sr-users February 2005

sr-users@lists.kamailio.org

215 participants
467 discussions

by Tamas J

Hello! I used to use ser+nathelper+rtpproxy and it worked well. Unfortunately I found some buggy routers which have some SIP support but what they have is buggy (e.g. Draytek Vigor 2104 v2.3.6). They rewrite the IP in SIP message (in this version REGISTER message is not rewritten, but INVITE). While I have www/proxy_authorize and ser sends back auth. request, the phone (GS BT101) does not respond. I guess this is because it remembers for internal IP and receives public IP in message - because router rewrote it. For this I think there are 2 solutions: 1. Upgrade firmware which is many times not an option while the user may not have the knowledge to make it and this can be a real pain. 2. Use STUN, so this rewriting of router won't make any effect. While not every router is buggy, I would like to leave nathelper as is and somehow detect if the UA is behind NAT or not. Andrei suggested to use force_rport() in the main section (not just inside the NAT section), but I guess, this will mean, that every call's every RTP will pass through rtpproxy - which is not desirable. As I was looking for messages, the Call-Id also has the private IP portion, e.g.: Call-ID: 1400999426(a)192.168.24.37 My question would be: how to filter this part of sip message in ser configuration? I'm far-far not an expert to be able to do that :( I'm using 0.8.14. Thanks in advance, Tamas

19 years, 9 months

[Serusers] aliases and inbound pstn numbers conflicting

by Iqbal

Hi I am assigning traditional pstn numbers to sip accounts using aliases. i.e 0207xyz might point to iqbal(a)sip.gigo.co.uk problem with this method, is that when serweb is used to register a new account, it looks for the last number in aliases and adds one, so a normal sip account now has an alias like 0207865473 Is there a better way of doing this, I was thiking of putting inbound pstn numbers into another table instead, and then doing a lookup to it from ser.cfg, or is there a way of getting serweb to ignore certain numbers with certain flags set. tks Iqbal

19 years, 9 months

[Serusers] ul_add flags expected...solved...well temp fix :-)

by Iqbal

Hi I am running SER version: ser 0.10.99-dev0 (i386/linux), possibly not the wisest thing to do, but hey ho. Anyhow had a few problems in getting serweb to link up, well most of it worked, except the confirmation link which is sent out. when I clicked it, it came up with 400 ul_add : flag expected. The confirmation link basically takes the details which have been sitting in ur "pending" table and shoves them into subscriber, and then looks up the last alias [problem here ...see below] and increments it, creating a new alias and then writes that into the "aliases" table, and then delates the pending from the "pending" table. However it seems as if the ul_add command line expects a flags field to be entered also, when using serctl, this default to 128, god knows what that means. So i cheated, I edited config.php in serweb, added a line var $flags Then I went further down, and addedd $this->flags="128"; and then in sql_and_fifo_functions.php I changed the lines reading $replication. "\n" to $replication. $config->flags."\n"; NOTICE I removed the "\n" after replication, it didnt work with that. I ran it all again, and it works, cleaned up the pending table, added in subscriber and also added the alias in aliases, user logged in find from xlite and also from his login panel, so I guess its all okay. If I overlooked anything, or mad a major $%^£up, let me know, not sure if this will impact anything else, I dont think it will...but.... Iqbal

19 years, 9 months

[Serusers] SER NAT'd Client & Asterisk

by Patrick Baker

Hello all, I have SER forwarding connections to asterisk, but I dont get sound for NAT'd clients. I'm using the sample nathelper config but I dont understand where I would have to place the following. if (uri=~"^sip:[0-9]*@.*") { forward( 10.0.18.3, 5060 ); # rewritehostport("10.0.18.3:5060"); break; }; Below is my config file as current - normal forwarding works but NAT'd clients get forwarded to asterisk but cant hear anything. Can someone help me out? Best regards, Patrick # # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ #debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E) #Uncomment these lines to enter debugging mode debug=10 fork=no log_stderror=yes check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 #children=4 fifo="/tmp/ser_fifo" listen=my ip alias=my fqdn # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" #nat support loadmodule "/usr/local/lib/ser/modules/nathelper.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://user:pass@localhost/ser") # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://user:pass@localhost/ser") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) #NAT Helper Config modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; if (uri=~"^sip:[0-9]*@.*") { forward( 10.0.18.3, 5060 ); # rewritehostport("10.0.18.3:5060"); break; }; # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("digicen.com", "subscriber")) { www_challenge("digicen.com", "0"); break; }; save("location"); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; } # !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; }

19 years, 9 months

[Serusers] How to mangle SDP with result of shellscript

by Alexander Philipp Lintenhofer

Hi there, I have a question concerning the following situation: One client makes a call to another client in the same (private) LAN over a SER located in the public network. It is easy to check if both clients are behind the same NAT. So one can avoid using the mediaproxy and therefore the mediastream stays in the local LAN. But there is a problem if one client uses STUN to detect the outbound IP of the NAT-Box and changes the IP-Address of his SDP body to the outbound IP-address of the NAT-Box. The original local IP-Address ist lost. This value must be recovered by SER - otherwise the RTP-stream of this local connection is relayed over the public internet. I managed getting the original IP-Address (external script which extracts the IP-Addr from the Call-ID header, if it is there...) and store it persistant in the Location Database. My question: How is it possible to mangle the SDP-body by SER with the sdp_mangle_ip() - function and a non static argument. I have to use this function with an argument given by an external script. Is it possible or does anybody know another possibility to get rid of this mess? regards, Philipp

19 years, 9 months

[Serusers] mutlple gw's/avpops

by Christopher Crawford

Hello Ramona, We are attempting to use avpops and seem to be running into issues, using the latest stream from CVS. We are trying to change the domain portion of the ruri with a set of routable gateways, using the serial forking example given in section 8.4 of your documentation (http://www.voice-system.ro/docs/avpops). So here is what we want to do. If a forwarded INVITE to gw1 fails, via a 404 or 408 response, use the next gw in the list, gw2, to route the request. 404 and 408s are noted because we do not want a retry if the response is a 486 - other other potential negative responses that are legitimate. Below is a snippet from ser.cfg of what we have been working with, unsuccessfully. The difference between your example and what we are attempting to do is that the example demonstrates a method for rerouting to completely different URL. We only want to change the domain portion of the ruri. Kind regards, and thanks ahead of time for guidance offered. Chris modparam( "avpops","avp_aliases","serial_fork=i:665" ) ... avp_write( "33.145.243.53:5060", "$serial_fork" ); avp_write( "1.2.3.4:5060", "$serial_fork" ); ... route[5] { if ( avp_pushto( "$ruri", "$serial_fork" ) ) { log ( "\n\n\nsetting up failure route 9\n\n\n" ); avp_delete( "$serial_fork" ); t_on_failure( "9" ); t_relay(); } else { log( "\n\n\nNo more gateways to push to\n\n\n" ); } }/*end route[5]*/ ... failure_route[9] { log ( "\n\n\ncalling failure route 9\n\n\n" ); if ( avp_pushto( "$ruri/domain", "$serial_fork" ) ) { avp_delete( "$serial_fork" ); t_on_failure( "9" ); t_relay(); } else { log( "\n\n\nNo more gateways to push to\n\n\n" ); } }/*end failure route[9]*/

19 years, 9 months

[Serusers] server behind symmetric nat

by Tony Sarendal

One server I'm working on is sitting behind a symmetric nat. I currently see one thing which I think may cause problems, the Via: field in the header has a private address in it when requests are sent to another server. Is there any way to get the server to re-write that Via: field it appends so that it adds the outside address instead. Or am I mistaking here ? Does anyone else have this setup in a live environment ? If so, what issues are you seeing ? /Tony S -- --- Tony Sarendal - tony.sarendal(a)polarcap.org - sip:tony.sarendal@polarcap.org Cisco/Unix/Babies -= The scorpion replied, "I couldn't help it, it's my nature." =-

19 years, 9 months

[Serusers] segmentation fault

by sai latha

Hi all I am working on SER when configure ser.cfg and when this using ./ser it shows the segmentation fault 0(4965) DEBUG: init_mod: auth_radius 0(4965) auth_radius - Initializing Segmentation fault Please tell me the what is the problem where i have to change please tell me Thank u Sailatha __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

19 years, 9 months

RE: [Serusers] SER 0.9.0 adding users?

by Matt Schulte

Ok, I added the loadmod for domain, still same error. And no, no alias lookup.. I upgraded 'over' ser0.8.14, but made sure all the files were replaced properly.. thoughts? -----Original Message----- From: Jan Janak [mailto:jan@iptel.org] Sent: Wednesday, February 16, 2005 11:19 AM To: Matt Schulte Cc: Felipe Martins; serusers(a)lists.iptel.org Subject: Re: [Serusers] SER 0.9.0 adding users? Did you load domain module ? Do you have lookup("alises") somewhere in your script ? Jan. On 16-02 08:45, Matt Schulte wrote: > I still get errors, our sip provider requires a + anyway :-) > > I seem to get errors no matter what commands I run. Here's the latest > trying to add a "domain". > > ./serctl domain add blah.blah.net > > 500 command 'domain_reload' not available > Feb 16 09:43:36 brak /usr/local/sbin/ser[4315]: ERROR: fifo_server: > command domain_reload is not available > > Is there something that has to be done with the fifo_server before > doing all this? > > ser *is* running > > [serctl] > SER_FIFO=/tmp/ser_fifo > > [ser.cfg] > fifo="/tmp/ser_fifo" > > > > -----Original Message----- > From: Felipe Martins [mailto:fmartins@mundivox.com] > Sent: Wednesday, February 16, 2005 8:31 AM > To: serusers(a)lists.iptel.org > Subject: Re: [Serusers] SER 0.9.0 adding users? > > > Try > > # serctl add 18165551212 blahblah blah@blah > > > > On Wed, 16 Feb 2005 07:06:13 -0600 > "Matt Schulte" <mschulte(a)netlogic.net> wrote: > > > I get this when adding a user in ser (using serctl) > > > > root@brak sbin]# ./serctl add +18165551212 blahblah blah@blah MySql > > password: > > error: 400; check if you use aliases in SER > > > > Um error 400?? I'm lost. no docs, frustrated. venting. > > > > Matt > > > > _______________________________________________ > > Serusers mailing list > > serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers > > > > > -- > Felipe Martins > TEP Solution & New Technologies > Mundivox Communications > fmartins(a)mundivox.com > > Site: www.mundivox.com > Tel.: +55 +21 +3820 8839 > Cel.: +55 +21 +9823 8602 > Fax.: +55 +21 +3820 8844 > > _______________________________________________ > Serusers mailing list > serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers > > _______________________________________________ > Serusers mailing list > serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

19 years, 9 months

[Serusers] Multiple organizations using same SER box

by Terry Wilson

I'm wanting to let several companies share one of my SER boxes. These companies have overlapping extensions for their phones (the registrations are unique, though). Is there something I could do, perhaps with avp's, to denote which organization a particular call should be subject to? For example: Company 1 Exten: 1234 SIP user: alice Exten: 1235 SIP user: bob Company 2 Exten: 1234 SIP user: eve Exten: 2345 SIP user: frank If bob calls alice by dialing 1234, is there a way to look up the organization, and rewrite the uri to go to the correct place so that alice doesn't accidentally get sent to eve? I would like to do this without static rules in the ser.cfg so that I can just set the organization by adding an avp when I create the users. I am also using CPL to handle dialplan type of issues already. Anyway, thanks for any help!

19 years, 9 months

← Newer
1
...
21
22
23
24
25
26
27
...
47
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users February 2005