I am use ser-0.8.14 in gentoo.
my project is of:
|--------| |----------| |---------|
| | |ser-0.8.14| internet |firewall |
| lan + |<======>|+ rtpproxy|<======================>|nat
|<==========> client (msn/phone)
| phones | | | |proxy |
| + msn | |----------| |---------|
|--------|
192.168.1.0/24 192.168.1.1/200.48.60.186/248
the rtpproxy this running
ps aux
root 1570 0.0 0.3 1984 360 ? Ss 12:15 0:00
/root/rtpproxy/rtpproxy
but in the moment to initialize the being it leaves these errors;
as I can fix it?
0(1788) mod_init(): Database connection opened successfuly
acc - initializing
exec - initializing
print - initializing
textops - initializing
0(0) INFO: udp_init: SO_RCVBUF is initially 108544
0(0) INFO: udp_init: SO_RCVBUF is finally 217088
0(0) INFO: udp_init: SO_RCVBUF is initially 108544
0(0) INFO: udp_init: SO_RCVBUF is finally 217088
1(1793) ERROR: send_rtpp_command: can't read reply from a RTP proxy
1(1793) WARNING: rtpp_test: can't get version of the RTP proxy
1(1793) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
2(1794) ERROR: send_rtpp_command: can't read reply from a RTP proxy
2(1794) WARNING: rtpp_test: can't get version of the RTP proxy
2(1794) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
localhost init.d # 9(1816) INFO: fifo process starting: 1816
3(1795) ERROR: send_rtpp_command: can't read reply from a RTP proxy
3(1795) WARNING: rtpp_test: can't get version of the RTP proxy
3(1795) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
5(1806) ERROR: send_rtpp_command: can't read reply from a RTP proxy
5(1806) WARNING: rtpp_test: can't get version of the RTP proxy
5(1806) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
6(1807) ERROR: send_rtpp_command: can't read reply from a RTP proxy
6(1807) WARNING: rtpp_test: can't get version of the RTP proxy
6(1807) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
4(1805) ERROR: send_rtpp_command: can't read reply from a RTP proxy
4(1805) WARNING: rtpp_test: can't get version of the RTP proxy
4(1805) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
7(1808) ERROR: send_rtpp_command: can't read reply from a RTP proxy
7(1808) WARNING: rtpp_test: can't get version of the RTP proxy
7(1808) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
9(1816) ERROR: send_rtpp_command: can't read reply from a RTP proxy
9(1816) WARNING: rtpp_test: can't get version of the RTP proxy
9(1816) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
9(1816) SER: open_uac_fifo: fifo server up at /tmp/ser_fifo...
8(1815) ERROR: send_rtpp_command: can't read reply from a RTP proxy
8(1815) WARNING: rtpp_test: can't get version of the RTP proxy
8(1815) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
10(1839) ERROR: send_rtpp_command: can't read reply from a RTP proxy
10(1839) WARNING: rtpp_test: can't get version of the RTP proxy
10(1839) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
12(1842) ERROR: send_rtpp_command: can't read reply from a RTP proxy
12(1842) WARNING: rtpp_test: can't get version of the RTP proxy
12(1842) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
11(1841) ERROR: send_rtpp_command: can't read reply from a RTP proxy
11(1841) WARNING: rtpp_test: can't get version of the RTP proxy
11(1841) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
0(1788) ERROR: send_rtpp_command: can't read reply from a RTP proxy
0(1788) WARNING: rtpp_test: can't get version of the RTP proxy
0(1788) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
14(1848) ERROR: send_rtpp_command: can't read reply from a RTP proxy
14(1848) WARNING: rtpp_test: can't get version of the RTP proxy
14(1848) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
15(1849) ERROR: send_rtpp_command: can't read reply from a RTP proxy
15(1849) WARNING: rtpp_test: can't get version of the RTP proxy
15(1849) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
13(1847) ERROR: send_rtpp_command: can't read reply from a RTP proxy
13(1847) WARNING: rtpp_test: can't get version of the RTP proxy
13(1847) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily
11(1841) ERROR: mk_proxy: could not resolve hostname: "cwafrica.com.pe"
11(1841) ERROR: uri2proxy: bad host name in URI <sip:rbolivar@cwafrica.com.pe>
11(1841) ERROR: t_forward_nonack: failure to add branches
11(1841) ERROR: mk_proxy: could not resolve hostname: "cwafrica.com.pe"
11(1841) ERROR: uri2proxy: bad host name in URI <sip:rbolivar@cwafrica.com.pe>
11(1841) ERROR: t_forward_nonack: failure to add branches
and script is:
# ------------- version 0.8.11-0
# ------------- Initial global variables
debug=3
fork=yes
log_stderror=yes
listen=200.60.219.116
listen=127.0.0.1
alias=cwafrica.com.pe
alias=200.60.219.116
dns=no
rev_dns=no
port=5060
children=4
# check_via - Turn on or off Via host checking when forwarding replies.
# Default is no. arcane. looks for discrepancy between name and
# ip address when forwarding replies.
check_via=yes
# syn_branch - Shall the server use stateful synonym branches? It is
# faster but not reboot-safe. Default is yes.
syn_branch=yes
# memlog - Debugging level for final memory statistics report. Default
# is L_DBG -- memory statistics are dumped only if debug is set high.
memlog=3
# sip_warning - Should replies include extensive warnings? By default
# yes, it is good for trouble-shooting.
sip_warning=yes
# fifo - FIFO special file pathname
fifo="/tmp/ser_fifo"
fifo_mode=0666
# server_signature - Should locally-generated messages include server's
# signature? By default yes, it is good for trouble-shooting.
server_signature=yes
# reply_to_via - A hint to reply modules whether they should send reply
# to IP advertised in Via. Turned off by default, which means that
# replies are sent to IP address from which requests came.
reply_to_via=no
# user | uid - uid to be used by the server. 99 = nobody.
#uid="nobody"
# group | gid - gid to be used by the server. 99 = nobody.
#gid="nobody"
# mhomed -- enable calculation of outbound interface; useful on
# multihomed servers.
mhomed=0
# ------------- external module loading
loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/auth_db.so"
loadmodule "/usr/lib/ser/modules/acc.so"
loadmodule "/usr/lib/ser/modules/exec.so"
loadmodule "/usr/lib/ser/modules/group.so"
loadmodule "/usr/lib/ser/modules/print.so"
loadmodule "/usr/lib/ser/modules/textops.so"
loadmodule "/usr/lib/ser/modules/uri.so"
loadmodule "/usr/lib/ser/modules/nathelper.so"
# ------------- tm parameters
modparam("tm", "fr_timer", 12)
modparam("tm", "fr_inv_timer", 24)
# ------------- rr parameters
# set ";lr" tag to .;lr=true.
modparam("rr", "enable_full_lr", 1)
# ------------- accounting parameters
modparam("acc", "log_missed_flag", 3)
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
# ------------- usrloc parameters
# 2 enables write-back to persistent mysql storage for speed
# disable=0, write-through=1
modparam("usrloc", "db_mode", 2)
# minimize write back window - default is 60 seconds
modparam("usrloc", "timer_interval", 10)
# database location
modparam("usrloc", "db_url", "sql://ser:heslo@localhost/ser")
# ------------- auth parameters
# database location
modparam("auth_db", "db_url", "sql://ser:heslo@localhost/ser")
# allows clear text passwords in the mysql database
modparam("auth_db", "calculate_ha1", yes)
# name of password column in mysql database
modparam("auth_db", "password_column", "password")
# ------------- routing logic
route {
# ------------- routine checks
# stop forwarding at 10 hops to prevent infinite loops
if (!mf_process_maxfwd_header("10")) {
log(1, "LOG: Too many hops\n");
sl_send_reply("483", "Too many hops");
break;
};
# rutas perdidas
loose_route();
# prevents private ip space from being used
#if (search("^(Contact|m):
.*(a)(192\.168\.|10\.|172\.16|(ilse\.)?cwafrica\.com\.pe)")) {
# contacto sdp
if (status=~"2[0-9][0-9]"){
fix_nated_contact();
fix_nated_sdp("3");
}
/* registration (uses rewritten contacts) */
if (method=="REGISTER") {
save("location");
break;
};
if (method=="INVITE") {
record_route();
if (isflagset(1)) { # ATA ?
fix_nated_sdp("3");
};
/* set up reply processing */
t_on_reply("1");
};
if (method == "INVITE" || method == "CANCEL") {
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
/* set up reply processing and forward statefuly */
t_relay();
# metodo se ve despues
# if (method=="REGISTER") {
# log(1, "LOG: Someone trying to register from private IP\n");
# sl_send_reply("479", "Please don't use private IP addresses" );
# break;
# };
#};
# separate the destination r-uri from the set of proxies that must
be traversed
loose_route();
# if the host portion of the request uri is not local, send it directly
# to route processing.
if (!(uri==myself)) {
route(2);
break;
};
# All REGISTER attempts are processed and must always be authenticated
if (method=="REGISTER") {
# make sure that users don't register infinite loops
if (search("^(Contact|m):
.*(a)(200\.60\.219\.116|(ilse\.)?cwafrica\.com\.pe)")) {
log(1, "LOG: alert: someone trying to set aor==contact\n");
sl_send_reply("476", "No Server Address in Contacts Allowed" );
break;
};
# challenge/response
if (!www_authorize("cwafrica.com.pe", "subscriber")) {
www_challenge("cwafrica.com.pe", "0");
break;
};
# only registered users are allowed
if (!is_user("replicator") & !check_to()) {
log(1, "LOG: unregistered user registration attempt\n");
sl_send_reply("403", "Only registered users are allowed");
break;
};
# it is an authenticated request, update Contact database now
if (!save("location")) {
sl_reply_error();
};
break;
};
# process traffic local to BigU and the PSTN
# Find the canonical username
lookup("aliases");
# check domain again, if it is not still local after the alias
# table lookup, just send it on its way. We do not authenticate
# traffic we forward
if (!(uri=~"^sip:(.+@)?(200\.60\.219\.116|(ilse\.)?cwafrica\.com\.pe)([:;\?].*)?$"))
{
route(5);
break;
};
# now check for destinations through the gateway. 911 and 9911
# are always sent to the gateway. The assumption is that other all
# numeric usernames between 5 and 20 digits are really pstn numbers
# and so they are routed to the gateway
if ( (uri=~"^sip:911@.*") | (uri=~"^sip:9911@.*") |
(uri=~"sip:[0-9]{5,20}@.*") ) {
route(3);
break;
};
# does the user wish redirection on no availability? (i.e., is he
# in the voicemail (ser->grp) group?)
if (is_user_in("Request-URI", "voicemail")) {
t_on_failure("4");
setflag(4);
};
# handle local SIP destinations not found in usrloc db
# mostly offline or non-existent users
if (!lookup("location")) {
route(4);
break;
};
# check whether some inventive user has uploaded gateway
# contacts to usrloc to bypass authorization logic
if (uri=~"@200.60.219.118([;:].*)*" ) {
log(1, "LOG: Gateway address in UsrLoc\n");
route(3);
break;
};
# this flag is used with the acc module to report missed calls
# to syslog.
setflag(3);
# do it (words to live by)
append_hf("P-hint: USRLOC\r\n");
if (!t_relay()) {
sl_reply_error();
break;
};
} /* end of initial routing logic */
# ------------- process traffic leaving BigU for Internet
route[2] {
# outbound requests are allowed only for registered BigU users
if (!(src_ip==200.60.219.116) &
!(proxy_authorize("cwafrica.com.pe", "subscriber"))) {
# ACK and CANCEL have no security mechanisms so they are just
# noted
if (method=="ACK" | method=="BYE") {
log(1, "LOG: failed outbound authentication for ACK granted\n");
} else if (method=="CANCEL") {
log(1, "LOG: failed outbound authentication for CANCEL granted\n");
} else {
proxy_challenge("cwafrica.com.pe", "0");
break;
};
};
# to maintain credibility of our proxy, we check From in INVITEs
if (!src_ip==200.60.219.116 & method=="INVITE" & !check_from()) {
log(1, "LOG: Spoofed from attempt\n");
sl_send_reply("403", "Use From=id next time");
break;
};
append_hf("P-hint: OUTBOUND ON INTERNET\r\n");
if (!t_relay()) {
sl_reply_error();
break;
};
}
# ------------- process traffic leaving Internet for PSTN
route[3] {
# all calls through the gateway must be record routed to assure
# acl acceptance on the gateway
record_route();
# send out emergency calls to pstn gateway immediately
if ( (uri=~"^sip:911@.*") | (uri=~"^sip:9911@.*") ) {
rewritehostport("200.60.219.118:5060");
forward(uri:host, uri:port);
break;
};
# five digit numeric addresses are internal freebies sent to the pbx
# without authentication
if (uri=~"^sip:[0-9]{5}@(200.60.219.116|(ilse\,)?\.cwafrica\.com\.pe)") {
rewritehostport("200.60.219.118:5060");
forward(uri:host, uri:port);
break;
};
# all numeric addresses beginning with 9 go to the pbx on the way
# to the PSTN
# first the caller needs to be authenticated
if (uri=~"^sip:9[0-9]*@(200.60.219.116|(ilse\.)?cwafrica\.edu\.pe)") {
if (!(src_ip==200.60.219.116 | method==ACK | method=="CANCEL" |
method=="BYE")) {
if (!proxy_authorize("cwafrica.com.pe", "subscriber")) {
proxy_challenge( "cwafrica.com.pe","0");
break;
} else if (method=="INVITE" & !check_from()) {
log(1, "LOG: Spoofed from attempt\n");
sl_send_reply("403", "Use From=id next time");
break;
};
};
if (method=="INVITE") {
# if the r-uri begins 91, does the authenticated user have
# permission for long distance
if (uri=~"sip:91[0-9]*@.*") {
if (!is_user_in("credentials", "ld")) {
sl_send_reply("403", "Local calls only");
break;
};
};
};
# authenticated and authorized, now accounting is set
setflag(1);
};
rewritehostport("200.60.219.118:5060");
append_hf("P-hint: GATEWAY\r\n");
if (!t_relay()) {
sl_reply_error();
break;
};
}
# ------------- process calls for users offline
route[4] {
if (!t_newtran()) {
sl_reply_error();
};
if (!t_reply("404", "Not Found")) {
sl_reply_error();
};
break;
}
# ------------- process aliased outbound traffic
# inbound requests that have been aliased to a non-BigU domain
# are not authenticated by BigU
route[5] {
append_hf("P-hint: ALIASED-OUTBOUND\r\n");
if (!t_relay()) {
sl_reply_error();
break;
};
}
# ------------- CC-Diversion to voicemail
failure_route[4] {
append_branch("sip:80000@200.60.219.118");
append_urihf("CC-Diversion: ", "\r\n");
append_hf("P-hint: OFFLINE-VOICEMAIL\r\n");
t_relay();
}
Hello List.
I have a question about how SIP and SER work with the Registered
Endpoints. Suppose that i have and endpoint with obtaining IP by DHCP. In
the first attemp the REGISTER have the IP : 10.0.0.1. Suppose that after a
while the enpoint is disconnected and connected again, so by DHCP it takes
another IP, for example 10.0.0.5. So in my location table i see.
-----
aor : '5555832351'
Contact : 'sip:5555832351@10.0.0.1'
Expires : 642
-----
aor : '5555832351'
Contact : 'sip:5555832351@10.0.0.5'
Expires : 3000
----
So when i call to the 555-5832351 SER generates two INVITES (to the 2
registered endpoints) but only the 10.0.0.5 answer the call. So far this is
not a problem, but suppose now that a new endpoint with number 5555832359
obtain by DHCP the old IP 10.0.0.1, so it tries to register with the
SIP-Proxy . What i see in the location table is now:
-----
aor : '5555832359'
Contact : 'sip:5555832359@10.0.0.1'
Expires : 3000
-----
aor : '5555832351'
Contact : 'sip:5555832351@10.0.0.1'
Expires : 442
-----
aor : '5555832351'
Contact : 'sip:5555832351@10.0.0.5'
Expires : 2800
----
So when i call to the 555-5832351 the INVITE goes to these 3 endpoints.
Generating too much traffic and erroneus RESPONSE messages in SER and in the
endpoints.
My question is : Is posible only permit one IP address per endpoint
registered in the location table?. Or make sure that only one endpoint with
a given IP and URI is registered in the location DB?.
Thanks in advance
Best Regards
Ricardo.-
Hi all,
I am writing a software that should receive some information from SER. I need to be notified when a new call has been set up. The info that my software needs are: SDP message of the caller (contained in INVITE) and of the callee (contained in 200 OK reply).
Does anybody know how I can obtain this?
Thanks for you support
Alessandro
Hi All.
I can't say exactly what the difference is between usrloc in ser-0.8.14 and
devXX but I cannot get dev12 to store UA locations in the location table in
MySQL when using any devXX release. This works perfectly fine in ser-0.8.14.
Does anyone here have the MySQL location table working with devXX?
Cheers,
Paul
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
Hi!
I'm using ser with X-Ten Lite Soft-UA and Siemens optiPoint 400 IP
phones. Problem is: the Siemens phones don't register themselves correctly.
For example:
(e.g., ser has IP 100.100.100.100)
Soft-UA is "sip:30@mydomain.org"
Phone 1 is "sip:31@mydomain.org"
Phone 2 is "sip:32@mydomain.org"
Soft-UA registers itself as "sip:30@mydomain.org"
Phone 1 registers itself as "sip:31@100.100.100.100" (seems to be odd
behaviour)
Phone 2 registers itself as "sip:32@100.100.100.100"
But now the lookup fails if you start dialing from the phones. If you
dial "32" (e.g. from Phone 1), the phone generates an INVITE to
"sip:32@mydomain.org" which can't be found in usrloc (DEBUG tells that)
and the call fails. If you dial "30" from the same phone, the call comes
through, because "sip:30@mydomain.org" was found in usrloc.
I tried to mangle the uri in the REGISTER message before
"save("location");", without effect. I've used "replace(re, str)", but
it didn't seem to work.
Any ideas to overcome that bug of the phones?
Thanks!
Alex.
Hello Sir,
I found that adding the following configuration in ser.cfg will fix the 478 problem.
alias=my.domain (the same as SIP_DOMAIN)
Regards,
whkuo
that linux distribution is good to install the be-0.8.14 I am proving
in gentoo but have I seen that other distributions have but it
supports or not you?
could somebody tell me that linux distribution is better?
darwin_ppc
freebsd
linux
netbsd
openbsd
solaris
in gentoo(linux) I have several problems if it is not a thing it is
other, it is good the gentoo but I don't have when to finish
Hello,
I have over the last few weeks been trying to get ser
to work with rtpproxy and NAT. Today I was finally
able to make calls from and to a privately addressed
UA located behind a NAT device.
My questions are regarding the NAT example config that
is included with the CVS and the section dealing with
private addressing. In order for my calls to go
through I had to remove one of the private ranges from
the following section:
route[1]
{
# !! Nathelper
if
(uri=~"[@:](192\.168\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)"
&& !search("^Route:")){
sl_send_reply("479", "We don't forward to
private IP addresses");
break;
};
Why is there a need to restrict what goes to rtpproxy?
Is it related to how nathelper flags a NATed UA? I
think the nathelper module identifies a NATed UA by
looking to see if the via and received parameters are
different. There is also a note regarding private
addressing (RFC 1918). Can someone clarify this
relationship?
Thank you in advance,
Allan
______________________________________________________________________
Post your free ad now! http://personals.yahoo.ca
Dear Marian.
As far as i know i downloaded the Stable 0.8.14 version from the ftp
site:
ftp://ftp.berlios.de/pub/ser/0.8.14/src/ser-0.8.14_src.tar.gz
Is there any problem with this version too?-
Anyway, if i wanna download a stable version via CVS which is the
command to do that?
Best Regards.
Ricardo.-
-----Mensaje original-----
De: Marian Dumitru [mailto:marian.dumitru@voice-sistem.ro]
Enviado el: Miércoles, 27 de Octubre de 2004 17:22
Para: Ricardo Martinez
CC: 'serusers(a)lists.iptel.org'
Asunto: Re: [Serusers] Question about REGISTER.
Hi Ricardo,
Are you using the unstable version (cvs head)? there were reported some
strange behaviours of usrloc in this version. Please use the 0.8.14
release (cvs tag rel_0_8_14)
Best regards,
Marian Dumitru
--
Voice Sistem
http://www.voice-sistem.ro
Ricardo Martinez wrote:
> Dear Marian.
> Thanks again for your response. I used the commands you recommend
> me and i saw the inverse bahaivor. First the original IP is 10.0.0.1, then
> for test purposes i changed to 10.0.0.5 and registered again. Here is my
> location table after the endpoint is registered again with another IP
> address.
>
> ...Record(0x422b9158)...
> domain: 'location'
> aor : '5555832351'
> ~~~Contact(0x422b91a0)~~~
> domain : 'location'
> aor : '5555832351'
> Contact : 'sip:5555832351@10.0.0.1'
> Expires : 831
> q : 0.00
> Call-ID : 'e0928e42-fd7e-df78-8000-0002a400f1e9(a)10.0.0.1'
> CSeq : 3456
> replic : 0
> User-Agent: 'AddPac SIP Gateway'
> State : CS_NEW
> Flags : 0
> next : 0x422b9390
> prev : (nil)
> ~~~/Contact~~~~
> ~~~Contact(0x422b9390)~~~
> domain : 'location'
> aor : '5555832351'
> Contact : 'sip:5555832351@10.0.0.5'
> Expires : 897
> q : 0.00
> Call-ID : 'e0928e42-fd7e-df78-8000-0002a400f1e9(a)10.0.0.1'
> CSeq : 3461
> replic : 0
> User-Agent: 'AddPac SIP Gateway'
> State : CS_NEW
> Flags : 0
> next : (nil)
> prev : 0x422b91a0
> ~~~/Contact~~~~
>
> As you can see the order is ascending (not descending as the modulu manual
> says). The when i try to make a call to the 555-5832351 the INVITE is
> generated just one time (as you said to me), but for the first contact, to
> the 10.0.0.1, the old IP, so there is no response and the call is not
> completed.
>
> Am i missing something?
> Thanks in advance
>
> Best Regards
> Ricardo.-
Hi All,
Is these a way to send the radius parameter
'session-timeout" to SIP clients? Is SER implemented
to make use of this?
regards,
Lakmal
Vous manquez despace pour stocker vos mails ?
Yahoo! Mail vous offre GRATUITEMENT 100 Mo !
Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/
Le nouveau Yahoo! Messenger est arrivé ! Découvrez toutes les nouveautés pour dialoguer instantanément avec vos amis. A télécharger gratuitement sur http://fr.messenger.yahoo.com
