sr-users August 2007

sr-users@lists.kamailio.org

169 participants
286 discussions

[OpenSER-Users] OpenSER as Asterisk/CallWeaver frontend

by Eugene Prokopiev

Hi, Can anybody tell some success story about using OpenSER as Asterisk/CallWeaver frontend? I tried to googling first but where are no detailed useful stories :( Now I have CallWeaver (Asterisk fork) installed on Linux server which connected to 2 different providers via one wan interface but 2 ip addresses from one network, for example: eth0 - 10.0.0.2/24 -> provider1(10.0.2.1) - 10.0.0.3/24 -> provider1(10.0.3.1) So, I need send SIP requests to provider1 from address 10.0.0.2/24 and to provider2 from 10.0.0.3/24. This must be done because my internet provider must account trafic on router 10.0.0.1 for 2 VoIP providers separately and it's billing system can do it only by different source ip addresses and can't do it by destination ip addresses. I can separate SIP requests between 2 ip addresses with linux kernel 2.6.18 or higher by using ip_nat_sip iptables module and MARK/SNAT. But this approach can't be used in OpenVZ virtial environment in which CallWeaver must be used. Is it possible to send SIP requests from CallWeaver via OpenSER and modify them with OpenSER to replace source addresses in UDP headers and SIP headers? How can I say CallWeaver to send SIP requests via OpenSER? How can I implement this routing logic in OpenSER? Can anybody give me a simple example? -- Thanks, Eugene Prokopiev

17 years, 2 months

[OpenSER-Users] Unauthorized Calls - [Openser - X-lite]

by Jeferson Prevedello

Hello, I implemented an environment using to openser + mysql. The enviroment functions perfectly, however I perceived that users (branches) not registered in mysql are generating called. I installed the X-lite softphone in my computer trying to reproduce the situation. In the properties of configuration of the X-lite, "field Password" I type "trash" as password (wrong password). The display of X-lite showed the following message: "Registration error: 401 - Unauthorized". In the contacts drawer I add a contact (double click on the new contact), and the call was generate without restriction (very bad). Some idea of as I solve this problem? Thanks Regards Jeferson

17 years, 2 months

Fw: [OpenSER-Users] Unauthorized Calls - [Openser - X-lite]

by Simone Torri

Hi Guys, Here in my company I have the same problem. The solution that I adopted was apply the proxy_authorize function and restrict all incoming calls. I use openser only for originate calls. Some tip ? Cheers, Torri ----- Original Message ----- From: "Jeferson Prevedello" <jprevedello(a)terra.com.br> To: "Dan-Cristian Bogos" <dan.bogos(a)gmail.com> Cc: <users(a)openser.org> Sent: Monday, August 27, 2007 12:26 PM Subject: Re: [OpenSER-Users] Unauthorized Calls - [Openser - X-lite] Hello DanB, More a problem ! :-( I apply the following configuration in my openser.cfg: if (method=="INVITE") { if (!proxy_authorize("", "subscriber")) { proxy_challenge("","0"); exit; } }; I perceived that with the configuration above 'only' registered users can generate called, however I not receive more called originated through of PSTN or of any branch of PBX. I believe these calls are deny because the source (PSTN - Branches) not are registering in the openser server. Is possible to apply the configuration above only for calls 'originated' from openser ? Thanks ! Regards Jeferson ----- Original Message ----- From: "Dan-Cristian Bogos" <dan.bogos(a)gmail.com> To: "Jeferson Prevedello" <jprevedello(a)terra.com.br> Cc: <users(a)openser.org> Sent: Monday, August 27, 2007 8:35 AM Subject: Re: [OpenSER-Users] Unauthorized Calls - [Openser - X-lite] Hello Jeferson, Your configuration looks a bit messy, if I were OpenSER I would also refuse it. :). I would suggest taking a more standard configuration (u can find many examples on this location: http://openser.svn.sourceforge.net/viewvc/openser/branches/1.2/examples/) and use 1.2 branch of software for start, and experiment with it into some lab environment. It is a bit difficult as a beginner to start directly experimenting on a production configuration, perhaps written by somebody else without understanding it. You will end up having big issues when troubleshooting in production environment. The tip I gave you would be really easy to implement it with a block of few lines, eg: if (is_method("INVITE")){ if (!proxy_authorize("", "subscriber)) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; }; }; Documentation for you to understand those lines here: http://www.openser.org/docs/modules/1.2.x/auth_db.html#AEN192 Usually, there is a loot of documentation and howtos in openser wiki, so I would suggest you having a glance on some titles which look close to your needs as a beginner. http://www.openser.org/dokuwiki/doku.php Cheers, DanB On 8/27/07, Jeferson Prevedello <jprevedello(a)terra.com.br> wrote: > Hello DanB, > > Thanks! > > As DanB´s suggestion, I tried to implement a mechanism that only allowed > authenticated members make calls, but my configuration didn´t function. > > This is my first project with openser, therefore I do not have much > experience. If someone know how to help me to implement this verification, > I > will be very thankful. > > Below, my openser.cfg file: > > -x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x -x-x-x-x-x-x-x-x > > > # ----------- global configuration parameters ------------------------ > > debug=3 > fork=yes > log_stderror=no > log_facility=LOG_LOCAL7 > > # hostname matching an alias will satisfy the condition uri==myself". > alias=xxx.xxx.xxx.xxx > listen=udp:xxx.xxx.xxx.xxx:5060 > > # check_via - Turn on or off Via host checking when forwarding replies. > # Default is no. arcane. looks for discrepancy between name and > # ip address when forwarding replies. > check_via=yes > > # syn_branch - Shall the server use stateful synonym branches? It is > # faster but not reboot-safe. Default is yes. > syn_branch=yes > > # dns - Uses dns to check if it is necessary to add a "received=" field > # to a via. Default is no. > # rev_dns - Same as dns but use reverse DNS. > dns=no > rev_dns=no > port=5060 > children=4 > > # memlog - Debugging level for final memory statistics report. Default > # is L_DBG -- memory statistics are dumped only if debug is set high. > memlog=3 > > # sip_warning - Should replies include extensive warnings? By default > # yes, it is good for trouble-shooting. > sip_warning=yes > > # fifo - FIFO special file pathname > fifo="/tmp/openser_fifo" > > # reply_to_via - A hint to reply modules whether they should send reply > # to IP advertised in Via. Turned off by default, which means that > # replies are sent to IP address from which requests came. > reply_to_via=no > > # mhomed -- enable calculation of outbound interface; useful on > # multihomed servers. > mhomed=0 > > # ------------------ module loading ---------------------------------- > > # Uncomment this if you want to use SQL database > loadmodule "/usr/lib/openser/modules/mysql.so" > loadmodule "/usr/lib/openser/modules/sl.so" > loadmodule "/usr/lib/openser/modules/tm.so" > loadmodule "/usr/lib/openser/modules/rr.so" > loadmodule "/usr/lib/openser/modules/maxfwd.so" > loadmodule "/usr/lib/openser/modules/usrloc.so" > loadmodule "/usr/lib/openser/modules/registrar.so" > loadmodule "/usr/lib/openser/modules/textops.so" > loadmodule "/usr/lib/openser/modules/nathelper.so" > loadmodule "/usr/lib/openser/modules/acc.so" > loadmodule "/usr/lib/openser/modules/xlog.so" > > # Uncomment this if you want digest authentication > # mysql.so must be loaded ! > loadmodule "/usr/lib/openser/modules/auth.so" > loadmodule "/usr/lib/openser/modules/auth_db.so" > > # ----------------- setting module-specific parameters --------------- > > # ------------- usrloc parameters > > # 2 enables write-back to persistent mysql storage for speed > # disable=0, write-through=1 > modparam("usrloc", "db_mode", 0) > > # minimize write back window - default is 60 seconds > modparam("usrloc", "timer_interval", 30) > > # ------------- auth parameters > > # Uncomment if you are using auth module > modparam("auth_db", "calculate_ha1", yes) > > # If you set "calculate_ha1" parameter to yes (which true in this config), > # uncomment also the following parameter) > modparam("auth_db", "password_column", "password") > > # ------------- rr parameters > > # add value to ;lr param to make some broken UAs happy > modparam("rr", "enable_full_lr", 1) > > # ------------- !! Nathelper > > modparam("registrar", "nat_flag", 6) > modparam("nathelper", "natping_interval", 30) # Ping interval 30 s > modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind > NAT > modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock") # > Nathelper with RTPproxy > > # ------------- tm parameters > > modparam("tm", "fr_timer", 12) > modparam("tm", "fr_inv_timer", 24) > > # ------------- acc parameters > > modparam("acc", "db_url", "mysql://openser:openserrw@localhost/openser") > modparam("acc", "db_flag", 2) > modparam("acc", "db_missed_flag", 2) > modparam("acc", "log_flag", 1) > modparam("acc", "log_missed_flag", 2) > modparam("acc", "log_level", 2) # Set log_level to 2 > > # Allow no more than 1 contacts per AOR > modparam("registrar", "max_contacts", 3) > > # ------------------------- request routing logic ------------------- > > # main routing logic > > route{ > > if (!mf_process_maxfwd_header("10")) > { > sl_send_reply("483","Too Many Hops"); > exit; > }; > > if (msg:len >= 2048 ) > { > sl_send_reply("513", "Message too big"); > exit; > }; > > # < Acconting > > if (method=="INVITE") > { > log(1, "Generate call - START\n"); > setflag(1); /* set for accounting (the same value as in > log_flag!) */ > setflag(2); > }; > > if (method=="BYE") > { > log (1, "Hung-up \n"); > setflag(1); > }; > > if (method=="CANCEL") > { > log (1, "Lost call \n"); > setflag(1); > } > > if (!method=="REGISTER") > record_route(); > > if (nat_uac_test("3")) > { > # Allow RR-ed requests, as these may indicate that > # a NAT-enabled proxy takes care of it; unless it is > # a REGISTER > > if (method == "REGISTER" || ! search("^Record-Route:")) > { > log(1,"LOG: Someone trying to register from private > IP, > rewriting\n"); > > # This will work only for user agents that support > symmetric > # communication. We tested quite many of them and > majority is > # smart enough to be symmetric. In some phones it > takes > a configuration > # option. With Cisco 7960, it is called > NAT_Enable=Yes, > with kphone it is > # called "symmetric media" and "symmetric signalling". > > fix_nated_contact(); # Rewrite contact with source IP > of > signalling > force_rport(); # Add rport parameter to topmost > Via > setflag(6); # Mark as NATed > }; > }; > # subsequent messages withing a dialog should take the > # path determined by record-routing > > if (loose_route()) > { > # mark routing logic in request > append_hf("P-hint: rr-enforced\r\n"); > route(1); > }; > > if (!uri==myself) > { > # mark routing logic in request > append_hf("P-hint: outbound\r\n"); > route(1); > }; > > # if the request is for other domain use UsrLoc > # (in case, it does not work, use the following command > # with proper names and addresses in it) > if (uri==myself) > { > > if (method=="REGISTER") > { > # Uncomment this if you want to use digest authentication > if (!www_authorize("xxx.xxx.xxx.xxx", "subscriber")) > { > www_challenge("xxx.xxx.xxx.xxx", "0"); > return; > }; > save("location"); > return; > }; > > lookup("aliases"); > if (!uri==myself) > { > append_hf("P-hint: outbound alias\r\n"); > route(1); > return; > }; > > # Router Cisco if not sip branche > log(1,"LOG: testando se destino-sip e' 418x ...\n"); > > if ( ! ( uri =~ "^sip:418[1-9].*" ) && > ! ( uri =~ "^sip:4397")) > { > log(1,"LOG: destino-sip not is 418x .\n"); > route(2); > > log(1,"LOG: rewriting hostport yyy.yyy.yyy.yyy:5060...\n"); > rewritehostport("yyy.yyy.yyy.yyy:5060"); > log(1,"LOG: t_relay...\n"); > t_relay(); > > log(1,"LOG: break...\n"); > return; > } > log(1,"LOG: destino-sip 418x, continue .\n"); > > # native SIP destinations are handled using our USRLOC DB > if (!lookup("location")) > { > sl_send_reply("404", "Not Found"); > return; > }; > }; > append_hf("P-hint: usrloc applied\r\n"); > route(1); > } > > ####################################### > > route[1] > { > # !! Nathelper > if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && > !search("^Route:")) > { > sl_send_reply("479", "We don't forward to private IP > addresses"); > return; > }; > > # if client or server know to be behind a NAT, enable relay > if (isflagset(6)) > { > force_rtp_proxy(); > t_on_reply("1"); > append_hf("P-Behind-NAT: Yes\r\n"); > }; > > if (!t_relay()) > { > sl_reply_error(); > return; > }; > } > # !! Nathelper > onreply_route[1] > { > # NATed transaction ? > if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") > { > fix_nated_contact(); > force_rtp_proxy(); > } > else if (nat_uac_test("1")) > { > fix_nated_contact(); > }; > } > > ####################################### > > route[2] { > > ### Dial Plan for gateway VoIP ### > > # Sao Paulo 11 > if ( uri =~ "^sip:9911.*" ) > { > log(1,"LOG: destination is 9911x, change prefix..."); > strip(4); > prefix("011"); > return; > } > > # Error (Number inexistent) > sl_reply_error(); > > } > > -x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x -x-x-x-x-x-x-x-x > > Regards > Jeferson > > > > > > ----- Original Message ----- > From: "Dan-Cristian Bogos" <dan.bogos(a)gmail.com> > To: "Jeferson Prevedello" <jprevedello(a)terra.com.br> > Cc: <users(a)openser.org> > Sent: Saturday, August 25, 2007 3:06 PM > Subject: Re: [OpenSER-Users] Unauthorized Calls - [Openser - X-lite] > > > > Hello Jeferson, > > > > it all depends on your openser.cfg. > > If you put in there that all the INVITE-s should be authenticated, your > > users will not be able anymore to call without having a valid user and > > password for your server. Note that by default openser will not do any > > check for you, in order to keep the flexibility of be used in > > different environment setups. > > > > Cheers, > > DanB > > > > On 8/25/07, Jeferson Prevedello <jprevedello(a)terra.com.br> wrote: > >> > >> > >> Hello, > >> > >> I implemented an environment using to openser + mysql. The enviroment > >> functions perfectly, however I perceived that users (branches) not > >> registered in mysql are generating called. > >> > >> I installed the X-lite softphone in my computer trying to reproduce the > >> situation. > > >> In the properties of configuration of the X-lite, "field Password" I > >> type > >> "trash" as password (wrong password). > >> > >> The display of X-lite showed the following message: "Registration > >> error: > >> 401 > >> - Unauthorized". > >> > >> In the contacts drawer I add a contact (double click on the new > >> contact), > >> and the call was generate without restriction (very bad). > >> > >> Some idea of as I solve this problem? > >> > >> Thanks > >> > >> Regards > >> Jeferson > >> > >> _______________________________________________ > >> Users mailing list > >> Users(a)openser.org > >> http://openser.org/cgi-bin/mailman/listinfo/users > >> > >> > > > > _______________________________________________ Users mailing list Users(a)openser.org http://openser.org/cgi-bin/mailman/listinfo/users _______________________________________________ Users mailing list Users(a)openser.org http://openser.org/cgi-bin/mailman/listinfo/users Flickr agora em português. Você clica, todo mundo vê. http://www.flickr.com.br/

17 years, 2 months

[OpenSER-Users] About RTP stream

by zze-WU Yin RD-MAPS-LAN

Hello everyone, Now my openser is just a Sip proxy which manage the sip requests and I want to manage RTP streams by the openser, that means openser recieve RTP streams and retransmit them. How can I do? Thank you very much!

17 years, 2 months

[Users] understanding SEMS

by Victor Gamov

hi guys! can somebody explain me how SEMS works with SER/OpenSER. As I conceive proxy sends requests to SEMS via unix socket. Then SEMS needs constructs reply or new request and ask proxy to send it. But where reply come to proxy? into onreply_route[0] block? is it possible to use t_on_reply() function when initial request writing to SEMS to ask proxy to use specific onreply_route[] block? Thanks for advise! -- CU, Victor Gamov

17 years, 2 months

[OpenSER-Users] Upload to XCAP Server - 405 Method Not Allowed error.

by Kriti Wadhwa

Hi, I am testing Presence service using Openser, XCAP server... After firing up the UCT IMS Client in the final step, everything goes well except the "Upload to XCAP Server" part... On clicking that I get: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>405 Method Not Allowed</title> </head><body> <h1>Method Not Allowed</h1> <p>The requested method PUT is not allowed for the URL /xcap-root/pres-rules/user/alice/presence_rules.xml.</p> <hr> <address>Apache/2.0.54 (Fedora) Server at xcap Port 80</address> </body></html> Tried changing permissions to the presence_rules.xml file and also made all necessary changes in httpd.conf file but in vain... Hope someone can help me in this. Thanks, - Kriti Mailo: kriti.wadhwa(a)tcs.com =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you

17 years, 2 months

[OpenSER-Users] Openser + Asterisk

by CLEMENT Frédéric

17 years, 2 months

[Serusers] acc_db_request milliseconds

by Sho Aihara

Hello. Please teach me about acc_db_request for the call charge. For example, when call starts (ACK), my ser.cfg acc_db_request will executed to insert a new row for db. timestamp ------------------- 2007-08-24 23:50:00 And when call ends (BYE), acc_db_request executed. timestamp ------------------- 2007-08-24 23:50:03 These values were considered about milliseconds? For example... timestamp ------------------- 2007-08-24 23:50:00(.000) timestamp ------------------- 2007-08-24 23:50:03(.525) In this case, I think that the interval of these time becomes 4 seconds If I use these values for the call charge (round-up millisecond). Or, has the time recorded with BYE already been rounded up? Thanks, Sahria

17 years, 2 months

[OpenSER-Users] en.wikipedia

by kgfleischmann＠t-online.de

The Wikipedia article of OpenSER is subject of a deletion request. The reasons can be found in this text on the discussion page of "Miconda" "Notability of OpenSER A tag has been placed on OpenSER, requesting that it be speedily deleted from Wikipedia. This has been done because the article appears to be about a person, group of people, band, club, company, or web content, but it does not indicate how or why the subject is notable: that is, why an article about that subject should be included in an encyclopedia. Under the criteria for speedy deletion, articles that do not assert the subject's importance or significance may be deleted at any time. Please see the guidelines for what is generally accepted as notable. If you think that you can assert the notability of the subject, you may contest the deletion by adding {{hangon}} to the top of the page (just below the existing speedy deletion or "db" tag), coupled with adding a note on the article's talk page explaining your position, but be aware that once tagged for speedy deletion, if the article meets the criterion it may be deleted without delay. Please do not remove the speedy deletion tag yourself, but don't hesitate to add information to the article that would confirm the subject's notability under Wikipedia guidelines. For guidelines on specific types of articles, you may want to check out our criteria for biographies, for web sites, for bands, or for companies. Feel free to leave a note on my talk page if you have any questions about this. Calltech 11:29, 25 July 2007 (UTC) " If someone could take care of the article and possibly join the deletion discussion (http://en.wikipedia.org/wiki/Wikipedia:Articles_for_deletion/OpenSER) ? /Klaus

17 years, 2 months

Re: [Serusers] why combine ser with asterisk

by SIP

Michael Grigoni wrote: > SIP wrote: > > <snip> > >> Take Cray Supercomputers as a prime example. Seymour Cray built this >> fantastic supercomputer architecture, but didn't build any >> peripherals for it or even an operating system, assuming that, if >> people had the raw speed and power available, they'd be eager to use >> it even if they had to build their own hardware/software. > > Yes, Seymour liked to code in machine language right from the console > and the O/Ses for his machines developed 'organically' from the bottom up > in general, but wouldn't you consider SCOPE, KRONOS, NOS etc. operating > systems? And as for hardware, the CDC peripherals and Hyperchannel > offerings seemed to be the best in the industry on Cray CPUs... > > Regards, > > Michael Right, but Cray himself was TOTALLY against their creation. This was one of the reasons he left CDC to form Cray Research (which, mind you, CDC was very much in support of, as they had much faith in Cray's abilities). He argued vehemently that the peripherals were unnecessary products, and eventually, this disagreement caused him to leave and form Cray Research, where he could be free from 'management failures' as he liked to call them. The CDC, however, was extremely supportive of Cray Research, and put money and development time into it, much to Cray's chagrin. Then, again, when Cray Research was faced with the decision of whether to build computers that people would buy or computers for the sake of building computers, they understood that they needed to stay in business, and decided on the path that would lead them to solvency. This caused Cray to leave his own company and form Cray Computers. He vowed that CCC would make fast and powerful computers and that nothing else would be a priority. He assumed that speed and power were the ultimate goal and that everything would fall into place if he achieved that goal. Of course, his shortsightedness caused bankruptcy. Incidentally, having had to use NOS on a regular basis back in the day, I would scarcely call it an operating system. Anything that lets you manually change the bits in memory of a running program isn't an OS, it's just a GUI for the hardware. ;) N.

17 years, 2 months

← Newer
1
...
4
5
6
7
8
9
10
...
29
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users August 2007