sr-users July 2006

sr-users@lists.kamailio.org

206 participants
414 discussions

by Ricardo Martinez

Hello List. I'm trying to build a regular expresion that match the next line : Param1 : E384AFC2-529C-4AA1-AE16-273A3C7DD889 I mean : [8 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and A to D]-[12 characters from 0 to 9 and A to D] Any help? The textops re are like the "linux vi" re? Thanks Ricardo Martinez.-

18 years, 4 months

RE: [Serusers] Reg Exp?

by Ricardo Martinez

Hello Greg Thanks for your answer. i have this : if (!search("^Call-ID: [0-9A-F](8)-[0-9A-F](4)-[0-9A-F](4)-[0-9A-F](4)-[0-9A-F](12)")) { but it seems not to be working.. any idea? Thanks Ricardo.- -----Mensaje original----- De: Greg Fausak [mailto:lgfausak@gmail.com] Enviado el: jueves, 13 de julio de 2006 16:54 Para: Ricardo Martinez CC: serusers(a)lists.iptel.org Asunto: Re: [Serusers] Reg Exp? How about: [0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12} -g On 7/13/06, Ricardo Martinez <rmartinez(a)redvoiss.net> wrote: > > > > Hello List. > I'm trying to build a regular expresion that match the next line : > Param1 : E384AFC2-529C-4AA1-AE16-273A3C7DD889 > I mean : [8 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and > A to D]-[4 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and > A to D]-[12 characters from 0 to 9 and A to D] > > Any help? > The textops regexp are like the "linux vi" regexp? > Thanks > Ricardo Martinez.- > _______________________________________________ > Serusers mailing list > Serusers(a)lists.iptel.org > http://lists.iptel.org/mailman/listinfo/serusers > > > -- Greg Fausak greg(a)thursday.com

18 years, 4 months

[Serusers] Reg Exp?

by Ricardo Martinez

Hello List. I'm trying to build a regular expresion that match the next line : Param1 : E384AFC2-529C-4AA1-AE16-273A3C7DD889 I mean : [8 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and A to D]-[4 characters from 0 to 9 and A to D]-[12 characters from 0 to 9 and A to D] Any help? The textops regexp are like the "linux vi" regexp? Thanks Ricardo Martinez.-

18 years, 4 months

[Serusers] Is RTPproxy needed even when there is a Cisco PIX?

by Ricardo Carvalho

Hi, I'm deploying a VoIP server using SER and I would like to know if I need to install RTPproxy (or Mediaproxy), because the network where the server will be placed already has a Cisco PIX 515E which has this feature that analyses headers of SIP messages and I suppose that rewrites them to avoid NAT problems. Regards, Ricardo.

18 years, 4 months

RE: [SPAM header] - Re: [Serusers] Location table in other databa se - Email found in subject

by Teran Jesus

Thanks for you help, right now is working. -----Original Message----- From: Weiter Leiter [mailto:bp4mls@googlemail.com] Sent: Jueves, 13 de Julio de 2006 11:47 a.m. To: Teran Jesus Cc: serusers(a)lists.iptel.org Subject: [SPAM header] - Re: [Serusers] Location table in other database - Email found in subject Ser might expect the version table _with_ the right entry for the location table to be present in that other database. Just copy the contents of version from one db to the other. WL. Teran Jesus wrote: > Hello, I have installed the 0.9.6 SER version, i need to have the location > table in other database, and i create a database called location with its > table location with the same structure, I put the modparam("usrloc", > "db_url",....) in the ser.cfg, but when i start the ser process i have an > error "submit_query(): Table 'location.version' doesn't exist", i create the > version table in the new location database, and try again to start the ser > process and i have the next error: "register_udomain(): Invalid table > version (use ser_mysql.sh reinstall)", what can i do to have this table in > other database, how can i resolve the error that appears? > Can you help me? > > > > > _______________________________________________ > Serusers mailing list > Serusers(a)lists.iptel.org > http://lists.iptel.org/mailman/listinfo/serusers > >

18 years, 4 months

[Serusers] Location table in other database

by Teran Jesus

Hello, I have installed the 0.9.6 SER version, i need to have the location table in other database, and i create a database called location with its table location with the same structure, I put the modparam("usrloc", "db_url",....) in the ser.cfg, but when i start the ser process i have an error "submit_query(): Table 'location.version' doesn't exist", i create the version table in the new location database, and try again to start the ser process and i have the next error: "register_udomain(): Invalid table version (use ser_mysql.sh reinstall)", what can i do to have this table in other database, how can i resolve the error that appears? Can you help me?

18 years, 4 months

RE: [Serusers] prevent INVITE without REGISTERing

by İlker Aktuna (Koç.net)

Hi, Thanks; that was the problem :) I also had to change : attr2uri("$orig_req_uri"); To attr2uri("orig_req_uri"); Great :) Thank you very much :) For > > if (!lookup_user("From")) { I had to do it this way : lookup_domain("From"); if (!lookup_user("From")) { I mean lookup_domain is needed before lookup_user. I don't know why. Thanks, ilker -----Original Message----- From: Miklos Tirpak [mailto:miklos@iptel.org] Sent: Thursday, July 13, 2006 5:53 PM To: İlker Aktuna (Koç.net) Cc: serusers(a)iptel.org Subject: Re: [Serusers] prevent INVITE without REGISTERing İlker Aktuna (Koç.net) wrote: > > > Hi, > > Thanks for your answer. > I see in my logs that both %$registered_host and %si are same but if > (!avp_equals_xl("$registered_host", "%si")) > > fails ! > > I also tried : > if (!avp_equals_xl("%$registered_host", "%si")) > > But it also failed. > > Any idea why ? try this one: if (!avp_equals_xl("registered_host", "%si")) > > Could it be that they are different types of variables ? IP address > and text ? no, both of them has string values Miklos > > Thanks, > ilker > > -----Original Message----- > From: Miklos Tirpak [mailto:miklos@iptel.org] > Sent: Wednesday, July 12, 2006 6:45 PM > To: İlker Aktuna (Koç.net) > Cc: serusers(a)iptel.org > Subject: Re: [Serusers] prevent INVITE without REGISTERing > > İlker Aktuna (Koç.net) wrote: > > > > > > > > Thanks, > > > > That configuration is accepted but now my "registered" client is > > denied at both following lines: > > > > if (!lookup_user("From")) { > > check if the From HF is the same in the INVITE as the To HF in the > REGISTER, and check the uri table in your database > > > if ((!avp_equals_xl("$registered_host", "%si") || > > !avp_equals_xl("$registered_port", "%sp"))) { > > How can I print > $registered_host to log ? > > xlog("L_ERR", "registered_host = %$registered_host \n"); > > > I can print %si with xlog(). > > I guess > xlog("L_ERR", "src ip = %si \n"); > > Miklos > > > > > Thanks, > > ilker > > > > > > -----Original Message----- > > From: Miklos Tirpak [mailto:miklos@iptel.org] > Sent: Wednesday, > July 12, 2006 4:01 PM > To: İlker Aktuna (Koç.net) > Cc: > serusers(a)iptel.org > Subject: Re: [Serusers] prevent INVITE without > REGISTERing > > İlker Aktuna (Koç.net) wrote: > > > > > > > > > Thanks Miklos, > > > > > > I think this is just what I'm looking for. > > > But I get some errors for this line: > > > if ((src_ip != @ruri.host) || (src_port != @ruri.port)) { > > > You can access src_ip and src_port via xl_lib: > > > > $registered_host = @ruri.host; > > $registered_port = @ruri.port; > > > > if ((!avp_equals_xl("$registered_host", "%si")) > || > (!avp_equals_xl("$registered_port", "%sp"))) { > ... > > > > Miklos > > > > > > > > 0(30074) parse error (175,16-17): syntax error > 0(30074) > parse > error (175,16-17): ip address or hostname expected > > 0(30074) parse > error (175,16-17): bad command > 0(30074) parse error (175,21-22): > > bad command > 0(30074) parse error (175,21-22): bad command > > > 0(30074) parse error (175,26-27): bad command > 0(30074) parse error > > (175,26-27): bad command > 0(30074) parse error (175,28-30): bad > > command > 0(30074) parse error (175,31-32): bad command > > 0(30074) > parse error (175,32-40): bad command > 0(30074) parse > error > (175,41-43): bad command > 0(30074) parse error > (175,44-45): bad > command > 0(30074) parse error (175,49-50): bad > command > 0(30074) > parse error (175,49-50): bad command > > 0(30074) parse error > (175,54-55): bad command > 0(30074) parse > error (175,54-55): bad > command > 0(30074) parse error > (175,55-56): bad command > 0(30074) > parse error (175,57-58): bad command > > Any idea why ? > > > > > > Thanks, > > > ilker > > > > > > -----Original Message----- > > > From: Miklos Tirpak [mailto:miklos@iptel.org] > Sent: > Wednesday, > July 12, 2006 11:58 AM > To: İlker Aktuna (Koç.net) > Cc: > > serusers(a)iptel.org > Subject: Re: [Serusers] prevent INVITE > without > REGISTERing > > Hi Ilker, > > just my first idea, not tested: > > > > > > > > > 1. lookup the From HF > > > > > > if (!lookup_user("From")) { > > > # reject the INVITE > > > ... > > > } > > > > > > 2. save original To UID and Request URI > > $orig_to_uid = > > $tu.uid; > $orig_req_uri = @ruri; > > 3. set To UID -- registrar > > module will use this in the lookup > > $tu.uid = $fu.uid; > > 4. > > lookup >From HF and compare the source address of the INVITE with > > > the source address of the REGISTER message > > if > > (lookup("location")) { > > > if ((src_ip != @ruri.host) || (src_port != @ruri.port)) { > > > # reject the INVITE > > > ... > > > } > > > # restore original To UID and Request URI > > > $tu.uid = $orig_to_uid; > > > attr2uri("$orig_req_uri"); > > > } else { > > > # reject the INVITE > > > ... > > > } > > > > > > Note, that the above solution is a bit ugly, you can get into > > troubles > when the user registers multiple contact addresses. It is > > better to > disable branches (see append_branches parameter in > > registrar module), > but you loose some functionality. > > > > > > Regards, > > > Miklos > > > > > > İlker Aktuna (Koç.net) wrote: > > > > > > > > Hi everyone, > > > > > > > > I am still trying to find a solution to this problem. (but > > couldn't > > find > yet) > Victor was trying to help me but I think > > he's not > able to reply these days. > > > > > > > > Is there any idea to achieve what I need. > > > > > > > > Thanks, > > > > ilker > > > > > > > > > > > > > > ---------------------------------------------------------------------- > > > > -- > > > > *From:* serusers-bounces(a)lists.iptel.org > > > > [mailto:serusers-bounces@lists.iptel.org] *On Behalf Of *İlker Aktuna > > > > (Koç.net) > *Sent:* Tuesday, July 11, 2006 1:41 PM > *To:* > > Victor > Stanescu > *Cc:* serusers(a)iptel.org > *Subject:* RE: > > [Serusers] > prevent INVITE without REGISTERing > > Hi, > > > What > if my proxy > does not handle authenticating INVITE messages ? > > > > > > > > In that case I think the best way is to lookup location table > > for > the > source URI. > > > > If the source URI location matches the location in that table > > then > we > must permit INVITE message. > > > > How can I configure this ? > > > > > > > > Thanks, > > > > ilker > > > > > > > > -----Original Message----- > > > > From: serusers-bounces(a)lists.iptel.org > > > > [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Victor Stanescu > > > > Sent: Monday, July 10, 2006 1:49 PM > Cc: serusers(a)iptel.org > > > > Subject: Re: [Serusers] prevent INVITE without REGISTERing > > > > > Please read "domain" instead of "gtstelecom.ro": > > > > www_authorize("domain", > > > > "subscriber") and proxy_authorize("domain", "subscriber"), > > > otherwise > the code fragment will not be correct. I forgot to > > > replace with a generic name. > > > > > > > > Victor Stanescu wrote: > > > > > I think it is easier to force him to authenticate the INVITE. > > If > he > is > able to authenticate the INVITE, why do you care > if > he is > > registered > or not? > > > > > > > > > > if (method=="REGISTER") { > > > > > if(!src_ip=="other") { > > > > > if (!www_authorize("gtstelecom.ro", "subscriber")) { > > > > > www_challenge("domain", "0"); > > > > > break; > > > > > }; > > > > > save("location"); > > > > > log("Replicating REGISTER\n"); > > > > > t_replicate("other", "5060"); > > > > > } else { > > > > > save("location"); > > > > > }; > > > > > break; > > > > > } else { > > > > > # this is an INVITE > > > > > if (!proxy_authorize("gtstelecom.ro", "subscriber")) { > > > > > proxy_challenge("domain", "1"); > > > > > break; > > > > > }; > > > > > # route the call > > > > > ... > > > > > }; > > > > > > > > > > İlker Aktuna (Koç.net) wrote: > > > > >> > > > > >> Hi all, > > > > >> > > > > >> Is it possible to prevent any user calling without > registering ? > > > > What >> is the best way to do this ? > > > > >> I guess I'll have to check if the source URI exists in > > location > table. > > > > >> What is the easiest way to do this ? > > > > >> > > > > >> If there is a more robust way to do it, please suggest... > > > > >> > > > > >> Thanks, > > > > >> ilker > > > > >> > > > > >> > > > > > > > > > > > > <http://387555.sigclick.mailinfo.com/sigclick/02090502/04034D03/0203034B/032…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________

18 years, 4 months

RE: [Serusers] prevent INVITE without REGISTERing

by İlker Aktuna (Koç.net)

Hi, Thanks for your answer. I see in my logs that both %$registered_host and %si are same but if (!avp_equals_xl("$registered_host", "%si")) fails ! I also tried : if (!avp_equals_xl("%$registered_host", "%si")) But it also failed. Any idea why ? Could it be that they are different types of variables ? IP address and text ? Thanks, ilker -----Original Message----- From: Miklos Tirpak [mailto:miklos@iptel.org] Sent: Wednesday, July 12, 2006 6:45 PM To: İlker Aktuna (Koç.net) Cc: serusers(a)iptel.org Subject: Re: [Serusers] prevent INVITE without REGISTERing İlker Aktuna (Koç.net) wrote: > > > > Thanks, > > That configuration is accepted but now my "registered" client is > denied at both following lines: > > if (!lookup_user("From")) { check if the From HF is the same in the INVITE as the To HF in the REGISTER, and check the uri table in your database > if ((!avp_equals_xl("$registered_host", "%si") || > !avp_equals_xl("$registered_port", "%sp"))) { > > How can I print $registered_host to log ? xlog("L_ERR", "registered_host = %$registered_host \n"); > I can print %si with xlog(). I guess xlog("L_ERR", "src ip = %si \n"); Miklos > > Thanks, > ilker > > > -----Original Message----- > From: Miklos Tirpak [mailto:miklos@iptel.org] > Sent: Wednesday, July 12, 2006 4:01 PM > To: İlker Aktuna (Koç.net) > Cc: serusers(a)iptel.org > Subject: Re: [Serusers] prevent INVITE without REGISTERing > > İlker Aktuna (Koç.net) wrote: > > > > > > Thanks Miklos, > > > > I think this is just what I'm looking for. > > But I get some errors for this line: > > if ((src_ip != @ruri.host) || (src_port != @ruri.port)) { > > You can access src_ip and src_port via xl_lib: > > $registered_host = @ruri.host; > $registered_port = @ruri.port; > > if ((!avp_equals_xl("$registered_host", "%si")) > || (!avp_equals_xl("$registered_port", "%sp"))) { > ... > > Miklos > > > > > 0(30074) parse error (175,16-17): syntax error > 0(30074) parse > error (175,16-17): ip address or hostname expected > 0(30074) parse > error (175,16-17): bad command > 0(30074) parse error (175,21-22): > bad command > 0(30074) parse error (175,21-22): bad command > > 0(30074) parse error (175,26-27): bad command > 0(30074) parse error > (175,26-27): bad command > 0(30074) parse error (175,28-30): bad > command > 0(30074) parse error (175,31-32): bad command > 0(30074) > parse error (175,32-40): bad command > 0(30074) parse error > (175,41-43): bad command > 0(30074) parse error (175,44-45): bad > command > 0(30074) parse error (175,49-50): bad command > 0(30074) > parse error (175,49-50): bad command > 0(30074) parse error > (175,54-55): bad command > 0(30074) parse error (175,54-55): bad > command > 0(30074) parse error (175,55-56): bad command > 0(30074) > parse error (175,57-58): bad command > > Any idea why ? > > > > Thanks, > > ilker > > > > -----Original Message----- > > From: Miklos Tirpak [mailto:miklos@iptel.org] > Sent: Wednesday, > July 12, 2006 11:58 AM > To: İlker Aktuna (Koç.net) > Cc: > serusers(a)iptel.org > Subject: Re: [Serusers] prevent INVITE without > REGISTERing > > Hi Ilker, > > just my first idea, not tested: > > > > > > 1. lookup the From HF > > > > if (!lookup_user("From")) { > > # reject the INVITE > > ... > > } > > > > 2. save original To UID and Request URI > > $orig_to_uid = > $tu.uid; > $orig_req_uri = @ruri; > > 3. set To UID -- registrar > module will use this in the lookup > > $tu.uid = $fu.uid; > > 4. > lookup >From HF and compare the source address of the INVITE with > > the source address of the REGISTER message > > if > (lookup("location")) { > > if ((src_ip != @ruri.host) || (src_port != @ruri.port)) { > > # reject the INVITE > > ... > > } > > # restore original To UID and Request URI > > $tu.uid = $orig_to_uid; > > attr2uri("$orig_req_uri"); > > } else { > > # reject the INVITE > > ... > > } > > > > Note, that the above solution is a bit ugly, you can get into > troubles > when the user registers multiple contact addresses. It is > better to > disable branches (see append_branches parameter in > registrar module), > but you loose some functionality. > > > > Regards, > > Miklos > > > > İlker Aktuna (Koç.net) wrote: > > > > > > Hi everyone, > > > > > > I am still trying to find a solution to this problem. (but > couldn't > > find > yet) > Victor was trying to help me but I think > he's not > able to reply these days. > > > > > > Is there any idea to achieve what I need. > > > > > > Thanks, > > > ilker > > > > > > > > > ---------------------------------------------------------------------- > > > -- > > > *From:* serusers-bounces(a)lists.iptel.org > > > [mailto:serusers-bounces@lists.iptel.org] *On Behalf Of *İlker Aktuna > > > (Koç.net) > *Sent:* Tuesday, July 11, 2006 1:41 PM > *To:* > Victor > Stanescu > *Cc:* serusers(a)iptel.org > *Subject:* RE: > [Serusers] > prevent INVITE without REGISTERing > > Hi, > > What > if my proxy > does not handle authenticating INVITE messages ? > > > > > > In that case I think the best way is to lookup location table > for > the > source URI. > > > If the source URI location matches the location in that table > then > we > must permit INVITE message. > > > How can I configure this ? > > > > > > Thanks, > > > ilker > > > > > > -----Original Message----- > > > From: serusers-bounces(a)lists.iptel.org > > > [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Victor Stanescu > > > Sent: Monday, July 10, 2006 1:49 PM > Cc: serusers(a)iptel.org > > > Subject: Re: [Serusers] prevent INVITE without REGISTERing > > > > Please read "domain" instead of "gtstelecom.ro": > > > www_authorize("domain", > > > "subscriber") and proxy_authorize("domain", "subscriber"), > > otherwise > the code fragment will not be correct. I forgot to > > replace with a generic name. > > > > > > Victor Stanescu wrote: > > > > I think it is easier to force him to authenticate the INVITE. > If > he > is > able to authenticate the INVITE, why do you care if > he is > > registered > or not? > > > > > > > > if (method=="REGISTER") { > > > > if(!src_ip=="other") { > > > > if (!www_authorize("gtstelecom.ro", "subscriber")) { > > > > www_challenge("domain", "0"); > > > > break; > > > > }; > > > > save("location"); > > > > log("Replicating REGISTER\n"); > > > > t_replicate("other", "5060"); > > > > } else { > > > > save("location"); > > > > }; > > > > break; > > > > } else { > > > > # this is an INVITE > > > > if (!proxy_authorize("gtstelecom.ro", "subscriber")) { > > > > proxy_challenge("domain", "1"); > > > > break; > > > > }; > > > > # route the call > > > > ... > > > > }; > > > > > > > > İlker Aktuna (Koç.net) wrote: > > > >> > > > >> Hi all, > > > >> > > > >> Is it possible to prevent any user calling without registering ? > > > What >> is the best way to do this ? > > > >> I guess I'll have to check if the source URI exists in > location > table. > > > >> What is the easiest way to do this ? > > > >> > > > >> If there is a more robust way to do it, please suggest... > > > >> > > > >> Thanks, > > > >> ilker > > > >> > > > >> > > > > > > > > > > > > > <http://387555.sigclick.mailinfo.com/sigclick/00090507/060D4E00/00010A > 4E/0113122382.jpg> > ______________________________________________________________________ > ______________________________________________________________________ > _ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor > olabilir. > Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir > sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen > e-posta mesajini kullaniciya hemen geri gonderiniz ve tum > kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir > sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. > Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan > taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma > sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti > etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu > kabul etmez. > This message is intended solely for the use of the individual or > entity to whom it is addressed , and may contain confidential > information. If you are not the intended recipient of this message or > you receive this mail in error, you should refrain from making any use > of the contents and from opening any attachment. In that case, please > notify the sender immediately and return the message to the sender, > then, delete and destroy all copies. This e-mail message, can not be > copied, published or sold for any reason. This e-mail message has been > swept by anti-virus systems for the presence of computer viruses. In > doing so, however, sender cannot warrant that virus or other forms of > data corruption may not be present and do not take any responsibility in any occurrence. > ______________________________________________________________________ > ______________________________________________________________________ > _ <http://387555.sigclick.mailinfo.com/sigclick/06090204/02044C00/06000C4D/051…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________

18 years, 4 months

RE: [Serusers] prevent INVITE without REGISTERing

by İlker Aktuna (Koç.net)

H i, Thanks for your answer. I see in my logs that both %$registered_host and %si are same but if (!avp_equals_xl("$registered_host", "%si")) fails ! I also tried : if (!avp_equals_xl("%$registered_host", "%si")) But it also failed. Any idea why ? Could it be that they are different types of variables ? IP address and text ? Thanks, ilker -----Original Message----- From: Miklos Tirpak [mailto:miklos@iptel.org <mailto:miklos@iptel.org> ] Sent: Wednesday, July 12, 2006 6:45 PM To: İlker Aktuna (Koç.net) Cc: serusers(a)iptel.org Subject: Re: [Serusers] prevent INVITE without REGISTERing İlker Aktuna (Koç.net) wrote: > > > > Thanks, > > That configuration is accepted but now my "registered" client is > denied at both following lines: > > if (!lookup_user("From")) { check if the From HF is the same in the INVITE as the To HF in the REGISTER, and check the uri table in your database > if ((!avp_equals_xl("$registered_host", "%si") || > !avp_equals_xl("$registered_port", "%sp"))) { > > How can I print $registered_host to log ? xlog("L_ERR", "registered_host = %$registered_host \n"); > I can print %si with xlog(). I guess xlog("L_ERR", "src ip = %si \n"); Miklos > > Thanks, > ilker > > > -----Original Message----- > From: Miklos Tirpak [mailto:miklos@iptel.org <mailto:miklos@iptel.org> ] > Sent: Wednesday, July 12, 2006 4:01 PM > To: İlker Aktuna (Koç.net) > Cc: serusers(a)iptel.org > Subject: Re: [Serusers] prevent INVITE without REGISTERing > > İlker Aktuna (Koç.net) wrote: > > > > > > Thanks Miklos, > > > > I think this is just what I'm looking for. > > But I get some errors for this line: > > if ((src_ip != @ruri.host) || (src_port != @ruri.port)) { > > You can access src_ip and src_port via xl_lib: > > $registered_host = @ruri.host; > $registered_port = @ruri.port; > > if ((!avp_equals_xl("$registered_host", "%si")) > || (!avp_equals_xl("$registered_port", "%sp"))) { > ... > > Miklos > > > > > 0(30074) parse error (175,16-17): syntax error > 0(30074) parse > error (175,16-17): ip address or hostname expected > 0(30074) parse > error (175,16-17): bad command > 0(30074) parse error (175,21-22): > bad command > 0(30074) parse error (175,21-22): bad command > > 0(30074) parse error (175,26-27): bad command > 0(30074) parse error > (175,26-27): bad command > 0(30074) parse error (175,28-30): bad > command > 0(30074) parse error (175,31-32): bad command > 0(30074) > parse error (175,32-40): bad command > 0(30074) parse error > (175,41-43): bad command > 0(30074) parse error (175,44-45): bad > command > 0(30074) parse error (175,49-50): bad command > 0(30074) > parse error (175,49-50): bad command > 0(30074) parse error > (175,54-55): bad command > 0(30074) parse error (175,54-55): bad > command > 0(30074) parse error (175,55-56): bad command > 0(30074) > parse error (175,57-58): bad command > > Any idea why ? > > > > Thanks, > > ilker > > > > -----Original Message----- > > From: Miklos Tirpak [mailto:miklos@iptel.org <mailto:miklos@iptel.org> ] > Sent: Wednesday, > July 12, 2006 11:58 AM > To: İlker Aktuna (Koç.net) > Cc: > serusers(a)iptel.org > Subject: Re: [Serusers] prevent INVITE without > REGISTERing > > Hi Ilker, > > just my first idea, not tested: > > > > > > 1. lookup the From HF > > > > if (!lookup_user("From")) { > > # reject the INVITE > > ... > > } > > > > 2. save original To UID and Request URI > > $orig_to_uid = > $tu.uid; > $orig_req_uri = @ruri; > > 3. set To UID -- registrar > module will use this in the lookup > > $tu.uid = $fu.uid; > > 4. > lookup >From HF and compare the source address of the INVITE with > > the source address of the REGISTER message > > if > (lookup("location")) { > > if ((src_ip != @ruri.host) || (src_port != @ruri.port)) { > > # reject the INVITE > > ... > > } > > # restore original To UID and Request URI > > $tu.uid = $orig_to_uid; > > attr2uri("$orig_req_uri"); > > } else { > > # reject the INVITE > > ... > > } > > > > Note, that the above solution is a bit ugly, you can get into > troubles > when the user registers multiple contact addresses. It is > better to > disable branches (see append_branches parameter in > registrar module), > but you loose some functionality. > > > > Regards, > > Miklos > > > > İlker Aktuna (Koç.net) wrote: > > > > > > Hi everyone, > > > > > > I am still trying to find a solution to this problem. (but > couldn't > > find > yet) > Victor was trying to help me but I think > he's not > able to reply these days. > > > > > > Is there any idea to achieve what I need. > > > > > > Thanks, > > > ilker > > > > > > > > > ---------------------------------------------------------------------- > > > -- > > > *From:* serusers-bounces(a)lists.iptel.org > > > [mailto:serusers-bounces@lists.iptel.org <mailto:serusers-bounces@lists.iptel.org> ] *On Behalf Of *İlker Aktuna > > > (Koç.net) > *Sent:* Tuesday, July 11, 2006 1:41 PM > *To:* > Victor > Stanescu > *Cc:* serusers(a)iptel.org > *Subject:* RE: > [Serusers] > prevent INVITE without REGISTERing > > Hi, > > What > if my proxy > does not handle authenticating INVITE messages ? > > > > > > In that case I think the best way is to lookup location table > for > the > source URI. > > > If the source URI location matches the location in that table > then > we > must permit INVITE message. > > > How can I configure this ? > > > > > > Thanks, > > > ilker > > > > > > -----Original Message----- > > > From: serusers-bounces(a)lists.iptel.org > > > [mailto:serusers-bounces@lists.iptel.org <mailto:serusers-bounces@lists.iptel.org> ] On Behalf Of Victor Stanescu > > > Sent: Monday, July 10, 2006 1:49 PM > Cc: serusers(a)iptel.org > > > Subject: Re: [Serusers] prevent INVITE without REGISTERing > > > > Please read "domain" instead of "gtstelecom.ro": > > > www_authorize("domain", > > > "subscriber") and proxy_authorize("domain", "subscriber"), > > otherwise > the code fragment will not be correct. I forgot to > > replace with a generic name. > > > > > > Victor Stanescu wrote: > > > > I think it is easier to force him to authenticate the INVITE. > If > he > is > able to authenticate the INVITE, why do you care if > he is > > registered > or not? > > > > > > > > if (method=="REGISTER") { > > > > if(!src_ip=="other") { > > > > if (!www_authorize("gtstelecom.ro", "subscriber")) { > > > > www_challenge("domain", "0"); > > > > break; > > > > }; > > > > save("location"); > > > > log("Replicating REGISTER\n"); > > > > t_replicate("other", "5060"); > > > > } else { > > > > save("location"); > > > > }; > > > > break; > > > > } else { > > > > # this is an INVITE > > > > if (!proxy_authorize("gtstelecom.ro", "subscriber")) { > > > > proxy_challenge("domain", "1"); > > > > break; > > > > }; > > > > # route the call > > > > ... > > > > }; > > > > > > > > İlker Aktuna (Koç.net) wrote: > > > >> > > > >> Hi all, > > > >> > > > >> Is it possible to prevent any user calling without registering ? > > > What >> is the best way to do this ? > > > >> I guess I'll have to check if the source URI exists in > location > table. > > > >> What is the easiest way to do this ? > > > >> > > > >> If there is a more robust way to do it, please suggest... > > > >> > > > >> Thanks, > > > >> ilker > > > >> > > > >> > > > > > > > > > <http://387555.sigclick.mailinfo.com/sigclick/0A0C0204/04064E00/0A06054D/031…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________

18 years, 4 months

[Users] Openser with Radius

by Dubromez Matthieu

Hi all, I'm new in OpenSER and I try to authenticate users with my LDAP by a Radius server. My problem is that the attribute User-Password missed in the request I think. I searched a solution but nothing worked! Can someone help me please! Here is the log of radiusd : rlm_ldap: checking if remote access for A208534 is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user A208534 authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns ok) for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group LDAP for request 4 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "ldap" returns invalid for request 4 modcall: leaving group LDAP (returns invalid) for request 4 auth: Failed to validate the user. Thanks for help Matthieu PS : Sorry for my english!

18 years, 4 months

← Newer
1
...
23
24
25
26
27
28
29
...
42
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users July 2006