sr-users August 2004

sr-users@lists.kamailio.org

181 participants
424 discussions

[Serusers] SER Media Proxy starting error !!!!

by Razvan Nemesiu

Hi, In installed ser 0.8.14.tar.gz with mysql and accounting support and with the media proxy module.I copied the mediaproxy files as the install file from the media proxy site guided me.The problem is that I get the following error when I try to run the media proxy: Starting SER MediaProxy server: mediaproxyTraceback (most recent call last): File "/usr/local/etc/ser/mediaproxy/mediaproxy.py", line 21, in ? from optparse import OptionParser ImportError: No module named optparse Traceback (most recent call last): File "/usr/local/etc/ser/mediaproxy/proxydispatcher.py", line 35, in ? from optparse import OptionParser ImportError: No module named optparse

20 years, 2 months

RE: [Serusers] Authorization Problems with Radius.

by Ricardo Martinez

Hi Jan. Thanks for your reply. I think i found the problem, and it was related with the parameters in the radiusclient.conf, so thanks for all the help. Now i have another question. I'm usigin RADIATOR to collect the RADIUS messages sent by SER. All the messages that i obtain are like this: Code: Access-Request Identifier: 109 Authentic: <151>h<240><131>DJf<235>e<9><178><16>.'<139><254> Attributes: User-Name = "ricardo(a)XX.XX.XX.246" Digest-Attributes = <10><9>ricardo Digest-Attributes = <1><15>XX.XX.XX.246 Digest-Attributes = <2>*4135ec97cd9b352532c886e50d3812f9e139797a Digest-Attributes = <4><19>sip:XX.XX.XX.246 Digest-Attributes = <3><10>REGISTER Digest-Attributes = <5><6>auth Digest-Attributes = <9><10>00000001 Digest-Attributes = <8><10>d40e8d74 Digest-Response = "853abb10c811a6e059394aaa1d7e63d1" Service-Type = Sip-Session Sip-Uri-User = "5552203289" NAS-IP-Address = 127.0.0.1 NAS-Port = 5060 As you can see i have only Digest-Attribute attr, is this a normal RADIUS packet from SER. Or maybe i have a dictionary mismatch or somethign else? I was expecting something like this : User-Name = "ricardo(a)XX.XX.XX.246" Digest-User-Name = <10><9>ricardo Digest-Realm = <1><15>XX.XX.XX.246 Digest-Nonce = <2>*4135ec97cd9b352532c886e50d3812f9e139797a Digest-Uri = <4><19>sip:XX.XX.XX.246 Digest-Method = <3><10>REGISTER Digest-Response = "853abb10c811a6e059394aaa1d7e63d1" Service-Type = Sip-Session Sip-Uri-User = "5552203289" NAS-IP-Address = 127.0.0.1 NAS-Port = 5060 With the Digest attributes more defined. Do i have to set up something else? I really hope that someone can help me. Thanks in advance. Ricardo > -----Mensaje original----- > De: Jan Janak [SMTP:jan@iptel.org] > Enviado el: Martes, 31 de Agosto de 2004 08:48 a.m. > Para: Ricardo Martinez > CC: 'serusers(a)lists.iptel.org' > Asunto: Re: [Serusers] Authorization Problems with Radius. > > The log error below does not say why authentication failed. I would > recommend you to use some sniffer to see if the radiusclient library > sends any packets to the server. > > Here is the list of common problems: > > 1) the hostname of the radius server is not configured > properly in radiusclient.conf (authserver) > 2) The shared secret is not configured properly, the shared secret > dictionary is by default in /usr/local/etc/radiusclient/servers > 3) The shared secret is not configured properly in the server > 4) radius server is missing SIP related attributes. > > Jan. > > On 30-08 13:30, Ricardo Martinez wrote: > > Hi. > > I'm new in SER, but i have followed all the instructions to install the > > RADIUS interaction. Now i have obtaining the nex error in the console > debug > > when a REGISTER message arrives to the SER. > > > > 7(21063) check_nonce(): comparing > > [4134bbc79ed1bc9d3f911cb33ff4c399d7cdea8c] and > > [4134bbc79ed1bc9d3f911cb33ff4c399d7cdea8c] > > 7(21063) radius_authorize_sterman(): Failure > > 7(21063) build_auth_hf(): 'WWW-Authenticate: Digest > realm="XX.XX.XX.XX", > > nonce="4134bbc79ed1bc9d3f911cb33ff4c399d7cdea8c" > > ' > > 7(21063) parse_headers: flags=-1 > > 7(21063) check_via_address(64.76.148.186, 64.76.148.186, 0) > > 7(21063) receive_msg: cleaning up > > > > Here is my ser.cfg > > > > # > > # $Id: ser.cfg,v 1.21.2.2 2003/10/13 22:53:06 jiri Exp $ > > # > > # simple quick-start config script > > # > > > > # ----------- global configuration parameters ------------------------ > > > > debug=7 # debug level (cmd line: -dddddddddd) > > fork=yes > > log_stderror=yes # (cmd line: -E) > > > > #Uncomment these lines to enter debugging mode > > #fork=no > > #log_stderror=yes > > > > > > check_via=no # (cmd. line: -v) > > dns=no # (cmd. line: -r) > > rev_dns=no # (cmd. line: -R) > > port=5060 > > children=4 > > fifo="/tmp/ser_fifo" > > > > # ------------------ module loading ---------------------------------- > > > > # Uncomment this if you want to use SQL database > > #loadmodule "/usr/local//lib/ser/modules/mysql.so" > > > > loadmodule "/usr/local//lib/ser/modules/sl.so" > > loadmodule "/usr/local//lib/ser/modules/tm.so" > > loadmodule "/usr/local//lib/ser/modules/rr.so" > > loadmodule "/usr/local//lib/ser/modules/maxfwd.so" > > loadmodule "/usr/local//lib/ser/modules/usrloc.so" > > loadmodule "/usr/local//lib/ser/modules/registrar.so" > > loadmodule "/usr/local//lib/ser/modules/textops.so" > > > > # Uncomment this if you want digest authentication > > # mysql.so must be loaded ! > > loadmodule "/usr/local/lib/ser/modules/auth.so" > > #loadmodule "/usr/local/lib/ser/modules/auth_db.so" > > > > loadmodule "/usr/local/lib/ser/modules/auth_radius.so" > > loadmodule "/usr/local/lib/ser/modules/group_radius.so" > > loadmodule "/usr/local/lib/ser/modules/acc.so" > > > > # ----------------- setting module-specific parameters --------------- > > > > # ----------------- setting module-specific parameters --------------- > > # -- rr params -- > > # add value to ;lr param to make some broken UAs happy > > modparam("rr", "enable_full_lr", 1) > > > > modparam("acc","log_level",1) > > > > > modparam("auth_radius","radius_config","/usr/local/etc/radiusclient/radius > cl > > ient.conf") > > modparam("auth_radius","service_type",15) > > > modparam("acc","radius_config","/usr/local/etc/radiusclient/radiusclient.c > on > > f") > > modparam("acc", "service_type", 15) > > modparam("acc", "radius_flag", 1) > > modparam("acc", "radius_missed_flag", 3) > > modparam("acc", "failed_transactions", 1) > > modparam("acc", "report_ack", 0) > > > > #group radius > > > modparam("group_radius","radius_config","/usr/local/etc/radiusclient/radiu > sc > > lient.conf") > > modparam("group_radius", "use_domain", 1) > > > > > > > > # ------------------------- request routing logic ------------------- > > > > # main routing logic > > > > route{ > > > > # initial sanity checks -- messages with > > # max_forwards==0, or excessively long requests > > if (!mf_process_maxfwd_header("10")) { > > sl_send_reply("483","Too Many Hops"); > > break; > > }; > > if (len_gt( max_len )) { > > sl_send_reply("513", "Message too big"); > > break; > > }; > > > > # we record-route all messages -- to make sure that > > # subsequent messages will go through our proxy; that's > > # particularly good if upstream and downstream entities > > # use different transport protocol > > if (!method=="REGISTER") record_route(); > > > > # subsequent messages withing a dialog should take the > > # path determined by record-routing > > if (loose_route()) { > > # mark routing logic in request > > append_hf("P-hint: rr-enforced\r\n"); > > route(1); > > break; > > }; > > > > if (!uri==myself) { > > # mark routing logic in request > > append_hf("P-hint: outbound\r\n"); > > route(1); > > break; > > }; > > > > # if the request is for other domain use UsrLoc > > # (in case, it does not work, use the following command > > # with proper names and addresses in it) > > if (uri==myself) { > > > > if (method=="REGISTER") { > > > > # Uncomment this if you want to use digest authentication > > if (! radius_www_authorize("")) { > > www_challenge("", "0"); > > break; > > }; > > > > save("location"); > > break; > > }; > > > > lookup("aliases"); > > if (!uri==myself) { > > append_hf("P-hint: outbound alias\r\n"); > > route(1); > > break; > > }; > > > > # native SIP destinations are handled using our USRLOC > DB > > if (!lookup("location")) { > > sl_send_reply("404", "Not Found"); > > break; > > }; > > }; > > append_hf("P-hint: usrloc applied\r\n"); > > route(1); > > } > > > > route[1] > > { > > # send it out now; use stateful forwarding as it works reliably > > # even for UDP2TCP > > if (!t_relay()) { > > sl_reply_error(); > > }; > > } > > > > > > In my radiusclient.cfg i have configured for authentication > localhost:1645. > > In my Radius Server (Radiator) i'm not see any Radius message. > > > > What is the problem? > > Hope someone can help me > > > > Thank in advance > > BEst Regards > > > > Ricardo Martinez. > > > > _______________________________________________ > > Serusers mailing list > > serusers(a)lists.iptel.org > > http://lists.iptel.org/mailman/listinfo/serusers

20 years, 2 months

[Serusers] mediaproxy chaining - relay problems

by Henry Jensen

I have two mediaproxies in a chain. At one end I have a Grandstream Budget Tone 100, at the other a Linux box with kphone. Between the two are two SER servers, both with mediaproxy. The Problem is, that approx. 50 percent of the calls are not being relayed, only one of the two streams (which means, I can speak, but did not hear anything, or the other way around). This failures are not reproducable. Sometimes, it takes up to 10 seconds for RTP-one stream to begin relaying. The logs say nothing, all seems well. Any ideas? Regards, Henry

20 years, 2 months

[Serusers] Accounting Bye Problem

by Shirley Toh

Hi all, Please help. My version is ser_rel_0.8.12. I am tracking the PSTN calls into the acc database. I am encountering one problem. If the calle first hang-up I am unable to have the BYE message in my database, but if the caller hang-up first is okie. Please advice what can be the problem is it the acc module problem Regards, shirley

20 years, 2 months

[Serusers] one to many aliases and voicemail

by Jev

Hi all, Having an alias map to a single uri is fine, and if the target uri has voicemail enabled that is fine. What happens if I have a alias that goes one to many, and some of the target uris have voicemail enabled? When someone calls a particular alias, I don't want ser to redirect to sems at all. How can I achieve this? Is it possible to detect if a invite has the result of an alias (probably by using hints in the sip msg?), and if so can I detect how many targets a alias maps to? In basic terms, if alias_targets is > 1, then do not redirect to voicemail. Thanks! -Jev

20 years, 2 months

[Serusers] Authorization Problems with Radius.

by Ricardo Martinez

Hi. I'm new in SER, but i have followed all the instructions to install the RADIUS interaction. Now i have obtaining the nex error in the console debug when a REGISTER message arrives to the SER. 7(21063) check_nonce(): comparing [4134bbc79ed1bc9d3f911cb33ff4c399d7cdea8c] and [4134bbc79ed1bc9d3f911cb33ff4c399d7cdea8c] 7(21063) radius_authorize_sterman(): Failure 7(21063) build_auth_hf(): 'WWW-Authenticate: Digest realm="XX.XX.XX.XX", nonce="4134bbc79ed1bc9d3f911cb33ff4c399d7cdea8c" ' 7(21063) parse_headers: flags=-1 7(21063) check_via_address(64.76.148.186, 64.76.148.186, 0) 7(21063) receive_msg: cleaning up Here is my ser.cfg # # $Id: ser.cfg,v 1.21.2.2 2003/10/13 22:53:06 jiri Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=7 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E) #Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database #loadmodule "/usr/local//lib/ser/modules/mysql.so" loadmodule "/usr/local//lib/ser/modules/sl.so" loadmodule "/usr/local//lib/ser/modules/tm.so" loadmodule "/usr/local//lib/ser/modules/rr.so" loadmodule "/usr/local//lib/ser/modules/maxfwd.so" loadmodule "/usr/local//lib/ser/modules/usrloc.so" loadmodule "/usr/local//lib/ser/modules/registrar.so" loadmodule "/usr/local//lib/ser/modules/textops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" #loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/auth_radius.so" loadmodule "/usr/local/lib/ser/modules/group_radius.so" loadmodule "/usr/local/lib/ser/modules/acc.so" # ----------------- setting module-specific parameters --------------- # ----------------- setting module-specific parameters --------------- # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) modparam("acc","log_level",1) modparam("auth_radius","radius_config","/usr/local/etc/radiusclient/radiuscl ient.conf") modparam("auth_radius","service_type",15) modparam("acc","radius_config","/usr/local/etc/radiusclient/radiusclient.con f") modparam("acc", "service_type", 15) modparam("acc", "radius_flag", 1) modparam("acc", "radius_missed_flag", 3) modparam("acc", "failed_transactions", 1) modparam("acc", "report_ack", 0) #group radius modparam("group_radius","radius_config","/usr/local/etc/radiusclient/radiusc lient.conf") modparam("group_radius", "use_domain", 1) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (len_gt( max_len )) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (! radius_www_authorize("")) { www_challenge("", "0"); break; }; save("location"); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; } In my radiusclient.cfg i have configured for authentication localhost:1645. In my Radius Server (Radiator) i'm not see any Radius message. What is the problem? Hope someone can help me Thank in advance BEst Regards Ricardo Martinez.

20 years, 2 months

[Serusers] Is serweb running with MySQL 3.23?

by Pali Majernik

Hi, Is serweb running with MySQL 3.23 or do I need MySQL 4.0? Pali

20 years, 2 months

[Serusers] ser with asterisk

by ser die

hello friends, can any body tell how astresik can be used with ser as a siph323 gateway. i feel a bit confused of the settings of astersik with regards serdiehard _______________________________ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush

20 years, 2 months

[Serusers] using mediaproxy / nathelper depending on client and URI

by Adrian Georgescu

Arne, you can employ some heuristic checks but is not possible to know beforehand if a called party having multiple phones will answer with a phone behind NAT or outside NAT just to give you an example of situation when these checks will fail. Adrian >>>>>>>>>> Hello all, I have done some test with the mediaproxy module. My config is based upon the sample code supplied with mediaproxy. This code sends all calls through the mediaproxy independent of if the user is NATed. I have made some changed to the ser.cfg by adding some client_nat_test options on INVITE. This works OK when the originating user is behind NAT -> mediaproxy is used. But if the originating user is public and calls a user behind NAT -> audio problem. I have searched the web + lists on how I can test if the uri is behind a NAT en thus use mediaproxy / Nathelper. I have also looked at config files for nathelper but it seems to have the same limitations. How should the ser.cfg be changed to enable mediaproxy / nathelper use based on URI ? Any ideas are welcome. thanks, Arne.

20 years, 2 months

[Serusers] More serweb login questions

by Steve Blair

I recently reinstalled serweb from cvs onto my ser 0.8.12 system. I think I have addressed all the parameter changes yet neither the admin nor user login works. When entering a valid username and password and pressing enter the login screen is redisplayed. The domain name is correct in config.php. The httpd log shows: 162.123.40.32 - - [30/Aug/2004:09:20:26 -0400] "GET /img/butons/b_login.gif HTTP/1.1" 404 318 "http://voicesrvr.upenn.edu/admin/index.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031030" 162.123.40.32- - [30/Aug/2004:09:20:54 -0400] "GET /user HTTP/1.1" 301 348 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031030" 162.123.40.32 - - [30/Aug/2004:09:20:54 -0400] "GET /user/ HTTP/1.1" 200 2557 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031030" 162.123.40.32 - - [30/Aug/2004:09:20:54 -0400] "GET /styles/iptel_styles.css HTTP/1.1" 404 319 "http://voicesrvr.upenn.edu/user/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031030" 162.123.40.32 - - [30/Aug/2004:09:20:54 -0400] "GET /img/butons/b_login.gif HTTP/1.1" 404 318 "http://voicesrvr.upenn.edu/user/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031030" Any suggestions on what else to look for? Thanks,Steve -- ISC Network Engineering The University of Pennsylvania 3401 Walnut Street, Suite 221A Philadelphia, PA 19104 voice: 215-573-8396 215-746-7903 fax: 215-898-9348 sip:blairs@upenn.edu

20 years, 2 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users August 2004