sr-users July 2007

sr-users@lists.kamailio.org

163 participants
261 discussions

Re: [OpenSER-Users] Good how-to openser + radius authentification

by Marc LEURENT

It's working for me for OpenSER authentification/acc through freeradius! I've installed a debian to replace my ubuntu server, and compiled OpenSER with radius acc support I'v made a .deb from source: wget http://ftp.debian.org/debian/pool/main/o/openser/openser_1.2.1.orig.tar.gz wget http://ftp.debian.org/debian/pool/main/o/openser/openser_1.2.1-1.diff.gz tar xvzf openser_1.2.1.orig.tar.gz cd openser-1.2.1-tls/ vim Makefile # to delete *_radius and mysql module from excluded module vim modules/acc/Makefile to enable radius acc and disable mysql acc dpkg-buildpkg -rfakeroot # to create .deb For the rest, I've followed the tutorial, and it's working Good luck Best regards, Marc ram a écrit : > Hi > > thanks for the quick reply > > even iam trying my best to work > > if i see some success i will share > > may be with our co-ordination we can come out new setup > working > > lets hope for the best > > ram > > > On 7/16/07, *Marc LEURENT* <lftsy(a)free.fr <mailto:lftsy@free.fr>> wrote: > > I have got troubles too > I'm still trying to understand how does it work > I'll keep you informed > Have a noce day > > ram a écrit : > > Hi > > > > are u able to make this setup working > > > > iam still the same status > > > > let me know if you have any update we can share each other > > > > ram > > > > > > On 7/13/07, *Marc LEURENT* <lftsy(a)free.fr <mailto:lftsy@free.fr> > <mailto:lftsy@free.fr <mailto:lftsy@free.fr>>> wrote: > > > > I'm looking forward to seeing your update! > > In the meantime, is it possible for you to send me your > freeradius > > and > > your openser configuration files... > > I am compiling openser with radius enabled in the acc module... > > > > Best Regards, > > > > Marc LEURENT > > > > Neeraj Gupta a écrit : > > > Hello Ram, > > > > > > I have successfully configured OpenSer with FreeRadius. > However > > I used > > > all latest software versions. > > > The link you mentioned is quite old now. I am planning to > post a new > > > how to very soon. > > > > > > Thanks, > > > Neeraj Gupta > > > > > > ram wrote: > > >> > > >> > > >> On 7/12/07, *Bogdan-Andrei Iancu* <bogdan(a)voice-system.ro > <mailto:bogdan@voice-system.ro> > > <mailto:bogdan@voice-system.ro <mailto:bogdan@voice-system.ro>> > > >> <mailto:bogdan@voice-system.ro > <mailto:bogdan@voice-system.ro> > > <mailto: bogdan(a)voice-system.ro > <mailto:bogdan@voice-system.ro>>>> wrote: > > >> > > >> Hi Marc, > > >> > > >> have you tried this: > > >> http://www.openser.org/docs/openser-radius-1.0.x.html > > <http://www.openser.org/docs/openser-radius-1.0.x.html > <http://www.openser.org/docs/openser-radius-1.0.x.html>> > > >> > > >> regards, > > >> bogdan > > >> > > >> > > >> Hi > > >> > > >> with the above URL, can any one able to make success > > >> integration with Freeradius > > >> > > >> i get lot of errors on freeradius side > > >> some time hint, some time groups, some time Auth-Type > > >> > > >> i followed the same instrusction > > >> i get this following errors > > >> > > >> any help ? > > >> > > >> Module: Loaded files > > >> files: usersfile = "/usr/local/etc/raddb/users" > > >> files: acctusersfile = "/usr/local/etc/raddb/acct_users" > > >> files: preproxy_usersfile = > "/usr/local/etc/raddb/preproxy_users" > > >> files: compat = "no" > > >> /usr/local/etc/raddb/users[1]: Parse error (check) for > entry test: > > >> Unknown attribute "Auth-Type" > > >> Errors reading /usr/local/etc/raddb/users > > >> radiusd.conf[863]: files: Module instantiation failed. > > >> radiusd.conf[1204] Unknown module "files". > > >> radiusd.conf[1201] Failed to parse preacct section. > > >> > > >> > > >> ram > > >> > > >> > > > ------------------------------------------------------------------------ > > >> > > >> _______________________________________________ > > >> Users mailing list > > >> Users(a)openser.org <mailto:Users@openser.org> > <mailto:Users@openser.org <mailto:Users@openser.org>> > > >> http://openser.org/cgi-bin/mailman/listinfo/users > > >> > > > > > > -- > > > ------------------------------------------------------------- > > > o Neeraj Gupta email: neeraj.gupta(a)sun.com > <mailto:neeraj.gupta@sun.com> > > <mailto:neeraj.gupta@sun.com <mailto:neeraj.gupta@sun.com>> > > > o Netra Systems & Networking phone: +1(408) 276-7214 x71214 > > > o Sun Microsystems, Inc. fax : +1(408) 276-4552 > > > o 4120 Network Circle, USCA12-216, Santa Clara, CA 95054, USA > > > ------------------------------------------------------------- > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > _______________________________________________ > > > Users mailing list > > > Users(a)openser.org <mailto:Users@openser.org> > <mailto:Users@openser.org <mailto:Users@openser.org>> > > > http://openser.org/cgi-bin/mailman/listinfo/users > > > > > > > > >

17 years

RE: [OpenSER-Users] lookup problem

by Kro Kamil

Hi, I will try to give more details, Actually everything was working fine till I the day I moved my dns server to the same machine with ser. I setup bind9 on the machine where ser is installed. I did the same dns configuration with the old one but after some time ser started to give that error. I then removed bind9 but nothing changed. Now here is my named.conf ********************** zone "intersan.com.tr" { type master; file "/var/cache/bind/intersan.com.tr.hosts"; };zone "sahratelekom.com.tr" { type master; file "/var/cache/bind/sahratelekom.com.tr.hosts"; }; ********************** this is "intersan.com.tr.hosts": ********************** $ttl 38400intersan.com.tr. IN SOA ns1.intersan.com.tr. alp.intersan.com.tr. ( 1152602393 10800 3600 604800 38400 )intersan.com.tr. IN NS ns1.intersan.com.tr.intersan.com.tr. IN NS ns2.intersan.com.tr.www.intersan.com.tr. IN CNAME intersan.com.tr.intersan.com.tr. IN MX 10 intersan.com.tr.intersan.com.tr. IN A 85.105.26.49ns1.intersan.com.tr. IN A 88.248.71.3ns2.intersan.com.tr. IN A 85.111.0.20249.26.105.85.intersan.com.tr. IN PTR intersan.com.tr. ********************** this is "sahratelekom.com.tr.hosts" ********************** $ttl 38400sahratelekom.com.tr. IN SOA ns1.intersan.com.tr. alp.intersan.com.tr. ( 1152602935 10800 3600 604800 38400 )sahratelekom.com.tr. IN NS ns1.intersan.com.tr.sahratelekom.com.tr. IN NS ns2.intersan.com.tr.www.sahratelekom.com.tr. IN CNAME sahratelekom.com.tr.sahratelekom.com.tr. IN MX 5 sahratelekom.com.tr.sahratelekom.com.tr. IN A 85.105.26.4949.26.105.85.sahratelekom.com.tr. IN PTR sahratelekom.com.tr. sip.sahratelekom.com.tr. IN A 85.111.0.205********************** I am also pasting the message traffic below. > Date: Mon, 16 Jul 2007 10:39:28 +0300> From: bogdan(a)voice-system.ro> To: kro_ser(a)hotmail.com> CC: users(a)openser.org> Subject: Re: [OpenSER-Users] lookup problem> > Hi Kro,> > OpenSER tries to preform NAPTR and SRV lookups on the name before A dns > lookup. As the debug shows, most probably you do not have NAPTR and SRV > records for the domain name and the A record is used. Can you confirm > that the request is forwarded? When I listen the main interface, here is the traffic 85.105.26.49:17030 -> 85.111.0.205:5060INVITE 85.111.0.205:5060 -> 85.105.26.49:17030 SIP/2.0 100 Giving a try 85.111.0.205:5060 -> 85.105.26.49:17030 SIP/2.0 513 Message too big 85.105.26.49:17030 -> 85.111.0.205:5060ACK > > The "message too big" is most probably a side-effect of a request that > loops on the server because improper configuring - try to lool on > loopback interface to see if so.> The loopback interface traffic is: 85.111.0.205:5060 -> 85.111.0.205:5060 INVITE 85.111.0.205:5060 -> 85.111.0.205:5060 SIP/2.0 100 Giving a try --INVITE and Giving a try repeated 5 times-- 85.111.0.205:5060 -> 85.111.0.205:5060 SIP/2.0 513 Message too big 85.111.0.205:5060 -> 85.111.0.205:5060 ACK --Message too big and ACK repeated 5 times-- thanks Kro > regards,> bogdan> > > > Kro Kamil wrote:> > Hello,> > > > Actually it does not look like a ser problem but I could not find a > > way out so I am asking your help.> > When I try to make a call, after calling lookup function I get the > > following error and then a "message too big" reply.> > > > *************************> > DEBUG:sip_resolvehost2: no port, no proto -> do NAPTR lookup!> > get_record: lookup(sip.sahratelekom.com.tr, 35) failed> > DEBUG:sip_resolvehost2: no valid NAPTR record found for > > sip.sahratelekom.com.tr, trying direct SRV lookup...> > get_record: lookup(_sip._udp.sip.sahratelekom.com.tr, 33) failed> > DEBUG:sip_resolvehost2: no valid SRV record found for > > _sip._udp.sip.sahratelekom.com.tr, trying A record lookup...> > *************************> > > > When I look at the code I saw that "res_search" function is called in > > "get_record" function and it returns -1 which says that it could not > > resolve hostname. My "resolv.conf" file is properly configured and I > > can ping and resolve any address from command line including > > "sip.sahratelekom.com".> > Do you have any idea about this problem?> > > > thanks> > > > Kro> >> > ------------------------------------------------------------------------> > Live.com'u deneyin - hýzlý ve kiþiselleþtirilmiþ giriþ sayfanýzla > > istediðiniz her þey tek bir yerde. tek bir yerde. > > <http://www.live.com/getstarted>> > ------------------------------------------------------------------------> >> > _______________________________________________> > Users mailing list> > Users(a)openser.org> > http://openser.org/cgi-bin/mailman/listinfo/users> > > _________________________________________________________________ Live.com'u deneyin - hýzlý ve kiþiselleþtirilmiþ giriþ sayfanýzla istediðiniz her þey tek bir yerde. http://www.live.com/getstarted

17 years

[OpenSER-Users] lookup problem

by Kro Kamil

Hello, Actually it does not look like a ser problem but I could not find a way out so I am asking your help. When I try to make a call, after calling lookup function I get the following error and then a "message too big" reply. ************************* DEBUG:sip_resolvehost2: no port, no proto -> do NAPTR lookup! get_record: lookup(sip.sahratelekom.com.tr, 35) failed DEBUG:sip_resolvehost2: no valid NAPTR record found for sip.sahratelekom.com.tr, trying direct SRV lookup... get_record: lookup(_sip._udp.sip.sahratelekom.com.tr, 33) failed DEBUG:sip_resolvehost2: no valid SRV record found for _sip._udp.sip.sahratelekom.com.tr, trying A record lookup... ************************* When I look at the code I saw that "res_search" function is called in "get_record" function and it returns -1 which says that it could not resolve hostname. My "resolv.conf" file is properly configured and I can ping and resolve any address from command line including "sip.sahratelekom.com". Do you have any idea about this problem? thanks Kro _________________________________________________________________ Live.com'u deneyin - hýzlý ve kiþiselleþtirilmiþ giriþ sayfanýzla istediðiniz her þey tek bir yerde. http://www.live.com/getstarted

17 years, 1 month

RE: [OpenSER-Users] lookup problem

by Kro Kamil

> Date: Mon, 16 Jul 2007 08:34:19 +0200> From: klaus.mailinglists(a)pernau.at> To: kro_ser(a)hotmail.com> CC: users(a)openser.org> Subject: Re: [OpenSER-Users] lookup problem> > > > Kro Kamil wrote:> > Hello,> > > > Actually it does not look like a ser problem but I could not find a> > way out so I am asking your help. When I try to make a call, after> > calling lookup function I get the following error and then a "message> > too big" reply.> > > > ************************* DEBUG:sip_resolvehost2: no port, no proto> > -> do NAPTR lookup! get_record: lookup(sip.sahratelekom.com.tr, 35)> > failed DEBUG:sip_resolvehost2: no valid NAPTR record found for> > sip.sahratelekom.com.tr, trying direct SRV lookup... get_record:> > lookup(_sip._udp.sip.sahratelekom.com.tr, 33) failed> > DEBUG:sip_resolvehost2: no valid SRV record found for> > _sip._udp.sip.sahratelekom.com.tr, trying A record lookup...> > *************************> > > > When I look at the code I saw that "res_search" function is called in> > "get_record" function and it returns -1 which says that it could not> > resolve hostname. My "resolv.conf" file is properly configured and I> > can ping and resolve any address from command line including> > "sip.sahratelekom.com.tr". Do you have any idea about this problem?> > ^^(corrected) > > > openser is trying to resolve sip.sahratelekom.com.tr> ^^ Correct domain is "sip.sahratelekom.com.tr". I also can ping "sip.sahratelekom.com.tr" from command line. > > regards> klaus> > > > > thanks> > > > Kro _________________________________________________________________ _________________________________________________________________ Kendinizi ifade edin: giriþ sayfanýzý Live.com ile istediðiniz biçimde tasarlayýn. http://www.live.com/getstarted

17 years, 1 month

Re: [OpenSER-Users] Strange ACK format gives OpenSER error?

by Tobias Lindgren

Hi Martin, thanks for quick answer. Exactly how does disabling full lr solve this? I mean, how does it change the way "<>" is handled? Br, /Tobias Martin Klisch said the following on 2007-07-06 12:59: >> Hi all, >> >> after a patch from one of our providers ACKs started to come with R-URI >> looking like: >> ACK <sip:192.168.0.1;lr=on;ftag=507454020> SIP/2.0 >> instead of: >> ACK sip:192.168.0.1;lr=on;ftag=507454020 SIP/2.0 >> like it did before the patch. >> >> The new ACK format gives an error in OpenSER: >> Jul 6 11:35:55 ser1 /sbin/openser[9634]: ERROR: parse_uri: bad uri, >> state 0 parsed: <<sip> (4) / <<sip:192.168.0.1;lr=on;ftag=507454020>> (38) >> Jul 6 11:35:55 ser1 /sbin/openser[9634]: ERROR: parse_sip_msg_uri: bad >> uri <<sip:192.168.0.1;lr=on;ftag=507454020>> >> Jul 6 11:35:55 ser1 /sbin/openser[9634]: loose_route: Error while >> parsing Request URI >> >> Are the new format of the ACKs valid? With the "<>"? If they are valid, >> the problem lies in OpenSER? > > It is not valid. it is a bug on cisco PGW after upgrading to another ios. > you have to disable full lr: modparam("rr", "enable_full_lr", 0). > > the cisco gateway takes the whole from-uri (with <>) for the r-uri. cisco > people said "the =on behind the lr is wrong. it is not in the rfc." - but > the rfc doesnt say, that there must only be a lr without params. but the > rfc shows a "must not" about <> in R-URI. > > > > > >

17 years, 1 month

[OpenSER-Users] SER : Query Regarding User Authorisation.

by Parminder.Nayyar＠relianceada.com

Hi We are facing problem using the authentication module of SER. First we enabled the database to mysql and set the db_mode in userloc to 2. Then we added a user through the serctl add <username> <password> <emailid> Now, in the config file , we load the auth moduel and the auth_db module, and try to authorize the REGISTER attempts using www_authorize() procedure. But every time we are returned a message that Authorisation failed. However if we remove teh authorisation functionality from the config file, the subscriber is shown in the location table of ser database. CAN ANYONE HELP ME IN UNDERSTANDING WHAT IS HAPPENING, and How do i make the authorisation procedure work? 3(27177) SIP Request: 3(27177) method: <REGISTER> 3(27177) uri: <sip:10.128.16.254> 3(27177) version: <SIP/2.0> 3(27177) parse_headers: flags=1 3(27177) Found param type 235, <rport> = <n/a>; state=6 3(27177) Found param type 232, <branch> = <z9hG4bK2DD03B6ACD9544A89ACF7C48EF87CEFB>; state=16 3(27177) end of header reached, state=5 3(27177) parse_headers: Via found, flags=1 3(27177) parse_headers: this is the first via 3(27177) After parse_msg... 3(27177) preparing to run routing scripts... 3(27177) parse_headers: flags=128 3(27177) end of header reached, state=9 3(27177) DEBUG: get_hdr_field: <To> [35]; uri=[sip:rakesh@10.128.16.254] 3(27177) DEBUG: to body [rakesh <sip:rakesh@10.128.16.254> ] 3(27177) get_hdr_field: cseq <CSeq>: <34836> <REGISTER> 3(27177) DEBUG:maxfwd:is_maxfwd_present: value = 70 3(27177) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16 3(27177) parse_headers: flags=256 3(27177) DEBUG: get_hdr_body : content_length=0 3(27177) found end of header 3(27177) find_first_route: No Route headers found 3(27177) loose_route: There is no Route HF 3(27177) grep_sock_info - checking if host==us: 13==13 && [10.128.16.254] == [10.128.16.254] 3(27177) grep_sock_info - checking if port 5060 matches port 5060 3(27177) parse_headers: flags=-1 3(27177) check_via_address(10.128.16.149, 10.128.16.149, 0) 3(27177) check_nonce(): comparing [46973120b5e52ab0043489c086504ae54af9d299] and [46973120b5e52ab0043489c086504ae54af9d299] 3(27177) check_response(): Our result = 'a20c4795c00787c796addb4fff02bc15' 3(27177) check_response(): Authorization failed 3(27177) build_auth_hf(): 'WWW-Authenticate: Digest realm="10.128.16.254", nonce="46973120b5e52ab0043489c086504ae54af9d299" ' 3(27177) parse_headers: flags=-1 3(27177) check_via_address(10.128.16.149, 10.128.16.149, 0) 3(27177) DEBUG:destroy_avp_list: destroying list 0 3(27177) receive_msg: cleaning up the config file used is attached with the mail Wish I could get a solution asap... Thanks! Parminder Nayyar

17 years, 1 month

[Serusers] FIFO Commands

by Christian Thomas

Hi, I would like to know how to obtain the complete FIFO command list. I'm running a SER 0.9.4 and thru serctl I would like to be able to quickly show or reload tables contents. Like serctl fifo trusted_dump or trusted_reload. Thanks Christian Thomas Diretor Executivo Canal West Fone : +55 (48) 2107 2728 Fax : +55 (48) 3333 3745 MSN / Email : cthomas(a)canalwest.com VoIP : cthomas(a)sip.canalwest.com

17 years, 1 month

[OpenSER-Users] logging

by Pande, Piyush

Hi , Forgive me if this an obvious question but when OpenSER is running is there a log file I can look for to debug what OpenSER receives and sends back? Also how can we put debug statements in the openser.cfg and where will they be outputted to? Thanks Piyush

17 years, 1 month

[Serusers] Checking Route

by Ron Shacham

Hi. I am new to SER. I am trying to update the Route header. In order to do this, I need to check the value of, for example, the first route entry, and push new routes. Can someone give me some pointers about how to do this? In general, how can I check the value of a header field. This is a basic question, but I haven't been able to find direction in the documentation. Thanks, Ron

17 years, 1 month

[Serusers] getting failed permissions and this is affecting registrations of natted clients

by Kirk McCalla

I am using fedora core 4 I just did a yum install to install the ser as well as the ser-mysql and mysql packages. I am starting ser and I am getting this error 0(0) Default allow file (/etc/ser/permissions.allow) not found => empty rule set 0(0) Default deny file (/etc/ser/permissions.deny) not found => empty rule set I am able to start ser and do a monitor of the ser system. when I try to register a UA I get a 408 forbidden message. I started mysql and tried to look at the user table. This table does not exist Can any one help. the file

17 years, 1 month

← Newer
1
...
11
12
13
14
15
16
17
...
27
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users July 2007