sr-users June 2005

sr-users@lists.kamailio.org

241 participants
595 discussions

Re: [Serusers] digest authentication without db

by Cesc Santasusana

Hi, We have been using dbtext for a while and it works fine. Only one problem: serctl does not support dbtext, only mysql. So, I added dbtext support into serctl a while ago ... sent the updated script to ser-dev (or serusers, don't remember). I think it never made it into the cvs or anything ... but maybe you want to dig it out of the mail list for you to use it ... This way you can add, remove, check subscribers, groups, alias, etc automatically. Regards, Cesc Unclassified >>> Francesco Fondelli <francesco.fondelli(a)gmail.com> 06/03/05 09:14AM >>> Thank you all for the tips, I had a look at dbtext and I think it almost fits my needs. I just have to change its 'subscriber' table format to match my file format. Ciao FF _______________________________________________ Serusers mailing list serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

19 years, 8 months

[Serusers] rtpproxy + nathelper + radius + mediaproxy + voicemail + asterisk + ser-0.9.0-fc1 and it is running fine.

by fedora＠voice.dyndns.tv

rtpproxy + nathelper + radius + mediaproxy + voicemail + asterisk + ser-0.9.0-fc1 and it is running fine. (ito.) ser-0.9.0-fc1.i386.rpm ser-0.9.0-fc1.src.rpm ser-jabber-0.9.0-fc1.i386.rpm ser-mysql-0.9.0-fc1.i386.rpm ser-radius-0.9.0-fc1.i386.rpm ///////////////////////////////////////////// http://www.voice.dyndns.tv sip:admin@iptel.org Saitama Japan Sip EXpress router Support Team voice(a)wmail.plala.or.jp /////////////////////////////////////////////

19 years, 8 months

[Serusers] Auth Radius and draft-sterman-aaa-sip-00 question.

by Ricardo Martinez

Hello list. I have a question about the radius authentication message. As i can see in the radius authorize message reaching to my Radius Server the format of this message is as follow: Attributes: User-Name = "user1(a)mydomain.com" Digest-Attributes = "<10><10>user1" Digest-Attributes = "<1><23>mydomain.com" Digest-Attributes = "<2>*429f5a94dfac500699b5465aae863a390d5ebd92" Digest-Attributes = "<4>&sip:1234567@mydomain.com" Digest-Attributes = "<3><10>REGISTER" Digest-Attributes = "<5><6>auth" Digest-Attributes = "<9><10>00000037" Digest-Attributes = "<8><10>dbb06da4" Digest-Response = "08525b9e17e0ed25fccc61b104ff9e20" Service-Type = Sip-Session Sip-Uri-User = "1234567" NAS-IP-Address = 10.1.1.3 NAS-Port = 5060 my question is... the format of this radius auth message with the "Digest-Attributes" attributes is created by SER module auth_radius or by the radiusclient ? When this message reach to my server (by the way is a Radiator) i used a "patch" created by me to "understand" the differents Digest-Attributes and parse to the Digest-Uri, Digest-Method. Digest Real. etc that correspond, because my Radiator server seems not to parse the different Digest-Attributes. As i have seen in another post regarding to auth radius issues, the message in this format is understand perfect by for example the FreeRadius Server. Is there a special configuration (maybe with the dictionary file) to make this work?. What special feature do i need to set in the radius server? maybe the draft-sterman-aaa-sip-00 ?????? Is somone using Radiator with SER? I hope someone could help me. Thanks in advance Regards Ricardo Martinez.-

19 years, 8 months

RE: [Serusers] Re: radiusclient

by Kamran Ahmad

any comments i have </usr/local/lib/ser/modules/auth_radius.so> but ser is giving me error Jun 2 13:11:13 SER ser: ERROR: load_module: could not open module </usr/local/lib/ser/modules/auth_radius.so>: libradiusclient.so.2: cannot open shared object file: No such file or directory Jun 2 13:11:13 SER ser: parse error (26,13-14): failed to load module Jun 2 13:11:13 SER ser: set_mod_param_regex: No module matching auth_radius found | Jun 2 13:11:13 SER ser: parse error (49,18-19): Can't set module parameter Jun 2 13:11:13 SER ser: set_mod_param_regex: No module matching auth_radius found | Jun 2 13:11:13 SER ser: parse error (50,18-19): Can't set module parameter Jun 2 13:11:13 SER ser: parse error (192,37-38): unknown command, missing loadmodule? Jun 2 13:11:13 SER ser: parse error (223,37-38): unknown command, missing loadmodule? --- Shaikat Mahmud <shaikat(a)stitel.com> wrote: > I have used ser 0.8.12 for remote radius. > You have to give entry of RADIUSSERVER IP in > radiusclient.conf > And also you have give entry in server and client, a > shared secret, > testing123 with each others' IP. Radclient in SER > end does not required. > > I also tried to configure ser 0.8.14 with Remote > Radius, but faced some > problem. It was not sending the requests to remote > radius. I didn't worked > with that problem. Later if I get time, then I will > see it again. > > I am sending you the required > radiusclient-0.3.2.tar.gz for ser 0.8.12. > If you can configure ser 0.8.14, then please inform > me. > > shaikat > > > > > > -----Original Message----- > From: Kamran Ahmad [mailto:p_kami@yahoo.com] > Sent: Thursday, June 02, 2005 1:32 PM > To: Shaikat Mahmud; serusers(a)lists.iptel.org > Subject: RE: [Serusers] Re: radiusclient > > > > i want to install freeradius on 2nd mechine. > i have two mechines one for ser and 2nd mechine for > freeradius > > any comments > > Kamran Ahmad > > --- Shaikat Mahmud <shaikat(a)stitel.com> wrote: > > > Hi, > > > > For radclient exe, you have to install freeradius. > > It is not a part of radiusclient. > > > > shaikat > > > > > > -----Original Message----- > > From: Kamran Ahmad [mailto:p_kami@yahoo.com] > > Sent: Thursday, June 02, 2005 1:13 PM > > To: Shaikat Mahmud; serusers(a)lists.iptel.org > > Subject: RE: [Serusers] Re: radiusclient > > > > > > thanks for reply but my problem is that i dont > have > > radiusclient-0.3.2.tar.gz as recommended in this > > document. i tried radiusclient-0.3.3.tar, > > radiusclient-0.4.8.tar.gz. but after compiliation > > > > there is execuatable "radiusclient" but > > this document is saying > > > > #radclient -f digest localhost auth > <shared_secret> > > > > thats the problem > > > > thanks > > Kamran Ahmad > > > > --- Shaikat Mahmud <shaikat(a)stitel.com> wrote: > > > > > Hi, > > > > > > Please read the radius how to. > > > > > > http://www.iptel.org/ser/doc/ser_radius/ser_radius.html > > > It works fine. > > > > > > Shaikat > > > > > > -----Original Message----- > > > From: serusers-bounces(a)lists.iptel.org > > > [mailto:serusers-bounces@lists.iptel.org] On > > > Behalf Of Kamran Ahmad > > > Sent: Thursday, June 02, 2005 12:51 PM > > > To: serusers(a)lists.iptel.org > > > Subject: [Serusers] Re: radiusclient > > > > > > hello > > > > > > can any one tell me how to install radclient > > > > > > i tried radiusclient-0.3.3.tar , > > > radiusclient-0.4.8.tar.gz but nothing working > > > > > > > > > Kamran > > > > > > > > > > > > __________________________________ > > > Discover Yahoo! > > > Use Yahoo! to plan a weekend, have fun online > and > > > more. Check it out! > > > http://discover.yahoo.com/ > > > > > > _______________________________________________ > > > Serusers mailing list > > > serusers(a)lists.iptel.org > > > http://lists.iptel.org/mailman/listinfo/serusers > > > > > > > > > > > > > > > > __________________________________ > > Discover Yahoo! > > Find restaurants, movies, travel and more fun for > > the weekend. Check it out! > > > > http://discover.yahoo.com/weekend.html > > > > > > > > > > > __________________________________ > Discover Yahoo! > Get on-the-go sports scores, stock quotes, news and > more. Check it out! > http://discover.yahoo.com/mobile.html > __________________________________ Discover Yahoo! Use Yahoo! to plan a weekend, have fun online and more. Check it out! http://discover.yahoo.com/

19 years, 8 months

[Serusers] digest authentication without db

by Francesco Fondelli

Hello, I'm new to SER and SIP as well so please forgive my mistakes. I'm trying to setup SER in order to forward calls to a pool of pstn gateways. I want use digest authentication for UAs but I cannot store userid and passwords on a db. Basically I would like to do: if (!www_authorize("mydomain.com", "subscriber")) { www_challenge("mydomain.com", "0"); break; }; getting userid and password from a text configuration file which contains such infos. How can I do that? I have written a ser cfg file and I would like someone tell me if is ok. Is a mix of several different cfg files I have found on the net. I'm sure is far to be ok :-) Thank for your help. Ciao ------------------------------------------------------------------- # ----------- global configuration parameters ------------------------ #debug=3 debug=4 #fork=yes fork=no #log_stderror=no log_stderror=yes check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" #uid= #gid= listen=192.168.1.114 # alias="mydomain.com" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/uri.so" # ----------------- setting module-specific parameters --------------- modparam("usrloc", "db_mode", 0) # ------------------------- routing logic --------------------------- route { # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { log("Too many hops\n"); sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { log("Message too big\n"); sl_send_reply("513", "Message too big"); break; }; # process requests for our domain (gws included) if (uri=~"[@:]mydomain\.com([;:].*)*" | uri=~"@192.168.1.171([;:].*)*" | #pstn gw1 uri=~"@192.168.1.172([;:].*)*" | #pstn gw2 uri=~"@192.168.1.173([;:].*)*" ) { #pstn gw3 log("Request is for mydomain.com\n"); # registers always MUST be authenticated to # avoid stealing incoming calls if (method=="REGISTER") { log("Request is REGISTER\n"); if (!www_authorize("mydomain.com", "subscriber")) { log("REGISTER has no credentials, sending challenge\n"); www_challenge("mydomain.com", "0"); break; }; # prohibit attempts to grab someone else's address # using someone else's valid credentials if (!check_to()) { log("Cheating attempt\n"); sl_send_reply("401", "Unauthorized"); break; }; # update user location database (it should be in mem) log("REGISTER is authorized, saving location\n"); save("location"); break; }; # now it's about PSTN destinations through our gateways if (uri=~"sip:[0-9]+@.*") { # all PSTN destinations only for authenticated users # (GWs, which have no digest support, are authenticated # by its IP address) if (!(src_ip==192.168.1.171 | #pstn gw1 src_ip==192.168.1.172 | #pstn gw2 src_ip==192.168.1.173) & #pstn gw3 !(www_authorize("mydomain.com", "subscriber"))) { www_challenge("mydomain.com", "0"); break; }; # requests to gateways must be record-route because the GWs accept # only requests coming from our proxy if (method=="INVITE") record_route(); # XXX: find the best gw using first part of telephone number and... rewritehostport("192.168.1.171:5060"); #172 or 173 } else { # native SIP destinations are handled using our USRLOC DB # and are allowed only from gws if (src_ip==192.168.1.171 | #pstn gw1 src_ip==192.168.1.172 | #pstn gw2 src_ip==192.168.1.173) { #pstn gw3 if (!lookup("location")) { log("Unable to lookup contact, sending 404\n"); sl_send_reply("404", "Not Found"); break; }; } else { log("No native SIP destination allowed\n"); sl_send_reply("403", "Permission denied"); break; }; }; } else { # outbound requests are not allowed log("No outbound requests allowed\n"); sl_send_reply("403", "Permission denied"); break; }; # and finally.. forward to current uri; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if(!t_relay()) { sl_reply_error(); }; }

19 years, 8 months

[Serusers] SER 0.9 | How to check URI against uri table ?

by lamasse＠free.fr

Hi SER Users ! Is there a mean to check that the URI submitted in 'TO' header during registration is allowed for a user in the uri table or SER(if URI and username are not the same) ?? I tried with function check_to() but it doesn't work. REGISTERs are rejected because username does not match with URI. However it's written in documentation that this function should performs a check in the uri table. Is there any other me to perform this verification ? Thanks for your help !

19 years, 8 months

[Serusers] SER connect to Clarent C5CM

by root linux

Hi, Does anybody have successful connect SER to Clarent C5CM? Regards, rootlinux __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

19 years, 8 months

[Serusers] 0.9.0 Invalid table version

by harry gaillac

Hello serusers, I looked this mail : http://lists.iptel.org/pipermail/serusers/2005-March/016424.html However it don't help me. I download : ser-mysql-module_0.10.99+cvs20050519_i386.deb ser_0.10.99+cvs20050519_i386.deb What can i do ? change version table? Regards Harry serveur1:~# tail /var/log/syslog Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: Default allow file (/etc/ser/permissions.allow) not found => empty rule set Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: WARNING: File not found: /etc/ser/permissions.deny Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: Default deny file (/etc/ser/permissions.deny) not found => empty rule set Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: table_version(): Invalid number of rows received: 2, trusted Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: permissions:init_trusted(): Error while querying table version Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: Error while initializing allow_trusted function Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: table_version(): Invalid number of rows received: 2, grp Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: group:mod_init(): Error while querying table version Jun 2 23:11:46 serveur1 /usr/sbin/ser[2624]: init_mod(): Error while initializing module group Jun 2 23:17:01 serveur1 /USR/SBIN/CRON[2725]: (root) CMD ( run-parts --report /etc/cron.hourly) _____________________________________________________________________________ Découvrez le nouveau Yahoo! Mail : 1 Go d'espace de stockage pour vos mails, photos et vidéos ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com

19 years, 8 months

[Serusers] ser don't start

by harry gaillac

hello, what's wrong with module permissions and group ? Harry serveur1:/tmp# tail /var/log/daemon.log Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: Maxfwd module- initializing Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: permissions - initializing Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: Default allow file (/etc/ser/permissions.allow) not found => empty rule set Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: Default deny file (/etc/ser/permissions.deny) not found => empty rule set Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: table_version(): Invalid number of rows received: 2, trusted Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: permissions:init_trusted(): Error while querying table version Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: Error while initializing allow_trusted function Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: table_version(): Invalid number of rows received: 2, grp Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: group:mod_init(): Error while querying table version Jun 2 21:13:52 serveur1 /usr/sbin/ser[5058]: init_mod(): Error while initializing module group _____________________________________________________________________________ Découvrez le nouveau Yahoo! Mail : 1 Go d'espace de stockage pour vos mails, photos et vidéos ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com

19 years, 8 months

[Serusers] Hiring programmers

by Rosa De Santis

Hello all. We need to hire programmers to help us implement a SER + SEMS server, java based Sip Softphone and some other related programs. We are a US based VoIP company. Our website is www.vivophone.com Please, contact us for more information Thanks in advance Rosa

19 years, 8 months

← Newer
1
...
53
54
55
56
57
58
59
60
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users June 2005