sr-users December 2005

sr-users@lists.kamailio.org

158 participants
312 discussions

by unplug

I am using openser with mysql as db. There is a tool call openserctl to manage the data in the openser. I wonder whether I can direct manipulate the db directly without using openserctl. I have tried to insert a record in the aliases table directly using mysql client but it doesn't work. Can I conclude direct manipulate the DB is impossible?

18 years, 10 months

[Users] deactivate an account

by unplug

Hi , Does anyone know how can I deactivate an account? Does openser already implement that function to deactivate an account, how?

18 years, 10 months

Re: [Users] RE: [Serusers] Re: [Serdev] Inaccurate Radius Accounting

by 'Jan Janak'

Hello, Attached is a patch that implements "swap_direction" parameter of acc module. If you turn the parameter on in the configuration file: modparam("acc", "swap_direction", 1) then the acc module will swap Calling-Station-ID and Called-Station-ID values when necessary (in this case BYE comming from the callee). Put the patch in top level source directory (ser-0.9.x) and type: patch -p0 < swap.patch The patch should work with any 0.9.x release. Note that Alan DeKok is wrong in thinking that this is a bug in SER. This particular problem is a result of incomplete specification of RADIUS use with SIP. I will commit the patch in CVS so it will be included in future SER releases. Jan. On 23-12-2005 17:10, Lenir wrote: > Please read the reply below from one of the maintainers of freeradius: > > "Lenir" <lenirsantiago(a)yahoo.com> wrote: > > But if UserB hangs up on UserA: SER generates a stop-record where the > > Calling-Station-Id is UserB and the Called-Station-Id is UserA, this > > is the undesired and incorrect behavior. > > It would appear to be a bug in SER. > > > To me the Calling-Station-Id and the Called-Station-Id should be the > > same for both start and stop records, am I right by thinking that? > > Yes. > > > According to the developers of SER/OpenSER, this is the correct > > behavior, whoever sends the hangup signal (BYE or CANCEL) is > > considered the Calling-Station-Id, and they are unwilling to modify or > > create a patch to "fix" this. > > What they do for something inside of SER is their business. When they > generate RADIUS packets, they should follow RADIUS standards and > interoperability. The expectation, as you said, is that the > Calling/Called-Station-Id doesn't change during a session. If it does, it's > a bug and they should fix it. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > > -----Original Message----- > From: 'Jan Janak' [mailto:jan@iptel.org] > Sent: Thursday, November 17, 2005 10:33 AM > To: Lenir > Cc: 'Klaus Darilion'; serdev(a)iptel.org; serusers(a)iptel.org; > devel(a)openser.org; users(a)openser.org > Subject: Re: [Users] RE: [Serusers] Re: [Serdev] Inaccurate Radius > Accounting > > On 17-11-2005 10:21, Lenir wrote: > > In this case the radius proxy wont work, because you never can anticipate > > who hangs up the call, thus radius wont know who hung up the > call...Besides > > all other voice applications/hardware (SIP and H323) that use radius do > not > > behave like that, the Called-Station-ID ALWAYS remains the same, as with > the > > Calling-Station-ID. > > Could you name those SIP applications that behave the way you describe ? > > Jan. >

18 years, 10 months

[Users] Dealing with reinvites

by Matt Schulte

All, We have had a new issue arise within openser, basically we connect to a SIP carrier that uses Asterisk as a proxy. Naturally, this carrier is hellbent on offloading the RTP traffic, thus the reinvites. My issue is that they appear to be sending the second invite "too fast", before the initial RTP even gets a chance to establish. This was working just fine before, and I believe they changed something. Anyway, they're refusing to help with this issue, so now I must "fix" it on my end. OpenSER is in-part, the problem.. See below: (Sorry if formatting is off, dump from tethereal ..) 0.000000 204.13.233.13 -> 206.80.70.47 SIP/SDP Request: INVITE sip:8886963856@206.80.70.47, with session description 0.001752 206.80.70.47 -> 204.13.233.13 SIP Status: 100 trying -- your call is important to us 0.002723 206.80.70.47 -> 206.80.70.54 SIP/SDP Request: INVITE sip:+1314xxxxxxx@sip.stl.netlogic.net, with session description 0.010327 206.80.70.54 -> 206.80.70.47 SIP Status: 100 Trying 0.292175 206.80.70.54 -> 206.80.70.47 SIP Status: 180 Ringing 0.292692 206.80.70.47 -> 204.13.233.13 SIP Status: 180 Ringing 2.016246 206.80.70.54 -> 206.80.70.47 SIP/SDP Status: 200 OK, with session description 2.016893 206.80.70.47 -> 204.13.233.13 SIP/SDP Status: 200 OK, with session description 2.050871 204.13.233.13 -> 206.80.70.47 SIP Request: ACK sip:+1314xxxxxxx@206.80.70.54 2.051233 204.13.233.13 -> 206.80.70.47 SIP/SDP Request: INVITE sip:+1314xxxxxxx@206.80.70.54 2.051827 206.80.70.47 -> 204.13.233.13 SIP Status: 100 trying --<<KABOOM>>-- 2.051956 206.80.70.47 -> 206.80.70.54 SIP/SDP Request: INVITE sip:+1314xxxxxxx@206.80.70.54, 2.052112 206.80.70.47 -> 206.80.70.54 SIP Request: ACK sip:+13142664000@206.80.70.54 2.053028 206.80.70.54 -> 206.80.70.47 SIP/SDP Status: 200 OK, with session description 2.053336 206.80.70.54 -> 206.80.70.47 SIP Status: 503 Server error Where you see "kaboom", is the problem. If you notice, the time between the first ACK and second INVITE is about 1ms .. While this shouldn't be a problem, you'll notice when the ACK/INVITES are getting statefully forwarded, they're getting sent out of order. The end point is an Asterisk machine, thus the 503 error. Carrier_Ast --> OpenSER --> Netlogic_Ast I am using loose_route to forward, just like everyone else, they are even hitting loose_route in the correct order.. Thoughts? Suggestions? This seems like something internal to OpenSER, I have tried butchering the config to force the ACK out first and it just created more problems. Thanks! Matt S

18 years, 10 months

[Users] handling of command line parameters

by Klaus Darilion

Hi! Is this observation correct? 1. If an option is defined in the openser.cfg file, this definition will be used. 2. In an option is not defined in the openser.cfg file, the default value will be used, except the option is defined via a command line parameter. regards klaus

18 years, 10 months

[Users] invite timers

by Mike Williams

I've run into an interesting issue with invite timers: when a user makes an outbound call, to say, a PSTN gateway, it would be best if the OpenSER fr_invite_timer was set very high. However, this timer controls how long I want the call to ring for before timing out and sending users to my local voicemail server.I would like the timer to be set lower for this. Has anyone come up with a creative way around this? Am I missing something obvious? All help is appreciated. ---Mike

18 years, 10 months

[Users] help: anonymous call

by unplug

Below is the anonymous call invite method compared with the normal call. In the from header, there is missing username. How can I add an anonymous username (i.e. <sip:anonymous@203.193.46.4>) in the from header if the call is from anonymous? Invite method from Anonymous call ---------------------------------------------- U 203.193.46.4:54169 -> 203.193.46.6:5060 INVITE sip:36428473@203.193.46.6:5060 SIP/2.0. Via: SIP/2.0/UDP 203.193.46.4:5060. From: <sip:203.193.46.4>;tag=1924AB7C-EE5. <----------------------------- missing username To: <sip:36428473@203.193.46.6>. Date: Wed, 28 Dec 2005 09:22:19 GMT. Invite method from normal call ---------------------------------------------- U 203.193.46.4:50197 -> 203.193.46.6:5060 INVITE sip:36428473@203.193.46.6:5060 SIP/2.0. Via: SIP/2.0/UDP 203.193.46.4:5060. From: <sip:34263634@203.193.46.4>;tag=978CF54-291. To: <sip:36428473@203.193.46.6>. Date: Fri, 23 Dec 2005 06:29:08 GMT.

18 years, 10 months

[Users] Media Proxy

by Fernando Rodriguez

Is there any manual on how to setup multiple mediaproxy instances in one machine ?? For different network cards and different lans?? Thanks Fernando Rodriguez V. frod(a)aitelecom.net AITelecom S.A. de C.V. http://www.aitelecom.net

18 years, 10 months

[Users] Disabling rtpproxy or mediaproxy when both SIP UA are behind same NAT

by Rafael Risco GV

18 years, 10 months

[Users] Disabling rtpproxy or mediaproxy when both SIP UA are behind same NAT

by Rafael Risco GV

Hi I think I am very close to solve this issue, based on suggestions of Tavis and Klaus for openser in: http://openser.org/dokuwiki/doku.php?id=how_to_set_up_nathelper_rtpproxy_wh… I´ve been able to disable rtpproxy in this cases but I have a problem with accounting, if the callee hungup first appears an error and no cdr for BYE is generated until caller hungup the call, bellow the errors and config. thanks for any help rafael 4(22193) BYE - STOP ACCOUNTING 4(22193) DEBUG: add_param: tag=3658302912 4(22193) grep_sock_info - checking if host==us: 13==13 && [192.168.1.205] == [10.0.2.130] 4(22193) grep_sock_info - checking if port 5060 matches port 5060 4(22193) grep_sock_info - checking if host==us: 13==9 && [192.168.1.205] == [127.0.0.1] 4(22193) grep_sock_info - checking if port 5060 matches port 5060 4(22193) check_self: host != me 4(22193) grep_sock_info - checking if host==us: 13==13 && [10.0.2.130] == [10.0.2.130] 4(22193) grep_sock_info - checking if port 5060 matches port 5060 4(22193) check_via_address(10.0.1.25, 192.168.1.100, 0) 4(22193) ERROR: udp_send: sendto(sock,0x4051e800,588,0,0x4051f2ac,16): Operation not permitted(1) 4(22193) msg_send: ERROR: udp_send failed 4(22193) ERROR:tm:t_forward_nonack: sending request failed 4(22193) DEBUG: add_to_tail_of_timer[4]: 0x4051f2cc 4(22193) DEBUG: add_to_tail_of_timer[0]: 0x4051f2dc 4(22193) ERROR:tm:t_relay_to: t_forward_nonack returned error 4(22193) parse_headers: flags=ffffffffffffffff 4(22193) check_via_address(10.0.1.25, 192.168.1.100, 0) 4(22193) WARNING:vqm_resize: resize(0) called . . . # ----------- global configuration parameters ------------------------ #/* Uncomment these lines to enter debugging mode debug=6 fork=yes log_stderror=yes #*/ listen=10.0.2.130 listen=127.0.0.1 port=5060 # hostname matching an alias will satisfy the condition uri==myself". alias=mydomain.com.pe alias=10.0.2.130 alias=127.0.0.1 check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) children=4 fifo="/tmp/openser_fifo" fifo_mode=0666 # Fifo permissions can be changes from here. # sip_warning - Should replies include extensive warnings? # By default yes, it is good for trouble-shooting. sip_warning=yes # ------------------ module loading ---------------------------------- loadmodule "/usr/local/lib/openser/modules/domain.so" loadmodule "/usr/local/lib/openser/modules/avpops.so" loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/group.so" loadmodule "/usr/local/lib/openser/modules/uri.so" loadmodule "/usr/local/lib/openser/modules/uri_db.so" loadmodule "/usr/local/lib/openser/modules/acc.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/xlog.so" # digest authentication loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" # !! Nathelper loadmodule "/usr/local/lib/openser/modules/nathelper.so" # ----------------- setting module-specific parameters --------------- modparam("usrloc", "db_mode", 2) # minimize write back window - default is 60 seconds modparam("usrloc", "timer_interval", 10) # database location modparam("usrloc", "db_url", "mysql://admin:heslo@localhost/openser") modparam("usrloc", "use_domain", 1) modparam("auth_db", "use_domain", 1) modparam("domain", "db_mode", 1) modparam("domain", "domain_table", "domain") modparam("domain", "domain_col", "domain") # ------------- Mysql Accounting parameters modparam("acc", "log_flag", 1) modparam("acc", "log_level", 2) modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 3) modparam("acc", "log_missed_flag", 3) modparam("acc", "db_url", "mysql://admin:heslo@localhost/openser") modparam("acc", "report_ack", 0) modparam("acc", "log_fmt", "miocfsputdr") modparam("tm", "fr_timer", 20 ) modparam("tm", "fr_inv_timer", 40 ) # Timer which hits if no final reply for an INVITE modparam("tm", "wt_timer", 20 ) # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) modparam("group", "db_url", "mysql://seradmin:heslo@localhost/openser") modparam("uri_db", "db_url", "mysql://seradmin:heslo@localhost/openser") # ------------- registration parameters modparam("registrar", "nat_flag", 6) modparam("registrar", "min_expires", 60) modparam("registrar", "max_expires", 86400) modparam("registrar", "default_expires", 3600) modparam("registrar", "desc_time_order", 1) modparam("registrar", "append_branches", 1) modparam("registrar", "use_domain", 1) # !! Nathelper # modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # -------------------------- request routing logic -------------------------- route { log(1, "-------------------------------------------\n"); log(1, "entering main loop\n"); # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); return; }; if ( msg:len >= max_len ) { sl_send_reply("513", "Message too big"); return; }; # set flag for Radius Accounting: if (!method=="OPTIONS") setflag(3); if (method=="INVITE") { log(1, "INVITE MESSAGE RECEIVED - START ACC\n"); setflag(1); /* set for accounting (the same value as in log_flag!) */ }; if (method=="BYE") { log (1, "BYE - STOP ACCOUNTING\n"); setflag(1); }; if (method=="CANCEL") { log (1, "CANCEL - STOP ACCOUNTING\n"); setflag(1); }; # ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- # record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); if (method=="BYE" || method=="CANCEL") { unforce_rtp_proxy(); }; # ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route() && (!src_ip==10.0.2.130 && !src_port==5070)) { if (has_totag() && (method=="INVITE" || method=="ACK")) { if (nat_uac_test("19")) { setflag(7); force_rport(); fix_nated_contact(); }; force_rtp_proxy("l"); }; route(2); return; }; # ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (!uri==myself && (!src_ip==10.0.2.130 && !src_port==5070)) { route(1); return; }; if (method=="CANCEL") { route(2); return; }; if (method == "REGISTER") { if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) { setflag(6); fix_nated_register(); force_rport(); }; sl_send_reply("100", "Trying"); log(1, "ANALYZING REGISTER REQUEST\n"); # ... to use digest authentication if (is_user_in("Request-URI", "desactivado")) { sl_send_reply("402", "Su cuenta fue desactivada por falta de pago"); return; }; if (!www_authorize("", "subscriber")) { log(1," ----- Fails to Register \n"); www_challenge("", "0"); return; }; # only signed users are allowed if (!check_to()) { log(1, "LOG: Hijack!!!--> unsigned user registration attempt\n"); sl_send_reply("403", "hijack attempt!!!! Only signed users are allowed"); return; }; consume_credentials(); log(1," Registered!!! \n"); if (!save("location")) { sl_reply_error(); }; return; }; # INVITE ? First check the source of the call #******************************************** # If the call comes from the gateways, no authentication is required. if (method == "INVITE" && (src_ip==10.0.2.145 || src_ip==10.0.2.132|| src_ip== 10.0.2.131)) { log(1,"Call from pstn|*, no authentication is required. \n"); # If the call comes from B2BUA, no authentication is required. # The first leg of the call has already been authenticated. } else if (src_ip==10.0.2.130 && src_port==5070) { log(1,"Call from B2BUA, no authentication is required. \n"); } else { log(1, "ANALYZING INVITE REQUESTs\n"); if (method == "INVITE" && !src_ip==10.0.2.130 && !src_port==5070){ if (!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); return; } else { if (!check_from()) { sl_send_reply("403", "Only registered users are allowed"); log(1," ----> Only registered users are allowed \n"); return; }; consume_credentials(); if (nat_uac_test("19")) { setflag(7); }; }; # Not all the users are PREPAID, so we check the database # to see if the call will be routed through B2BUA. # If every call is to be routed through B2BUA the "is_user_in" # conditional is not required. # Do not use b2bua for local calls (660++++) if (is_user_in("From", "prepaidb") && uri=~"^sip:00") { log(1," ----> Usuario PREPAGO!!! enviando a b2bua... \n"); rewritehostport("10.0.2.130:5070"); t_relay_to_udp("10.0.2.130", "5070"); return; }; }; }; # End of if (method == "INVITE" |... /* *********** Dial out to Local and PSTN logic ********* */ if(uri=~"^sip:00"){ log(1,"00N match - Larga Distancia Internacional \n"); if (!is_user_in("from", "ldix")) { log(1,"No permission for international calls \n"); sl_send_reply("403", "No permission for international calls"); acc_db_request("403 Forbidden", "missed_calls"); return; }; rewritehostport("10.0.2.131:5070"); strip(2); route(1); return; }; /* ******************************************************************** */ lookup("aliases"); if (uri!=myself) { route(1); return; }; # does the user wish redirection on no availability? (i.e., is he # in the voicemail group?) -- determine it now and store it in # flag 4, before we rewrite the flag using UsrLoc if (is_user_in("Request-URI", "voicemail")) { log(1, "requested user is in voicemail group \n"); setflag(4); }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { log(1,"unable to locate user X ... sending to route(4)! \n"); # handle user which was not found route(4); return; }; ### Check if UAS are behind the same NAT system: ### if (isflagset(6) && isflagset(7)){ log(2, "Both Clients are behind NAT"); # Store the destination domain into an AVP avp_printf("i:450", "$dd"); if (avp_check("i:450", "eq/$src_ip/g")){ log(3, "Detected Two Clients Behind the Same NAT - Disabling Mediaproxy"); # Do not use media-proxy as the clients seem to be behind the same NAT resetflag(6); resetflag(7); route(2); return; }; }; route(1); # if user is on-line and is in Voicemail group, enable redirection if (method == "INVITE" && isflagset(4)) { log(1, "invite for voicemail user->initiate failureroute[1]\n"); t_on_failure("1"); }; } ### ##### ####### ########## ########### ############### ################# ##################### route[1] { # if client or server know to be behind a NAT, enable relay if (isflagset(6) || isflagset(7)) { force_rport(); fix_nated_contact(); force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { if (method=="INVITE" && (isflagset(6) || isflagset(7))) { unforce_rtp_proxy(); }; sl_reply_error(); }; log(1, "Route[1]: Send it out now!!!\n"); } # !! Nathelper onreply_route[1] { # NATed transaction ? # Not all 2xx messages have a content body so here we # make sure our Content-Length > 0 to avoid a parse error if ((isflagset(6) || isflagset(7)) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); if (!search("^Content-Length:\ 0")) { force_rtp_proxy(); log(1, "onreply_route1: force rtp proxy!!!\n"); }; # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; } # -------------- Default Message Handler --------------------- route[2]{ # ---------------------------------------------------- # Default Message Handler # ---------------------------------------------------- t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" && isflagset(7)) { unforce_rtp_proxy(); }; sl_reply_error(); }; } # --------------- Handling of Unavailable user ---------------- route[4] { # non-Voip -- just send "off-line" if (!(method=="INVITE" || method=="ACK" || method=="CANCEL" || method=="BYE" || method=="OPTIONS")) { sl_send_reply("404", "Not Found"); acc_db_request("404 Not Found", "missed_calls"); log(1, "acc 404 Not Found 1 \n"); return; }; # not voicemail subscriber if (!isflagset(4) && !method=="OPTIONS" && !method=="ACK" && !method=="BYE") { sl_send_reply("404", "Not Found and no voicemail turned on !! "); acc_db_request("404 Not Found", "missed_calls"); log(1, " acc 404 Not Found and no voicemail \n"); return; }; # forward to voicemail adding prefix to simplify asterisk " extension.conf" :: # exten => _vmXXXXXXX,1,SetLanguage(es) # exten => _vmXXXXXXX,2,Voicemail(u${EXTEN:2}) # exten => _vmXXXXXXX,3,Hangup prefix("vm"); acc_db_request("404 Not Found -> Vm", "missed_calls"); rewritehostport("10.0.2.131:5070"); t_relay_to_udp("10.0.2.131", "5070"); } # If forwarding downstream did not succeed, try voicemail running at Asterisk failure_route[1]{ if (t_check_status("408")){ # revert_uri (); back to the original URI, makes me loose all lookup/rewrite stuff prefix("vm"); rewritehostport ("10.0.2.131:5070"); acc_db_request("408 Timeout -> Vm", "missed_calls"); append_branch(); t_relay(); return; } else if (t_check_status("486")){ # revert_uri (); back to the original URI, makes me loose all lookup/rewrite stuff prefix("vm"); rewritehostport ("10.0.2.131:5070"); acc_db_request("486 Busy -> Vm", "missed_calls"); append_branch(); t_relay(); return; } }

18 years, 10 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users December 2005