sr-users February 2005

sr-users@lists.kamailio.org

215 participants
467 discussions

by Anurag Srivastava

Hello All, My task is to program the ser.cfg in a way that it connects to an external database(any machine in LAN,other than the server on which SER is running) After getting connected to the database I need to query the database and get a result set of IPAddresses based on the destination number that I passed in the query..and further use this set to rewrite the call to the IP Address retrieved. To accomplish this task I need-- 1.how to extract the destinationno from sip_uri 2.how to use the database interface given in SER programmer's guide I went through SER programmer's guide,but if anybody can provide me a simple example of using database interface,it wud be of great help. Thanks!

20 years

[Serusers] FW: Fwd: Nathelper question

by mnvoip mnvoip

Hi, Pls, help... Regards, Trong >From: testing123456 <trong_tran(a)yahoo.com> >To: mnvoip(a)hotmail.com >Subject: Fwd: Nathelper question >Date: Wed, 2 Feb 2005 12:33:35 -0800 (PST) > > > >Note: forwarded message attached. > > >--------------------------------- >Do you Yahoo!? > Yahoo! Search presents - Jib Jab's 'Second Term' _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

20 years

RE: [Serusers] Trusted IP and security.

by Tom Lowe

Hi Jamey, and Kiss, who answered in another message. Thanks for the feedback. I'm not worried about someone on the networks local to the proxy server, so that won't be an issue. As far as getting into a router between the user agent and proxy, I believe it would have to be positioned such that they can redirect packets destined for the "spoofed" IP, and I don't that's too likely....though definitely something to look at. Sending the invite with a spoofed IP would certainly be a potential DOS type of attack, and one I'm concerned about But what I am looking to prevent is someone making 'successful' phone calls that are billed to another customer based on IP address, so I believe both of you have basically confirmed my thinking...that someone can't easily spoof IP's from outside the local network and make successful usable calls. I'll check out the articles Jamey recommended. If anyone else has comments, I'd love to hear them! Thanks again! Tom -----Original Message----- From: Jamey Hicks [mailto:jamey.hicks@hp.com] Sent: Tuesday, February 01, 2005 6:42 PM To: Tom Lowe Cc: serusers(a)lists.iptel.org Subject: Re: [Serusers] Trusted IP and security. Tom Lowe wrote: >Hi all. > >I have a "security" question regarding "trusted IP's". Is it possible >for someone to SUCCESSFULLY spoof an IP and actually make working >calls? > >For example, '10.10.10.10' sends calls to SER (or any other proxy >server) at 20.20.20.20, but actually spoofs the IP by sending an IP >address of 30.30.30.30, which happens to be trusted by the SER at >20.20.20.20. > > > It is possible to successfully spoof an IP using ARP poisoning by someone with access to the local network. This could not be detected from SER because responses would actually be routed to the attacker. ARP poisoning hijacks an IP address at the link layer. Here are two articles that describe it and how to detect it and to protect against it: http://www.watchguard.com/infocenter/editorial/135324.asp http://www.sans.org/rr/whitepapers/threats/474.php Non-local attackers could get SER to deliver SIP messages for them by sending UDP/SIP packets with forged source IP addresses, but the attacker would not receive the responses and so should not be able to complete the INVITE/OK/ACK transaction unless they can predict the connection and header values that would be provided by the callee. If the trusted IP addresses are local, these SIP messages could be detected and dropped by an ingress filter that packets entering the network do not have source IP addresses within the network. Hope this helps, Jamey

20 years

[Serusers] Any Symbian Sip Client Software ?

by murong.lin＠nokia.com

Hi There, We had a WCDMA platform and some Nokia 6630 Symbian handset, We would like to test some VoIP application upon that, So any suggestion? Thanks for your advance! Br, LIn Murong

20 years

[Serusers] Asterisk + SIP challenge bug

by Matt Schulte

Has anyone else had the FROM: line changed to what's in the TO: after using digest auth between Asterisk and SER? I believe asterisk is the culprit, I opened a ticket on their bugtracker. Matt

20 years

[Serusers] Segfault while Register to Ser with Contactheader "sip:%20123456@domain.com"

by markus monka

This morning we found a strange behavior. Everytime, a user sends an wrong Contact Header Field ser segfauled . Running Ser: version: 0.8.14 (i386/linux) flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535 @(#) $Id: main.c,v 1.168.4.3 2004/06/28 15:41:21 andrei Exp $ main.c compiled on 02:18:40 Sep 11 2004 with gcc 2.95 SIP Request: ------------------------------------------------------------------------------------------- REGISTER sip:voiceoverip.com SIP/2.0. Content-Length: 0. Contact: <sip:%201838622@192.168.168.2:5060>;events="message-summary". Call-ID: 87BD6EE5-7507-11D9-9335-004063C7E008(a)192.168.168.2. SIP/2.0 401 Unauthorized. Call-ID: 87BD6EE5-7507-11D9-9335-004063C7E008(a)192.168.168.2. From: <sip:%201838622@voiceoverip.com>;tag=769507929833. CSeq: 56 REGISTER. To: <sip:%201838622@voiceoverip.com>;tag=b11cb9bb270104b49a99a995b8c68544.b86b. Found To / Contact Field ------------------------------------------------------------------------------------------- DEBUG: get_hdr_field: <To> [29]; uri=[sip:%201838622@voiceoverip.com] 0(1683) check_self - checking if port 5060 matches port 5060 0(1683) parse_headers: flags=64 0(1683) check_nonce(): comparing [4200ae1175f148a85cefb9c422f41f713276dd93] and [4200ae1175f148a85cefb9c422f41f713276dd93] 0(1683) query="select password from subscriber where username='1838622' AND domain='voiceoverip.com'" 0(1683) HA1 string calculated: 169a2df95866ea31a6fb8cc1bd8ca0ed 0(1683) check_response(): Our result = '0ea312ddbf4ba6caef1e2a388683251e' 0(1683) check_response(): Authorization is OK 0(1683) save_rpid(): rpid value is '' 0(1683) check_username(): Digest username and URI username do NOT match 0(1683) XLOG: xl_print_log: final buffer length 103 0(1683) Segmentation fault 2(1685) ERROR: fifo_server fgets failed: Illegal seek 2(1685) ERROR: fifo_server fgets failed: Illegal seek 2(1685) ERROR: fifo_server fgets failed: Illegal seek 2(1685) ERROR: fifo_server fgets failed: Illegal seek 1(1684) INFO: signal 15 received Memory status (pkg): 2(1685) 1(1684) Memory status (pkg): fm_status (0x80d9820): 2(1685) 1(1684) fm_status (0x80d9820): heap size= 20970384 2(1685) 1(1684) dumping free list: heap size= 20970384 1(1684) 2(1685) hash = 1 fragments no.: 47, bucket size: 8 - 8 (first 8) 1(1684) hash = 2 fragments no.: 1, bucket size: 16 - 16 (first 16) dumping free list: 2(1685) hash = 1 fragments no.: 47, bucket size: 8 - 8 (first 8) 2(1685) hash = 5 fragments no.: 1, bucket size: 40 - 40 (first 40) 1(1684) hash = 20 fragments no.: 17403, bucket size: 160 - 160 (first 160) 1(1684) hash = 263 fragments no.: 1, bucket size: 131072 - 262144 (first 137584) 1(1684) hash = 266 fragments no.: 1, bucket size: 1048576 - 2097152 (first 1840744) 1(1684) hash = 269 fragments no.: 1, bucket size: 8388608 - 16777216 (first 16028680) 1(1684) TOTAL: 17454 free fragments = 20791880 free bytes 1(1684) ----------------------------- 2(1685) hash = 20 fragments no.: 17403, bucket size: 160 - 160 (first 160) 2(1685) hash = 263 fragments no.: 1, bucket size: 131072 - 262144 (first 137584) 2(1685) hash = 270 fragments no.: 1, bucket size: 16777216 - 33554432 (first 17869432) 2(1685) TOTAL: 17453 free fragments = 20791912 free bytes 2(1685) ----------------------------- Is this a known Problem which is fixed in an new Ser Version? Greets Markus -- [netzquadrat]GmbH fon 0211.30 20 33 0 Ronsdorfer Str. 74 fax 0211.30 20 33 22 40233 Düsseldorf mobil 0163 7777 923 weitere Info unter: http://www.netzquadrat.de ** NEU von [NQ] - http://www.VOICEMEETING.de ** ** die supergünstige Sofort-Telefonkonferenz **

20 years

[Serusers] Your mail send to biswas@stprkl.soft.net has been received.

by Mrinmoy Biswas

Your mail send to biswas(a)stprkl.soft.net has been received. Will reply as soon as I get back. Thank you. Regards, Mrinmoy Biswas

20 years

[Serusers] cannot login to serweb

by Chris

This seems to be a perennial trouble for people. I see many similar threads. I have 0.9.0 serweb version from when I previously downloaded 08.14 ser is running with mysql, registration and calls running ok etc serweb start up as far as the admin login screen admin/heslo and anything else I throw at it fails to login. It just returns to login screen. After failed login I get a little message : error in sql query line 30 which is the line of the print for error in ….. I have seen many many reports of this but no confirmation from any one that any of the suggested fixes actually did so… Is this a known problem Is it a compatibility issue with 090 Anyone have a solution? Cheers Chris _____ Hi, This is my first time installation of serweb on Fedora Core 2. When I view it from my own linux box and type in username: admin password: heslo Nothing happen. But when I use I.E. on other computers, I see the error message: Bad username and password. I have set php.ini register_globals = on already. I have also restarted httpd. What is my problem? Thomas On Wed, 2004-12-01 at 08:49, Chris HARIGA wrote: > Hi, > > I have the same problem :(( > The register_global=on is present and if I try to login I get the "Bad > username or password" message :( > > Best regards, > > Chris HARIGA > > > -----Original Message----- > From: HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"serusers-bounces at iptel.org [mailto:HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"serusers-bounces at iptel.org] On > Behalf Of Karel Kozlik > Sent: Tuesday, November 30, 2004 2:52 PM > To: support > Cc: HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"serusers at iptel.org > Subject: Re: [Serusers] cannot login to serweb > > Any more details? Your serweb version, error messages etc.? > > Did you read FAQ in INSTALL file? Special this: > > Q: All my login attempts lead to the previous screen without any > kind of progress or error indication. > A: Really make sure that register_globals is turned on in your > php.ini. (Also make sure that you are changing the php.ini in > use by your server and register_globals is not turned off > somewhere else in the configuration file.) > For check real php configuration create file phpinfo.php > in html root with content <? phpinfo(); ?> and look to it by > browser. There is _all_ informations about php. > > Karel > > > support wrote: > > Hi everyone, > > > > > > After I have installed serweb by default, with db_name=ser and > > db_passwd=heslo, when I go to HYPERLINK "http://localhost/html/admin/index.php"http://localhost/html/admin/index.php > > login page, using > > > > Username: admin > > Password: heslo > > > > > > I cannot login the page. > > > > > > > > Thomas > > > > _______________________________________________ > > Serusers mailing list > > HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"Serusers at iptel.org > > HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"http://lists.iptel.org/mailm an/listinfo/serusers > > > > _______________________________________________ > Serusers mailing list > HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"Serusers at iptel.org > HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"http://lists.iptel.org/mailm an/listinfo/serusers > > ______________________________________________________________________ > _______________________________________________ > Serusers mailing list > HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"Serusers at iptel.org > HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"http://lists.iptel.org/mailm an/listinfo/serusers _____ size=2 width="100%" align=center> * Previous message: HYPERLINK "http://lists.iptel.org/pipermail/serusers/2004-December/013566.html"[Seruser s] cannot login to serweb * Next message: HYPERLINK "http://lists.iptel.org/pipermail/serusers/2004-December/013567.html"=?gb2312 ?B?tPC4tDogW1NlcnVzZXJzXSBjYW5ub3QgbG9naW4gdG8gc2Vyd2Vi?= * Messages sorted by: HYPERLINK "http://lists.iptel.org/pipermail/serusers/2004-December/date.html#13568"[ date ] HYPERLINK "http://lists.iptel.org/pipermail/serusers/2004-December/thread.html#13568"[ thread ] HYPERLINK "http://lists.iptel.org/pipermail/serusers/2004-December/subject.html#13568"[ subject ] HYPERLINK "http://lists.iptel.org/pipermail/serusers/2004-December/author.html#13568"[ author ] _____ HYPERLINK "http://lists.iptel.org/mailman/listinfo/serusers"More information about the Serusers mailing list -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.2 - Release Date: 28/01/2005

20 years

[Serusers] Simple question about notation

by Ricardo Martinez

Hello list. Is there a way to simplify the notation of this configuration line? if ( (uri=~"^sip:111.*@.*") | (uri=~"^sip:222.*@.*") | (uri=~"^sip:333.*@.*") | (uri=~"^sip:444.*@.*") | (uri=~"^sip:00.*@.*")){ with something like this maybe? if ( (uri=~"^sip:111 | 222 | 333 | 444 | 00.*@.*")) { Thanks. Ricardo.-

20 years

[Serusers] Stop Radius Accounting on Status 404.

by Mohamed Omar

How can make SER flags status 404 for accounting and send a stop accouting record to the radius server? Am currently doing accounting for calls going to PSTN network and it's working fine if the call is not completed and if I get an error like status 404 then no stop accounting record is sent to the radius server. I would like to force SER to send stop accouting flag to radius server. Can I do this on SER 0.8.14 if (!lookup("location")) { setflag(1); # doesn't seem to be needed, problably because sl_send_reply # acc_rad_request("stop"); sl_send_reply("404", "Not Found"); break; Thanks. Mohamed --------------------------------- Post your free ad now! Yahoo! Canada Personals

20 years

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users February 2005