sr-users February 2005

sr-users@lists.kamailio.org

215 participants
467 discussions

Re: [Serusers] Why is it empty at my MYSQL's location table?

by Cesc Santasusana

Try changing usrloc::db_mode to 1 ... write-through. modparam("usrloc", "db_mode", 1) For the domain thing ... change use_domain to 1. Cesc >>> Charles Wang <lazy.charles(a)gmail.com> 02/17/05 10:00AM >>> Dear ALL: I add a user such as "serctl add 1011 1011 aaa(a)sip.xxx.net" (format: serctl add userid passwd email) It will insert one record to my MYSQL's "subscriber" table. But I can not find any information in my another table "aliases". Because when I wanna look the missed calls from serweb, it always UNION two tables missed_calls and aliases. So, I think, it should be some records at this aliases table. I add records to aliases table manually with command: "serctl alias add 1011 aaa(a)sip.xxx.net" but the field "domain" is still empty. So I login to mysql and "update aliases set domain='sip.xxx.net'; " I finally see the missed calls information. unclassified It is not a good idea to create a user with such more steps(add user, add alias, change domain). Is it my false in my ser.cfg or my config.php at serweb? There is no record at my MYSQL's location table. How can I make it not empty via correct cfg setting? My ser.cfg is as below: # # $Id: ser.cfg,v 1.25 2004/11/30 16:28:24 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=8 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode fork=no log_stderror=yes */ listen=xxx.xxx.xxx.xxx alias=ser.xxx.net alias=ser alias=xxx.xxx.xxx.xxx check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo_mode=0666 fifo="/tmp/ser_fifo" fifo_db_url="mysql://ser:heslo@localhost/ser" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" # !! Nathelper loadmodule "/usr/local/lib/ser/modules/nathelper.so" loadmodule "/usr/local/lib/ser/modules/exec.so" loadmodule "/usr/local/lib/ser/modules/avpops.so" loadmodule "/usr/local/lib/ser/modules/domain.so" loadmodule "/usr/local/lib/ser/modules/group.so" loadmodule "/usr/local/lib/ser/modules/uri.so" loadmodule "/usr/local/lib/ser/modules/uri_db.so" loadmodule "/usr/local/lib/ser/modules/permissions.so" loadmodule "/usr/local/lib/ser/modules/speeddial.so" loadmodule "/usr/local/lib/ser/modules/acc.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # -- nathelper params -- modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # -- db_url params -- modparam("acc|auth_db|domain|group|permissions|speeddial|uri_db|usrloc", "db_url", "mysql://ser:heslo@localhost/ser") # -- use_domain params -- modparam("auth_db|group|registrar|speeddial|uri_db|usrloc", "use_domain", 0) # -- permissions params -- modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") # -- accounting params -- modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 1) modparam("acc", "log_fmt", "cdfimorstup") modparam("acc", "log_level", 1) modparam("acc", "failed_transactions", 1) modparam("acc", "report_cancels", 1) modparam("acc", "report_ack", 0) # -- avp params -- modparam("avpops", "avp_url", "mysql://ser:heslo@localhost/ser") modparam("avpops", "avp_table", "usr_preferences") #modparam("avpops", "use_domain", "1") modparam("avpops", "uuid_column", "uuid") modparam("avpops", "username_column", "username") modparam("avpops", "domain_column", "domain") modparam("avpops", "attribute_column", "attribute") modparam("avpops", "value_column", "value") modparam("avpops", "type_column", "type") modparam("avpops", "avp_aliases", "voicemail=i:500;calltype=i:700;fwd_no_answer_type=i:701;fwd_busy_type=i:702") # To use more than one tables example #modparam("avpops", "db_scheme", "scheme1:table=subscriber;uuid_column=uuid;value_column=first_name") # -- tm params -- modparam("tm", "fr_timer", 15) modparam("tm", "fr_inv_timer", 22) modparam("tm", "wt_timer", 5) modparam("tm", "fr_inv_timer_avp", "inv_timeout") # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; if (method=="INVITE" || method=="BYE") { setflag(1); }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("SER: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("ser.xxx.net", "subscriber")) { www_challenge("ser.xxx.net", "0"); break; }; save("location"); break; }; if (method=="INVITE" && uri =~ "^sip:0[0-9]*@") { append_hf("P-hint: PSTN\r\n"); rewritehostport("xxx.xxx.xxx.xxx:5060"); #t_relay_to_udp("xxx.xxx.xxx.xxx","5060"); #t_relay_to_tcp("xxx.xxx.xxx.xxx","5060"); log(1, "SER: matched ^sip:[^0][0-9]*@ - process in route(1)\n"); route(1); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; } _______________________________________________ Serusers mailing list serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

19 years, 9 months

[Serusers] Why is it empty at my MYSQL's location table?

by Charles Wang

Dear ALL: I add a user such as "serctl add 1011 1011 aaa(a)sip.xxx.net" (format: serctl add userid passwd email) It will insert one record to my MYSQL's "subscriber" table. But I can not find any information in my another table "aliases". Because when I wanna look the missed calls from serweb, it always UNION two tables missed_calls and aliases. So, I think, it should be some records at this aliases table. I add records to aliases table manually with command: "serctl alias add 1011 aaa(a)sip.xxx.net" but the field "domain" is still empty. So I login to mysql and "update aliases set domain='sip.xxx.net'; " I finally see the missed calls information. It is not a good idea to create a user with such more steps(add user, add alias, change domain). Is it my false in my ser.cfg or my config.php at serweb? There is no record at my MYSQL's location table. How can I make it not empty via correct cfg setting? My ser.cfg is as below: # # $Id: ser.cfg,v 1.25 2004/11/30 16:28:24 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=8 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode fork=no log_stderror=yes */ listen=xxx.xxx.xxx.xxx alias=ser.xxx.net alias=ser alias=xxx.xxx.xxx.xxx check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo_mode=0666 fifo="/tmp/ser_fifo" fifo_db_url="mysql://ser:heslo@localhost/ser" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" # !! Nathelper loadmodule "/usr/local/lib/ser/modules/nathelper.so" loadmodule "/usr/local/lib/ser/modules/exec.so" loadmodule "/usr/local/lib/ser/modules/avpops.so" loadmodule "/usr/local/lib/ser/modules/domain.so" loadmodule "/usr/local/lib/ser/modules/group.so" loadmodule "/usr/local/lib/ser/modules/uri.so" loadmodule "/usr/local/lib/ser/modules/uri_db.so" loadmodule "/usr/local/lib/ser/modules/permissions.so" loadmodule "/usr/local/lib/ser/modules/speeddial.so" loadmodule "/usr/local/lib/ser/modules/acc.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # -- nathelper params -- modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # -- db_url params -- modparam("acc|auth_db|domain|group|permissions|speeddial|uri_db|usrloc", "db_url", "mysql://ser:heslo@localhost/ser") # -- use_domain params -- modparam("auth_db|group|registrar|speeddial|uri_db|usrloc", "use_domain", 0) # -- permissions params -- modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") # -- accounting params -- modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 1) modparam("acc", "log_fmt", "cdfimorstup") modparam("acc", "log_level", 1) modparam("acc", "failed_transactions", 1) modparam("acc", "report_cancels", 1) modparam("acc", "report_ack", 0) # -- avp params -- modparam("avpops", "avp_url", "mysql://ser:heslo@localhost/ser") modparam("avpops", "avp_table", "usr_preferences") #modparam("avpops", "use_domain", "1") modparam("avpops", "uuid_column", "uuid") modparam("avpops", "username_column", "username") modparam("avpops", "domain_column", "domain") modparam("avpops", "attribute_column", "attribute") modparam("avpops", "value_column", "value") modparam("avpops", "type_column", "type") modparam("avpops", "avp_aliases", "voicemail=i:500;calltype=i:700;fwd_no_answer_type=i:701;fwd_busy_type=i:702") # To use more than one tables example #modparam("avpops", "db_scheme", "scheme1:table=subscriber;uuid_column=uuid;value_column=first_name") # -- tm params -- modparam("tm", "fr_timer", 15) modparam("tm", "fr_inv_timer", 22) modparam("tm", "wt_timer", 5) modparam("tm", "fr_inv_timer_avp", "inv_timeout") # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; if (method=="INVITE" || method=="BYE") { setflag(1); }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("SER: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("ser.xxx.net", "subscriber")) { www_challenge("ser.xxx.net", "0"); break; }; save("location"); break; }; if (method=="INVITE" && uri =~ "^sip:0[0-9]*@") { append_hf("P-hint: PSTN\r\n"); rewritehostport("xxx.xxx.xxx.xxx:5060"); #t_relay_to_udp("xxx.xxx.xxx.xxx","5060"); #t_relay_to_tcp("xxx.xxx.xxx.xxx","5060"); log(1, "SER: matched ^sip:[^0][0-9]*@ - process in route(1)\n"); route(1); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; }

19 years, 9 months

[Serusers] avp_radius module

by Martin Koenig

Hello, is it possible to add more than one response for one user in the radius users database? Will the module process this correctly? Is there a list of all known AVPs available somewhere? Regards, Martin Koenig

19 years, 9 months

[Serusers] nathelper patch

by support

Hi, I have found the following message from the mailing list. I also saw your question on RFC compliance and the Sonus equipment: In order to make Grandstream phones register properly when using STUN behind symmetric NAT, I had to patch nathelper with the rport != port of received address check. (I use 0.8.14 and I guess you already have the patch with the development version). The reason is that Grandstream attempts to rewrite the address using STUN even though it correctly detects a symmetric NAT. I have seen that this was introduced in a new firmware not long ago (release notes). This pussles me as sources I have seen claims this to beinvalid behavior (which seems correct to me). It seems that I am facing the same problem now. Is there any solution to us? Where could I download the nathelper patch as described above? Thank you. Best Regards, Thomas

19 years, 9 months

[Serusers] mediaproxy/rtpproxy

by Nhadie

Hi All, Can anyone help me or kindly send me a sample part of configuration wherein I will automatically use mediaproxy/rtpproxy for calls coming from a NATted UA, going to either PSTN or a local extension on my SIP server, without setting the outbound proxy on the UA's. Just like a transparent proxy in squid(sorry if i compared it to squid). TIA Regards, Nhadie

19 years, 9 months

[Serusers] Question abount avpops's avp_db_load()

by Charles Wang

Dear ALL: I have defined these lines at my ser.cfg. modparam("avpops", "avp_url", "mysql://ser:heslo@localhost/ser") modparam("avpops", "avp_table", "usr_preferences") modparam("avpops", "uuid_column", "uuid") modparam("avpops", "username_column", "username") modparam("avpops", "domain_column", "domain") modparam("avpops", "attribute_column", "attribute") modparam("avpops", "value_column", "value") modparam("avpops", "type_column", "type") modparam("avpops", "avp_aliases", "voicemail=i:500;calltype=i:700;fwd_no_answer_type=i:701;fwd_busy_type=i:702") Q1: But I don't know what it mean about 700 or 701. Is it a numeric ID of one UA? And I have refered to http://www.voice-system.ro/docs/avpops And find many examples in it. But I still can't understand what it mean about avp_db_load(). my avp table is named as "usr_preferences" and it is empty before I use avpops modules. Q2: Is it should have some initilized records in it? Otherwise, what will be loaded with avp_db_load()? For this web page said: avp_db_load("$ruri/domain","i:/domain_preferences"); - loads all AVPs with ID from 'domain_preferences' table for domain from RURI Q3: Is "$ruri" the caller user's URI? and the "domain" is the same? Is "domain_preferences" table name? Is it equal to my "usr_preferences"? Or it is just a virtual table in memory? Thank you for your answer my stupid questions. Charles

19 years, 9 months

[Serusers] STUN, rtpproxy problem

by support

Please ignore my previous email. Here is the correct one. Thank you. ----- Original Message ----- From: support To: serusers(a)lists.iptel.org Sent: Thursday, February 17, 2005 11:59 AM Subject: STUN, rtpproxy problem Hi, I am running ser-0.8.14 with rtpproxy and nathelper. I have also enabled STUN on the same server. My SIP UA supports STUN, but my PSTN gateway does not. If I don't enable STUN on SIP UA, I can route the call to PSTN gateway successfully using rtpproxy. If I enable STUN on SIP UA, I cannot route the call out to PSTN gateway. On ringing sound is heard on callie, but no voice passing through. I use t_relay_to_udp to forward the call to PSTN gateway. It seems that if STUN is supported on SIP UA, the call cannot be routed to PSTN gateway. Hope someone could fix this problem. Best wishes, Thomas My ser.cfg is as follows: # # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=3 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=no # (cmd line: -E) check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) listen="" port=5060 #children=4 fifo_mode=0666 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" # Nathelper loadmodule "/usr/local/lib/ser/modules/nathelper.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # -- Nathelper params -- modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # Nathelper if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("", "subscriber")) { www_challenge("", "0"); break; }; save("location"); break; }; if (uri=~"^sip:866*") { log(1, "going to PSTN route\n"); route(2); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); break; }; } route[2] { force_rtp_proxy(); t_on_reply("1"); t_relay_to_udp("T1 gateway IP","T1 Gateway UDP port"); } # !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); # Not all 2xx messages have a content body so here we make sure # out Content-Length > 0 to avoid a parse error if (!search("^Content-Length:\0")) { force_rtp_proxy(); }; # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; }

19 years, 9 months

[Serusers] STUN, rtpproxy problem

by support

Hi, I am running ser-0.8.14 with rtpproxy and nathelper. I have also enabled STUN on the same server. My SIP UA supports STUN, but my PSTN gateway does not. If I don't enable STUN on SIP UA, I can route the call to PSTN gateway successfully using rtpproxy. If I enable STUN on SIP UA, I cannot route the call out to PSTN gateway. On ringing sound is heard on callie, but no voice passing through. I use t_relay_to_udp to forward the call to PSTN gateway. It seems that if STUN is supported on SIP UA, the call cannot be routed to PSTN gateway. Hope someone could fix this problem. Best wishes, Thomas My ser.cfg is as follows: # ----------- global configuration parameters ------------------------ debug=7 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E) /* Uncomment these lines to enter debugging mode fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database #loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/textops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! #loadmodule "/usr/lib/ser/modules/auth.so" #loadmodule "/usr/lib/ser/modules/auth_db.so" # !! Nathelper loadmodule "/usr/lib/ser/modules/nathelper.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s #modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received #if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; #}; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication # if (!www_authorize("iptel.org", "subscriber")) { # www_challenge("iptel.org", "0"); # break; # }; save("location"); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && ! search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; } # !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else { fix_nated_contact(); }; }

19 years, 9 months

Re: Re: [Serusers] mediaproxy/rtpproxy

by Nhadie

Hi Sir, Thank you for your reply. I was able to run ser using the configuration below. How would I know Sir that it's forcing it to use rtpproxy, I was able to make test calls, but using also the SIP sevrer as the NAT gateway (I don't have that much equipment to test with :( ) So I think voice will really go through on each since the SIP server is just a hop away from the UA's. Also i'd like to force only rtpproxy when only making calls to local extensions, not going to PSTN. I tried adding this location was save: if (uri=~"^(sip:)[1-9]...@nhadzter\.com) { route(1); break; }; But I can't make any calls, and when I do ngrep on port 5060, I can see only INVITE's coming from the caller. It seems that it can't find the CALLEE or the CALLE doesn't respond. I'd really appreciate any help you can give me. Thank you so much. ===================================================== loadmodule "/usr/local/lib/ser/modules/nathelper.so" # We will you flag 6 to mark NATed contacts modparam("registrar", "nat_flag", 6) # Enable NAT pinging modparam("nathelper", "natping_interval", 60) # Ping only contacts that are known to be # behind NAT modparam("nathelper", "ping_nated_only", 1) ): # special handling for NATed clients; first, nat test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding used); also, # the received test should, if complete, should check all # vias for presence of received if (nat_uac_test("3")) { # allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart smart enough to be symmetric. In some phones, like # it takes a configuration option. With Cisco 7960, it is # called NAT_Enable=Yes, with kphone it is called # "symmetric media" and "symmetric signaling". (The latter # not part of public released yet.) fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; # # Forcing media relay if necessary # route[1] { if (uri=~"[@:](192\.168\.|10\.|172\.16)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; if (isflagset(6)) { force_rtp_proxy(); t_on_reply("1"); append_hf("P-Behind-NAT: Yes\r\n"); }; if (!t_relay()) { sl_reply_error(); break; }; } onreply_route[1] { if (status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); }; }

19 years, 9 months

[Serusers] Logging of Destination Set

by Martin Koenig

Hello, is it possible to log to syslog the current destination set (according to loose_route() or append_branch() etc.)? With best regards, Martin

19 years, 9 months

← Newer
1
...
20
21
22
23
24
25
26
...
47
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users February 2005