Hi,
I know how you authenticate when you've only got a single domain;
if (!www_authorize("sip.mydomain.com", "subscriber")) {
www_challenge("sip.mydomain.com", "0");
break;
};
but how would you handle the authentication when you have multiple domains?
Regards,
Alan
-------------------------------------------------------------------------------------------------------
This email, and any files transmitted with it, is copyright and may contain confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the views of Telco Electronics Limited.
Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
Hello List,
I finally got video with kphone working (it uses a video conferencing tool called VIC). I have documented the way to get it working. Available at -
http://dhirajbhuyan.hypermart.net/vic/vic.html
Dhiraj Bhuyan
Network Security Specialist,
BT Exact Business Assurance Solutions
Tel: +44 1473 643932
Mob: +44 7962 012145
Email: dhiraj.2.bhuyan(a)bt.com
Hello all. How does one set up SER to actually proxy a call, and not just
have the two end points communicate. I am trying to secure a POTS gateway
with a SER proxy. Any help would be appreciated.
B. J.
Hi folks!
I'm completely confused about configure SER with nathelp (rtpproxy or
SERMediaProxy) to allow my sip agent (ATA186), with nat ip, to communicate with
PSTN or other sip agent, across dsl lines!
Can someone help me with this configuration, maibe a howto and/or cfg sample
files will be helpfull.
Regards.
--
|o
|o
|o Fabio Silvestri
|o fabio(a)informatec.com.br
|o ICQ: 1667351
|o
Hello,
When i try to compile ser (from cvs stable branch) with radius modules i
have this error.
ERROR: module modules/auth_radius/auth_radius.so not compiled
ERROR: module modules/group_radius/group_radius.so not compiled
ERROR: module modules/uri_radius/uri_radius.so not compiled
make[1]: Entering directory `/root/sip_router/modules/auth_radius'
gcc -fPIC -DPIC -g -O9 -funroll-loops -Wcast-align -Wall -minline-all-str
ingops -malign-double -falign-loops -mcpu=athlon -DNAME='"ser"' -DVERSI
ON='"0.8.12-tcp_nonb"' -DARCH='"i386"' -DOS='"linux"' -DCOMPILER='"gcc
3.2"' -D__CPU_i386 -D__OS_linux -DCFG_DIR='"/usr/local/etc/ser/"' -DPKG_MALL
OC -DSHM_MEM -DSHM_MMAP -DDNS_IP_HACK -DUSE_IPV6 -DUSE_TCP -DDISABLE_NAGLE
-DF_MALLOC -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_G
ETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_SCHED_YIELD -DHAVE_MSG_NOSIGNAL -DHA
VE_MSGHDR_MSG_CONTROL -c authrad_mod.c -o authrad_mod.o
authrad_mod.c: In function `mod_init':
authrad_mod.c:113: warning: passing arg 1 of `rc_conf_str' from incompatible
pointer type
authrad_mod.c:113: too few arguments to function `rc_conf_str'
authrad_mod.c:113: warning: passing arg 1 of `rc_read_dictionary' from
incompatible pointer type
authrad_mod.c:113: too few arguments to function `rc_read_dictionary'
make[1]: *** [authrad_mod.o] Error 1
make[1]: Entering directory `/root/sip_router/modules/group_radius'
gcc -fPIC -DPIC -g -O9 -funroll-loops -Wcast-align -Wall -minline-all-str
ingops -malign-double -falign-loops -mcpu=athlon -DNAME='"ser"' -DVERSI
ON='"0.8.12-tcp_nonb"' -DARCH='"i386"' -DOS='"linux"' -DCOMPILER='"gcc
3.2"' -D__CPU_i386 -D__OS_linux -DCFG_DIR='"/usr/local/etc/ser/"' -DPKG_MALL
OC -DSHM_MEM -DSHM_MMAP -DDNS_IP_HACK -DUSE_IPV6 -DUSE_TCP -DDISABLE_NAGLE
-DF_MALLOC -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_G
ETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_SCHED_YIELD -DHAVE_MSG_NOSIGNAL -DHA
VE_MSGHDR_MSG_CONTROL -c group.c -o group.o
group.c: In function `radius_is_user_in':
group.c:194: warning: passing arg 1 of `rc_avpair_add' from incompatible
pointer type
group.c:194: warning: passing arg 2 of `rc_avpair_add' makes pointer from
integer without a cast
group.c:194: warning: passing arg 3 of `rc_avpair_add' makes integer from
pointer without a cast
group.c:194: warning: passing arg 4 of `rc_avpair_add' makes pointer from
integer without a cast
group.c:194: too few arguments to function `rc_avpair_add'
group.c:203: warning: passing arg 1 of `rc_avpair_add' from incompatible
pointer type
group.c:203: warning: passing arg 2 of `rc_avpair_add' makes pointer from
integer without a cast
group.c:203: warning: passing arg 3 of `rc_avpair_add' makes integer from
pointer without a cast
group.c:203: warning: passing arg 4 of `rc_avpair_add' makes pointer from
integer without a cast
group.c:203: too few arguments to function `rc_avpair_add'
group.c:209: warning: passing arg 1 of `rc_avpair_add' from incompatible
pointer type
group.c:209: warning: passing arg 2 of `rc_avpair_add' makes pointer from
integer without a cast
group.c:209: warning: passing arg 3 of `rc_avpair_add' makes integer from
pointer without a cast
group.c:209: too few arguments to function `rc_avpair_add'
group.c:215: warning: passing arg 2 of `rc_auth' makes integer from pointer
without a cast
group.c:215: warning: passing arg 3 of `rc_auth' from incompatible pointer
type
group.c:215: warning: passing arg 4 of `rc_auth' from incompatible pointer
type
group.c:215: too few arguments to function `rc_auth'
make[1]: *** [group.o] Error 1
make[1]: Entering directory `/root/sip_router/modules/uri_radius'
gcc -fPIC -DPIC -g -O9 -funroll-loops -Wcast-align -Wall -minline-all-str
ingops -malign-double -falign-loops -mcpu=athlon -DNAME='"ser"' -DVERSI
ON='"0.8.12-tcp_nonb"' -DARCH='"i386"' -DOS='"linux"' -DCOMPILER='"gcc
3.2"' -D__CPU_i386 -D__OS_linux -DCFG_DIR='"/usr/local/etc/ser/"' -DPKG_MALL
OC -DSHM_MEM -DSHM_MMAP -DDNS_IP_HACK -DUSE_IPV6 -DUSE_TCP -DDISABLE_NAGLE
-DF_MALLOC -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_G
ETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_SCHED_YIELD -DHAVE_MSG_NOSIGNAL -DHA
VE_MSGHDR_MSG_CONTROL -c checks.c -o
checks.o
checks.c: In function `radius_does_uri_exist':
checks.c:77: warning: passing arg 1 of `rc_avpair_add' from incompatible
pointer type
checks.c:77: warning: passing arg 2 of `rc_avpair_add' makes pointer from
integer without a cast
checks.c:77: warning: passing arg 3 of `rc_avpair_add' makes integer from
pointer without a cast
checks.c:77: too few arguments to function `rc_avpair_add'
checks.c:85: warning: passing arg 1 of `rc_avpair_add' from incompatible
pointer type
checks.c:85: warning: passing arg 2 of `rc_avpair_add' makes pointer from
integer without a cast
checks.c:85: warning: passing arg 3 of `rc_avpair_add' makes integer from
pointer without a cast
checks.c:85: too few arguments to function `rc_avpair_add'
checks.c:92: warning: passing arg 2 of `rc_auth' makes integer from pointer
without a cast
checks.c:92: warning: passing arg 3 of `rc_auth' from incompatible pointer
type
checks.c:92: warning: passing arg 4 of `rc_auth' from incompatible pointer
type
checks.c:92: too few arguments to function `rc_auth'
Hey All,
Please forgive me for my naiveté ..
How do I download the latest rtpproxy from CVS?
We've been having rtp issues and are using the latest nathelper, but the rtp proxy build is from last august-october. I'm assuming that is the reason for our RTP problems. :) I've seen a few posts to the mailing list stating that the latest CVS of rtpproxy is required for the new nathelper functions (on the CVS release of SER). However, I'm not sure how to download the CVS version of rtpproxy
Thanks for your help!
Darren Nay - dnay(a)libertyisp.com
Hi!
There were some questions about the nathelper module recently.
So I post my running SIP configuration. I'm sure it's not perfect, and
propably not very secure, but it will show some things which are
possible with ser (nathelper+rtpproxy, voicemail, ENUM).
NOTE: This configuration does not deal with the recently release of
nathelper and rtpproxy (>=1.2).
This configuration is for the main SIP proxy with NAT traversal
(ser.cfg-main proxy (and nat traversal)) which is hosted on one machine,
and the voicemail proxy (ser.cfg-voicemail proxy) and sems (sems.conf)
on a second machine.
I use ser release rel_0_8_12 (the latest stable from cvs) and rtpproxy
1.1.1 (the old version).
I think the scripts will be useful for beginners to study some ser features.
Regards,
Klaus
PS: You're welcome to enhance the script.
#
# $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
# Uncomment these lines to enter debugging mode
/*
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
alias=obelix.ict.tuwien.ac.at pernau.widge.org
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# load the voicemail module
#loadmodule "/usr/local/lib/ser/modules/vm.so"
# load the enum module
loadmodule "/usr/local/lib/ser/modules/enum.so"
# load the group module, to verify if a user forwards to voicemail
loadmodule "/usr/local/lib/ser/modules/group.so"
# load the nathelper module
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
# -- registrar parameter
# special NAT flag indicates that a registered client is behind NAT
modparam("registrar", "nat_flag", 6)
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "db_url", "mysql://ser:XXXXXXX@localhost/ser")
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
modparam("auth_db", "db_url", "mysql://ser:XXXXXXX@localhost/ser")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- voicemail params --
#modparam("voicemail", "db_url","mysql://ser:XXXXXXX@localhost/ser")
# -- voicemail params --
modparam("group", "db_url","mysql://serro:XXXXXXXXX@localhost/ser")
# -- nathelper params --
modparam("nathelper", "natping_interval", 60)
modparam("nathelper", "ping_nated_only", 1)
modparam("tm", "fr_inv_timer", 30 )
#modparam("tm", "fr_inv_timer", 8 )
# ------------------------- request routing logic -------------------
# main routing logic
route{
log(1, "-------------------------------------------\n");
log(1, "entering main loop\n");
if (nat_uac_test("2")) {
log(1, "src address different than via header->NAT detected\n");
log(1, "force_rport and fix_nated_contact and setflag(5)\n");
#try NAT traversal, works only if the client is symmetrical
force_rport();
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for request\r\n");
# flag 5 indicates that incoming request is from NATed client
setflag(5);
};
if (method=="REGISTER")
log(1, "REGISTER message received\n");
if (method=="INVITE")
log(1, "INVITE message received\n");
if (method=="ACK")
log(1, "ACK message received\n");
if (method=="BYE")
log(1, "BYE message received\n");
if (method=="CANCEL")
log(1, "CANCEL message received\n");
if (method=="SUBSCRIBE")
log(1, "SUBSCRIBE message received\n");
if (method=="NOTIFY")
log(1, "NOTIFY message received\n");
if (method=="OPTIONS")
log(1, "OPTIONS message received\n");
if (method=="INFO")
log(1, "INFO message received\n");
if (method=="MESSAGE")
log(1, "MESSAGE message received\n");
if (method=="REFER")
log(1, "REFER message received\n");
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len > max_len) {
#if (len_gt( max_len )) {
sl_send_reply("513", "Message too big");
break;
};
# loose-route processing
if (loose_route()) {
log(1, "loose_route processing\n");
t_relay();
break;
};
# create transaction state; abort if error occured
# if ( !t_newtran()) {
# sl_reply_error();
# break;
# };
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
log(1, "analyzing REGISTER request\n");
# Uncomment this if you want to use digest authentication
# if (!www_authorize("obelix.ict.tuwien.ac.at", "subscriber")) {
# www_challenge("obelix.ict.tuwien.ac.at", "0");
# break;
# };
if (isflagset(5)) {
#register from nated client, save nat_flag=6
#in location table
setflag(6);
};
if (!save("location")) {
log(1, "save location error\n");
sl_reply_error();
};
break;
};
lookup("aliases");
# check if number beginns with 00, then convert it into a +
if (uri=~"^sip:00[0-9]*@") {
log(1, "00 International number detected\n");
# strip booth leading "0"
strip(2);
prefix("+");
};
# check if request uri begins with an internation phone number, if yes, try enum to resolve
if (uri=~"^sip:\+[0-9]*@") {
log(1, "+ International number detected\n");
if (!enum_query("voice")) {
log(1, "ENUM query failed, try enum without voice prefix\n");
if (enum_query("")) {
log(1, "ENUM without voice prefix also failed\n");
};
};
if (uri != myself) {
log(1, "ENUM lookup revealed an external address, relaying...");
route(1);
break;
};
};
#mark transaction for voicemail
if (is_user_in("Request-URI", "voicemail\n")) {
log(1, "requested user is in voicemail group");
setflag(4);
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
# handle user which was not found
log(1, "requested user not found\n");
route(4);
break;
};
};
#add failure route which should be performed if response code >=300
if (method=="INVITE" && isflagset(4)) {
log(1, "invite for voicemail user->initiate failureroute[1]\n");
t_on_failure("1");
};
# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
route(1);
}
route[1]{
log(1, "-------------------------------------------\n");
log(1, "entering route[1] - relaying SIP message\n");
if ((isflagset(5)) || (isflagset(6))) {
log(1, "at least one of the participants is NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing ->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy, set NATED-INVITE flag(7)");
force_rtp_proxy();
append_hf("P-hint: request forced to rtp proxy\r\n");
setflag(7);
};
};
log(1, "relaying message ...\n");
if (!t_relay()) {
log(1, "t_relay error occured\n");
sl_reply_error();
};
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
log(1, "-------------------------------------------\n");
log(1, "onreply_route[1] entered\n");
if (isflagset(6)) {
log(1, "transaction was sent to a NATED client -> fix nated contact\n");
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for response\r\n");
}
if ( (status=~"100") ) {
log(1, "status 100 received\n");
};
if ( (status=~"180") ) {
log(1, "status 180 received\n");
};
if ( (status=~"202") ) {
log(1, "status 202 received\n");
};
if ( (status=~"200" || status=~"183") ) {
log(1, "status 2xx or 183");
if ( isflagset(7) ) {
log(1, "marked(7) as NATED-INVITE -> force_rtp_proxy \n");
force_rtp_proxy();
append_hf("P-hint: response forced to rtp proxy\r\n");
};
};
}
route[4]{
log(1, "-------------------------------------------\n");
log(1, "entering route[4] = requested user not online\n");
# non-Voip -- just send "off-line"
if (!(method == "INVITE" || method == "ACK" || method == "CANCEL" || method == "REFER" || method == "BYE")) {
log(1, "no invite,ack,cancel,refer->return 404\n");
sl_send_reply("404", "Not Found");
break;
};
# not voicemail subscriber and no echo/conference call
if ( isflagset(4)) {
log(1, "flag(4) active\n");
};
if (uri =~ "conference") {
log(1, "conference call\n");
};
if (uri =~ "echo") {
log(1, "echo call\n");
};
if ( !( isflagset(4) || (uri =~ "conference") || (uri =~ "echo") ) ) {
log(1, "no voicemail subscriber->return 404");
sl_send_reply("404", "Not Found and no voicemail turned on");
break;
};
if ( isflagset(5) ) {
log(1, "caller is NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing ->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy");
force_rtp_proxy();
};
};
# forward to voicemail now
#rewritehostport("machtnix.ict.tuwien.ac.at:5060");
log(1, "forward to voicemail\n");
t_relay_to_udp("machtnix.ict.tuwien.ac.at", "5060");
#klaus
#forward(machtnix.ict.tuwien.ac.at, 5060)
}
failure_route[1] {
/* XX: note: unsafe if preloaded routes without username used */
log(1, "-------------------------------------------\n");
log(1, "failureroute[1] entered\");
revert_uri();
#rewritehostport("machtnix.ict.tuwien.ac.at:5060");
# append_branch();
t_relay_to_udp("machtnix.ict.tuwien.ac.at", "5060");
}
#
# $Id: ser.cfg,v 1.21 2003/06/04 13:47:36 jiri Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
#Uncomment these lines to enter debugging mode
/*
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
alias=obelix.ict.tuwien.ac.at
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
# load the voicemail module
loadmodule "/usr/local/lib/ser/modules/vm.so"
# ----------------- setting module-specific parameters ---------------
modparam("voicemail", "db_url","mysql://ser:XXXXXXX@obelix.ict.tuwien.ac.at/ser")
# ------------------------- request routing logic -------------------
# main routing logic
route{
log(1, "entering main loop\n");
if (method=="REGISTER")
log(1, "REGISTER message received\n");
if (method=="INVITE")
log(1, "INVITE message received\n");
if (method=="ACK")
log(1, "ACK message received\n");
if (method=="BYE")
log(1, "BYE message received\n");
if (method=="CANCEL")
log(1, "CANCEL message received\n");
if (method=="SUBSCRIBE")
log(1, "SUBSCRIBE message received\n");
if (method=="NOTIFY")
log(1, "NOTIFY message received\n");
if (method=="OPTIONS")
log(1, "OPTIONS message received\n");
if (method=="INFO")
log(1, "INFO message received\n");
if (method=="MESSAGE")
log(1, "MESSAGE message received\n");
if (method=="REFER")
log(1, "REFER message received\n");
# lookup("aliases");
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
# check changed from 0.8.11 to 0.8.12
# if (len_gt( max_len )) {
if (msg:len > max_len) {
sl_send_reply("513", "Message too big");
break;
};
# if (!uri==myself) {
# sl_send_reply("404", "not reponsible for host in request-uri");
# break;
# };
# Voicemail specific configuration - begin
if(method=="ACK" || method=="INVITE" || method=="BYE" || method=="REFER" || method=="CANCEL"){
log(1, "Entering voicemail processing\n");
log(1, "check if new transaction ... \n");
if(t_newtran()){
log(1, "... yes, new transaction\n");
t_reply("100","voicemail ser - Trying -- just wait a minute !");
t_reply("100","voicemail ser - Trying 2 -- just wait a minute !");
if(method=="INVITE" || method=="REFER"){
log("**************** vm start - begin ******************\n");
if( uri =~ "conference" ){
log(1, "incoming conference call\n");
if(!vm("/tmp/am_fifo","conference")){
log("could not contact conference server\n");
t_reply("500","could not contact conference server");
};
}
else if( uri =~ "echo" ){
log(1, "incoming echo call\n");
if(!vm("/tmp/am_fifo","echo")){
log("could not contact echo\n");
t_reply("500","could not contact echo");
};
}
else {
log(1, "incoming voicemail call\n");
if(!vm("/tmp/am_fifo","voicemail")){
log("could not contact voicemail\n");
t_reply("500","could not contact voicemail");
};
};
log("**************** vm start - end ******************\n");
break;
};
if(method=="BYE" || method=="CANCEL"){
log("**************** vm end/refer - begin ******************\n");
if(!vm("/tmp/am_fifo","bye")){
log("could not contact the media server\n");
t_reply("500","could not contact the media server");
};
log("**************** vm end/refer - end ********************\n");
break;
};
}
else {
log("could not create new transaction\n");
sl_send_reply("500","could not create new transaction");
};
};
# Voicemail specific configuration - end
sl_send_reply("501", "method not understood here");
log(1, "method not understood here\n");
}
# $Id: sems.conf.sample,v 1.11.2.1 2004/01/27 15:08:28 rco Exp $
#
# sems.conf.sample
#
# Sip Express Media Server (sems)
#
# sample configuration file
#
#
# whitespaces (spaces and tabs) are ignored
# comments start with a "#" and may be used inline
#
# example: option=value1, value2 # i like this option
#
##################################
# global parameters #
##################################
# optional parameter: fork={yes|no}
#
# - specifies if sems should run in daemon mode (background)
# (fork=no is the same as -E)
fork=yes
# optional parameter: stderr={yes|no}
#
# - debug mode: do not fork and log to stderr
# (stderr=yes is the same as -E)
stderr=no
# optional parameter: loglevel={0|1|2|3}
#
# - sets log level (error=0, warning=1, info=2, debug=3)
# (same as -D)
loglevel=1
# optional parameter: fifo_name=<filename>
#
# - path and file name of our fifo file (same as -i)
fifo_name=/tmp/am_fifo
# optional parameter: ser_fifo_name=<filename>
#
# - path and file name of Ser's fifo file (same as -o)
ser_fifo_name=/tmp/ser_fifo
# optional parameter: plugin_path=<path>
#
# - sets the path to the plug-ins
# - may be absolute or relative to CWD
plugin_path=/usr/local/lib/sems/plug-in/
# optional parameter: smtp_server=<hostname>
#
# - sets address of smtp server
smtp_server=localhost
# optional parameter: smtp_port=<port>
#
# - sets port of smtp server
smtp_port=25
##################################
# module specific parameters #
##################################
# sample voicemail configuration (inline)
config.voicemail=inline
# optional parameter: announce_path=<path>
#
# - sets the path where announce files are searched for
# - the file to be played is determined the following way:
# <announce_path>/<domainname>/<username>.wav
# if this file is not available <announce_path>/<default_anounce> is used
announce_path=/usr/local/lib/sems/audio/
# parameter: default_announce=<filename>
#
# - sets the name of the default announce WAV file
default_announce=default_en.wav
# parameter: max_record_time=<seconds>
#
# - maximum record time
max_record_time=30
# parameter: accept_delay=<x>
#
# - delays accepting of the call for x seconds
# - default value is 0
accept_delay=20
# end of configuration section
# for voicemail module
config.voicemail=end
# sample announcement configuration (inline)
config.announcement=inline
# optional parameter: announce_path=<path>
#
# - sets the path where announce files are searched for
announce_path=/usr/local/lib/sems/audio/
# parameter: default_announce=<filename>
#
# - sets the name of the default announce WAV file
default_announce=default_en.wav
# end of configuration section for announcement module
config.announcement=end
# sample isdngw module configuration (external file)
# config.isdngw=/etc/isdngw.conf
# sample ivr module configuration (inline)
config.ivr=inline
#parameter: python_script_path=<full path>
python_script_path=/etc/ivr
#parameter: python_script_file=<filename>
python_script_file=example.py
# end of configuration section for ivr module
config.ivr=end
# sample conference configuration (inline)
config.conference=inline
# parameter: default_announce=<filename>
#
# - sets the full pathed name of the default announce WAV file.
# Will be played to lonely users.
default_announce=/usr/local/lib/sems/audio/first_participant.wav
# end of configuration section for conference module
config.conference=end
# example configuration for number reader
config.number_reader=inline
number_path=/usr/local/lib/sems/audio/
prolog_file=welcome_to_number_reader.wav
epilog_file=thanks_calling_number_reader.wav
# end of number_reader configuration
config.number_reader=end
# add more module configurations here (inline or external):
#
# config.mymodule=<filename>
# or
# config.mymodule=inline
# ...
# config.mymodule=end
Hello.
I'm newbie to this list, as well as to SER. I'm testing SER with nathelper
module and rtpproxy (portaone RTP proxy), and I can't get to make it work.
The version I'm using is that from the CVS (latest), because I tried with
v.0.8.12 and didn't get satisfactory results.
rtpproxy is started this way:
rtpproxy -2f -l 192.168.20.15
My config file is the one that comes with the files, with the appropiate changes:
debug=3 # debug level (cmd line: -dddddddddd)
#fork=no
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
listen=192.168.20.15
alias=mydomain.com
alias=192.168.0.15
alias=192.168.20.15
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/textops.so"
loadmodule "/usr/lib/ser/modules/nathelper.so"
modparam("usrloc", "db_mode", 0)
modparam("rr", "enable_full_lr", 1)
modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# !! Nathelper
# Special handling for NATed clients; first, NAT test is
# executed: it looks for via!=received and RFC1918 addresses
# in Contact (may fail if line-folding is used); also,
# the received test should, if completed, should check all
# vias for rpesence of received
if (nat_uac_test("3")) {
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (method == "REGISTER" || ! search("^Record-Route:")) {
log("LOG: Someone trying to register from private IP,
rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and majority is
# smart enough to be symmetric. In some phones it takes a
configuration
# option. With Cisco 7960, it is called NAT_Enable=Yes, with
kphone it is
# called "symmetric media" and "symmetric signalling".
fix_nated_contact(); # Rewrite contact with source IP of
signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
};
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
# if (!www_authorize("iptel.org", "subscriber")) {
# www_challenge("iptel.org", "0");
# break;
# };
save("location");
break;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
break;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# !! Nathelper
#if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" &&
!search("^Route:")){
# sl_send_reply("479", "We don't forward to private IP addresses");
# break;
#};
# if client or server know to be behind a NAT, enable relay
if (isflagset(6)) {
force_rtp_proxy();
};
# NAT processing of replies; apply to all transactions (for example,
# re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
These are the logs I get at /var/log/messages:
sistemas2 ser: WARNING: fix_socket_list: could not rev. resolve 192.168.20.15
sistemas2 ser: WARNING: fix_socket_list: could not rev. resolve 192.168.20.15
sistemas2 ser: Listening on
sistemas2 ser: udp: 192.168.20.15 [192.168.20.15]:5060
sistemas2 ser: tcp: 192.168.20.15 [192.168.20.15]:5060
sistemas2 ser: Aliases:
sistemas2 ser: *: 192.168.20.15:*
sistemas2 ser: *: 192.168.0.15:*
sistemas2 ser: *: mydomain.com:*
sistemas2 ser:
sistemas2 ser: Listening on
sistemas2 ser: udp: 192.168.20.15 [192.168.20.15]:5060
sistemas2 ser: tcp: 192.168.20.15 [192.168.20.15]:5060
sistemas2 ser: Aliases:
sistemas2 ser: *: 192.168.20.15:*
sistemas2 /usr/sbin/ser[25761]: ERROR: send_rtpp_command: can't read reply from
a RTP proxy
sistemas2 ser: *: 192.168.0.15:*
sistemas2 /usr/sbin/ser[25761]: WARNING: nathelper: can't get version of the RTP
proxy
sistemas2 ser: *: mydomain.com:*
sistemas2 /usr/sbin/ser[25761]: WARNING: nathelper: support for RTP proxyhas
been disabled
sistemas2 ser:
sistemas2 /usr/sbin/ser[25761]: INFO: udp_init: SO_RCVBUF is initially 65535
sistemas2 ser: Listening on
sistemas2 /usr/sbin/ser[25761]: INFO: udp_init: SO_RCVBUF is finally 131070
sistemas2 ser: udp: 192.168.20.15 [192.168.20.15]:5060
sistemas2 /usr/sbin/ser[25762]: NOTICE:init_avp_child: no avp_db_url specified
-> feature disabled
sistemas2 /usr/sbin/ser[25763]: NOTICE:init_avp_child: no avp_db_url specified
-> feature disabled
sistemas2 /usr/sbin/ser[25764]: NOTICE:init_avp_child: no avp_db_url specified
-> feature disabled
sistemas2 /usr/sbin/ser[25765]: NOTICE:init_avp_child: no avp_db_url specified
-> feature disabled
sistemas2 /usr/sbin/ser[25766]: INFO: fifo process starting: 25766
sistemas2 ser: tcp: 192.168.20.15 [192.168.20.15]:5060
sistemas2 /usr/sbin/ser[25766]: SER: open_uac_fifo: fifo server up at
/tmp/ser_fifo...
sistemas2 ser: Aliases:
sistemas2 /usr/sbin/ser[25766]: WARNING: no fifo_db_url given - fifo DB commands
disabled!
sistemas2 ser: *: 192.168.20.15:*
sistemas2 ser: *: 192.168.0.15:*
sistemas2 ser: *: mydomain.com:*
sistemas2 ser:
sistemas2 ser: ser startup succeeded
sistemas2 /usr/sbin/ser[25764]: ERROR: force_rtp_proxy2: support for RTP proxy
is disabled
sistemas2 /usr/sbin/ser[25762]: ERROR: force_rtp_proxy2: support for RTP proxy
is disabled
sistemas2 /usr/sbin/ser[25762]: ERROR: on_reply processing failed
What's wrong? I can't seem to find my mistake!
Thanks in advance.
Eduard San Anselmo
Folks,
One of our clients asks us if we can set up ENUM
client for him, so that his customers are able to
call users in big free and commercial VoIP SIP
networks.
He claims that at least some of them already have
ENUM zones delegated to them and operating.
Can somebody shed some light on current state
of ENUM and whether or not it is feasible to use
it now.
Thanks!
-Maxim
Hello
I know that there have been a lot of messages about nathelper module
these weeks, but I'm a bit confused.
I have ser 0.8.12 downloaded from ftp server.
I have downloaded rtpproxy and nathelper from CVS.
I've compiled nathelper and copied it to lib/modules directory and
rtpproxy is running OK.
SER starts as usual but SER shows this errors when trying to process INVITE:
12(5500) parse_headers: flags=-1
12(5500) DEBUG:check_content_type: type <application/sdp> found valid
12(5500) DEBUG:extract_body:=|v=0
o=usuario 0 0 IN IP4 212.166.192.134
s=-
c=IN IP4 212.166.192.134
t=0 0
m=video 22222 RTP/AVP 20 26 31
a=recvonly
m=audio 22224 RTP/AVP 0 3 4 5 6 8 15 18
|
12(5500) ERROR: extract_mediaip: no `c=' in SDP
12(5500) ERROR: extract_mediaport: can't parse `m=' in SDP
12(5500) ERROR: force_rtp_proxy2: can't extract media port from the message
If I have understand, I'll need to download SER 0.8.12 from cvs. Is
there any other solution?
Thank you very much.
----- Mensaje Original -----
De: Vitaly Nikolaev <vitaly(a)cifnet.com>
Fecha: Lunes, Febrero 16, 2004 8:18 pm
Asunto: Re: [Serusers] nat module
> Hi
>
> What version of SER you have ? Where did u get it ? if 0.8.12 from
> ftpserver then remove it and download from CVS (0.8.12 only). There
> is a
> mess in nathelper on ftp vesrions.
>
>
> Ur sencond mail:
> You can not just get lates module from CVS and compile it with older
> (stable) release... usually.
>
> On Mon, 2004-02-16 at 01:20, Shirley Toh wrote:
> > Hi,
> >
> > I am trying the commands of the nat module in my ser.cfg but I
> have problem
> > with modparam("nathelper", "ping_nated_only", 1) and the
> nat_uac_test. Plese
> > advise.
> >
> > Regards,
> > Shirley
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers(a)lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
> >
>
> _______________________________________________
> Serusers mailing list
> serusers(a)lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
