Hi!
I'm running ser-0.9.6, on FreeBSD 6.1-stable, database backend
is postgresql version 8.1.3.
Today I got errors in logfiles, saying:
messages.2.bz2:May 29 14:35:03 <XXX> /usr/local/sbin/ser[51448]:
ERROR:avpops:dbrow2avp: dbrow contains NULL fields
The similar problem reported in:
http://lists.iptel.org/pipermail/serusers/2005-May/019681.html
with much more detailed description of error, database contents
and config samples.
Patch is trivial, and looks more like a fix to copy'n'paste error:
in mysql/val.c function str2val states:
if (!_s) {
memset(_v, 0, sizeof(db_val_t));
VAL_TYPE(_v) = _t;
VAL_NULL(_v) = 1;
return 0;
}
VAL_NULL(_v) = 0;
and the last line mentions that 'well, that's value is not NULL'.
In postgresql/db_val.c, line 182, function str2valp, the same statement is the:
if (!_s) {
DLOG("str2valp", "got a null value");
VAL_TYPE(_v) = _t;
VAL_NULL(_v) = 1;
return 0;
}
without explicit notification that this is not-NULL value.
More than, nowhere else in this function VAL_NULL(_v) not set to 0.
So, if a value _v.val contained anyting but 0 at the function start,
resulting value will be threated as NULL despite the fact, that _s is NOT NULL.
Patch is obvious, just add VAL_NULL(_v)=0; after cited block (line 188) and
everyting will be ok.
At least for me it's ok for some hours :)
Hi!
i wonder if there is a timer which controls the timeout for provisional
replies.
E.g. I want to cancel an INVITE and retry another gateway if the gateway
does not respond with 100 (or 180) in a certain time.
regards
klaus
--
Klaus Darilion
nic.at
Hi,
openser 1.1.1 is now available in binary format for several embedded patforms:
- Linksys NSLU
- Synology DS-101(g+)
- Iomega NAS 100d
- Freecom FSG-3
- Qnap TurboStation
...
and all routers supported by the oleg or dd-wrt distributions.
Check out http://www.nslu2-linux.org
Regards,
Ovidiu Sas
Hi, all.
I know this is a little bit out off Topic. I'm trying to install
CDRTool for CDR normalization and billing with SER. I get the things allmost
working (freeradius + MySQL + SER) But i can't get the CDRs normalized with
price. Can anybody please help me or post a CDRTool global.inc working file?
.
Thanks a lot in advance any help will be highly apreciated!
Hi everybody,
OpenSER 1.2.0 has now the capability to do DNS based failover, according
to RFC3263 (http://www.ietf.org/rfc/rfc3263.txt).
The SIP resolver was enhanced to to be able to save and resume later the
DNS queries in order to get all possible IP destinations. The resolving
process is step-by-step done (get next IP only on demand) to minimize
the total number of DNS queries. So having this support does not imply,
in normal processing, more load on the DNS server. Additional queries
are done only when needed (after failure detected).
The scanning for new IP destinations is done by the SIP resolver on all
DNS levels: NAPTR, SRV, A.
Both core and TM are using this new feature.
In core, the stateless forwarding can do only DNS-based failover at
transport level (if no egress interface found or send operation
failed due whatever reason).
In TM, the DNS-based failover is extended to transaction level. If the
transaction completes with 503 or 408 with no reply, automatically, a
new branch will be fork if any destination IP can be found by the DNS
resolver.
Read more here http://www.openser.org/docs/modules/1.2.x/tm.html#AEN103
For controlling this feature use:
- newly added core parameter "disable_dns_failover" - use to
generally disable the DNS-based failover. By default is false.
- in TM, t_relay() take a new flag for turning off the DNS-based
failover. This setting is per transaction. By default, the failover is done.
Any feedback is appreciated.
regards,
Bogdan
Hi everybody,
OpenSER 1.2.0 has new feature - IP Blacklist support. This is a low
level filtering engine for the outgoing requests; low level, because the
filtering is done based on IP, protocol, port, etc.
Its primary purposes will be to prevent sending requests to critical IPs
(like GWs) due DNS or to avoid sending to destinations that are known to
be unavailable (temporary or permanent).
Because of flexibility concerns, the filtering rules can be groups
inside multiple lists.
A rule:
- matches based on IP/mask, proto, port and text pattern criteria
- can be reversed applied
A list:
- can be read-only - it does not change during execution
- have timeout per elements - elements expires after a configured timeout.
How to use:
===========
currently there are 2 ways of using the blacklists:
1) statically defining list in the configuration file and selecting
which ones should be used for each request.
You can define blacklists as follow:
# filter out requests going to ips of my gws
dst_blacklist = gw:{( tcp , 192.168.2.100 , 5060 , "" ),( any ,
192.168.2.101 , 0 , "" )}
# block requests going to "evil" networks
dst_blacklist = net_filter:{ ( any , 192.168.1.100/255.255.255.0 , 0
, "" )}
# block message requests with nasty words
dst_blacklist = msg_filter:{ ( any , 192.168.20.0/255.255.255.0 , 0
, "MESSAGE*ugly_word" )}
# block requests not going to a specific subnet
dst_blacklist = net_filter2:{ !( any , 192.168.30.0/255.255.255.0 ,
0 , "" )}
a rule is defined by:
protocol : TCP, UDP, TLS or "any" for anything
port : number or 0 for any
ip/mask
test patter - is a filename like matching (see "man 3 fnmatch")
applied on the outgoing request buffer (first_line+hdrs+body)
From routing script, you can use the use_blacklist("name") function to
select what blacklist to be applied for the current request. More than
one list can be selected.
If the destination address matches on of the selected rules, the send
will fail.
2) via DNS
The DNS resolver, when configured with failover, can automatically store
in a temporary blacklist the failed destinations. This will prevent (for
a limited period of time) openser to send requests to destination known
as failed.
So, the blacklist can be used as a memory for the DNS resolver.
To use it, you have to enabled it - the rest is done automatically.
disable_dns_blacklist = no
By default is enabled. The temporary blacklist created by DNS resolver
is named "dns" and it is by default selected for usage (no need use the
use_blacklist() function. The rules from this list have a life time of 4
minutes - you can change it at compile time, from blacklists.h .
To give you an internal snapshot, a new MI function - "list_blacklists"
- was added to print all existent blacklists and their rules.
Any suggestions/reports are welcome!
regards,
bogdan
On 12/20/06, Klaus Darilion <klaus.mailinglists(a)pernau.at > wrote:
>
> Hi Mark!
>
> Postgres should work well - I use it since ser 0.8. Just make sure that
> the hard disk does not get full, because this breaks the index inside
> postgres and postgres is getting real slow (re-create the index if it
> happens).
>
> Last time I tested openser_postgres.sh it worked fine. If you find a bug
> please let us know.
>
> Please check to use the latest versions from CVS (for 1.1 use CVS
> rel_1_1_0)
The latest version from cvs doesn't work out of the box with openser build
from the release tarball, because the release tarball doesn't included
/usr/sbin/openser_gen_ha1 (although I could get past this by replacing it
with the md5sum equivelant).
However, the release tarball doesn't work because of this bug:
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1518732&group_…
So, 1. is the cvs version of rel_1_1_0 considered safe for production use?
2. if so and there are important fixes such as this in CVS, would
openser.org consider
releasing a point release containing such changes?
Thanks,
Mark Price
Hi Weiter,
Yeah, I have been trying to limit myself to technical observations too, but the governance aspect is somewhat interesting too as a hint for future development, even though I guess even this is much more confusing than the technical ones. I have investigated, both projects have their firms with them that pursue their commercial interests which creates a risk of possibly departing from the public interest, like with redhat. From this angle they look quite similar. But if any worries me just a little bit more than openser. Appearance at commercial shows on the "open" side versus technical event on the "net" side if I take your BSD parallel, marketing "open" webpage accusing "net" version bad, hiding root commerical sponsors on the "open" webpage, this could be signs for a redhat-like doubleedged sword. Hopefully I am oversensing because I mean it is natural that everybody has SOME interest, but indisputably folks on both sides have done good work, but same indisputably more
TRANSPARENCY would be helpful for both projects so that users can be less investigative.
But I agree the technical comparison you suggest will be very useful if not most useful. This is what I am eventually upto. Anything folks have to tell in this topic is most welcome like the retransmission timers in subject or user loading.
rr
disconcerted by the fact that the more I know the more I am confused and determined to get over the learning curve quickly. also excuse the abuse I crossposted again but I think cross interrogation is a bit painful but the more effective :-)
----- Original Message ----
From: Weiter Leiter <bp4mls(a)googlemail.com>
To: Kim Il <kim_il_s(a)yahoo.com>
Cc: users(a)openser.org
Sent: Thursday, November 9, 2006 1:42:29 PM
Subject: Re: Fw: [Users] TM : retransmission timers
Common user barely has time to meet his boss requirements, rather than playing around with different scenarios, platforms, environments.
I only read one email where Daniel stated that OpenSER now performs a whole much better while loading users from database. SER guys put no figure out yet, neither bare numbers nor comparisons. I'm just really curious to see how both servers perform, that's all.
Even though I must maintain my SER, I kinda like OpenSER's faster releases and developers' responsiveness (that I shamelessly exploit for the common code left there :-), which is pretty much nonexistent with iptel (at least this is the general belief here at OpenSER). But about this I'll probably have to fight on SER's mailing list. I still wish that one day I won't have to compare features; heck, NetSER and FreeSER are still available ;-).
WL.
PS. Maybe regretfully, I haven't seen any iptel booth at von this year, while OpenSER guys put up a nice show. My congrats.
On 11/9/06, Kim Il <kim_il_s(a)yahoo.com> wrote:
I can see what you are hinting at, but I guess that the users are the unbiased party that should do the judgment and not the parties who have something to gain.
cheers
Weiter Leiter <bp4mls(a)googlemail.com> wrote:
This features comparisons are not to last for too long, some performance comparisons would also be nice. After all, there are plenty of UA-level stacks out there. At least now that both projects get to have stable releases after forking and some core functionality remained shared.
I wonder what "unbiased" organization will take up the challenge. :-)
On 11/8/06, Kim Il <
kim_il_s(a)yahoo.com > wrote:Mike,
this is a really good start and we should collect these things so as to help the community to take the right choice. I would also suggest that what ever ground breaking issues we list we stay at the functional level (I do not think anyone is helped by using a description containing "allowing carrier grade platforms" and similar marketing phrases).
cheers
{truncated because too large}
Sponsored Link
Talk more and pay less. Vonage can save you up to $300 a year on your phone bill.
Sign up now.
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users
Hi After a long way of trying to compile ser 0.10.99 I am still left some errors:
Please help me with those:
ser@tomix:~/src/ser-0.10.99$ make group_include="standard standard-dep stable" include_modules="xcap" all > ser.makeall.log
make[1]: *** Nie podano obiektów i nie znaleziono makefile. Stop.
make[1]: *** Nie podano obiektów i nie znaleziono makefile. Stop.
make[1]: *** Nie podano obiektów i nie znaleziono makefile. Stop.
unixsock_server.c: In function ‘init_unixsock_children’:
unixsock_server.c:274: error: ‘last_process’ undeclared (first use in this function)
unixsock_server.c:274: error: (Each undeclared identifier is reported only once
unixsock_server.c:274: error: for each function it appears in.)
unixsock_server.c:256: warning: unused variable ‘sockfd’
unixsock_server.c:253: warning: unused variable ‘backup’
make[1]: *** [unixsock_server.o] Błąd 1
checks.c: In function ‘generate_avps’:
checks.c:89: error: ‘A_SER_ATTRS’ undeclared (first use in this function)
checks.c:89: error: (Each undeclared identifier is reported only once
checks.c:89: error: for each function it appears in.)
checks.c: In function ‘radius_does_uri_exist’:
checks.c:146: error: ‘V_CALL_CHECK’ undeclared (first use in this function)
make[1]: *** [checks.o] Błąd 1
Errors in the above files correspond to the following lines:
unixsock_server.c:274: error:
snprintf(pt[last_process].desc, MAX_PT_DESC, "unix domain socket server @ %s", unixsock_name);
checks.c:89: error: ‘A_SER_ATTRS’ undeclared (first use in this function)
while ((vp = rc_avpair_get(vp, attrs[A_SER_ATTRS].v, 0))) {
Bests
Tomasz
Hello,
I have a 64bit machine running openser 1.1.0, and wish to log radius
accounting details to radius using the acc module and radiusclient-ng.
I am facing issues talking to a freeradius server, as described at:
https://developer.berlios.de/bugs/?func=detailbug&bug_id=7442&group_id=1208
Basically, the server reports:
Error: Received Accounting-Request packet from w.x.y.z with invalid
signature! (Shared secret is incorrect.)
I have updated to the cvs version of radiusclient-ng, but the problem
still exists. It would appear that the md5 routine is not compatible
with the md5 routine used by the freeradius software.
Just wondering is anyone else has worked their way around this problem.
Cheers, Stuart
> X-Archived: http://article.gmane.org/gmane.comp.voip.openser.user/4415
> From: Daniel-Constantin Mierla <daniel@...>
> Subject: FYI: bug in radiusclient ng for 64b
> Newsgroups: gmane.comp.voip.openser.user, gmane.comp.voip.openser.devel
> Date: 2006-05-16 01:44:16 GMT (13 weeks, 3 days and 58 minutes ago)
>
> On 05/16/06 02:48, Maxim Sobolev wrote:
>> Hi,
>>
>> Reportedly there is an problem in radiusclient library with md5 hash
>> calculation on 64bit platforms (amd64, sparc64, etc), which results in
>> server rejecting requests even with proper secret configured on
>> client. I have applied a fix, but don't have access to any 64bit
>> hardware, therefore can't verify.
>>
>> Therefore, if anybody is having problems with radiusclient on 64bit
>> arch he is more than welcome to try update to the latest version from
>> cvs and let me know if it helps or not. Instructions on checking out
>> sources from berlios cvs are here:
>> https://developer.berlios.de/cvs/?group_id=1208.
>>
>> Thanks!
>>
>> -Maxim
>