sr-users September 2008

sr-users@lists.kamailio.org

95 participants
155 discussions

by 静于

hello, I cannot load the acc.so module.The config file is below: # ------------- version 0.8.11-0 # ------------- Initial global variables debug=3 fork=yes log_stderror=no listen=10.1.2.3 listen=127.0.0.1 # hostname matching an alias will satisfy the condition uri==myself". alias=bigu.edu alias=10.1.2.3 # dns - Uses dns to check if it is necessary to add a "received=" field # to a via. Default is no. # rev_dns - Same as dns but use reverse DNS. dns=no rev_dns=no port=5060 children=4 # check_via - Turn on or off Via host checking when forwarding replies. # Default is no. arcane. looks for discrepancy between name and # ip address when forwarding replies. check_via=yes # syn_branch - Shall the server use stateful synonym branches? It is # faster but not reboot-safe. Default is yes. syn_branch=yes # memlog - Debugging level for final memory statistics report. Default # is L_DBG -- memory statistics are dumped only if debug is set high. memlog=3 # sip_warning - Should replies include extensive warnings? By default # yes, it is good for trouble-shooting. sip_warning=yes # fifo - FIFO special file pathname fifo="/tmp/ser_fifo" # server_signature - Should locally-generated messages include server's # signature? By default yes, it is good for trouble-shooting. server_signature=yes # reply_to_via - A hint to reply modules whether they should send reply # to IP advertised in Via. Turned off by default, which means that # replies are sent to IP address from which requests came. reply_to_via=no # user | uid - uid to be used by the server. 99 = nobody. uid="nobody" # group | gid - gid to be used by the server. 99 = nobody. gid="nobody" # mhomed -- enable calculation of outbound interface; useful on # multihomed servers. mhomed=0 # ------------- external module loading loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/acc.so" loadmodule "/usr/local/lib/ser/modules/exec.so" loadmodule "/usr/local/lib/ser/modules/group.so" loadmodule "/usr/local/lib/ser/modules/print.so" loadmodule "/usr/local/lib/ser/modules/textops.so" loadmodule "/usr/local/lib/ser/modules/uri.so" # ------------- tm parameters modparam("tm", "fr_timer", 12) modparam("tm", "fr_inv_timer", 24) # ------------- rr parameters # set ";lr" tag to ?�?;lr=true?�? modparam("rr", "enable_full_lr", 1) # ------------- accounting parameters modparam("acc", "log_missed_flag", 3) modparam("acc", "log_level", 1) modparam("acc", "log_flag", 1) # ------------- usrloc parameters # 2 enables write-back to persistent mysql storage for speed # disable=0, write-through=1 modparam("usrloc", "db_mode", 2) # minimize write back window - default is 60 seconds modparam("usrloc", "timer_interval", 10) # database location modparam("usrloc", "db_url", "sql://ser:>password>@localhost/ser") # ------------- auth parameters # database location modparam("auth_db", "db_url", "sql://ser:>password>@localhost/ser") # allows clear text passwords in the mysql database modparam("auth_db", "calculate_ha1", yes) # name of password column in mysql database modparam("auth_db", "password_column", "password") # ------------- routing logic route { # ------------- routine checks # stop forwarding at 10 hops to prevent infinite loops if (!mf_process_maxfwd_header("10")) { log(1, "LOG: Too many hops\n"); sl_send_reply("483", "Too many hops"); break; }; # prevents private ip space from being used if (search("^(Contact|m): .*(a)(192\.168\.|10\.|172\.16)")) { if (method=="REGISTER") { log(1, "LOG: Someone trying to register from private IP\n"); sl_send_reply("479", "Please don't use private IP addresses" ); break; }; }; # separate the destination r-uri from the set of proxies that must be traversed loose_route(); # if the host portion of the request uri is not local, send it directly # to route processing. if (!(uri==myself)) { route(2); break; }; # All REGISTER attempts are processed and must always be authenticated if (method=="REGISTER") { # make sure that users don't register infinite loops if (search("^(Contact|m): .*(a)(10\.1\.2\.3|(proxy\.)?bigu\.edu)")) { log(1, "LOG: alert: someone trying to set aor==contact\n"); sl_send_reply("476", "No Server Address in Contacts Allowed" ); break; }; # challenge/response if (!www_authorize("bigu.edu", "subscriber")) { www_challenge("bigu.edu", "0"); break; }; # only registered users are allowed if (!is_user("replicator") & !check_to()) { log(1, "LOG: unregistered user registration attempt\n"); sl_send_reply("403", "Only registered users are allowed"); break; }; # it is an authenticated request, update Contact database now if (!save("location")) { sl_reply_error(); }; break; }; # process traffic local to BigU and the PSTN # Find the canonical username lookup("aliases"); # check domain again, if it is not still local after the alias # table lookup, just send it on its way. We do not authenticate # traffic we forward if (!(uri=~"^sip:(.+@)?(10\.1\.2\.3|(proxy\.)?bigu\.edu)([:;\?].*)?$")) { route(5); break; }; # now check for destinations through the gateway. 911 and 9911 # are always sent to the gateway. The assumption is that other all # numeric usernames between 5 and 20 digits are really pstn numbers # and so they are routed to the gateway if ( (uri=~"^sip:911@.*") | (uri=~"^sip:9911@.*") | (uri=~"sip:[0-9]{5,20}@.*") ) { route(3); break; }; # does the user wish redirection on no availability? (i.e., is he # in the voicemail (ser->grp) group?) if (is_user_in("Request-URI", "voicemail")) { t_on_failure("4"); setflag(4); }; # handle local SIP destinations not found in usrloc db # mostly offline or non-existent users if (!lookup("location")) { route(4); break; }; # check whether some inventive user has uploaded gateway # contacts to usrloc to bypass authorization logic if (uri=~"@10\.1\.2\.5([;:].*)*" ) { log(1, "LOG: Gateway address in UsrLoc\n"); route(3); break; }; # this flag is used with the acc module to report missed calls # to syslog. setflag(3); # do it (words to live by) append_hf("P-hint: USRLOC\r\n"); if (!t_relay()) { sl_reply_error(); break; }; } /* end of initial routing logic */ # ------------- process traffic leaving BigU for Internet route[2] { # outbound requests are allowed only for registered BigU users if (!(src_ip==10.1.2.3) & !(proxy_authorize("bigu.edu", "subscriber"))) { # ACK and CANCEL have no security mechanisms so they are just # noted if (method=="ACK" | method=="BYE") { log(1, "LOG: failed outbound authentication for ACK granted\n"); } else if (method=="CANCEL") { log(1, "LOG: failed outbound authentication for CANCEL granted\n"); } else { proxy_challenge("bigu.edu", "0"); break; }; }; # to maintain credibility of our proxy, we check >From in INVITEs if (!src_ip==10.1.2.3 & method=="INVITE" & !check_from()) { log(1, "LOG: Spoofed from attempt\n"); sl_send_reply("403", "Use From=id next time"); break; }; append_hf("P-hint: OUTBOUND ON INTERNET\r\n"); if (!t_relay()) { sl_reply_error(); break; }; } # ------------- process traffic leaving Internet for PSTN route[3] { # all calls through the gateway must be record routed to assure # acl acceptance on the gateway record_route(); # send out emergency calls to pstn gateway immediately if ( (uri=~"^sip:911@.*") | (uri=~"^sip:9911@.*") ) { rewritehostport("10.1.2.5:5060"); forward(uri:host, uri:port); break; }; # five digit numeric addresses are internal freebies sent to the pbx # without authentication if (uri=~"^sip:[0-9]{5}@(10.1.2.3|(proxy\,)?\.bigu\.edu)") { rewritehostport("10.1.2.5:5060"); forward(uri:host, uri:port); break; }; # all numeric addresses beginning with 9 go to the pbx on the way # to the PSTN # first the caller needs to be authenticated if (uri=~"^sip:9[0-9]*@(10.1.2.3|(proxy\.)?bigu\.edu)") { if (!(src_ip==10.1.2.3 | method==ACK | method=="CANCEL" | method=="BYE")) { if (!proxy_authorize("bigu.edu", "subscriber")) { proxy_challenge( "bigu.edu","0"); break; } else if (method=="INVITE" & !check_from()) { log(1, "LOG: Spoofed from attempt\n"); sl_send_reply("403", "Use From=id next time"); break; }; }; if (method=="INVITE") { # if the r-uri begins 91, does the authenticated user have # permission for long distance if (uri=~"sip:91[0-9]*@.*") { if (!is_user_in("credentials", "ld")) { sl_send_reply("403", "Local calls only"); break; }; }; }; # authenticated and authorized, now accounting is set setflag(1); }; rewritehostport("10.1.2.5:5060"); append_hf("P-hint: GATEWAY\r\n"); if (!t_relay()) { sl_reply_error(); break; }; } # ------------- process calls for users offline route[4] { if (!t_newtran()) { sl_reply_error(); }; if (!t_reply("404", "Not Found")) { sl_reply_error(); }; break; } # ------------- process aliased outbound traffic # inbound requests that have been aliased to a non-BigU domain # are not authenticated by BigU route[5] { append_hf("P-hint: ALIASED-OUTBOUND\r\n"); if (!t_relay()) { sl_reply_error(); break; }; } # ------------- CC-Diversion to voicemail failure_route[4] { append_branch("sip:80000@10.1.2.5"); append_urihf("CC-Diversion: ", "\r\n"); append_hf("P-hint: OFFLINE-VOICEMAIL\r\n"); t_relay(); } Can anyone help BR Ivy ___________________________________________________________ �Ż��䣬��䣡 http://cn.mail.yahoo.com/

16 years, 2 months

Re: [Kamailio-Users] svn diff

by Vadim Berezniker

Oops hit Ctrl+Enter svn diff http://openser.svn.sourceforge.net/svnroot/openser/tags/1.2.2/ http://openser.svn.sourceforge.net/svnroot/openser/tags/1.2.3/ I've been trying to run this against the public SVN but it never completes.... I hate sourceforge. From: Vadim Berezniker Sent: Wednesday, September 03, 2008 1:57 PM To: 'users(a)lists.kamailio.org' Subject: svn diff Can someone with access to the dev svn run this for me?

16 years, 2 months

[Kamailio-Users] Could you please help me how to integrate RLS AS and PS AS with SERIMS?

by mahesh.peddi＠info-spectrum.com

Hi, I am working on openser 1.3.2 as RLS application server and presence application server. I want to integrate this two application servers with SERIMS. Could you please help me how to integrate and make run this. To do this I have run SERIMS components on two servers? Regards, Mahesh Peddi Infospectrum India Pvt. Ltd. Cell: +91 9765775176 IP-Phone Ext. - 764

16 years, 2 months

[Kamailio-Users] SIP-T: Multipart SDPs, ISUP parsing, etc

by Kristian Kielhofner

Hello everyone, Feel free to set $OSSPROXY to whatever you like = Kamailio/OpenSIPS/OpenSER (for those of you who can't let go). $OSSPROXY is my favorite SIP toolkit. In addition to being an excellent proxy and registrar it serves as a platform to do SIP mangling and wrangling. With that in mind let me propose a crazy idea... How hard would it be to get $OSSPROXY to be able to parse what is commonly referred to as SIP-T (RFC 3372)? I understand $OSSPROXY has no business getting too involved in the SDP but I feel it makes sense in some instances (like this one). What if I want to make a routing decision based on an encapsulated ISUP parameter of some sort? Who knows what it could be!?!? Maybe there are some other uses but that makes the most sense and seems to be the most practical. It should be possible to develop an $OSSPROXY module to: - Use the SDP parser to find the ISUP SDP part: http://www.kamailio.net/dokuwiki/doku.php/development:sdp-parsing - Pass that part into a "real" ISUP parser (if necessary). I couldn't seem to find the perfect library but perhaps something like this could work: http://www.openss7.org/isup.html - Make the ISUP parameters available via AVPs, pseudo variables, etc for use in the $OSSPROXY script. I don't really have a need for this but it seems like it could be cool. Am I nuts? -- Kristian Kielhofner http://blog.krisk.org

16 years, 2 months

[Serusers] Is setdsturi supported in SER

by Steven C. Blair

I am wondering if setdsturi is supported in SER 0.9.7-pre3 Thanks

16 years, 2 months

[Kamailio-Users] svn diff

by Vadim Berezniker

Can someone with access to the dev svn run this for me?

16 years, 2 months

[Kamailio-Users] Unconditional call forward

by Stefano Palleschi

Hello all, i'm trying to do an unconditional call forward with openser. I've added the instructions below in the script: if (avp_db_load("$ru/username", "$avp(s:callfwd)")) { avp_pushto("$ru", "$avp(s:callfwd)"); xlog("$avp(s:callfwd)"); route(1); exit; } and i've created a record on the usr_preferences table of openser database: mysql> select * from usr_preferences; +------+------------+-----------------------------+-----------+-----------------------------+------+---------------------+ | uuid | username | domain | attribute | value | type | modified | +------+------------+-----------------------------+-----------+-----------------------------+------+---------------------+ | 1 | 0666620996 | 81.29.176.57 | callfwd | sip:0666653218@81.29.176.57 | 2 | 2008-09-03 09:51:33 | +------+------------+-----------------------------+-----------+-----------------------------+------+---------------------+ 1 row in set (0.00 sec) like showed, i would like forward the call that arrive at the sip client 0666620996 to the pstn number 0666653218. At openser restarting I get always this error: ERROR:avpops:load_avps: incomplet uri <sip:81.29.176.57> without make any call. Why in the uri there isn't the first part (username@)? Thanks in advance. Stefano Palleschi

16 years, 2 months

[Kamailio-Users] VQ_MALLOC memory manager

by Henning Westerholt

Hi all, does somebody uses the VQ_MALLOC memory manager? I thought about removing this one, as it don't work correctly at the moment (it lacks a realloc implementation). This would be a good cleanup in the core. If somebody still depends on this memory manager, perhaps has also some fixes created for this, please reply to this thread. If nobody speaks up i'll remove the VQ_MALLOC implementation at the end of this month. Cheers, Henning

16 years, 2 months

[Kamailio-Users] NAT transversal without mediaproxy or rtpproxy

by BERGANZ François

Hello, I am looking for to do nat transversal without mediaproxy or rtpproxy! I cant find any example without mediaproxy or rtpproxy. Have you an idea? I need to register my users, and contact them after Thank you

16 years, 2 months

[Kamailio-Users] t_relay to two diffrent proxy

by Asim Riaz

Hi , I am trying to relay invite from Kamailio to one of two proxies, as long as it receive the reply from one it should not forward to second but incase if the proxy1 does not reply then relay to proxy2. here is my config route(1); if((src_ip != proxy1_ip_address) || (src_ip !=proxy2_ip_address) ) { if(!t_relay_to_udp("proxy1_ip_address", "5060")) || (!t_relay_to_udp("proxy2_ip_address","5060")) { end_media_session(); sl_reply_error(); } } I am also allowing only my proxies can see the location tables; f ((src_ip== Proxy1_ip_address) || (src_ip= Proxy2_ip_address)) { if (!lookup("location")) { sl_send_reply("404", "Not Found"); exit; }; for some reason incoming calls from my proxies are looping means Kamailio sending back to one of my proxyies, i dont know if there is somthing missing in my configuration or somthing else is causing this problem. Regards Asim Riaz

16 years, 2 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users September 2008