am getting from the radius system. Here are some logs from the radius server. It appears that I am not sending a password. Any ideas where I could look next? This is a VMS radius system. 30-SEP-2003 12:38:21.45 %RADIUS-S-AUTHSTATUS, Request #74, Code = 3, from 209.242.10.153:32865, Username = sdolloff(a)voip2.test.net HEX Dump of a packet follows... 01 4B 00 D4 43 18 C0 76 5B EC 17 E3 FF 73 B7 0A D7 5D E6 BA 01 18 73 64 6F 6C 6C 6F 66 66 40 76 6F 69 70 32 2E 64 6C 73 2E 6E 65 74 CF 0C 0A 0A 73 64 6F 6C 6C 6F 66 66 CF 11 01 0F 76 6F 69 70 32 2E 64 6C 73 2E 6E 65 74 CF 2C 02 2A 33 66 37 39 64 30 35 34 35 65 62 64 37 30 37 62 36 31 34 36 39 63 65 61 66 62 33 37 32 33 38 36 65 37 63 64 31 32 39 66 CF 15 04 13 73 69 70 3A 76 6F 69 70 32 2E 64 6C 73 2E 6E 65 74 CF 0C 03 0A 52 45 47 49 53 54 45 52 CE 22 39 66 62 63 62 32 34 32 38 37 62 35 63 66 62 62 32 36 61 66 62 35 30 38 33 64 36 30 38 63 37 38 06 06 00 00 00 0F D0 0A 73 64 6F 6C 6C 6F 66 66 04 06 D1 F2 0A 99 05 06 00 00 13 C4 RECV:Request from host 209.242.100.153:32865 code=1, id=75, length=212 User-Name = "sdolloff(a)voip2.test.net" Digest-Attributes = "..sdolloff" Digest-Attributes = "..voip2.test.net" Digest-Attributes = ".*3f79d0545ebd707b61469ceafb372386e7cd129f" Digest-Attributes = "..sip:voip2.test.net" Digest-Attributes = "..REGISTER" Digest-Response = "9fbcb24287b5cfbb26afb5083d608c78" Service-Type = Sip-Session Sip-Uri-User = "sdolloff" NAS-IP-Address = 209.242.100.153 NAS-Port = 5060 AUTH:Processing request id 75 from 209.242.100.153 for sdolloff(a)voip2.test.net Username='sdolloff',Password='' Set of DA-sub-attributes is not complete 30-SEP-2003 12:38:21.51 %RADIUS-E-AUTH_NOPASSW, AUTH:Request from 209.242.100.153 for 'sdolloff(a)voip2.test.net' is ignored;no password or CHAP password is used AUTH:Sending Reject for id 75 to 209.242.100.153 HEX Dump of a packet follows... 30-SEP-2003 12:38:21.51 %RADIUS-S-AUTHSTATUS, Request #75, Code = 3, from 209.242.100.153:32865, Username = sdolloff(a)voip2.test.net Any help would be greatly appreciated. Stephen

21 years, 1 month

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users September 2003