sr-users April 2008

sr-users@lists.kamailio.org

141 participants
187 discussions

[OpenSER-Users] OpenSER Summit 2008 - Post facts

by Bogdan-Andrei Iancu

Hello everybody, The most important OpenSER event, community oriented, the OpenSER Summit 2008 marked a new point in OpenSER project history. Gathering more than 60 participants from both industry and community side, OpenSER Summit brought in to the lights major project people and industry representatives who help with the evolution of the project. Major topics that were discussed: A. how can OpenSER be used as a core component in industry proofed solutions and how/where to get the necessary knowledge B. what are the development directions that needs to be taken by the project - these were moderated open discussions. All this theoretical discussions were back-end up by the OpenSER Pavilion, were several companies showed the practical part of OpenSER software, via services, products and knowledge. All the material that were presented during the Summit are now available for download: A. via the summit agenda - http://www.openser.org/mos/view/OpenSER-Summit-2008/#agenda - here, by browsing the agenda, you can download a certain presentation; B. via the pub/ section of the web site - http://www.openser.org/pub/OpenSER-Summit-2008/ - gets all the presentations from here. Pictures and video captures will be soon available on the web site ;) Best regards, Bogdan

16 years, 7 months

Re: [OpenSER-Users] CPL and Postgres problems.

by Bogdan-Andrei Iancu

So, you only changed the column type (for cpl_bin) from BLOB to BYTEA ? Regards, Bogdan Ola Karlsson wrote: > Bogdan.. > > I changed the column type in the database to bytea for cgi-bin and > stuff started working , seems the decode only happened for BLOB type > not for text. > > When debugging I got a \ instead of 0x01 så figured something was > wrong getting stuff out of the database. > > /Ola > > On Mon, Apr 7, 2008 at 10:50 AM, Bogdan-Andrei Iancu > <bogdan(a)voice-system.ro <mailto:bogdan@voice-system.ro>> wrote: > > Hello Ola, > > That is strange as the len of the script is taken from the > postgres driver (via openser API) - the returned columns must be > BLOB type. Check the types of the cpl_* columns; otherwise I > suspect a postgres driver (in openser) issue. > > Best regards, > Bogdan > > Ola Karlsson wrote: > > Hi Users! > > Have a problem with CPL scripts and postgres. > I've tried to make the simplest possible script for debugging > which resulted in the following in the 'cpl_xml' column. > > '<cpl>\012 <incoming>\012 <reject status="reject" > reason="I reject anonymous calls"/>\012 > </incoming>\012</cpl>\012\012' > > Loading it with openserctl that gets translated to this in the > cpl_bin field. > > '\001\001\000\000\000\006\002\001\000\000\000\006\026\000\002\000\000\000\002[\000\001\000\031I > reject anonymous calls\000\000' > > The reason I figure that postgres could have something to do > with this is that I've got this working before(before being > quite a while ago though. ) with MySQL. > > Turning on debugging gives this information. > > Mar 31 18:13:18 fuj /sbin/openser[601]: cpl-c B4script > Mar 31 18:13:18 fuj /sbin/openser[601]: > DBG:cpl-c:get_dest_user: trying to get user from new_uri > Mar 31 18:13:18 fuj /sbin/openser[601]: > DBG:cpl-c:get_dest_user: trying to get user from R_uri > Mar 31 18:13:18 fuj /sbin/openser[601]: > DBG:cpl-c:get_user_script: fetching script for user <olak> > Mar 31 18:13:18 fuj /sbin/openser[601]: > DBG:cpl-c:get_user_script: we got the script len=0 > Mar 31 18:13:18 fuj /sbin/openser[601]: cpl-c After Script > > OpenSER says that the length of the script is 0 whatever > script I load?. > I changed that in the CPL-C module so we get the right length > of the compiled script but then it falls over on the sanity > check for NODE_CPL = 001 , and if you skip that check it > starts complaining about unknown nodes ( in my case 92 ) ... > > So my question is if anyone uses postgres and CPL, if so can > you give me some pointers? > Would be good to know if this happens to be a bug or an > untested area in that case I have no problem fixing the > problem just don't want to burn alot of time on something > already fixed or me doing something stupid with configuration. > > Regards > /Ola Karlsson > ------------------------------------------------------------------------ > > _______________________________________________ > Users mailing list > Users(a)lists.openser.org <mailto:Users@lists.openser.org> > http://lists.openser.org/cgi-bin/mailman/listinfo/users > > > >

16 years, 7 months

[OpenSER-Users] sdp_mangle_ip()

by Travis Hegner

Hello All, I have briefly looked through the bug list but couldn't find anything related to my problem. I thought I would check here first to see if perhaps I have a configuration issue. I'm currently using the latest 1.3 version downloaded with svn. When attempting to call "sdp_mangle_ip()" I end up with a malformed sip packet. Upon inspection, I realized that the packet is correct except for the "Content-Length:" header, which seems to have the new (correct) content-length of the new packet written twice into the data stream. Here is what a snippet of the packet looks like: Content-Length: 156\r\n156\r\n Obviously, a correct packet should look like: Content-Length: 156\r\n Has anyone experienced this error before? Is there some parameter I should be setting for the mangler module, or another function I should call before this one? Should I roll up my sleeves and see if I can patch it myself? Any info is greatly appreciated... Travis

16 years, 7 months

[OpenSER-Users] CPL and Postgres problems.

by Ola Karlsson

Hi Users! Have a problem with CPL scripts and postgres. I've tried to make the simplest possible script for debugging which resulted in the following in the 'cpl_xml' column. '<cpl>\012 <incoming>\012 <reject status="reject" reason="I reject anonymous calls"/>\012 </incoming>\012</cpl>\012\012' Loading it with openserctl that gets translated to this in the cpl_bin field. '\001\001\000\000\000\006\002\001\000\000\000\006\026\000\002\000\000\000\002[\000\001\000\031I reject anonymous calls\000\000' The reason I figure that postgres could have something to do with this is that I've got this working before(before being quite a while ago though. ) with MySQL. Turning on debugging gives this information. Mar 31 18:13:18 fuj /sbin/openser[601]: cpl-c B4script Mar 31 18:13:18 fuj /sbin/openser[601]: DBG:cpl-c:get_dest_user: trying to get user from new_uri Mar 31 18:13:18 fuj /sbin/openser[601]: DBG:cpl-c:get_dest_user: trying to get user from R_uri Mar 31 18:13:18 fuj /sbin/openser[601]: DBG:cpl-c:get_user_script: fetching script for user <olak> Mar 31 18:13:18 fuj /sbin/openser[601]: DBG:cpl-c:get_user_script: we got the script len=0 Mar 31 18:13:18 fuj /sbin/openser[601]: cpl-c After Script OpenSER says that the length of the script is 0 whatever script I load?. I changed that in the CPL-C module so we get the right length of the compiled script but then it falls over on the sanity check for NODE_CPL = 001 , and if you skip that check it starts complaining about unknown nodes ( in my case 92 ) ... So my question is if anyone uses postgres and CPL, if so can you give me some pointers? Would be good to know if this happens to be a bug or an untested area in that case I have no problem fixing the problem just don't want to burn alot of time on something already fixed or me doing something stupid with configuration. Regards /Ola Karlsson

16 years, 7 months

[OpenSER-Users] OpenSER on top of OpenIMSCore

by Habib, Yeasin

Hi, I want to install OpenSER server on top of OpenIMSCore. I am using the new VMWare image provided by Vladimir Romanov. I have tried to install it from the source from svn. But up to installation I was successful. But when I try to run the mysql database script it's not working. I am trying to run the script /usr/local/etc/openser/openserctlrc, but it's not working anyway. Because it doesn't seems like a shell script. If anybody installs OpenSER on top of OpenIMSCore VMWare image then please help me. If anybody has a working image of OpenSER then it will be really grateful if I have the link or tutorial of that image. I am looking forward to hearing from all of you. Best regards Yeasin Habib

16 years, 7 months

[OpenSER-Users] How to detect lack of response to SIP nat ping?

by Mike Fedyk

Hi, I'm trying to come up with some code in openser that will log when a SIP UA does not respond to a SIP NAT ping. The best I can think of so far is using the sip timers module, but it is based on the INVITE method instead OPTIONS that is the nat ping default. Does anyone have any ideas that can point me in the right direction? Thanks, Mike

16 years, 7 months

[OpenSER-Users] dlg_end_dlg with extra headers

by Alex Massover

Hi! I'm trying to use dlg_end_dlg with extra headers. As far as I understood I can send fifo command like: [root@SER openser]# openserctl fifo dlg_end_dlg 123 456 'Header: here\r\n' 400 Too few or too many arguments It doesn't seem to accept third extra-header parameter. Am I doing something wrong? -- Best Regards, Alex Massover VoIP Development Manager Jajah Inc.

16 years, 7 months

[Serusers] SIP Registration fail

by William Zhang

Hi All, I am new to SER. I might just made some simple mistakes. So be easy on me:) I appreciate any inputs. Basically I was able to install and run SER 2.0.0 RC1 and make call between SIP clients SJPhone 1.65 with a helloworld configuration. Now I am trying to add the Authentication and MySQL. Here are what I did so far and no luck to get it work:( 1. Generate the configuration files with configuration file buildsystem and the content of the file is in the bottom of this message. 2. Create the SER database in MySQL server by running the ser_mysql.sh create command 3. Set SIP_DOMAIN variable: export SIP_DOMAIN="unknown.org" 4. Add domain and user with SER_CTL 2.0 with following commands ser_ctl domain add unknown.org ser_ctl user add 777(a)unknown.org -p 1212 The ser_ctl domain show and user show return: unknown.org unknown.org --------w--c-s 777(a)unknown.org uri 777(a)unknown.org 777(a)unknown.org credentials username=777 realm=unknown.org password=1212 777(a)unknown.org attr datetime_created=2008-04-06 03:25:43 I believe this should set the user and domain correctly to the database. But I also got some weired output with other command like ser_ctl ps, ser_ctl version. Same error: ser_ctl: (97, 'Address family not supported by protocol'): error'> And sercmd also give me the follow errors:( ERROR: connect_unix_sock: connect(/tmp/ser_ctl): Connection refused [111] 5. Run the ser with error to console and no fork. 6. Configure the SJPhone with above registration information. The client can not register and got 401 Unauthorized response. Below are the SIP packets contents: 2008-04-06 04:49:29.843 UDP LOCAL->192.168.0.182:5060 REGISTER sip:unknown.org SIP/2.0 Via: SIP/2.0/UDP 192.168.0.179;branch=z9hG4bKc0a800b30000004947f8565900000d5f00000019;rport From: "unknown" <sip:777@unknown.org>;tag=4ff22665b92 To: <sip:777@unknown.org> Contact: <sip:777@192.168.0.179> Call-ID: C69D49CA6580482CAFB5D305213ACE0D0xc0a800b3 CSeq: 18 REGISTER Max-Forwards: 70 User-Agent: SJphone/1.65.377a (SJ Labs) Content-Length: 0 21:49:29 SIP.Network DEBUG 2008-04-06 04:49:29.843 UDP 192.168.0.182:5060->LOCAL SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 192.168.0.179;branch=z9hG4bKc0a800b30000004947f8565900000d5f00000019;rport=5060 From: "unknown" <sip:777@unknown.org>;tag=4ff22665b92 To: <sip:777@unknown.org>;tag=3594b9925f930dcc8b38a6cda152d6b5.f97a Call-ID: C69D49CA6580482CAFB5D305213ACE0D0xc0a800b3 CSeq: 18 REGISTER Server: Sip EXpress router (2.0.0-rc1 (i386/linux)) Content-Length: 0 Warning: 392 192.168.0.182:5060 "Noisy feedback tells: pid=14897 req_src_ip=192.168.0.179 req_src_port=5060 in_uri=sip:unknown.org out_uri=sip:unknown.org via_cnt==1" The contents of the ser.cfg file: # Debug level on logging debug=3 # memory debug log level memdbg=10 # memory statistics log level memlog=10 # Fork and create children (no=run single process for debugging purposes) fork=no # Log to stderr (only use this of fork=no) log_stderror=yes # Log to the defined syslog facility log_facility=LOG_LOCAL0 # IP address to listen to listen=192.168.0.182 # Port to listen on port=5060 # Aliases used by uri!=myself checks to identity locally destined messages alias=mytestser.org # Number of children to fork per port per protocol children=4 # Is this host multihomed? mhomed=no # Should dns resolving be used? dns=no # Should reverse dns resolving be used? rev_dns=no # Should reverse dns resolving be used? disable_core_dump=yes # *************Your local directives ***************** # *** Common # *** Specific # Load the stateless transaction module (sl_reply etc) loadmodule "/usr/local/lib/ser/modules/sl.so" # Load the transaction stateful module (t_relay() etc) loadmodule "/usr/local/lib/ser/modules/tm.so" # Load the record routing module. Needed for making sure messages go through our server loadmodule "/usr/local/lib/ser/modules/rr.so" # Load maxfwd for stopping loops loadmodule "/usr/local/lib/ser/modules/maxfwd.so" # Load the user location module to store and retrieve user locations loadmodule "/usr/local/lib/ser/modules/usrloc.so" # Load the registrar module to handle registrations loadmodule "/usr/local/lib/ser/modules/registrar.so" # Load the xlog module for advanced logging with parameters loadmodule "/usr/local/lib/ser/modules/xlog.so" # Load the ctl module for the control socket interface. loadmodule "/usr/local/lib/ser/modules/ctl.so" # Load the gflags, global flags module. loadmodule "/usr/local/lib/ser/modules/gflags.so" # Load textops used for searching/selecting text in messages and manipulating headers. loadmodule "/usr/local/lib/ser/modules/textops.so" # Load the sanity check module to do integrity checks on incoming messages. loadmodule "/usr/local/lib/ser/modules/sanity.so" # Load the mysql connector module. loadmodule "/usr/local/lib/ser/modules/mysql.so" # Load the auth module with all the core authentication functions. loadmodule "/usr/local/lib/ser/modules/auth.so" # Load the auth module with the database functions. loadmodule "/usr/local/lib/ser/modules/auth_db.so" # The uri_db module uses database to check the uri. loadmodule "/usr/local/lib/ser/modules/uri_db.so" # The avp_db module allows loading of user attributes from database. loadmodule "/usr/local/lib/ser/modules/avp_db.so" loadmodule "/usr/local/lib/ser/modules/avp.so" # Load domain module used to verify the local domains. loadmodule "/usr/local/lib/ser/modules/domain.so" # *** Your loaded modules # Flags set be various modules # We set database mode to 0 = do not save to database backend (keep in memory), 1 = write-through to database modparam("usrloc", "db_mode", 1) # ctl module params # by default ctl listens on unixs:/tmp/ser_ctl if no other address is # specified in modparams; this is also the default for sercmd modparam("ctl", "binrpc", "unixs:/tmp/ser_ctl") # listen on the "standard" fifo for backward compatibility modparam("ctl", "fifo", "fifo:/tmp/ser_fifo") # We turn on full lr (adds lr=on as uri parameter, not lr). # This should have higher compatibility with some user agents. modparam("rr", "enable_full_lr", 1) # Encrypt dialog cookies with this secret modparam("rr", "cookie_secret", "ChangeThisIfYouStoreSecretStuffInCookie") # The authentication related modules and which database to use. modparam("auth_db|usrloc|uri_db", "db_url", "mysql://ser:heslo@localhost/ser") # We can store some of our important attributes (inside the messages) avpflags dialog_cookie; # ************* Your local module parameters ***************** # *** Common # *** Specific # Main route, executed for all messages route { # ------------------------------------------------------------------------ # Sanity Check Section # ------------------------------------------------------------------------ sanity_check(); # Check whether we might be in a loop. if (!mf_process_maxfwd_header("10")) { sl_reply("483", "Too Many Hops"); exit; } if (msg:len > max_len) { sl_reply("513", "Message Overflow"); exit; } # Log all incoming messages to see start of processing if(is_gflag("29")){ xlog("L_NOTICE","INCOMING - %rm\nFrom: %is(%fu)\nTo: %ru\nCall-ID: %ci\n"); } # ------------------------------------------------------------------------ # Handling messages with Route headers (aka loose routing) # ------------------------------------------------------------------------ if (loose_route()) { if(is_gflag("31")){ xlog("L_NOTICE"," loose routed - %rm\nFrom: %is(%fu)\nTo: %ru\nCall-ID: %ci\n"); } route(RELAY); exit; } # ------------------------------------------------------------------------ # Record Route Section # ------------------------------------------------------------------------ else if (method!="REGISTER") { record_route(); }; # If the ACK has more hops before reaching the user agent, it will have a Route header # and be forwarded above. If next hop is a user agent, the Request URI will be the ip:port # found in Contact of the original OK from the user agent, but will not be loose routed. # Just relay the ACK to the user agent. if (method=="ACK") { if(is_gflag("31")){ xlog("L_NOTICE"," ACK relayed using ruri - %rm\nFrom: %is(%fu)\nTo: %ru\nCall-ID: %ci\n"); } route(RELAY); exit; } # check if the caller is from a local domain (f=from, d=domain, $f will be set) lookup_domain("$fd", "@from.uri.host"); # check if the callee is at a local domain (t=to, d=domain, $t will be set) # If we have no To tag (dialog creating messages), we use request uri, but # but if this is an in-dialog message (like BYE with last hop before UA here) # we use the To header. if((a)to.tag=="") { lookup_domain("$td", "@ruri.host"); } else { lookup_domain("$td", "@to.uri.host"); } # we dont know the domain of the caller and also not # the domain of the callee -> someone uses our proxy as # a relay if (!$t.did && !$f.did) { sl_reply("403", "Relaying Forbidden"); exit; } # ------------------------------------------------------------------------ # Message Type Processing Section # NOTE!!! It is assumed that all messages reaching this point are destined # for the local server (REGISTER) or for UAs registered locally. (see nonlocal.m4) # ------------------------------------------------------------------------ if (method=="REGISTER") { route(REGISTER); exit; } # Authenticate route(AUTHENTICATE); # All local, non-ACKs, non-REGISTER are assumed to be part of a potential # new dialog (standalone MESSAGE and NOTIFYs without dialog-creation will ex. also reach here) route(NEWDIALOG); # By now, the request uri should be correct, relay if(is_gflag("29")){ xlog("L_NOTICE","No route matched for the request\nCall-Id: %ci\n"); }; sl_reply("404", "No route matched"); } # end main route route[RELAY] { # Log all outgoing messages if(is_gflag("29")){ xlog("L_NOTICE","OUTGOING - %rm\nFrom: %is(%fu)\nTo: %ru\nCall-ID: %ci\n"); } # ------------------------------------------------------------------------ # Default Message Handler # ------------------------------------------------------------------------ # t_relay will act based on the current request URI, as well as any # overruling received parameters (i.e. for NATed user agents) # UDP to TCP and vice versa works as well. if (!t_relay()) { sl_reply_error(); }; exit; } route[REGISTER] { # ------------------------------------------------------------------------ # REGISTER Message Handler # ------------------------------------------------------------------------ # From lookup_domain, $t.did should be set if we found the domain as ours. if (!$t.did) { if(is_gflag("29")){ xlog("L_NOTICE","%rm From <%fu> Attempted REGISTER from non-local domain\nCall-ID: %ci\n"); }; sl_reply("403", "Attempting to register with unknown domain"); exit; } # We check that Authorization header in the message contains valid credentials found in the # table with the same name. if (!www_authenticate("$fd.digest_realm", "credentials")) { # $? represents the return error code from www_authenticate() if ($? == -2) { if(is_gflag("31")){ xlog("L_NOTICE"," REGISTER - %rm From <%fu> 500 Internal Server Error\nCall-ID: %ci\n"); }; sl_reply("500", "Internal Server Error"); } else if ($? == -3) { if(is_gflag("31")){ xlog("L_NOTICE"," REGISTER - %rm From <%fu> 400 Bad Request\n"); }; sl_reply("400", "Bad Request"); } else { # After www_authenticate(), $digest_challenge should be set if no credentials were found. # We append the challenge to reply and send 401 Unauthorized. if ($digest_challenge) { append_to_reply("%$digest_challenge"); } sl_reply("401", "Unauthorized"); } # We didn't have a valid set of credentials, so we exit. exit; } # www_authenticate set $uid, so let's store it. $authuid=$uid; # Check if the authenticated user is the same as the target user. # We use the uri in the To field to lookup the user's uid. If none is found, the To user is unknown. if (!lookup_user("$tu.uid", "@to.uri")) { sl_reply("404", "Trying to register unknon user (To)"); exit; } # $f.uid set by www_authenticate() should match the uid we should looked up if ($authuid != $tu.uid) { sl_reply("403", "Authentication and To-Header mismatch"); exit; } # We use the uri in From to look up the uid. if (!lookup_user("$fu.uid", "@from.uri")) { sl_reply("404", "Expect a known user in From"); exit; } # The looked up $fu.uid is checked against the Authentication user if ($authuid != $fu.uid) { sl_reply("403", "Authentication and From-Header mismatch"); exit; } if (!save_contacts("location")) { sl_reply("400", "Invalid REGISTER Request"); exit; }; exit; } # End route[REGISTER] route[AUTHENTICATE] { # RFC3261 says you are not allowed to challenge these methods if (method=="CANCEL" || method=="ACK") { return; } # We check that Authorization header in the message contains valid credentials found in the # table with the same name. if (!proxy_authenticate("$fd.digest_realm", "credentials")) { # $? represents the return error code from proxy_authenticate() if ($? == -2) { if(is_gflag("31")){ xlog("L_NOTICE"," AUTHENTICATE - %rm From <%fu> 500 Internal Server Error\nCall-ID: %ci\n"); }; sl_reply("500", "Internal Server Error"); } else if ($? == -3) { if(is_gflag("31")){ xlog("L_NOTICE"," AUTHENTICATE - %rm From <%fu> 400 Bad Request\n"); }; sl_reply("400", "Bad Request"); } else { # After www_authenticate(), $digest_challenge should be set if no credentials were found. # We append the challenge to reply and send 407 Proxy Authentication Required. if ($digest_challenge) { append_to_reply("%$digest_challenge"); } sl_reply("407", "Proxy Authentication Required"); } # We didn't have a valid set of credentials, so we exit. exit; } # proxy_authenticate set $uid, so let's store it. $authuid=$uid; # Use the uri in the From header and look up the uid. If not found, delete the uri attribute. if (!lookup_user("$fu.uid", "@from.uri")) { del_attr("$uid"); } # Check the found uid against the authenticated uid. if ($fu.uid != $authuid) { sl_reply("403", "Fake Identity"); exit; } # load the user attributes (preferences) of the caller. $fu.yourattr should now be set if set in the # user preferences table. load_attrs("$fu", "$f.uid"); } route[NEWDIALOG] { # If we don't know the user, it is not for a local user. if (!lookup_user("$tu.uid", "@ruri")) { # User is not known and request uri does not match PSTN dialplan. return; } if (!lookup_contacts("location")) { if(is_gflag("30")){ xlog("L_NOTICE"," NEWDIALOG - 480 User Offline\nCall-Id: %ci\n"); }; sl_reply("480", "User Offline"); exit; } # Relay it to the location(s) of the found user route(RELAY); exit; } # End route[NEWDIALOG]

16 years, 7 months

[OpenSER-Users] Res: Openser with freeradius not accounting BYE method

by Flavio Goncalves

Set the flag 2 and 3 in the loose route for BYE requests. if (loose_route()) { if (is_method("BYE")) { setflag(2); setflag(3); }; }; ----- Mensagem original ---- De: MagoDaViola <magodaviola(a)ig.com.br> Para: users(a)lists.openser.org Enviadas: Sábado, 5 de Abril de 2008 16:50:56 Assunto: [OpenSER-Users] Openser with freeradius not accounting BYE method I´m has a problem that my openser sometimes not accounting bye method and this cause a call without pay. See the openser.cfg: # # $Id: ser.cfg,v 1.25.2.1 2005/02/18 14:30:44 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=4 # debug level (cmd line: -dddddddddd) ##-- # # Uncomment these lines to daemonize fork=yes log_stderror=no # (cmd line: -E) ##-- # # Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes ##-- alias=sip.processavoip.net listen=201.32.70.20 #syn_branch=1 memlog=3 sip_warning=1 server_signature=yes reply_to_via=0 mhomed=0 disable_dns_blacklist=yes unix_sock="/tmp/openser.sock" check_via=0 # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 mpath="/usr/local/lib/openser/modules/" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "mysql.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "auth.so" loadmodule "auth_radius.so" loadmodule "uri.so" loadmodule "domain.so" loadmodule "permissions.so" loadmodule "mediaproxy.so" loadmodule "nathelper.so" loadmodule "acc.so" loadmodule "xlog.so" loadmodule "dbtext.so" loadmodule "uri_db.so" loadmodule "mi_fifo.so" loadmodule "group.so" # ----------------- setting module-specific parameters --------------- # -- mi-fifo params -- modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo") # -- usrloc params -- modparam("usrloc", "db_mode", 2) modparam("usrloc", "nat_bflag", 6) modparam("usrloc", "domain_column", "fk_domains") modparam("usrloc", "user_column", "fk_accounts") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) ## -- database params -- modparam("acc|usrloc|group|domain|uri_db|permissions", "db_url", "mysql://root:master@localhost/openser") # -- radius params -- modparam("acc|auth_radius", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") # -- radius permissions -- modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") # -- group params -- modparam("group", "table", "accounts_groups") modparam("group", "user_column", "fk_accounts") modparam("group", "domain_column", "fk_domains") modparam("group", "group_column", "pk_accounts_groups") modparam("group", "use_domain", 0) ## -- acc params -- modparam("acc", "radius_missed_flag", 3) modparam("acc", "radius_flag", 2) #modparam("acc", "radius_extra", "via=$hdr(Via[*]); email=$avp(s:email)") modparam("acc", "log_level", 2) modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;dst_user=$rU;dst_domain=$rd") modparam("acc", "radius_extra", "User-Name=$fU;Suffix=$fd;Sip-Translated-Request-URI=$ru") modparam("acc", "service_type", 15) modparam("acc", "failed_transaction_flag", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_flag", 1) ## -- acc params without radius -- #modparam("acc", "db_missed_flag", 3) #modparam("acc", "db_flag", 2) #modparam("acc", "db_table_acc", "call_history") #modparam("acc", "db_table_missed_calls", "call_history_missed") # -- uri_db params -- modparam("uri_db", "subscriber_table", "accounts") modparam("uri_db", "subscriber_domain_column", "fk_domains") modparam("uri_db", "subscriber_user_column", "pk_accounts") # -- domain params -- modparam("domain", "domain_table", "domains") modparam("domain", "domain_col", "pk_domains") # -- nathelper, mediaproxy nd registrar params -- modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@openser.org") modparam("nathelper", "rtpproxy_disable", 1) modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT modparam("registrar|nathelper", "received_avp", "$avp(i:42)") # to configure nat at openser 1.2, 1.3 or 1.4 modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy.sock") modparam("mediaproxy", "natping_interval", 30) #modparam("mediaproxy", "sip_asymmetrics", "/etc/openser/sip-clients") #modparam("mediaproxy", "rtp_asymmetrics", "/etc/openser/rtp-clients") #modparam("registrar", "received_avp", "$avp(s:rcv)") # to configure nat at openser 1.2, 1.3 or 1.4 # -- tm params -- # set time for which ser will be waiting for a final response; # fr_inv_timer sets value for INVITE transactions, fr_timer # for all others #modparam("tm", "fr_inv_timer", 15 ) #Tempo maximo do ring antes de atender #modparam("tm", "fr_timer", 1) #modparam("tm", "wt_timer", 1) # ------------------------- request routing logic ------------------- # main routing logic route { # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Muitos Hops"); log(1, "486: Muitos Hops\n"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message to big"); log(1, "513: Message too bi \n"); exit; }; ##-- # Eh feita a gravacao de todas as mensagens para se certificar que todas as mensagens # passem pelo proxy o que eh importante particularmente se as entidades estao usando # um protocolo de transporte diferente ##-- if (method!="REGISTER") { record_route(); }; route(6); ##-- # Secao de finalizacao da chamada ##-- if (method=="BYE" || method=="CANCEL") { end_media_session(); }; ##-- # mensagens subsequentes dentro de um dialogo deveriam tomar um caminho pre-determinado # pela gravacao das rotas (record route) ##-- if (loose_route()) { # marca a logica de roteamento no pedido append_hf("P-hint: rr_enforced\r\n"); if (has_totag() && (method=="INVITE" || method=="ACK")) { xlog("L_ERR", "Main Route: Fixing SDP to $fu $rm (loose route)\n"); if (client_nat_test("3") || isflagset(5)) { setbflag(6); use_media_proxy(); }; }; xlog("L_ERR", "Main Route: Loose Route relaying\n"); route(1); exit; }; if (!uri==myself) { # marca a logica de roteamento no pedido append_hf("P-hint: rr_enforced\r\n"); xlog("L_ERR", "Main Route: Relaing mesage to proxy destination \n"); route(4); route(1); }; ##-- # Verifica baseado na tabela de dominios se a parte host da R-URI comtem um dos dominios # quais o proxy eh responsavel ##-- if (!is_uri_host_local()) { if (is_from_local() || allow_trusted()) { route(4); route(1); } else { sl_send_reply("403", "Forbinden..."); } exit; }; ##-- # A rotina abixo eh chamada para marcar o registro com NAT ##-- if (method=="CANCEL") { route(1); exit; } else if (method=="REGISTER") { route(2); exit; } else if (method=="INVITE") { route(3); exit; }; ##-- # Verifica se existem aliases para este endereco e se eles nao pertencem # a teste dominio encaminhamos para frente ##-- lookup("aliases"); if (uri!=myself) { xlog("L_ERR", "Main Route: aliases relayin to other domain proxy\n"); route(4); route(1); exit; }; ##-- # Verifica se encontra o usuario na base de localizacao ##-- if (!lookup("location")) { sl_send_reply("404", "Usuario nao encontrado"); exit; }; route(1); exit; } route[1] { ##-- # Envie isto agora; use "statefull fowarding" pois funciona de forma confiavel de UDP para TCP # Ativa a contabilizacao das chamadas ##-- xlog("L_ERR", "Route[1]: Relaying message\r\n"); setflag(2); ##-- # Ativa a contabilizacao das chamadas perdidas ##-- setflag(3); t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" || method=="ACK") { end_media_session(); }; sl_reply_error(); }; } route[2] { ##-- # Tratamento padrao para as mensagens de Register ##-- sl_send_reply("100", "Registrando...."); xlog("L_ERR", "Route[2]: Trying Auth: $fu $si\n"); if (isflagset(5) && client_nat_test("7")) { xlog("L_ERR", "Route[2]: Client behind NAT - flag(6)\n"); setbflag(6); fix_nated_register(); force_rport(); # se quiser usar natping options descomente a linha abaixo # setbflag(7); }; if (!radius_www_authorize("")) { www_challenge("", "0"); xlog("L_ERR", "Route[2]: Client Unauthorized: $fu $si\r\n"); sl_send_reply("401", "Unauthorized"); exit; }; if (!check_to()) { xlog("L_ERR", "Route[2]: Client Unauthorized: $fu $si\r\n"); sl_send_reply("401", "Unauthorized"); exit; } else { xlog("L_ERR", "Route[2]: Authenticate: $fu $si\r\n"); }; consume_credentials(); if (!save("location")) { xlog("L_ERR", "Route[2]: Can't save register location\r\n"); sl_reply_error(); }; } route[3] { ##-- # Tratamento padrao para as mensagens de INVITE ##-- xlog("L_ERR", "Route[3]: INVITE: $fu -> $tu $ci\r\n"); # setflag(1); if (!allow_trusted()) { if (!radius_proxy_authorize("")) { proxy_challenge("", "0"); # Realm will be autogenerated exit; } else if (!check_from()) { sl_send_reply("403", "Usue from=ID"); xlog("L_ERR", "Route[3]: Error 403 $fu -> $tu\r\n"); exit; }; } consume_credentials(); ##-- # Verifica se existem aliases para este endereco e se eles nao pertencem # a teste dominio encaminhamos para frente ##-- lookup("aliases"); if (uri!=myself) { xlog("L_ERR", "Main Route: aliases relayin to other domain proxy\n"); route(4); route(1); }; ##-- # VoIP Local ##-- if (uri=~"sip:[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao VoIP local: $fU -> $tu\n"); } else { ##-- # Nacional ##-- if (uri=~"sip:0[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao Nacional: $fU -> $tu\n"); } else { ##-- # Internacional ##-- if (uri=~"sip:00[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao Interacional: $fU -> $tu\n"); }; }; route(5); exit; }; if (!lookup("location")) { append_hf("P-hint: usuario nao encontrado\r\n"); sl_send_reply("404", "Usuario nao encontrado"); exit; }; append_hf("P_hint: usrloc applied\r\n"); t_on_failure("1"); route(4); route(1); } route[4] { ##-- # Secao de travessia do nat ##-- if (isflagset(5)) { setbflag(6); }; if (isflagset(5) || isbflagset(6) || isbflagset(7)) { use_media_proxy(); xlog("L_ERR", "Rota[4]: Travessia de NAT mediaproxy\n"); }; } route[5] { ##-- # Encaminhamento para a rede publica (PSTN) ##-- xlog("L_ERR", "Route[5]: Relaying to PSTN\n"); rewritehostport("201.32.70.21"); route(4); route(1); } route[6] { force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); }; setflag(5); }; } failure_route[1] { if (t_check_status("487")) { exit; }; if (isbflagset(6) || isflagset(5)) { end_media_session(); }; onreply_route[1] { ##-- # Bloco de tratamento de respostas ##-- if ((isflagset(5) || isbflagset(6)) && status=~"(180)|(183)|(2[0-9][0-9])") { use_media_proxy(); # search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); } if (isbflagset(6)) { fix_nated_contact(); } } Alcindo Schleder Sistema Processa Acessoria e Comunicações Ltda. MSN: a_schleder(a)hotmail.com Skipe: alcindo_schleder Demétrio P. dos Santos, 705 - 95670-000 - Gramado-RS-Brasil Celular+ 55 54 9966 7591 alcindo(a)processa.org Fone+55 54 3286-1738comercial(a)processa.org -----Anexo incorporado----- _______________________________________________ Users mailing list Users(a)lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users

16 years, 7 months

[OpenSER-Users] Openser with freeradius not accounting BYE method

by MagoDaViola

Untitled Document I´m has a problem that my openser sometimes not accounting bye method and this cause a call without pay. See the openser.cfg: # # $Id: ser.cfg,v 1.25.2.1 2005/02/18 14:30:44 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=4 # debug level (cmd line: -dddddddddd) ##-- # # Uncomment these lines to daemonize fork=yes log_stderror=no # (cmd line: -E) ##-- # # Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes ##-- alias=sip.processavoip.net listen=201.32.70.20 #syn_branch=1 memlog=3 sip_warning=1 server_signature=yes reply_to_via=0 mhomed=0 disable_dns_blacklist=yes unix_sock="/tmp/openser.sock" check_via=0 # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 mpath="/usr/local/lib/openser/modules/" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "mysql.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "auth.so" loadmodule "auth_radius.so" loadmodule "uri.so" loadmodule "domain.so" loadmodule "permissions.so" loadmodule "mediaproxy.so" loadmodule "nathelper.so" loadmodule "acc.so" loadmodule "xlog.so" loadmodule "dbtext.so" loadmodule "uri_db.so" loadmodule "mi_fifo.so" loadmodule "group.so" # ----------------- setting module-specific parameters --------------- # -- mi-fifo params -- modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo") # -- usrloc params -- modparam("usrloc", "db_mode", 2) modparam("usrloc", "nat_bflag", 6) modparam("usrloc", "domain_column", "fk_domains") modparam("usrloc", "user_column", "fk_accounts") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) ## -- database params -- modparam("acc|usrloc|group|domain|uri_db|permissions", "db_url", "mysql://root:master@localhost/openser") # -- radius params -- modparam("acc|auth_radius", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") # -- radius permissions -- modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") # -- group params -- modparam("group", "table", "accounts_groups") modparam("group", "user_column", "fk_accounts") modparam("group", "domain_column", "fk_domains") modparam("group", "group_column", "pk_accounts_groups") modparam("group", "use_domain", 0) ## -- acc params -- modparam("acc", "radius_missed_flag", 3) modparam("acc", "radius_flag", 2) #modparam("acc", "radius_extra", "via=$hdr(Via[*]); email=$avp(s:email)") modparam("acc", "log_level", 2) modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;dst_user=$rU;dst_domain=$rd") modparam("acc", "radius_extra", "User-Name=$fU;Suffix=$fd;Sip-Translated-Request-URI=$ru") modparam("acc", "service_type", 15) modparam("acc", "failed_transaction_flag", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_flag", 1) ## -- acc params without radius -- #modparam("acc", "db_missed_flag", 3) #modparam("acc", "db_flag", 2) #modparam("acc", "db_table_acc", "call_history") #modparam("acc", "db_table_missed_calls", "call_history_missed") # -- uri_db params -- modparam("uri_db", "subscriber_table", "accounts") modparam("uri_db", "subscriber_domain_column", "fk_domains") modparam("uri_db", "subscriber_user_column", "pk_accounts") # -- domain params -- modparam("domain", "domain_table", "domains") modparam("domain", "domain_col", "pk_domains") # -- nathelper, mediaproxy nd registrar params -- modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@openser.org") modparam("nathelper", "rtpproxy_disable", 1) modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT modparam("registrar|nathelper", "received_avp", "$avp(i:42)") # to configure nat at openser 1.2, 1.3 or 1.4 modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy.sock") modparam("mediaproxy", "natping_interval", 30) #modparam("mediaproxy", "sip_asymmetrics", "/etc/openser/sip-clients") #modparam("mediaproxy", "rtp_asymmetrics", "/etc/openser/rtp-clients") #modparam("registrar", "received_avp", "$avp(s:rcv)") # to configure nat at openser 1.2, 1.3 or 1.4 # -- tm params -- # set time for which ser will be waiting for a final response; # fr_inv_timer sets value for INVITE transactions, fr_timer # for all others #modparam("tm", "fr_inv_timer", 15 ) #Tempo maximo do ring antes de atender #modparam("tm", "fr_timer", 1) #modparam("tm", "wt_timer", 1) # ------------------------- request routing logic ------------------- # main routing logic route { # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Muitos Hops"); log(1, "486: Muitos Hops\n"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message to big"); log(1, "513: Message too bi \n"); exit; }; ##-- # Eh feita a gravacao de todas as mensagens para se certificar que todas as mensagens # passem pelo proxy o que eh importante particularmente se as entidades estao usando # um protocolo de transporte diferente ##-- if (method!="REGISTER") { record_route(); }; route(6); ##-- # Secao de finalizacao da chamada ##-- if (method=="BYE" || method=="CANCEL") { end_media_session(); }; ##-- # mensagens subsequentes dentro de um dialogo deveriam tomar um caminho pre-determinado # pela gravacao das rotas (record route) ##-- if (loose_route()) { # marca a logica de roteamento no pedido append_hf("P-hint: rr_enforced\r\n"); if (has_totag() && (method=="INVITE" || method=="ACK")) { xlog("L_ERR", "Main Route: Fixing SDP to $fu $rm (loose route)\n"); if (client_nat_test("3") || isflagset(5)) { setbflag(6); use_media_proxy(); }; }; xlog("L_ERR", "Main Route: Loose Route relaying\n"); route(1); exit; }; if (!uri==myself) { # marca a logica de roteamento no pedido append_hf("P-hint: rr_enforced\r\n"); xlog("L_ERR", "Main Route: Relaing mesage to proxy destination \n"); route(4); route(1); }; ##-- # Verifica baseado na tabela de dominios se a parte host da R-URI comtem um dos dominios # quais o proxy eh responsavel ##-- if (!is_uri_host_local()) { if (is_from_local() || allow_trusted()) { route(4); route(1); } else { sl_send_reply("403", "Forbinden..."); } exit; }; ##-- # A rotina abixo eh chamada para marcar o registro com NAT ##-- if (method=="CANCEL") { route(1); exit; } else if (method=="REGISTER") { route(2); exit; } else if (method=="INVITE") { route(3); exit; }; ##-- # Verifica se existem aliases para este endereco e se eles nao pertencem # a teste dominio encaminhamos para frente ##-- lookup("aliases"); if (uri!=myself) { xlog("L_ERR", "Main Route: aliases relayin to other domain proxy\n"); route(4); route(1); exit; }; ##-- # Verifica se encontra o usuario na base de localizacao ##-- if (!lookup("location")) { sl_send_reply("404", "Usuario nao encontrado"); exit; }; route(1); exit; } route[1] { ##-- # Envie isto agora; use "statefull fowarding" pois funciona de forma confiavel de UDP para TCP # Ativa a contabilizacao das chamadas ##-- xlog("L_ERR", "Route[1]: Relaying message\r\n"); setflag(2); ##-- # Ativa a contabilizacao das chamadas perdidas ##-- setflag(3); t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" || method=="ACK") { end_media_session(); }; sl_reply_error(); }; } route[2] { ##-- # Tratamento padrao para as mensagens de Register ##-- sl_send_reply("100", "Registrando...."); xlog("L_ERR", "Route[2]: Trying Auth: $fu $si\n"); if (isflagset(5) && client_nat_test("7")) { xlog("L_ERR", "Route[2]: Client behind NAT - flag(6)\n"); setbflag(6); fix_nated_register(); force_rport(); # se quiser usar natping options descomente a linha abaixo # setbflag(7); }; if (!radius_www_authorize("")) { www_challenge("", "0"); xlog("L_ERR", "Route[2]: Client Unauthorized: $fu $si\r\n"); sl_send_reply("401", "Unauthorized"); exit; }; if (!check_to()) { xlog("L_ERR", "Route[2]: Client Unauthorized: $fu $si\r\n"); sl_send_reply("401", "Unauthorized"); exit; } else { xlog("L_ERR", "Route[2]: Authenticate: $fu $si\r\n"); }; consume_credentials(); if (!save("location")) { xlog("L_ERR", "Route[2]: Can't save register location\r\n"); sl_reply_error(); }; } route[3] { ##-- # Tratamento padrao para as mensagens de INVITE ##-- xlog("L_ERR", "Route[3]: INVITE: $fu -> $tu $ci\r\n"); # setflag(1); if (!allow_trusted()) { if (!radius_proxy_authorize("")) { proxy_challenge("", "0"); # Realm will be autogenerated exit; } else if (!check_from()) { sl_send_reply("403", "Usue from=ID"); xlog("L_ERR", "Route[3]: Error 403 $fu -> $tu\r\n"); exit; }; } consume_credentials(); ##-- # Verifica se existem aliases para este endereco e se eles nao pertencem # a teste dominio encaminhamos para frente ##-- lookup("aliases"); if (uri!=myself) { xlog("L_ERR", "Main Route: aliases relayin to other domain proxy\n"); route(4); route(1); }; ##-- # VoIP Local ##-- if (uri=~"sip:[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao VoIP local: $fU -> $tu\n"); } else { ##-- # Nacional ##-- if (uri=~"sip:0[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao Nacional: $fU -> $tu\n"); } else { ##-- # Internacional ##-- if (uri=~"sip:00[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao Interacional: $fU -> $tu\n"); }; }; route(5); exit; }; if (!lookup("location")) { append_hf("P-hint: usuario nao encontrado\r\n"); sl_send_reply("404", "Usuario nao encontrado"); exit; }; append_hf("P_hint: usrloc applied\r\n"); t_on_failure("1"); route(4); route(1); } route[4] { ##-- # Secao de travessia do nat ##-- if (isflagset(5)) { setbflag(6); }; if (isflagset(5) || isbflagset(6) || isbflagset(7)) { use_media_proxy(); xlog("L_ERR", "Rota[4]: Travessia de NAT mediaproxy\n"); }; } route[5] { ##-- # Encaminhamento para a rede publica (PSTN) ##-- xlog("L_ERR", "Route[5]: Relaying to PSTN\n"); rewritehostport("201.32.70.21"); route(4); route(1); } route[6] { force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); }; setflag(5); }; } failure_route[1] { if (t_check_status("487")) { exit; }; if (isbflagset(6) || isflagset(5)) { end_media_session(); }; onreply_route[1] { ##-- # Bloco de tratamento de respostas ##-- if ((isflagset(5) || isbflagset(6)) && status=~"(180)|(183)|(2[0-9][0-9])") { use_media_proxy(); # search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); } if (isbflagset(6)) { fix_nated_contact(); } } -------------------------------------------------------------------------- Alcindo Schleder Sistema Processa Acessoria e Comunicações Ltda. a.. MSN: a_schleder(a)hotmail.com b.. Skipe: alcindo_schleder Demétrio P. dos Santos, 705 - 95670-000 - Gramado-RS-Brasil Celular + 55 54 9966 7591 alcindo(a)processa.org Fone +55 54 3286-1738 comercial(a)processa.org

16 years, 7 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users April 2008