Hi all,
I have a problem with silo table in MySQL. messages are stored in the
table when user is offline, and when comes back online messages are
delivered to the client. Problem is that the messages aren't erased from
table after delivery . Am I missing something in my ser.cfg? I'm using
ser-0.9.6 and XLite 3.0.
I will appreciate any help.
thanks
/davor
loadmodule "/usr/lib/ser/modules/msilo.so"
modparam("auth_db|uri_db|usrloc|permissions|group|acc_db|msilo",
"db_url", "mysql://ser:heslo@localhost/ser")
modparam("msilo", "db_table", "silo")
modparam("msilo", "check_time", 10)
modparam("msilo", "clean_period", 3)
modparam("msilo", "use_contact", 1)
route {
# -----------------------------------------------------------------
# Sanity Check Section
# -----------------------------------------------------------------
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
break;
};
if (msg:len > max_len) {
sl_send_reply("513", "Message Overflow");
break;
};
...
} else if (method=="MESSAGE") {
route(8);
break;
};
...
route[2] {
# -----------------------------------------------------------------
# REGISTER Message Handler
# ----------------------------------------------------------------
if (!www_authorize("","subscriber")) {
www_challenge("","0");
break;
...
m_dump();
}
route[8] {
##########################
# Message Handler #
###########################
if (!lookup("location")) {
if (method == "MESSAGE") {
if (!t_newtran()) {
sl_reply_error();
break;
};
if (m_store("1")) {
t_reply("202", "Accepted for Later
Delivery");
break;
};
t_reply("503", "Service Unavailable");
break;
};
};
route(1);
t_on_failure("1");
}
.........
failure_route[1] {
if (m_store("1")) {
log("MSILO: offline message stored\n");
t_reply("202", "Accepted");
}else{
log("MSILO: offline message NOT stored\n");
t_reply("503", "Service Unavailable");
};
Hello,
I am running old ser version 0.9.6, where I am authenticating on radius and
keeping the users record in default sql database of radius. But it is not
authenticating, the logs are mentioned below.
But it worked absolutely fine with radius users files.
I have the entry for the user in radcheck file but still it is saying user
not found.
Can anyone give any hint where I am doing wrong.
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 127.0.0.1:54086, id=241,
length=262
User-Name = "211069020(a)voip.nortenet.pt"
Digest-Attributes = 0x0a0b323131303639303230
Digest-Attributes = 0x0112766f69702e6e6f7274656e65742e7074
Digest-Attributes =
0x022a3435353436346634343937623539656362346335633261323364656436656532393934
3565316432
Digest-Attributes = 0x04167369703a766f69702e6e6f7274656e65742e7074
Digest-Attributes = 0x030a5245474953544552
Digest-Attributes = 0x050661757468
Digest-Attributes = 0x090a3030303030303031
Digest-Attributes = 0x08103132373935383532383139343033
Digest-Response = "2ae0ba094f508b9dff7bb56d96649875"
Service-Type = Sip-Session
Sip-Uri-User = "211069020"
NAS-Port = 5060
NAS-IP-Address = 127.0.0.1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_digest: Adding Auth-Type = DIGEST
modcall[authorize]: module "digest" returns ok for request 1
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 1
radius_xlat: '211069020(a)voip.nortenet.pt'
rlm_sql (sql): sql_set_user escaped user --> '211069020(a)voip.nortenet.pt'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = '211069020(a)voip.nortenet.pt'
ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 13
rlm_sql (sql): User 211069020(a)voip.nortenet.pt not found in radcheck
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username = '211069020(a)voip.nortenet.pt' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
usergroup.Username = '211069020(a)voip.nortenet.pt' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): User 211069020(a)voip.nortenet.pt not found in radgroupcheck
rlm_sql (sql): Released sql socket id: 13
rlm_sql (sql): User not found
modcall[authorize]: module "sql" returns notfound for request 1
modcall: leaving group authorize (returns ok) for request 1
rad_check_password: Found Auth-Type DIGEST
auth: type "digest"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for
authentication.
modcall[authenticate]: module "digest" returns invalid for request 1
modcall: leaving group authenticate (returns invalid) for request 1
auth: Failed to validate the user.
Login incorrect: [211069020(a)voip.nortenet.pt] (from client localhost port
5060)
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 240 to 127.0.0.1 port 54085
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 241 to 127.0.0.1 port 54086
Waking up in 3 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 240 with timestamp 455463c8
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 241 with timestamp 455463c9
Nothing to do. Sleeping until we see a request.
Thanks very much
Lokesh
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.14.1/527 - Release Date: 11/9/2006
For some reason, I am having problems with having TCP REGISTER
messages being accepted by openser.
The following is a REGISTER I send to Open SER. It is never
responded to. Do you see anything wrong with it? It should be
registering port 5060 TCP.
00:19:42.157347 IP 10.10.2.6.50083 > 10.10.1.234.sip: tcp 345
REGISTER sip:siptest2.com:5060 SIP/2.0^M
Via: SIP/2.0/TCP 10.10.2.6:50083;branch=z9hG4bK45^M
From: Alice <sip:alice@siptest2.com>;tag=fromhackblah^M
To: Alice <sip:alice@siptest2.com>^M
CSeq: 1 REGISTER^M
Call-ID: DNYEXXLURKQELGQLDAJXJADPKUJVSHKUZSFPYXDGQ(a)musecurity.com^M
Contact: <sip:alice@10.10.2.6>;expires=900;transport=TCP^M
Max-Forwards: 70^M
^M
When I send a similar UDP register, it works fine!
REGISTER sip:siptest2.com:5060 SIP/2.0^M
Via: SIP/2.0/UDP 10.10.2.6:5070;branch=z9hG4bK8149125^M
From: Alice <sip:alice@siptest2.com>;tag=fromhackblah^M
To: Alice <sip:alice@siptest2.com>^M
CSeq: 1 REGISTER^M
Call-ID:
PFZEHCUVOJRSHOXXOQNYONBOFKDGWUKNEWRYDJFSCTBCDJQLLNQPJUN(a)musecurity.com
Contact: <sip:alice@10.10.2.6:5070>;expires=900;transport=UDP^M
Max-Forwards: 70^M
^M
00:19:39.364079 IP 10.10.1.234.sip > 10.10.2.6.5070: UDP, length 593
SIP/2.0 200 OK^M
Via: SIP/2.0/UDP 10.10.2.6:5070;branch=z9hG4bK8149125^M
From: Alice <sip:alice@siptest2.com>;tag=fromhackblah^M
To: Alice
<sip:alice@siptest2.com>;tag=329cfeaa6ded039da25ff8cbb8668bd2.c3bf^M
CSeq: 1 REGISTER^M
Call-ID:
PFZEHCUVOJRSHOXXOQNYONBOFKDGWUKNEWRYDJFSCTBCDJQLLNQPJUN(a)musecurity.com
Contact: <sip:alice@10.10.2.6:5070>;expires=900^M
Server: OpenSer (1.1.0-notls (i386/darwin))^M
Content-Length: 0^M
Warning: 392 10.10.1.234:5060 "Noisy feedback tells: pid=11956
req_src_ip=10.10
.2.6 req_src_port=5070 in_uri=sip:siptest2.com:5060
out_uri=sip:siptest2.com:506
0 via_cnt==1"^M
^M
Can I have some recommendations about what company and what package to go
with for a certificate to work with openser?
I have a cert from godaddy, and it seems that it won't work with openser
because of the intermediate certificate that they require you to use.
Godaddy issues a certificate, a private key and an intermediate certificate
(the intermediate certificate
So openser loads just fine if I set:
tls_certifcate=cert.pem
tls_preivate_key=cert.key
but the phone still fails to validate the certificate, because there is no
place to specify the intermediate certificate.
The intermediate certificate is the one that corresponds to the apache2 ssl
directive SSLCertificateChainFile.
The phone says:
Registration Error: 503 - Certificate Validation Failure
and the openser logs say:
7(7201) tls_accept: Error in SSL:
7(7201) tls_error: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert
unknown ca
Thanks,
Mark Price
Hi everybody!
I am using OpenSER 1.1 with TLS.
I have generate the client and server certificate with the scripts
gen_rootCA.sh and gen_usercert.sh.
Everything works fine, but I have generate certificate for my UA with
another CA and I have added this CA to the file user-cacert.pem.
When I try to connect with my UA, OpenSER logs an error like:
"tls_error: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert
unknown ca"
My file user-cacert.pem looks like:
-------BEGIN CERTIFICATE------
MAOIposio.....
--------END CERTIFICATE--------
-------BEGIN CERTIFICATE------
MJ809il......
--------END CERTIFICATE--------
I think that OpenSER takes only the first CA certificate and not all the
followings.
Did someone have some experience with that case?
Regards
Greg
Hi,
I just came across http://www.golem.de/0602/43572.html (sorry, German).
It states that AVM contributed GPL'ed source code to OpenSER, which
allows an UAC to send QoS measurement samples to the SIP proxy after
finishing a call. The goal is to have steady QoS monitoring without
changing or extending the network topology.
Are these extensions somewhere in CVS or isn't it intended to be
released to the public?
Andy
Hello all,
I need help about this:
When an INVITE packet is received by SER, a Perl script changes the SDP of this INVITE and the result of this script (new INVITE with new SDP) is saved in a txt file.
My question is:
How can I do that SER sends the new INVITE, which is in a txt file.
I have tried to do this with REPLACE command but I think is not possible because It doesn`t accept "regular expression" as substitute and I don´t know how save this new SDP in variables which can be process by SER.
Please help me.
Thank you very much.
_________________________________________________________________
Consigue el nuevo Windows Live Messenger
http://get.live.com/messenger/overview
Hi All
I am trying to implement ser database (mysql part) on different machine.
Ser is installed on machine say 'A' and Mysql DB is on 'B'. In ser.cfg I
changed url to connect to database everywhere in ser.cfg file with
machine B's ip (eg.
modparam("auth_db|permissions|uri_db|usrloc","db_url",
"mysql://ser:heslo@10.25.117.86/ser") n in rest too). But I am getting
the following error when I checked ser logs:
Nov 10 14:12:40 vm01 /usr/sbin/ser[12979]: get_connection(): Connection
not found in the pool
Nov 10 14:12:40 vm01 /usr/sbin/ser[12979]: new_connection(): Can't
connect to local MySQL server through socket
'/var/run/mysqld/mysqld.sock' (2)
Why it tries for local Mysql sock??
Regards
Kamal Mann
I installed the SER pre-release along w/ all modules. The problem is that
presence now does not run (it was working w/ the presence-release-10.99).
The errors I get are:
----------------------------------------------------------------------------------------------------------
set_mod_param_regex: parameter <xcap_root> not found in module <rls>
ser: parse error (82,20-21): Can't set module parameter
set_mod_param_regex: parameter <auth_xcap_root> not found in module <pa>
parse error (97,20-21): Can't set module parameter
ser: parse error (186,24-25): unknown command, missing loadmodule?
parse error (255,26-27): unknown command, missing loadmodule?
ERROR: bad config file (4 errors)
-------------------------------------------------------------------------------------------------------------
I checked the pa module code and also the rls code and the parameters
auth_xcap_root and xcap_root are NOT defined !!!!
The error on line 185 and 255 refer to the "Lookup_domain" function. I
verified that the domain module has been compiled and included in the
ser.cfrg file
>From: "Greger V. Teigre" <greger(a)teigre.com>
>To: Jiri Kuthan <jiri(a)iptel.org>
>CC: SER developer mailing list <serdev(a)iptel.org>, serusers(a)iptel.org
>Subject: Re: [Serusers] new major SER pre-release, Ottendorf,is out for
>testing
>Date: Tue, 07 Nov 2006 15:37:17 +0100
>
>Just a bit more info on this pre-release adding to Jiri's long post (if you
>can take it ;-):
>
>* The mentioned http://www.iptel.org/ser/doc/010whatsnew will be updated as
>we go with new documentation. Any registered user on iptel.org can add to
>or modify documentation and all help is welcome. If you are uncertain about
>how to proceed, send me an email
>
>* As Jiri mentioned, any input and help is appreciated. If you want to
>contribute, but don't know what to do, have a look at the to-dos page:
>http://www.iptel.org/todos
>
>* This pre-release is, without basic documentation, a bit for the die-hard.
>This is an overview of what we are working (and need help) on to make it
>easier accessible: - A tar source package ready for simple update from
>CVS (similar to the ONsip.org source package)
> - Better "kickstart" instructions, including more details in What's new
>0.10 (above link)
> - Updated SER - Getting Started configuration files and updated SER -
>Getting Started document
> - Database migration script (contact me if you want to try out an
>existing python migration script and test/improve)
>
>* Also, in addition to the ser.cfg and Nils recently commited ser-basic.cfg
>in CVS, take a look at an example config file:
>http://www.iptel.org/basic_changes_in_configuration_file_0
>
>*An optimized NAT-handled config file can be found here:
>http://www.iptel.org/ser/howtos/optimizing_the_use_of_rtp_proxy
>
>Happy testing!
>g-)
>
>Jiri Kuthan wrote:
>>Ladies and gentlemen, girls and boys,
>>
>>the new testing pre-release of the best SIP proxy server ever, SER, is
>>out!
>>
>>This major pre-release, codenamed Ottendorf, includes fundamental
>>improvements to the software. The improvements allow SER users to achieve
>>significantly higher managability and reliability by better data mode,
>>interop features, security, etc. They recollect voluminous feedback we
>>have received from iptel customers and open source users. In particular,
>>the new features include but are not limited to:
>>- improved data model which eliminates any possible ambiguities.
>>- key under-the-hood changes with impact on performance: timer subsystem
>> overhaul (now fast, with fine resolution, high accuracy and
>>variability), TCP processing overhaul (higher scalability)
>>- key reliability changes: DNS cache and IP blacklisting
>>- key interop changes: support for STUN-bis, presence server aligned to
>>latest
>> IETF development, sanity module for early detection of invalid messages
>>- more management: management features are now available via XML-RPC
>>remotely,
>> as well as via an alternative binary protocol
>>- more security: ratelimit module, more check types in permissions module
>>- scripting features: select operator in combination with revised AVPs,
>> named flags and routes, more types of routes (onsend, timer, branch)
>>- applications: presence has been greatly updated to keep pace with
>>development in the IETF/SIMPLE (includes asynchronous subscription
>> authorization, extended PIDF); web interface includes many new
>>managibility
>> features (multidomain, templates and multilanguage to name some). New
>> scripting flexibility allows safely for features like individual
>>ringing
>> timers and direct access to SIP message elements.
>>- new tools: Nils's script execution tree tool
>> http://lists.iptel.org/pipermail/serdev/2006-October/008124.html
>> and refurbished ser_ctl
>>see the following links for some additional details:
>>- http://www.iptel.org/ser/doc/010whatsnew -
>>http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/NEWS?rev=HEAD
>>
>>
>>Accompanying software, SEMS and SERWEB have been greatly overhauled as
>>well.
>>SEMS now features improved performance (single-threaded model now),
>>service
>>composition via python-IVR-scripting and B2BUA, adaptive playout buffer
>>for
>>better voice quality, and more. SERWEB features new multilevel
>>administrative
>>access system, multidomain support, per-domain customization, remote
>>xml-rpc
>>access, multilanguage support, and more. The new command-line utility,
>>SER_CTL, provides also many great improvements over the previous tool.
>>
>>Interop
>>-------
>>Shortly, we have been keeping the bar high through our participation in
>>the IETF
>>and SIPITs. SER implements latest interop changes from the IETF (STUN-bis,
>>presence
>>+ XCAP, to name the most important ones) and both new features and legacy
>>features were extensively and successfully tested middle of October in
>>SIPit.
>>
>>Next Steps
>>-----------
>>Keep in mind, this is a pre-release for testing purposes. It is now call
>>on
>>users to test the software hard and provide feedback. In the meantime, the
>>codebase remains frozen and we only commit patches fixing various bugs.
>>Once
>>we get good confidence that Ottendorf has stabilized and is being
>>adequately
>>documented, we will declare the final release. No date has been determined
>>yet.
>>Also, we consider changing CVS to SVN.
>>
>>Again, and this is very important: the final release will be as good as
>>the
>>feedback we obtain for this pre-release. Please do spend your time sending
>>solid feedback back to [serusers].
>>
>>
>>Roadmap
>>-------
>>We keep rolling. We are still debating with our generous contributors what
>>is the next possible good things to work on, the topics include but are
>>not limited
>>to as of now:
>>- documentation.
>>- databases are important. LDAP and BDB, DB-API revision.
>>- interop: identity, TLS revision
>>- advanced scripting (scripting engine, vars returns, AVPs)
>>- uncountable improvements (futex, dev/rtc, tm/refcnts, tcp fd cache,
>>.....)
>>
>>Trivia
>>--------
>>The release name Ottendorf is coming from a place in Saxonian Switzerland,
>>where many iptel fellows and their friends spent a weekend during this
>>Indian summer.
>>http://www.iptel.org/jan/gallery/saxonian_switzerland_2006/
>>http://www.iptel.org/~andi/2006-09-22-Ottendorf/
>>http://www.iptel.org/~vlada/saxon_switzerland/index.html
>>http://www.ohlmeier.de/albums/ottendorf_2006/index.html
>>
>>
>>Acknowledgments
>>---------------
>>This grand achievement is result of extremely many folks who did lot
>>of hard work. Out of folks affiliated with iptel, Andrei and Jan spent
>>immense effort on moving SER forward, with great support from Hallik
>>(command-line tool), Michal, Miklos, Nils, Tomas, Vaclav (presence), Vlada
>>(new STUN). In this context, I would like to thank to our company for the
>>great support. Recently, Bogdan Pintea greatly helped to make the upcoming
>>release better and more stable under sponsorship of his company, iptego.
>>transnexus provided osp support.
>>
>>SEMS has been greatly improved thanks to Stefan and Raphael.
>>Credits for serweb go to Karel.
>>
>>Same importantly, SER has been immensely benefitting of contributors,
>>to name in alphabetic order at least the 'top-of-the-iceberg' fellows:
>>Bogdan Pintea, Cesc Santa, Greg Fausak, Greger Teigre, Hendrik Scholz,
>><http://tutpro.com/>Juha Heinänen, Klaus Darilion, Maxim Sobolev, Peter
>>Nixon, Uli Abend.
>>
>>Great support on the mailing list has been provided by Greger V. Teigre,
>>Java Rockx, Klaus Darilion, Zeus Ng, and more.
>>
>>Simply, this list is too short and incomplete to capture all the
>>generous contributions that came in -- my appologies for everyone
>>else I have missed.
>>
>>
>>Warnings and Disclaimers
>>------------------------
>>This is a TESTING version. We are encouraging people to give it intense
>>testing and provide us with feedback, so that we can properly assess
>>what it takes to declare it final. The volume and number of changes
>>is big, caution is advised.
>>
>>All GPL warnings and disclaimers apply.
>>
>>This is SER, which is not the derivate software known as openser. We have
>>no ideas of in what extent and timeline derivate projects follow
>>(or not) SER.
>>
>>-------------------------------------------------------------------------------
>>
>>To Give it a Try
>>-----------------
>>warning: this is just a 'jump-start' for black-belt users. It is not a
>>replacement for documentation or a detailed step-by-step installation
>>guide. It assumes knowledge of operating system, SIP, and SER.
>>
>>
>>PREPARATION
>>- make sure mysql is running. In the default configuration, SER assumes it
>> to be running on localhost, if this does not hold, you need to change
>> ser.cfg.
>>- make sure python is installed (needed for new command-line utilities)
>>SER INSTALLATION FROM CVS
>>- Download from CVS/HEAD using instructions at
>>http://www.iptel.org/downloads
>>- Compile it: make include_modules="mysql xmlrpc" all
>>- Install it the default way of your administrative privileges allow to:
>> make include_modules="mysql xmlrpc" install
>>- Download command-line tool (see more documentation under
>>
>>http://cvs.berlios.de/cgi-bin/viewcvs.cgi/*checkout*/ser/serctl/README?rev=…)
>> - cvs co serctl
>>- Initiate database:
>> ./scripts/mysql/ser_mysql.sh create
>>START
>>- Start it. Call: ser
>>- Begin provisioning users with the new serctl (the capital word are just
>>place holders)
>> # ser_ctl domain add DOMAINNAME
>> # ser_ctl user add USERNAME@DOMAINNAME -p PASSWORD
>> # If you want to have Asserted Identity header for your user
>> # - ser_attr add uid=UID asserted_id="PID"
>> # If you want to have gateway support
>> # - ser_db add attr_types name=gw_ip rich_type=string raw_type=2 \
>> description="The gateway IP for the default ser.cfg"
>>default_flags=33
>> # - ser_attr add global gw_ip=GATEWAY-IP
>>- more things you may wish to do:
>> - familiarize yourself with current ser.cfg
>> - send us feedback.
>>
>>
>>
>>
>>
>>--
>>Jiri Kuthan http://iptel.org/~jiri/
>>
>>_______________________________________________
>>Serusers mailing list
>>Serusers(a)lists.iptel.org
>>http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>>
>_______________________________________________
>Serusers mailing list
>Serusers(a)lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
_________________________________________________________________
Experience Live Search from your PC or mobile device today.
http://www.live.com/?mkt=en-ca