hello !!
i installed openser with mysql module
but any one can register and make calls to another users
openser.cfg content
cat openser.cfg
#
# $Id: openser.cfg 1827 2007-03-12 15:22:53Z bogdan_iancu $
#
# simple quick-start config script
# Please refer to the Core CookBook at
http://www.openser.org/dokuwiki/doku.php
<http://www.voipuser.org/ship_to.php?url=http://www.openser.org/dokuwiki/dok…>
# for a explanation of possible statements, functions and parameters.
#
# ----------- global configuration parameters ------------------------
debug=8 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=yes # (cmd line: -E)
children=4
log_facility=LOG_LOCAL0
sip_warning=yes
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
# Uncomment these lines to enter debugging mode
#fork=no
#log_stderror=yes
#
port=5060
# uncomment the following lines for TLS support
#disable_tls = 0
#listen = tls:your_IP:5061
#tls_verify_server = 1
#tls_verify_client = 1
#tls_require_client_certificate = 0
#tls_method = TLSv1
#tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
#tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
#tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
# ------------------ module loading ----------------------------------
#set module path
mpath="/usr/local/lib/openser/modules/"
# Uncomment this if you want to use SQL database
loadmodule "mysql.so"
loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "rr.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "mi_fifo.so"
loadmodule "/usr/local/lib/openser/modules/xlog.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "auth.so"
loadmodule "auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- mi_fifo params --
modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
#modparam("usrloc", "db_mode", 2)
modparam("usrloc", "db_url", "mysql://openser:openserrw@localhost/openser")
#fifo_db_url="mysql://openser:openserrw@localhost/openser"
modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("usrloc", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
};
if (msg:len >= 2048 ) {
sl_send_reply("513", "Message too big");
exit;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER")
record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
# if you have some interdomain connections via TLS
#if(uri=~"@tls_domain1.net") {
# t_relay("tls:domain1.net");
# exit;
#} else if(uri=~"@tls_domain2.net") {
# t_relay("tls:domain2.net");
# exit;
#}
route(1);
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
#if (!www_authorize("openser.org", "subscriber")) {
# www_challenge("openser.org", "0");
# exit;
#};
save("location");
exit;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
exit;
};
append_hf("P-hint: usrloc applied\r\n");
};
route(1);
}
route[1] {
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
exit;
}
Regards ,
--
Amr Elgbaly
Gnu/Linux sytem engineer
OptiServers support team
http://optiservers.com
Telephone : +2 02 678 679
Cell Phone : +2 012 803 2002
I'm having trouble finding the cpl-c module. I have the binaries for Openser
1.1.1 installed on arch x86_64 with FC6 downloaded from the opensuse
repository. Where can I get a compiled version of this module?
Rich
Hi,
I noticed that the NOTIFY requests that are sent by the presence module
do not contain a "Max-Forwards" header. This is a mandatory header! We
are using openser version 1.2.0 on a freebsd platform.
kind regards,
Sigrid
Hi, Olaf!
In that case, since it's not recommended to change the TO header, is there
any other ways I can make the SER to route to another SIP server without
using rewritehostport()?
Thanks.
Best regards,
Roa Yu
-----Original Message-----
From: Olaf Bergmann [mailto:Olaf.Bergmann@freenet-ag.de]
Sent: Tuesday, July 03, 2007 4:36 PM
To: roayu
Cc: serusers(a)lists.iptel.org
Subject: Re: [Serusers] How SER communicate to other SIP server
roayu wrote:
> that's the reason why I need to change the URI (of the TO header).
No, it is not. At least if your user agent and other servers
implement the same RFC 3261 as most of the other SIP servers in the
world do.
> just failed to change the uri at the TO header. Therefore, it couldn't
route
> to another SIP server.
>
> Current FROM/TO uri that I get,
> From : <sip:12345@mySER.net:5060>
> To : <sip:88888888@mySER.net:5060>
>
> The actual FROM/TO uri that I WANT will be,
> From : <sip:12345@mySER.net:5060>
> To : <sip:88888888@anotherSIP.net:5060>
>
> I've checked on the regular expression, and it's fine with that. Am I
using
> the correct function - rewritehostport()?
Well, rewritehostport() changes the request URI, not the URI part of
the To header field. This is fine for most applications, but if you
really want to change the contents of the To header, you will have
to use something like replace_hf(). But it is not recommended to do
that. Really. SIP is designed to work without replacing the To. In
fact, applications are more likely to break if it is changed.
Regards,
Olaf
Hi, Olaf!
Pls ignore the previous mail and refer to this as there's a typo error.
Oops, I accidentally deleted the semi-colon(;) at the closing of the IF
statement. I know that the SIP messages are routed according to the URI and
that's the reason why I need to change the URI (of the TO header). But I
just failed to change the uri at the TO header. Therefore, it couldn't route
to another SIP server.
Current FROM/TO uri that I get,
From : <sip:12345@mySER.net:5060>
To : <sip:88888888@mySER.net:5060>
The actual FROM/TO uri that I WANT will be,
From : <sip:12345@mySER.net:5060>
To : <sip:88888888@anotherSIP.net:5060>
I've checked on the regular expression, and it's fine with that. Am I using
the correct function - rewritehostport()?
Thanks.
Best regards,
Roa Yu
-----Original Message-----
From: Olaf Bergmann [mailto:Olaf.Bergmann@freenet-ag.de]
Sent: Tuesday, July 03, 2007 3:07 PM
To: roayu
Cc: serusers(a)lists.iptel.org
Subject: Re: [Serusers] How SER communicate to other SIP server
roayu wrote:
> Hi, Olaf!
>
> I've used 'rewritehostport("sipB.net:5060")' under the INVITE message
> handler.
>
> The following are my configuration, pls correct me if I'm wrong.
> if(uri =~ "^sip:[0-9{8}@.*") {
> if(!proxy_authorise("","subscriber")){
> proxy_challenge("","0");
> break;
>
> }else if(!check_from()) {
> sl_send_reply("403","Use From ID");
> break;
> };
>
> consume_credentials();
> rewritehostport("sipB.net:5060");
> setflag(1);
> route(1);
> break;
> }
>
> When I dialed 8-digit of the number, it will pass to another SIP
> server(sipB.net). But on the TO header, I still found that the TO address
> still under the sipSER.net. You may refer to the following.
> From : <sip:12345@sipSER.net:5060>
> To : <sip:88888888@sipSER.net:5060>
> Does that means that it's still looping inside sipSER.net instead of
routing
> to sipB.net? If yes, how do I change the TO header or make it route to
> sipB.net?
No, SIP messages are routed according to their request URI. I am not
sure if the regular expression in your if-clause was corrupted by
the E-Mail service (if not, at least a closing bracket is missing).
I suggest, you start with a simplified version of this regexp to be
sure that the then-part is evaluated at all. Use xlog() to add a
couple of debug messages to find out which routing blocks are evaluated.
Regards,
Olaf
_______________________________________________
Serusers mailing list
Serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
Hi, Olaf!
Oops, I accidentally deleted the semi-colon(;) at the closing of the IF
statement. I know that the SIP messages are routed according to the URI and
that's the reason why I need to change the URI (of the TO header). But I
just failed to change the uri at the TO header. Therefore, it couldn't route
to another SIP server.
Current FROM/TO uri that I get,
From : <sip:12345@mySER.net:5060>
To : <sip:88888888@anotherSIP.net:5060>
The actual FROM/TO uri that I WANT will be,
From : <sip:12345@mySER.net:5060>
To : <sip:88888888@anotherSIP.net:5060>
I've checked on the regular expression, and it's fine with that. Am I using
the correct function - rewritehostport()?
Thanks.
Best regards,
Roa Yu
-----Original Message-----
From: Olaf Bergmann [mailto:Olaf.Bergmann@freenet-ag.de]
Sent: Tuesday, July 03, 2007 3:07 PM
To: roayu
Cc: serusers(a)lists.iptel.org
Subject: Re: [Serusers] How SER communicate to other SIP server
roayu wrote:
> Hi, Olaf!
>
> I've used 'rewritehostport("sipB.net:5060")' under the INVITE message
> handler.
>
> The following are my configuration, pls correct me if I'm wrong.
> if(uri =~ "^sip:[0-9{8}@.*") {
> if(!proxy_authorise("","subscriber")){
> proxy_challenge("","0");
> break;
>
> }else if(!check_from()) {
> sl_send_reply("403","Use From ID");
> break;
> };
>
> consume_credentials();
> rewritehostport("sipB.net:5060");
> setflag(1);
> route(1);
> break;
> }
>
> When I dialed 8-digit of the number, it will pass to another SIP
> server(sipB.net). But on the TO header, I still found that the TO address
> still under the sipSER.net. You may refer to the following.
> From : <sip:12345@sipSER.net:5060>
> To : <sip:88888888@sipSER.net:5060>
> Does that means that it's still looping inside sipSER.net instead of
routing
> to sipB.net? If yes, how do I change the TO header or make it route to
> sipB.net?
No, SIP messages are routed according to their request URI. I am not
sure if the regular expression in your if-clause was corrupted by
the E-Mail service (if not, at least a closing bracket is missing).
I suggest, you start with a simplified version of this regexp to be
sure that the then-part is evaluated at all. Use xlog() to add a
couple of debug messages to find out which routing blocks are evaluated.
Regards,
Olaf
Dear All,
I can see that permission module initializes DB only once with Openser
startup. All the changes, made in DB, will be postponed till the next
Openser restart.
Can anybody advise how to make real-time permission DB fetching?
Hi, Olaf!
I've used 'rewritehostport("sipB.net:5060")' under the INVITE message
handler.
The following are my configuration, pls correct me if I'm wrong.
if(uri =~ "^sip:[0-9{8}@.*") {
if(!proxy_authorise("","subscriber")){
proxy_challenge("","0");
break;
}else if(!check_from()) {
sl_send_reply("403","Use From ID");
break;
};
consume_credentials();
rewritehostport("sipB.net:5060");
setflag(1);
route(1);
break;
}
When I dialed 8-digit of the number, it will pass to another SIP
server(sipB.net). But on the TO header, I still found that the TO address
still under the sipSER.net. You may refer to the following.
From : <sip:12345@sipSER.net:5060>
To : <sip:88888888@sipSER.net:5060>
Does that means that it's still looping inside sipSER.net instead of routing
to sipB.net? If yes, how do I change the TO header or make it route to
sipB.net?
Thanks.
Best regards,
Roa Yu
-----Original Message-----
From: Olaf Bergmann [mailto:Olaf.Bergmann@freenet-ag.de]
Sent: Monday, July 02, 2007 4:55 PM
To: roayu
Cc: serusers(a)lists.iptel.org
Subject: Re: [Serusers] How SER communicate to other SIP server
roayu wrote:
> Hi, Olaf!
>
> I'm not sure what functions that I can use to include inside ser.cfg.
Could
> you pls let me know where I can see all those functions like
> sl_send_reply(), so that I can use them.
Have a look at <http://www.iptel.org/doc>. You will find several
tutorials as well as reference documents, especially for the
available modules. In addition, there is an excellent interactive
search tool at <http://www.iptel.org/ser/doc/search> to lookup
function definitions etc.
Regards,
Olaf
