sr-users March 2006

sr-users@lists.kamailio.org

223 participants
505 discussions

by Felipe Louback

Guys, I've been using SER for some time and recently OpenSER got my attention.... Could anyone tell me what is the difference between OpenSER and SER? I checked OpenSER website, but it seems that OpenSER and SER are just the same to me... Regards, Felipe -- Mestrando - Departamento de Engenharia Elétrica Grupo de Pesquisa em Engenharia da Computação e Telecomunicações Universidade Federal de Minas Gerais - Brasil "Vinde a mim vós todos que estai cansados e aflitos, e eu vos aliviarei." Mateus 11:28

18 years, 7 months

[Serusers] Accounting: Logging to radius if user isn't in userloc or unavailable

by Alan

I would like the accounting module to write information in the mysql db through radius if a user isn't registered in the location database. I believe the SIP response code is 480 (Temporarily Unavailable). Currently I am writing successful and missed calls from ser to radius. Can this be accomplished without modifying the sources? Please help. ~Alan

18 years, 7 months

[Serusers] Setting up announcement on reply to 4xx 5xx 6xx messages

by hgaillac-sip＠yahoo.fr

Hello, I wish to play a recorded announcement on reply to 4xx 5xx 6xx messages . According to the status a audio file would be played from asterisk server via ser to the caller How can I configure a such feature ? My configuration: Ser act as an outbound sip proxy . Asterisk a sip media server and registrar. sip agents ---- SER -----Asterisk Harry ___________________________________________________________________________ Nouveau : téléphonez moins cher avec Yahoo! Messenger ! Découvez les tarifs exceptionnels pour appeler la France et l'international. Téléchargez sur http://fr.messenger.yahoo.com

18 years, 7 months

[Users] NATHelper module - need some explanation

by Christophe Irles

Hi, In this network topology: [UA 1]---[(open)SER+FW/NAT]---[internet]---[FW/NAT]---[UA 2] UA 1 can call UA 2 (and the opposite) since NATHelper has changed header (Contact, SDP, .) AND UA 2 is registered on the same (open)SER Now if UA 2 is registered on another server, is the NATHelper still working efficiently ? What about NAT pinging and the "NAT binding keep alive" features in this case ? Thanks in advance, Christophe

18 years, 7 months

[Users] Change of call-id on forward

by Douglas Garstang

We have an OpenSER system sitting between phones and Asterisk. Phones use the SER proxy, which redirects traffic to Asterisk. Asterisk terminates the call directly, and does not send traffic back to OpenSER to terminate. It seems that when OpenSER uses t_relay() to send the sip messages onto Asterisk, that it changes the call-id of the messages. Is this supposed to happen? How can I stop it from doing this? It seems to be breaking Asterisk's ability to transfer calls as it sees both calls legs with different call-id's. I probably sound like I don't know what I'm talking about - largely I don't..... 6 months with OpenSER and I'm still guessing most of what I do..... no docs. Doug.

18 years, 7 months

R: R: [Users] export SIP_Domain

by D'Addelfio Davide

Ok thanks, will take a look! Now that I've installed and running openser, I have to work over it. Do you know if is possibile to configure openser with some trigger that allows it to switch incoming message (INVITE, REQUEST, etc...) towards another element, like an application server? Do they exists? Where can I find it? Thanks for help -----Messaggio originale----- Da: Daniel-Constantin Mierla [mailto:daniel@voice-system.ro] Inviato: mercoledì 29 marzo 2006 11.47 A: D'Addelfio Davide Cc: users(a)openser.org Oggetto: Re: R: [Users] export SIP_Domain On 03/29/06 11:56, D'Addelfio Davide wrote: > Thanks for reply...it works very good!!! > > Still not understand which different between SER and OpenSER, could anyone explain me? > openser started from the same code base as ser v0.9.x, and that was openser v0.9.x . Since then a lot of features has be added, new stable release was made as 1.0.0 in October last year. For more details see: http://openser.org http://openser.org/diffs-0.8.14.php http://openser.org/diffs-0.9.0.php http://openser.org/release-1.0.0.php Cheers, Daniel > Thanks > > -----Messaggio originale----- > Da: Daniel-Constantin Mierla [mailto:daniel@voice-system.ro] > Inviato: martedì 28 marzo 2006 11.55 > A: D'Addelfio Davide > Cc: users(a)openser.org > Oggetto: Re: [Users] export SIP_Domain > > Hello, > > On 03/28/06 11:59, D'Addelfio Davide wrote: > >> Hi to all, i'm totally new in openser and i'd like to enjoy it... >> >> I've installed 1.0.1 version on my debian and seems it work fine with >> mysql database. >> >> Just a stupid question: I miss to export SIP_DOMAIN cause I can't >> understand what name I have to give...the default is openser.org...and >> I've seen on install file that I have to change it...could someone >> explain me what I have to do, please? >> >> > the SIP_DOMAIN has to be your domain or IP address: > > export SIP_DOMAIN="mydomain.com" > > Cheers, > Daniel > > >> Thanks in advance >> >> Davide >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Users mailing list >> Users(a)openser.org >> http://openser.org/cgi-bin/mailman/listinfo/users >> >> > >

18 years, 7 months

Re: [Users] Radius Authentication failed ?

by Daniel-Constantin Mierla

Hello, please take care of the backward compatibility files, if you are using FreeRADIUS. There are two files to config the clients, "clients.conf" (new one and this is recommendable to be used) and "clients" (obsoleted but still kept for compatibility). Cheers, Daniel PS. Please keep cc-ing to mailing list so everybody can benefit of the answers or can come with solutions. On 03/30/06 15:27, Nguyen Duc Phi wrote: > Hello, > > I checked file config on radiusclient and Radius server again, shared > secret on both server and client the same. I dont know why they not > agree? Please help me out of this problem. thank in advance. > > Best regards, > Nguyen > > Here my config file > > Freeradius run at 192.168.212.10 > > /usr/local/etc/raddb/clients.conf > > client 192.168.212.9 { > secret = testing123 > shortname = 192.168.212.9 > } > > openser run at 192.168.212.9 > > /usr/local/etc/radiusclient-ng/servers > > #Server Name or Client/Server pair Key > #---------------- --------------- > #portmaster.elemental.net hardlyasecret > #portmaster2.elemental.net donttellanyone > 192.168.212.10 testing123 > > > ----- Original Message ----- From: "Daniel-Constantin Mierla" > <daniel(a)voice-system.ro> > To: "Nguyen Duc Phi" <ndphi(a)vdc.com.vn>; <users(a)openser.org> > Sent: Thursday, March 30, 2006 6:36 PM > Subject: Re: [Users] Radius Authentication failed ? > > >> Hello, >> >> here you can find the description of this error: >> >> http://docs.hp.com/en/T1428-90025/ch08s02.html >> >> Received invalid reply digest from server => Server and client do not >> agree on shared secret => Verify the shared secret in the clients >> file agrees with the secret configured on the client. >> >> I started an OpenSER-Radius tutorial, but due to time constraints it >> is not finished yet. Hopefully in next days will be ready. I will >> post it on the web and announce on the mailing list. >> >> Cheers, >> Daniel >> >> >> >> On 03/30/06 14:24, Nguyen Duc Phi wrote: >>> Thanks for supporting, Here is syslog of radiusclient. >>> >>> Mar 30 18:00:49 sipserver openser: rc_check_reply: received invalid >>> reply digest from RADIUS server >>> >>> ----- Original Message ----- From: "Daniel-Constantin Mierla" >>> <daniel(a)voice-system.ro> >>> To: "Nguyen Duc Phi" <ndphi(a)vdc.com.vn> >>> Cc: <users(a)openser.org> >>> Sent: Thursday, March 30, 2006 6:12 PM >>> Subject: Re: [Users] Radius Authentication failed ? >>> >>> >>>> Have you got any message is syslog coming from radiusclient-ng >>>> library? The FreeRadius server reports ok for authentication. >>>> >>>> Cheers, >>>> Daniel >>>> >>>> >>>> On 03/30/06 05:15, Nguyen Duc Phi wrote: >>>>> I config openser authenticate from Radius. when softphone register >>>>> to openser, Freeradius response "Sending Access-Accept" but >>>>> openser inform "ERROR:auth_radius:radius_authorize_sterman: >>>>> rc_auth failed" So softphone not registered. I search this title >>>>> in google and find on "*OpenSER Users Mailing List*", I didnt find >>>>> solution to fix problem. Could someone help me fix this problem ? >>>>> Here is list of product's version I used. >>>>> openser-1.0.1 >>>>> OS : CentOS-4 x86_64 >>>>> radiusclient-ng-0.5.2 >>>>> freeradius-1.0.5 >>>>> openser show debug : >>>>> 8(8985) parse_headers: flags=ffffffffffffffff >>>>> 8(8985) check_via_address(192.168.212.123, 192.168.212.123, 0) >>>>> 8(8985) DEBUG:destroy_avp_list: destroying list (nil) >>>>> 8(8985) receive_msg: cleaning up >>>>> 7(8982) SIP Request: >>>>> 7(8982) method: <REGISTER> >>>>> 7(8982) uri: <sip:vdc.com.vn> >>>>> 7(8982) version: <SIP/2.0> >>>>> 7(8982) parse_headers: flags=2 >>>>> 7(8982) DEBUG: get_hdr_body : content_length=0 >>>>> 7(8982) get_hdr_field: cseq <CSeq>: <2> <REGISTER> >>>>> 7(8982) DEBUG:parse_to:end of header reached, state=9 >>>>> 7(8982) DEBUG: get_hdr_field: <To> [23]; uri=[sip:5001@vdc.com.vn] >>>>> 7(8982) DEBUG: to body [<sip:5001@vdc.com.vn> >>>>> ] >>>>> 7(8982) Found param type 235, <rport> = <n/a>; state=6 >>>>> 7(8982) Found param type 232, <branch> = >>>>> <z9hG4bKc0a8d47b0131c9b1442b39c80000367c00000003>; state=16 >>>>> 7(8982) end of header reached, state=5 >>>>> 7(8982) parse_headers: Via found, flags=2 >>>>> 7(8982) parse_headers: this is the first via >>>>> 7(8982) After parse_msg... >>>>> 7(8982) preparing to run routing scripts... >>>>> 7(8982) DEBUG:maxfwd:is_maxfwd_present: value = 70 >>>>> 7(8982) parse_headers: flags=200 >>>>> 7(8982) found end of header >>>>> 7(8982) find_first_route: No Route headers found >>>>> 7(8982) loose_route: There is no Route HF >>>>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>>>> [vdc.com.vn] == [127.0.0.1] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>>>> [vdc.com.vn] == [192.168.212.9] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>>>> [vdc.com.vn] == [127.0.0.1] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>>>> [vdc.com.vn] == [192.168.212.9] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>>>> [vdc.com.vn] == [127.0.0.1] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>>>> [vdc.com.vn] == [192.168.212.9] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>>>> [vdc.com.vn] == [127.0.0.1] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>>>> [vdc.com.vn] == [192.168.212.9] >>>>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>>>> 7(8982) check_nonce(): comparing >>>>> [442b360523cece6362803c97fa7fb10b37680cd8] and >>>>> [442b360523cece6362803c97fa7fb10b37680cd8] >>>>> 7(8982) ERROR:auth_radius:radius_authorize_sterman: rc_auth failed >>>>> 7(8982) build_auth_hf(): 'WWW-Authenticate: Digest >>>>> realm="vdc.com.vn", nonce="442b360523cece6362803c97fa7fb10b37680cd8" >>>>> ' >>>>> 7(8982) parse_headers: flags=ffffffffffffffff >>>>> 7(8982) check_via_address(192.168.212.123, 192.168.212.123, 0) >>>>> 7(8982) DEBUG:destroy_avp_list: destroying list (nil) >>>>> 7(8982) receive_msg: cleaning up >>>>> Radius show debug: >>>>> rad_recv: Access-Request packet from host 192.168.212.9:32826, >>>>> id=205, length=203 >>>>> User-Name = "5001(a)vdc.com.vn <mailto:5001@vdc.com.vn>" >>>>> Digest-Attributes = 0x0a0635303031 >>>>> Digest-Attributes = 0x010c7664632e636f6d2e766e >>>>> Digest-Attributes = >>>>> 0x022a34343262333630353233636563653633363238303363393766613766623130623337363830636438 >>>>> >>>>> Digest-Attributes = 0x04107369703a7664632e636f6d2e766e >>>>> Digest-Attributes = 0x030a5245474953544552 >>>>> Digest-Response = "1c3d532fc6c1c37004c6df6027e6242c" >>>>> Service-Type = 0x0000000f00000000 >>>>> Sip-Uri-User = "5001" >>>>> NAS-Port = 0x000013c400000000 >>>>> NAS-IP-Address = 0xc0a8d40900000000 >>>>> Processing the authorize section of radiusd.conf >>>>> modcall: entering group authorize for request 0 >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> Invalid operator for item Suffix: reverting to '==' >>>>> hints: Matched DEFAULT at 82 >>>>> modcall[authorize]: module "preprocess" returns ok for request 0 >>>>> modcall[authorize]: module "chap" returns noop for request 0 >>>>> modcall[authorize]: module "mschap" returns noop for request 0 >>>>> rlm_digest: Converting Digest-Attributes to something sane... >>>>> Digest-User-Name = "5001" >>>>> Digest-Realm = "vdc.com.vn" >>>>> Digest-Nonce = "442b360523cece6362803c97fa7fb10b37680cd8" >>>>> Digest-URI = "sip:vdc.com.vn" >>>>> Digest-Method = "REGISTER" >>>>> rlm_digest: Adding Auth-Type = DIGEST >>>>> modcall[authorize]: module "digest" returns ok for request 0 >>>>> rlm_realm: No '@' <mailto:%27@%27> in User-Name = "5001", >>>>> looking up realm NULL >>>>> rlm_realm: No such realm "NULL" >>>>> modcall[authorize]: module "suffix" returns noop for request 0 >>>>> radius_xlat: '5001' >>>>> rlm_sql (sql): sql_set_user escaped user --> '5001' >>>>> radius_xlat: 'SELECT 1 as id,'5001' as UserName,'User-Password' >>>>> as Attribute,subscriber_password as Value,'==' as op FROM >>>>> subscribers WHERE subscriber_username = '5001'AND >>>>> subscriber_status=1' >>>>> rlm_sql (sql): Reserving sql socket id: 4 >>>>> radius_xlat: '' >>>>> radius_xlat: 'SELECT 1 as id,'5001' as UserName,'Session-Timeout' >>>>> as Attribute,getSessionTime('5001','')as Value,'=' as op FROM dual' >>>>> radius_xlat: '' >>>>> rlm_sql (sql): Released sql socket id: 4 >>>>> modcall[authorize]: module "sql" returns ok for request 0 >>>>> modcall: group authorize returns ok for request 0 >>>>> rad_check_password: Found Auth-Type DIGEST >>>>> auth: type "digest" >>>>> Processing the authenticate section of radiusd.conf >>>>> modcall: entering group authenticate for request 0 >>>>> A1 = 5001:vdc.com.vn:test >>>>> A2 = REGISTER:sip:vdc.com.vn >>>>> H(A1) = 454e15015603bd4bd79faf0c5ddd3346 >>>>> H(A2) = ac5bd79ed3d6bd2bddcb1cffafbbd09a >>>>> KD = >>>>> 454e15015603bd4bd79faf0c5ddd3346:442b360523cece6362803c97fa7fb10b37680cd8:ac5bd79ed3d6bd2bddcb1cffafbbd09a >>>>> >>>>> EXPECTED 1c3d532fc6c1c37004c6df6027e6242c >>>>> RECEIVED 1c3d532fc6c1c37004c6df6027e6242c >>>>> modcall[authenticate]: module "digest" returns ok for request 0 >>>>> modcall: group authenticate returns ok for request 0 >>>>> Login OK: [5001] (from client 192.168.212.9 port 3134307025) >>>>> Sending Access-Accept of id 205 to 192.168.212.9:32826 >>>>> Session-Timeout = 60 >>>>> Finished request 0 >>>>> Going to the next request >>>>> --- Walking the entire request list --- >>>>> Waking up in 6 seconds... >>>>> --- Walking the entire request list --- >>>>> Cleaning up request 0 ID 205 with timestamp 442b3adf >>>>> Nothing to do. Sleeping until we see a request. >>>>> Best regards, >>>>> Nguyen >>>>> ------------------------------------------------------------------------ >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Users mailing list >>>>> Users(a)openser.org >>>>> http://openser.org/cgi-bin/mailman/listinfo/users >>>>> >>>> >>> >>> >> > >

18 years, 7 months

Re: [Users] Radius Authentication failed ?

by Daniel-Constantin Mierla

Hello, here you can find the description of this error: http://docs.hp.com/en/T1428-90025/ch08s02.html Received invalid reply digest from server => Server and client do not agree on shared secret => Verify the shared secret in the clients file agrees with the secret configured on the client. I started an OpenSER-Radius tutorial, but due to time constraints it is not finished yet. Hopefully in next days will be ready. I will post it on the web and announce on the mailing list. Cheers, Daniel On 03/30/06 14:24, Nguyen Duc Phi wrote: > Thanks for supporting, Here is syslog of radiusclient. > > Mar 30 18:00:49 sipserver openser: rc_check_reply: received invalid > reply digest from RADIUS server > > ----- Original Message ----- From: "Daniel-Constantin Mierla" > <daniel(a)voice-system.ro> > To: "Nguyen Duc Phi" <ndphi(a)vdc.com.vn> > Cc: <users(a)openser.org> > Sent: Thursday, March 30, 2006 6:12 PM > Subject: Re: [Users] Radius Authentication failed ? > > >> Have you got any message is syslog coming from radiusclient-ng >> library? The FreeRadius server reports ok for authentication. >> >> Cheers, >> Daniel >> >> >> On 03/30/06 05:15, Nguyen Duc Phi wrote: >>> I config openser authenticate from Radius. when softphone register >>> to openser, Freeradius response "Sending Access-Accept" but openser >>> inform "ERROR:auth_radius:radius_authorize_sterman: rc_auth failed" >>> So softphone not registered. I search this title in google and find >>> on "*OpenSER Users Mailing List*", I didnt find solution to fix >>> problem. Could someone help me fix this problem ? >>> Here is list of product's version I used. >>> openser-1.0.1 >>> OS : CentOS-4 x86_64 >>> radiusclient-ng-0.5.2 >>> freeradius-1.0.5 >>> openser show debug : >>> 8(8985) parse_headers: flags=ffffffffffffffff >>> 8(8985) check_via_address(192.168.212.123, 192.168.212.123, 0) >>> 8(8985) DEBUG:destroy_avp_list: destroying list (nil) >>> 8(8985) receive_msg: cleaning up >>> 7(8982) SIP Request: >>> 7(8982) method: <REGISTER> >>> 7(8982) uri: <sip:vdc.com.vn> >>> 7(8982) version: <SIP/2.0> >>> 7(8982) parse_headers: flags=2 >>> 7(8982) DEBUG: get_hdr_body : content_length=0 >>> 7(8982) get_hdr_field: cseq <CSeq>: <2> <REGISTER> >>> 7(8982) DEBUG:parse_to:end of header reached, state=9 >>> 7(8982) DEBUG: get_hdr_field: <To> [23]; uri=[sip:5001@vdc.com.vn] >>> 7(8982) DEBUG: to body [<sip:5001@vdc.com.vn> >>> ] >>> 7(8982) Found param type 235, <rport> = <n/a>; state=6 >>> 7(8982) Found param type 232, <branch> = >>> <z9hG4bKc0a8d47b0131c9b1442b39c80000367c00000003>; state=16 >>> 7(8982) end of header reached, state=5 >>> 7(8982) parse_headers: Via found, flags=2 >>> 7(8982) parse_headers: this is the first via >>> 7(8982) After parse_msg... >>> 7(8982) preparing to run routing scripts... >>> 7(8982) DEBUG:maxfwd:is_maxfwd_present: value = 70 >>> 7(8982) parse_headers: flags=200 >>> 7(8982) found end of header >>> 7(8982) find_first_route: No Route headers found >>> 7(8982) loose_route: There is no Route HF >>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>> [vdc.com.vn] == [127.0.0.1] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>> [vdc.com.vn] == [192.168.212.9] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>> [vdc.com.vn] == [127.0.0.1] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>> [vdc.com.vn] == [192.168.212.9] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>> [vdc.com.vn] == [127.0.0.1] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>> [vdc.com.vn] == [192.168.212.9] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) grep_sock_info - checking if host==us: 10==9 && >>> [vdc.com.vn] == [127.0.0.1] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) grep_sock_info - checking if host==us: 10==13 && >>> [vdc.com.vn] == [192.168.212.9] >>> 7(8982) grep_sock_info - checking if port 5060 matches port 5060 >>> 7(8982) check_nonce(): comparing >>> [442b360523cece6362803c97fa7fb10b37680cd8] and >>> [442b360523cece6362803c97fa7fb10b37680cd8] >>> 7(8982) ERROR:auth_radius:radius_authorize_sterman: rc_auth failed >>> 7(8982) build_auth_hf(): 'WWW-Authenticate: Digest >>> realm="vdc.com.vn", nonce="442b360523cece6362803c97fa7fb10b37680cd8" >>> ' >>> 7(8982) parse_headers: flags=ffffffffffffffff >>> 7(8982) check_via_address(192.168.212.123, 192.168.212.123, 0) >>> 7(8982) DEBUG:destroy_avp_list: destroying list (nil) >>> 7(8982) receive_msg: cleaning up >>> Radius show debug: >>> rad_recv: Access-Request packet from host 192.168.212.9:32826, >>> id=205, length=203 >>> User-Name = "5001(a)vdc.com.vn <mailto:5001@vdc.com.vn>" >>> Digest-Attributes = 0x0a0635303031 >>> Digest-Attributes = 0x010c7664632e636f6d2e766e >>> Digest-Attributes = >>> 0x022a34343262333630353233636563653633363238303363393766613766623130623337363830636438 >>> >>> Digest-Attributes = 0x04107369703a7664632e636f6d2e766e >>> Digest-Attributes = 0x030a5245474953544552 >>> Digest-Response = "1c3d532fc6c1c37004c6df6027e6242c" >>> Service-Type = 0x0000000f00000000 >>> Sip-Uri-User = "5001" >>> NAS-Port = 0x000013c400000000 >>> NAS-IP-Address = 0xc0a8d40900000000 >>> Processing the authorize section of radiusd.conf >>> modcall: entering group authorize for request 0 >>> Invalid operator for item Suffix: reverting to '==' >>> Invalid operator for item Suffix: reverting to '==' >>> Invalid operator for item Suffix: reverting to '==' >>> Invalid operator for item Suffix: reverting to '==' >>> Invalid operator for item Suffix: reverting to '==' >>> Invalid operator for item Suffix: reverting to '==' >>> Invalid operator for item Suffix: reverting to '==' >>> Invalid operator for item Suffix: reverting to '==' >>> hints: Matched DEFAULT at 82 >>> modcall[authorize]: module "preprocess" returns ok for request 0 >>> modcall[authorize]: module "chap" returns noop for request 0 >>> modcall[authorize]: module "mschap" returns noop for request 0 >>> rlm_digest: Converting Digest-Attributes to something sane... >>> Digest-User-Name = "5001" >>> Digest-Realm = "vdc.com.vn" >>> Digest-Nonce = "442b360523cece6362803c97fa7fb10b37680cd8" >>> Digest-URI = "sip:vdc.com.vn" >>> Digest-Method = "REGISTER" >>> rlm_digest: Adding Auth-Type = DIGEST >>> modcall[authorize]: module "digest" returns ok for request 0 >>> rlm_realm: No '@' <mailto:%27@%27> in User-Name = "5001", >>> looking up realm NULL >>> rlm_realm: No such realm "NULL" >>> modcall[authorize]: module "suffix" returns noop for request 0 >>> radius_xlat: '5001' >>> rlm_sql (sql): sql_set_user escaped user --> '5001' >>> radius_xlat: 'SELECT 1 as id,'5001' as UserName,'User-Password' as >>> Attribute,subscriber_password as Value,'==' as op FROM subscribers >>> WHERE subscriber_username = '5001'AND subscriber_status=1' >>> rlm_sql (sql): Reserving sql socket id: 4 >>> radius_xlat: '' >>> radius_xlat: 'SELECT 1 as id,'5001' as UserName,'Session-Timeout' >>> as Attribute,getSessionTime('5001','')as Value,'=' as op FROM dual' >>> radius_xlat: '' >>> rlm_sql (sql): Released sql socket id: 4 >>> modcall[authorize]: module "sql" returns ok for request 0 >>> modcall: group authorize returns ok for request 0 >>> rad_check_password: Found Auth-Type DIGEST >>> auth: type "digest" >>> Processing the authenticate section of radiusd.conf >>> modcall: entering group authenticate for request 0 >>> A1 = 5001:vdc.com.vn:test >>> A2 = REGISTER:sip:vdc.com.vn >>> H(A1) = 454e15015603bd4bd79faf0c5ddd3346 >>> H(A2) = ac5bd79ed3d6bd2bddcb1cffafbbd09a >>> KD = >>> 454e15015603bd4bd79faf0c5ddd3346:442b360523cece6362803c97fa7fb10b37680cd8:ac5bd79ed3d6bd2bddcb1cffafbbd09a >>> >>> EXPECTED 1c3d532fc6c1c37004c6df6027e6242c >>> RECEIVED 1c3d532fc6c1c37004c6df6027e6242c >>> modcall[authenticate]: module "digest" returns ok for request 0 >>> modcall: group authenticate returns ok for request 0 >>> Login OK: [5001] (from client 192.168.212.9 port 3134307025) >>> Sending Access-Accept of id 205 to 192.168.212.9:32826 >>> Session-Timeout = 60 >>> Finished request 0 >>> Going to the next request >>> --- Walking the entire request list --- >>> Waking up in 6 seconds... >>> --- Walking the entire request list --- >>> Cleaning up request 0 ID 205 with timestamp 442b3adf >>> Nothing to do. Sleeping until we see a request. >>> Best regards, >>> Nguyen >>> ------------------------------------------------------------------------ >>> >>> >>> _______________________________________________ >>> Users mailing list >>> Users(a)openser.org >>> http://openser.org/cgi-bin/mailman/listinfo/users >>> >> > >

18 years, 7 months

[Serusers] Registrar issue

by PREVOT Paul

Hello, My UA is behind a NAT. Also I am using the nathelper module to fix the NAT issue. The contact field of my registrar request is : toto@192.168.1.1:5062 OpenSER gets the request from my public IP, replies to that public IP but not on the port it got the registrar request, but always on 5062 (e.g. the port from contact field). Do you know how to force openSER reply on the port it gets the request? Regards, Paul My openser.cfg file : .(default beginning) # ------------------ module loading ---------------------------------- . default loadmodules # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) #NAThelper modparam("nathelper", "natping_interval", 10) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message too big"); exit; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); # if you have some interdomain connections via TLS #if(uri=~"@tls_domain1.net") { # t_relay_to_tls("IP_domain1","port_domain1"); # exit; #} else if(uri=~"@tls_domain2.net") { # t_relay_to_tls("IP_domain2","port_domain2"); # exit; #} route(1); }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { fix_nated_contact(); if (method=="REGISTER") { # Uncomment this if you want to use digest authentication #if (!www_authorize("openser.org", "subscriber")) { # www_challenge("openser.org", "0"); # exit; #}; #fix_nated_register(); save("location"); exit; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); exit; }; append_hf("P-hint: usrloc applied\r\n"); }; route(1); } route[1] { # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; exit; }

18 years, 7 months

[Serusers] 2 quick questions

by Nick Hoffman

Hey guys, I just have 2 quick questions: If ser is running and dealing with 500+ registered users, would doing a ``serctl ul show USERNAME'' add a significant amount of load the box? Using serctl, how do you determine if a given user exists within ser? ``serctl ul show USERNAME'' only shows "in-RAM online users", so won't necessarily show an existing, offline user... Cheers, -- Nick e: nick.hoffman(a)altcall.com p: +61 7 5591 3588 f: +61 7 5591 6588 If you receive this email by mistake, please notify us and do not make any use of the email. We do not waive any privilege, confidentiality or copyright associated with it.

18 years, 7 months

← Newer
1
2
3
4
5
6
7
8
...
51
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users March 2006