sr-users December 2004

sr-users@lists.kamailio.org

184 participants
400 discussions

by proson cheng

Happy new year everyone!! first of all, I'd like to thank those who answered my questions last time. now I've got a question with Portaone RTP prozy (which recommended in the voip-info.org web site. I downloaded the tar ball and compile the source code. I executed the command ./rtpproxy and saw it running by "ps" it. Now when I typed "ser -E" on my console, I've got the following errors. [root@localhost ser]# ser -E 0(6085) WARNING: could not rev. resolve 192.168.1.101 Listening on 127.0.0.1 [127.0.0.1]:5060 192.168.1.101 [192.168.1.101]:5060 Aliases: localhost:5060 localhost.localdomain:5060 stateless - initializing Maxfwd module- initializing 0(6087) mod_init(): Database connection opened successfuly exec - initializing print - initializing textops - initializing 0(0) INFO: udp_init: SO_RCVBUF is initially 65535 0(0) INFO: udp_init: SO_RCVBUF is finally 131070 0(0) INFO: udp_init: SO_RCVBUF is initially 65535 0(0) INFO: udp_init: SO_RCVBUF is finally 131070 [root@localhost ser]# 1(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 1(0) WARNING: rtpp_test: can't get version of the RTP proxy 1(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 2(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 2(0) WARNING: rtpp_test: can't get version of the RTP proxy 2(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 3(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 3(0) WARNING: rtpp_test: can't get version of the RTP proxy 3(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 4(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 4(0) WARNING: rtpp_test: can't get version of the RTP proxy 4(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 5(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 5(0) WARNING: rtpp_test: can't get version of the RTP proxy 5(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 6(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 6(0) WARNING: rtpp_test: can't get version of the RTP proxy 6(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 7(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 7(0) WARNING: rtpp_test: can't get version of the RTP proxy 7(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 8(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 8(0) WARNING: rtpp_test: can't get version of the RTP proxy 8(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 9(0) INFO: fifo process starting: 6130 9(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 9(0) WARNING: rtpp_test: can't get version of the RTP proxy 9(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 10(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 10(0) WARNING: rtpp_test: can't get version of the RTP proxy 10(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 11(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 11(0) WARNING: rtpp_test: can't get version of the RTP proxy 11(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 9(6130) SER: open_uac_fifo: fifo server up at /tmp/ser_fifo... 12(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 12(0) WARNING: rtpp_test: can't get version of the RTP proxy 12(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 13(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 13(0) WARNING: rtpp_test: can't get version of the RTP proxy 13(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 14(0) ERROR: send_rtpp_command: can't read reply from a RTP proxy 14(0) WARNING: rtpp_test: can't get version of the RTP proxy 14(0) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 0(6087) ERROR: send_rtpp_command: can't read reply from a RTP proxy 0(6087) WARNING: rtpp_test: can't get version of the RTP proxy 0(6087) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily 15(6161) ERROR: send_rtpp_command: can't read reply from a RTP proxy 15(6161) WARNING: rtpp_test: can't get version of the RTP proxy 15(6161) WARNING: rtpp_test: support for RTP proxyhas been disabled temporarily That was asked back to December 8 but there seemed no answer to that question. Thus can please anyone help? thanks Proson

19 years, 10 months

RE: [Serusers] Ser, Cisco and NAT

by Matt Schulte

I've never used a 5300 but if I had a guess it would be that the 5300 doesn't realize that the RTP is NAT'd (and should send to a proxy). In other words it may not be sending to your rtpproxy correctly if at all? Do a debug on all devices, ensure the RTP ports match up. Does rtpproxy report any errors such as no payload? You can do an 'rtpproxy -f' to run it at command line. Looking at your config you have a lot of stuff being done before you relay to the 5300, not to mention you have 'forward' under your t_relay..?? Have you tried just sending to route(1) ?? That's where all your 'if natted' statements should be. That way on_reply gets caught correctly as well. ie: if ( uri=~"^sip:9[0-9]*@5300_IP" ) { log(1, "SER22: matched - forward to GW\n"); rewritehostport ("5300_IP:5060"); route(1) break; }; -----Original Message----- From: Victor Chan [mailto:vchan67@hotmail.com] Sent: Wednesday, December 29, 2004 8:11 PM To: serusers(a)lists.iptel.org Subject: [Serusers] Ser, Cisco and NAT I have some problem about Cisco and NAT device. I have SER and rtpproxy running on a server. Call is made from a SIP endpoint device to Cisco 5300 gateway via SER. But voice can't hear at my SIP device. I try point to point call without going to Cisco gateway, both side can hear. Please give advise to solve it. Thanks a lot. The following is my ser.cfg # # $Id: nathelper.cfg,v 1.1.2.1 2003/11/24 14:47:18 janakj Exp $ # # simple quick-start config script including nathelper support # This default script includes nathelper support. To make it work # you will also have to install Maxim's RTP proxy. The proxy is enforced # if one of the parties is behind a NAT. # # If you have an endpoing in the public internet which is known to # support symmetric RTP (Cisco PSTN gateway or voicemail, for example), # then you don't have to force RTP proxy. If you don't want to enforce # RTP proxy for some destinations than simply use t_relay() instead of # route(1) # # Sections marked with !! Nathelper contain modifications for nathelper # # NOTE !! This config is EXPERIMENTAL ! # # ----------- global configuration parameters ------------------------ debug= 7 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=no # (cmd line: -E) # Uncomment these lines to enter debugging mode #fork=no log_stderror=yes check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database #loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! #loadmodule "/usr/local/lib/ser/modules/auth.so" #loadmodule "/usr/local/lib/ser/modules/auth_db.so" # !! Nathelper loadmodule "/usr/local/lib/ser/modules/nathelper.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request log(1, "loose_route processing\n"); append_hf("P-hint: rr-enforced\r\n"); t_relay(); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { save("location"); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; if ( uri=~"^sip:9[0-9]*@5300_IP" ) { log(1, "SER22: matched - forward to GW\n"); fix_nated_sdp("2"); force_rtp_proxy("5300_IP"); rewritehostport ("5300_IP:5060"); t_relay_to_udp("5300_IP","5060"); forward(5300_IP, 5060); break; }; if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if(!t_relay()) { sl_reply_error(); }; } # !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; } _________________________________________________________________ 「碧咸嫂」點樣學外語? http://go.msnserver.com/HK/46164.asp _______________________________________________ Serusers mailing list serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

19 years, 10 months

[Serusers] I install ser server but i can not login

by Zhaomin

I am a newcome ,I install a SER server ,it's working well [root@a sbin]# ser -dddd Listening on 127.0.0.1 [127.0.0.1]:5060 221.202.129.165 [221.202.129.165]:5060 Aliases: a.jzmv.com:5060 localhost:5060 tail -f /var/log/messages Dec 31 09:14:17 a ser[16586]: mod_init(): Database connection opened successfuly Dec 31 09:14:17 a ser[16586]: INFO: udp_init: SO_RCVBUF is initially 65535 Dec 31 09:14:17 a ser[16586]: INFO: udp_init: SO_RCVBUF is finally 262142 Dec 31 09:14:17 a ser[16586]: ERROR: tcp_init: bind(6, 0x80d8320, 16) on 127.0.0.1: Address already in use Dec 31 09:14:17 a ser[16586]: INFO: signal 15 received #serctl add zhaomin zm9898 zhaomin(a)jzmv.com OK but I used the sipphone by the user name zhaomin login .it tell me login is failt.my ser.cfg is blow: debug=7 fork=yes log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- modparam("usrloc", "db_mode", 2) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("jzmv.com", "subscriber")) { www_challenge("jzmv.com", "0"); break; }; save("location"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); }; } Where is my failt ? anyones can help me ? Thanks ZhaoMin

19 years, 10 months

[Serusers] serctl + authentication failures (update)

by Gurol Akman

recently i had reported 2 problems. while waiting to hear from the list, i ran some experiments as follows: first, i switched from ser-0.9.0 to ser-0.8.14. i then re-initialized the ser database. afterwards, i was able to do a 'serctl add ..." successfuly. also, i'm now able to authenticate my registration requests. so both problems seem be gone ;-) i'd like to understand one thing better however: how does the information in subscriber database get to be used during the authentication process? stated in other words, which fields of the subscriber table get to be used during authentication? thanks & regards - ga

19 years, 10 months

[Serusers] serctl failure + authentication

by Gurol Akman

folks i'd appreciate if i could get some pointers re: following incidences... 1. my attempts to invoke serctl to add a new subscriber fail [error: 400; check if you use aliases in SER] at all times which suggest i must be doing something wrong. 2. when i enable the authentication code block in ser.cfg, my 1st registration attempt fails with a response type of 401 (unauthorized) which contains a WWW-Authenticate header. subsequently, my ua (x-lite softphone) sends another register message which contains an Authorization header with some number of credentials. unfortunately, this 2nd attempt also results in a 401 response. are there certain things that i should do on the client/server side to get ser authentication to work? thanks for your help in advance, gurol

19 years, 10 months

[Serusers] radius acc: where are the start records?

by Bruno Lopes F. Cabral

Hi there after slashing my head with a hammer for a little bit, reading many times the SER RADIUS Howto and acc man page, I managed to get acc to log some RADIUS accounting packets (Stop records and Call Failure records) with FreeRADIUS unfortunately, I could not discover how to generate the START records, no matter what I tried!! as the Stop record doesn't have RADIUS session-time, I need the Start record so my current billing system can be used. I've searched the list archives quite a bit, and googled on [serusers] and FreeRADIUS lists but couldn't find a clue. any help would be gratelly appreciated snippets of ser.cfg [...] loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_radius.so" # acc compiled with RADIUS support loadmodule "/usr/lib/ser/modules/acc.so" loadmodule "/usr/lib/ser/modules/nathelper.so" # -- acc params -- modparam("acc", "radius_config", "/etc/radiusclient/radiusclient.conf") modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 2) #modparam("acc", "log_level", 1) #modparam("acc", "failed_transactions", 1) #modparam("acc", "report_cancels", 1) #modparam("acc", "report_ack", 1) # -- usrloc params -- modparam("usrloc", "db_mode", 0) # -- auth_radius params -- modparam("auth_radius", "radius_config", "/etc/radiusclient/radiusclient.conf") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT [...] pretty much nathelper.cfg example [...] # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { log(1,"LOG: not found\n"); setflag(2); sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; log(1, "LOG: route[1]\n"); setflag(1); # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; } onreply_route[1] { if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); # CHECK LATER: does this need to be enclosed on # if(method==BYE || method==CANCEL) ??? force_rtp_proxy(); } else if (nat_uac_test("1")) { fix_nated_contact(); }; } # EOF --- one thing that I noticed was that, depending on which side ended the call, the RADIUS Stop packet cames with that side being the calling-station-id and the peer being the called-station-id. is it supposed to be that way? Cheers !3runo P.S. in case it matters: # ser -V version: 0.8.14 (i386/linux) flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535 @(#) $Id: main.c,v 1.168.4.3 2004/06/28 15:41:21 andrei Exp $ main.c compiled on 07:13:08 Nov 17 2004 with gcc 3.3

19 years, 10 months

[Serusers] Re: SER, Cisco, NAT

by Jason Kline

Hello SER users, I need some assistance with SER and NAT. I have issues with users behind NAT that seem to get disconnected using a soft SIP phone (i.e. eyePMedia or X-Ten). I am a newbie so configurations are appreciated. Also any comments and suggestions are welcome. Thank you Jason Kline Sr. Network Engineer IDS Telcom, LLC Ph. 305-612-4325 Fax: 305-612-3224 jkline(a)idstelcom.com http://www.idstelcom.com <http://www.idstelcom.com/>

19 years, 10 months

[Serusers] 404 Not Found when Register

by Diego M. Vadell

Hello, First of all excuse my newbieness. I have just installed SER in a public IP. I read Dan Austin's howto, and understood that I would be able to register using the default configuration file. I installed and configured kphone with these values: Full Name: Diego M. Vadell User part of SIP URL: dvadell Host part of SIP URL: 200.69.255.72 (the public IP of SER) Outbound proxy (optional): 200.69.255.72 but I get a 404 Not found from SER. Could anyone guide me? Im lost here. Do I need to setup mysql to register? Here are some lines of information, both from kphone and from SER. Thanks in advance, -- Diego. Kphone says: bash-2.04$ kphone Found 2 interfaces. SipClient: Listening UDP on port: 5060 SipClient: Our address: 200.126.216.62 SipRegister: Auth is '(null)' SipRegister: Proxy Auth is '(null)' SipClient: Sending: 15:54:15.756 -------------------------------- REGISTER sip:200.69.255.72 SIP/2.0 Via: SIP/2.0/UDP 200.126.216.62;branch=z9hG4bK7578380A CSeq: 107 REGISTER To: "Diego M. Vadell" <sip:dvadell@200.69.255.72> Expires: 900 From: "Diego M. Vadell" <sip:dvadell@200.69.255.72> Call-ID: 1930116421(a)200.126.216.62 Content-Length: 0 User-Agent: kphone/4.0.5 Event: registration Allow-Events: presence Contact: "Diego M. Vadell" <sip:dvadell@200.126.216.62;transport=udp>;methods="INVITE, MESSAGE, INFO, SUBSCRIBE, OPTIONS, BYE, CANCEL, NOTIFY, ACK, REFER" SipClient: Sending to '200.69.255.72:5060' SipClient: Receiving message... SipClient: Received: 15:54:15.869 --------------------------------- SIP/2.0 404 Not Found Via: SIP/2.0/UDP 200.126.216.62;branch=z9hG4bK7578380A CSeq: 107 REGISTER To: "Diego M. Vadell" <sip:dvadell@200.69.255.72>;tag=b27e1a1d33761e85846fc98f5f3a7e58.cf28 From: "Diego M. Vadell" <sip:dvadell@200.69.255.72> Call-ID: 1930116421(a)200.126.216.62 Server: Sip EXpress router (0.8.14 (i386/linux)) Content-Length: 0 Warning: 392 200.69.255.72:5060 "Noisy feedback tells: pid=14352 req_src_ip=200.126.216.62 req_src_port=5060 in_uri=sip:200.69.255.72 out_uri=sip:200.69.255.72 via_cnt==1" And SER says: 19(14352) SIP Request: 19(14352) method: <REGISTER> 19(14352) uri: <sip:200.69.255.72> 19(14352) version: <SIP/2.0> 19(14352) parse_headers: flags=1 19(14352) Found param type 232, <branch> = <z9hG4bK7578380A>; state=16 19(14352) end of header reached, state=5 19(14352) parse_headers: Via found, flags=1 19(14352) parse_headers: this is the first via 19(14352) After parse_msg... 19(14352) preparing to run routing scripts... 19(14352) DEBUG : is_maxfwd_present: searching for max_forwards header 19(14352) parse_headers: flags=128 19(14352) get_hdr_field: cseq <CSeq>: <107> <REGISTER> 19(14352) end of header reached, state=9 19(14352) DEBUG: get_hdr_field: <To> [47]; uri=[sip:dvadell@200.69.255.72] 19(14352) DEBUG: to body ["Diego M. Vadell" <sip:dvadell@200.69.255.72> ] 19(14352) DEBUG: get_hdr_body : content_length=0 19(14352) found end of header 19(14352) DEBUG: is_maxfwd_present: max_forwards header not found! 19(14352) end of header reached, state=9 19(14352) parse_headers: flags=256 19(14352) find_first_route(): No Route headers found 19(14352) loose_route(): There is no Route HF 19(14352) check_self - checking if host==us: 13==9 && [200.69.255.72] == [127.0.0.1] 19(14352) check_self - checking if port 5060 matches port 5060 19(14352) check_self - checking if host==us: 13==10 && [200.69.255.72] == [10.5.5.242] 19(14352) check_self - checking if port 5060 matches port 5060 19(14352) check_self - checking if host==us: 13==13 && [200.69.255.72] == [200.69.255.72] 19(14352) check_self - checking if port 5060 matches port 5060 19(14352) lookup(): '' Not found in usrloc 19(14352) parse_headers: flags=-1 19(14352) check_via_address(200.126.216.62, 200.126.216.62, 0) 19(14352) DEBUG:destroy_avp_list: destroing list (nil) 19(14352) receive_msg: cleaning up

19 years, 10 months

[Serusers] Digest Authentication

by Magnus Sörman (AL/EAB)

Hi, I need some help with digest authentication. When I uncomment those lines in ser.cfg, the register msg stops to work. In the trace, see below, you can see the nonce being sent in the re-register msg, but the server still responds with 401 Unauthorized. I've tried with both 0 and 1 in the www_challenge. Without the digest authentication the register works fine. Thanks in advance, //Magnus ser.cfg (ser 0.8.12 running on a Fedora box. Used for test purpose only): ==================================================== # ----------- global configuration parameters ------------------------ #debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" sip_warning=no alias="sip_server_ip" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/pa.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri == myself ) { if (method=="SUBSCRIBE") { if(t_newtran()){ handle_subscription("registrar"); break; }; }; if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("sip_server_ip", "subscriber")) { www_challenge("sip_server_ip", "1"); break; }; save("location"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); }; } Register trace: ========== REGISTER sip:sip_server_ip SIP/2.0 Via: SIP/2.0/UDP local_pc_ip:5060;rport;branch=z9hG4bK4268DFDFE5EE410C8DB113A6223C800C From: Magnus <sip:magnus@sip_server_ip>;tag=470300110 To: Magnus <sip:magnus@sip_server_ip> Contact: "Magnus" <sip:magnus@local_pc_ip:5060> Call-ID: EB7272E371C24F6C8F24DB47A53EE7CB@sip_server_ip CSeq: 6590 REGISTER Expires: 1800 Max-Forwards: 70 User-Agent: X-Lite release 1103m Content-Length: 0 SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP local_pc_ip:5060;rport=5060;branch=z9hG4bK4268DFDFE5EE410C8DB113A6223C800C From: Magnus <sip:magnus@sip_server_ip>;tag=470300110 To: Magnus <sip:magnus@sip_server_ip>;tag=b27e1a1d33761e85846fc98f5f3a7e58.0d0e Call-ID: EB7272E371C24F6C8F24DB47A53EE7CB@sip_server_ip CSeq: 6590 REGISTER WWW-Authenticate: Digest realm="sip_server_ip", nonce="41d1321431d402c1af9617eb73deccbce7e532d5", qop="auth" Server: Sip EXpress router (0.8.12 (i386/linux)) Content-Length: 0 REGISTER sip:sip_server_ip SIP/2.0 Via: SIP/2.0/UDP local_pc_ip:5060;rport;branch=z9hG4bK1813C486770C442BB51E58686A61921F From: Magnus <sip:magnus@sip_server_ip>;tag=470300110 To: Magnus <sip:magnus@sip_server_ip> Contact: "Magnus" <sip:magnus@local_pc_ip:5060> Call-ID: EB7272E371C24F6C8F24DB47A53EE7CB@sip_server_ip CSeq: 6591 REGISTER Expires: 1800 Authorization: Digest username="magnus",realm="sip_server_ip",nonce="41d1321431d402c1af9617eb73deccbce7e532d5",response="27ea80aed1b9f5086b396c8f86bcec60",uri="sip:sip_server_ip",qop=auth,cnonce="9F5BBA98D6724D909C6560E8A045A300",nc=00000006 Max-Forwards: 70 User-Agent: X-Lite release 1103m Content-Length: 0 SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP local_pc_ip:5060;rport=5060;branch=z9hG4bK1813C486770C442BB51E58686A61921F From: Magnus <sip:magnus@sip_server_ip>;tag=470300110 To: Magnus <sip:magnus@sip_server_ip>;tag=b27e1a1d33761e85846fc98f5f3a7e58.9cf2 Call-ID: EB7272E371C24F6C8F24DB47A53EE7CB@sip_server_ip CSeq: 6591 REGISTER WWW-Authenticate: Digest realm="sip_server_ip", nonce="41d1321431d402c1af9617eb73deccbce7e532d5", qop="auth" Server: Sip EXpress router (0.8.12 (i386/linux)) Content-Length: 0

19 years, 10 months

[Serusers] CDR Issues

by Adrian Georgescu

Erik, CDRTool guarantees 100% accurate accounting for call detail records generated by SIP Express Router in combination with MediaProxy regardless of the presence of BYE messages. This solution is available under commercial agreement. http://www.ag-projects.com/CDRTool.html Regards, Adrian >>>>>>>>>>>> OK, i've run into a problem with the CDR Creation. If you have 2 users who call each other, talk a while and then instead of hanging up decide to pull the plugs from their phones (or terminitate their application), no complete CDR is generated, the INVITE and ACK are logged, but since no one realy hangs up there won't be a BYE record, so no CDR end/total time and no billable time. Use the / a rtpproxy you would say, to bad it suffers from the same problem, if both partes put the call on hold and pull the plug the call keeps existing and once again an incomplete CDR. Has anyone ever suffered the same problem? And what is the most reliable way to generate CDRs? Kind regards, E. Versaevel

19 years, 10 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users December 2004