sr-users June 2008

sr-users@lists.kamailio.org

124 participants
230 discussions

Re: [OpenSER-Users] Trouble with RADIUS Accounting

by Dmitry Lyubimkov

But we did it!!! I don't need to remove this attributes. We need User-Name, Called-Station-Id, Calling-Station-Id, etc for billing purpose. But our RADIUS server does not receive them from OpenSER! Look at our Start/Stop messages. There are not such important attributes as User-Name, etc. Is this bug of OpenSER or bug of our script? If it is bug of script, then what commands, what modules, what modparam can lead to such result? Dmitry -----Original Message----- From: Mike O'Connor [mailto:mike@pineview.net] Sent: Monday, June 02, 2008 1:07 PM To: Dmitry Lyubimkov Subject: Re: [OpenSER-Users] Trouble with RADIUS Accounting Hi Dmitry You not can remove them from OpenSER with out adjusting the code, instead you need to put the radius packets thought something like a radius proxy which removes them. Mike Dmitry Lyubimkov wrote: > Hi. > We have new installation of OpenSER V.1.3.1 with new script. All work fine > except RADIUS accounting. Accounting Start and Stop records come to RADIUS > server, but there are no some attributes in them - User-Name, > Called-Station-Id, Calling-Station-Id,... > Example of Start and Stop records (FreeRADIUS log): > Acct-Status-Type = Start > Service-Type = IAPP-Register > Sip-Response-Code = 200 > Sip-Method = 1 > Event-Timestamp = "Jun 2 2008 10:34:05 MSD" > Sip-From-Tag = "5d12c92c" > Sip-To-Tag = "6845627C-1EF5" > Acct-Session-Id = "ODhmMjE4MmUxNzc3ZmZjN2U3MjJlM2I4NzQ0MjMzNTU." > NAS-Port = 5060 > Acct-Delay-Time = 0 > NAS-IP-Address = 172.16.2.10 > Client-IP-Address = 172.16.2.10 > Timestamp = 1212388445 > > Acct-Status-Type = Stop > Service-Type = IAPP-Register > Sip-Response-Code = 200 > Sip-Method = 8 > Event-Timestamp = "Jun 2 2008 10:34:12 MSD" > Sip-From-Tag = "5d12c92c" > Sip-To-Tag = "6845627C-1EF5" > Acct-Session-Id = "ODhmMjE4MmUxNzc3ZmZjN2U3MjJlM2I4NzQ0MjMzNTU." > NAS-Port = 5060 > Acct-Delay-Time = 0 > NAS-IP-Address = 172.16.2.10 > Client-IP-Address = 172.16.2.10 > Timestamp = 1212388452 > > Where is trouble? Required attributes are described in dictionary file. If I > remove it then OpenSER says > Jun 2 11:02:23 [4064] ERROR:auth_radius:mod_init: auth_radius: can't get > code for the User-Name attribute > Jun 2 11:02:23 [4064] ERROR:core:init_mod: failed to initialize module > auth_radius > Jun 2 11:02:23 [4064] ERROR:core:main: error while initializing modules > > How and where in script we can prohibit send of some attributes? > > Dmitry > > > > _______________________________________________ > Users mailing list > Users(a)lists.openser.org > http://lists.openser.org/cgi-bin/mailman/listinfo/users >

16 years, 5 months

[OpenSER-Users] Can't get sipping working in nathelper module

by Pablo Guijarro Enríquez

Hi, Im using OpenSER v1.3.1 and sipping does not work with my configuration. Here is a sample: loadmodule "usrloc.so" loadmodule "nathelper.so" modparam("nathelper", "natping_interval", 10) #modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@cmovil.net") modparam("nathelper", "received_avp", "$avp(i:801)") modparam("registrar", "received_avp", "$avp(i:801)") modparam("usrloc", "db_mode", 2) modparam("usrloc", "nat_bflag", 6) route { if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } # for clients behind nats if ( nat_uac_test("1") ) { if (method=="REGISTER") { fix_nated_register(); setbflag(6); setbflag(7); } else if ( method=="SUBSCRIBE" || method=="PUBLISH ) { fix_nated_contact(); setbflag(6); setbflag(7); }; }; ... } ... TCP clients register without problems and NAT users are identified properly. Routing for them works fine and so on, but I cannot see any ping packet leaving OpenSER to keep the TCP connection alive. Is there something missing? Thank in advance. Pablo

16 years, 5 months

[OpenSER-Users] Register Distributed

by Marcio

Hi, Someone could have tips on how to register in local domain a UAc mobility of another domain (federation) using the OpenSER's config....when one of the INVITE's UAc have to be verified as valid in the home domain and the answer would be allowed its domain registration in place, with a pointer/indicator in the home domain...where he was as that moment?? UAs(local) (accept register after validation on UAs(home) \ \ (Invite/register) \ UAc (mobility)-- -- -- -- -- UAs(home Thx for any help... Marcio

16 years, 5 months

[OpenSER-Users] setting up radius accounting

by Pete Kay

Hi, I am trying to set up using Radius for accounting. As a newbie, I am simply following the standard configuration from the menu. Here is where I put my flags in openser.cfg: if(method=="BYE") { setflag(2); }; if (method=="INVITE") { # Account INVITE packets setflag(2); # Account Missed calls setflag(3); }; The cdr is successfully logged to the database via radius, but the starttime and endtime are incorrect. The starting time and ending time being recorded is the same. Also, I noticed that Openser only sends the message (both INSERT and UPDATE cdr) to radius when the BYE method is received. I was expecting Openser to instruct Radius to create a new record ( INSERT ) during the INVITE method and update the stoptime during the BYE method. Here is the SQL Query log i extracted from mysql: 80603 4:38:06 6481 Query UPDATE radacct SET acctstoptime = '2008-06-03 04:38:06', acctsessiontime = '', acctinputoctets = '0' << 32 | '0', acctoutputoctets = '0' << 32 | '0', acctterminatecause = '', acctstopdelay = '0', connectinfo_stop = '' WHERE acctsessionid = 'NWQyZGI1ZTkzNGM5ZjMzZTg5ZGQ2OGVmZDY5MjYxMGE.' AND username = '1005' AND nasipaddress = '127.0.0.1' 6481 Query INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay) VALUES ('NWQyZGI1ZTkzNGM5ZjMzZTg5ZGQ2OGVmZDY5MjYxMGE.', '1412cd5bf3dd4a31', '1005', '192.168.1.104', ' 127.0.0.1', '5060', '', DATE_SUB('2008-06-03 04:38:06', INTERVAL (0 + 0) SECOND), '2008-06-03 04:38:06', '', '', '', '', '0' << 32 | '0', '0' << 32 | '0', 'sip:1006@192.168.1.104<sip%3A1006(a)192.168.1.104>', 'sip:1005@192.168.1.104 <sip%3A1005(a)192.168.1.104>', '', 'IAPP-Register', '', '', '0', '0') I would appreciate any help on getting the radius accounting to work. Thanks alot in advance. Pete

16 years, 5 months

[OpenSER-Users] Question about proxy_authorization

by mark morreny

Hi, I am not able to proxy_authorize a INVITE request from UA if the US connects to Opnerser using Openser's public IP. I am wonering if there is any additional setting I need to enable that? From the log, Openser does recognize '88,251.97.47' as a local domain. I did not hard-code the private ip anywhere in openser.cfg. Tue Jun 3 03:20:05 2008-58.251.97.17::method <INVITE> r-uri < sip:1005@58.251.97.17 <sip%3A1005(a)58.251.97.17>> to-tag <<null>> 2nd via <<null>> to-header <sip:1005@58.251.97.17 <sip%3A1005(a)58.251.97.17>> from-header <sip:1006@58.251.97.17 <sip%3A1006(a)58.251.97.17>> auth-user <1006> Jun 3 03:20:05 [27566] DBG:maxfwd:is_maxfwd_present: value = 70 before fix nated contact Jun 3 03:20:05 [27566] DBG:core:parse_headers: flags=80 checking to see if setflag should do or not Jun 3 03:20:05 [27566] DBG:uri:has_totag: no totag Jun 3 03:20:05 [27566] DBG:core:parse_headers: flags=78 Jun 3 03:20:05 [27566] DBG:tm:t_lookup_request: start searching: hash=29544, isACK=0 Jun 3 03:20:05 [27566] DBG:tm:matching_3261: RFC3261 transaction matching failed Jun 3 03:20:05 [27566] DBG:tm:t_lookup_request: no transaction found it is not a REGISTER, so going to route 3 Jun 3 03:20:05 [27566] DBG:domain:is_domain_local: Realm '88,251.97.47' is local Jun 3 03:20:05 [27566] DBG:core:db_free_rows: freeing 1 rows Jun 3 03:20:05 [27566] DBG:core:db_free_rows: row[0]=0x81a1e18 Jun 3 03:20:05 [27566] DBG:core:db_free_rows: 0x81a1e18=pkg_free() RES_ROWS request is from a non-trusted domain Jun 3 03:20:05 [27566] DBG:auth:check_nonce: comparing [4844491107980b084e3d5d3a283446ad02324d49] and [4844491107980b084e3d5d3a283446ad02324d49] Jun 3 03:20:05 [27566] DBG:auth:check_response: our result = '578a6ec1af28eed79329ed5414313f43' Jun 3 03:20:05 [27566] DBG:auth:check_response: authorization failed Thanks in advance for your help. Regards, Mark

16 years, 5 months

[OpenSER-Users] Mediaproxy + XLite RTCP timeout

by Dmitry Lyubimkov

OpenSER v.1.3.1 We use Mediaproxy for NAT traversal purpose. All work fine except one feature. XLite has option to hangup call after RTCP inactivity. When call is not proxied this option work right. But when call is proxied by Nediaproxy it cannot be longer than 54 second + RTCP timeout in XLite. Xlite cannot see RTCP activity and hangup the call. Does anybody meet with this trouble? Dmitry

16 years, 5 months

[OpenSER-Users] Problem authenticating Xlite or Zoiper in Openser

by voipanywhere

Hi All, After doing ngrep teste(a)xxx.xxx.xxx.xxx -lqtt -W byline port 5060 xlite somehow is sending wrong information. my subscriber is teste(a)xxx.xxx.xxx.xxx, i put it on xlite but on sip messages i get teste%40xxx.xxx.xxx.xxx and then of course the 401 error. something is changing the @ in the username to %40. i've been trying to change locales in debian, still didn't figure it out what the problem really is. i had the console with wrong code support for portuguese language, and could be it (i tought) now it's ok. tried to check /etc/environment and /etc/locales.gen to see if everything is okay, and it is now. Can be some strange stuff because of utf, unicode etc? Thanks Regards from Portugal, Helder -- View this message in context: http://www.nabble.com/Problem-authenticating-Xlite-or-Zoiper-in-Openser-tp1… Sent from the OpenSER Users Mailing List mailing list archive at Nabble.com.

16 years, 5 months

[OpenSER-Users] Trouble with RADIUS Accounting

by Dmitry Lyubimkov

Hi. We have new installation of OpenSER V.1.3.1 with new script. All work fine except RADIUS accounting. Accounting Start and Stop records come to RADIUS server, but there are no some attributes in them - User-Name, Called-Station-Id, Calling-Station-Id,... Example of Start and Stop records (FreeRADIUS log): Acct-Status-Type = Start Service-Type = IAPP-Register Sip-Response-Code = 200 Sip-Method = 1 Event-Timestamp = "Jun 2 2008 10:34:05 MSD" Sip-From-Tag = "5d12c92c" Sip-To-Tag = "6845627C-1EF5" Acct-Session-Id = "ODhmMjE4MmUxNzc3ZmZjN2U3MjJlM2I4NzQ0MjMzNTU." NAS-Port = 5060 Acct-Delay-Time = 0 NAS-IP-Address = 172.16.2.10 Client-IP-Address = 172.16.2.10 Timestamp = 1212388445 Acct-Status-Type = Stop Service-Type = IAPP-Register Sip-Response-Code = 200 Sip-Method = 8 Event-Timestamp = "Jun 2 2008 10:34:12 MSD" Sip-From-Tag = "5d12c92c" Sip-To-Tag = "6845627C-1EF5" Acct-Session-Id = "ODhmMjE4MmUxNzc3ZmZjN2U3MjJlM2I4NzQ0MjMzNTU." NAS-Port = 5060 Acct-Delay-Time = 0 NAS-IP-Address = 172.16.2.10 Client-IP-Address = 172.16.2.10 Timestamp = 1212388452 Where is trouble? Required attributes are described in dictionary file. If I remove it then OpenSER says Jun 2 11:02:23 [4064] ERROR:auth_radius:mod_init: auth_radius: can't get code for the User-Name attribute Jun 2 11:02:23 [4064] ERROR:core:init_mod: failed to initialize module auth_radius Jun 2 11:02:23 [4064] ERROR:core:main: error while initializing modules How and where in script we can prohibit send of some attributes? Dmitry

16 years, 5 months

[OpenSER-Users] rtpproxy

by Pezhman Lali

Dear, I found using rtpproxy on different machine is really more useful, for solving nat problems, but I don't know the reseon. good help for setting rtpproxy on different mach : http://www.iptel.org/rtpproxy_on_different_machine Best Mani

16 years, 5 months

[OpenSER-Users] how to drop sip call when i receive ring

by abo

Dear sir: i am trying openser 1.2.0 version.and now i want to drop call when i got 180 or 183.this is my openser.cfg.can you help me. thanks a lot! # ----------- global configuration parameters ------------------------ debug=9 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=yes # (cmd line: -E) /* Uncomment these lines to enter debugging mode fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 #fifo="/tmp/openser_fifo" listen=192.168.1.254 alias=openser.org # Uncomment this to prevent the blacklisting of temporary not available destinations disable_dns_blacklist=yes # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database # - MySQL loaded for accounting as well loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/xlog.so" loadmodule "/usr/local/lib/openser/modules/uri.so" loadmodule "/usr/local/lib/openser/modules/uri_db.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/acc.so" loadmodule "/usr/local/lib/openser/modules/avpops.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # -- acc params -- modparam("acc", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("acc", "db_flag", 7) modparam("acc", "db_missed_flag", 8) modparam("acc", "log_level", 3) modparam("acc", "log_flag", 2) modparam("acc", "log_missed_flag", 8) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) modparam("acc", "failed_transaction_flag", 1) modparam("acc", "early_media", 1) modparam("acc", "db_extra", "src_ip=$si;dst_user=$tU;dst_domain=$du;src_user=$hdr(User-Agent)") # -- avpops params -- # avp aliases - define c_uri (canonical uri) as AVP ID 888 and s_ip as ID 999 avp_aliases="c_uri=i:888;s_ip=i:999" #tm timeout for voicemail params modparam("tm", "fr_timer", 2) modparam("tm", "fr_inv_timer", 35) modparam("tm", "noisy_ctimer", 1) # ------------------------- request routing logic ------------------- # main routing logic #Routing Script route { #check for old messages: could mean a problem with the DNS entries or some other loop-causer... if (!mf_process_maxfwd_header("10")) { xlog("L_WARN", "WARNING: Too many hops\n"); sl_send_reply("483", "Too many hops, forward count exceeded limit\n"); return; }; #check for extremely large messages; we don't need a sip dos attack if (msg:len >= 2048) { xlog("L_WARN", "WARNING: Message too large, >= 12048 bytes\n"); sl_send_reply("513", "Message too large, exceeded limit\n"); return; }; #record everything besides registers and acks if(method!="REGISTER" && method!="ACK") { setflag(1); }; #do not send to voicemail if BYE or CANCEL #is used to end call before user pickup or timeout if(method=="CANCEL" || method=="BYE") { setflag(7); setflag(8); }; #grant route if route headers already present if (loose_route()) { route(1); return; }; #Always require authentication, which could result in a PSTN, ie $$$ if (method=="REGISTER") { # if(!www_authorize("openser.org", "subscriber")) # { # www_challenge("openser.org", "0"); # return; # } # else # { # if (!check_to()) # { # sl_send_reply("401", "Unauthorized"); # return; # }; #Save into user database, used below when checking if user is available xlog("L_INFO", "REGISTER: User Authenticated Correctly\n"); save("location"); return; # }; }; if (method=="INVITE") { setflag(2); setflag(7); setflag(8); route(1); } } route[1] { #send the call outward if(uri=~"sip:[0-9]+@.*") { rewritehostport("192.168.1.100:5070"); #record_route(); t_on_reply("1"); # t_relay(); } if (!t_relay()) { xlog("L_WARN", "ERROR: t_relay failed"); sl_reply_error(); }; } onreply_route[1] { xlog("----------aaaaaaaaaa-------\n"); if (t_check_status("183")||t_check_status("180")){ exit; xlog("------------bbbbbbb------- \n"); } }

16 years, 5 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users June 2008