sr-users

sr-users@lists.kamailio.org

37302 discussions

by Tirpák Miklós

Hi! I have writen a module, may be somebody is interested in it. It is used to determinate if a user has appropriate permission to establish a call. The permissions can be managed in configuration files very simular to hosts.allow and hosts.deny. Every value in the configuration files are regular expresions, so it is easy to define rules. Example for a rule: "^sip:361[0-9]*@abc.com$" EXCEPT "^sip:.*3@abc.com$", "^sip:.*4@abc.com$" : ALL Every PSTN endpoint beginning with 361 except those ending with 3 or 4 can establish calls with everybody. In general: from_list [EXCEPT from_list] : to_list [EXCEPT to_list] from_list and to_list are comma separated expressions Expressions are treated as case insensitive POSIX Extended RegularExpressions. Keyword ALL matches any expression. -- --------------------------------------------------------------------------- Miklos Tirpak Computer and Automation Research Institute e-mail : mtirpak(a)sztaki.hu of the Hungarian Academy of Sciences phone : (361) 279-6011 H-1132. Budapest, Victor Hugo u 18-22 fax : (361) 279-6021

21 years, 8 months

RE: [Serusers] multiple registration on one user login

by Ng, Soo Sim

Hi, I am thinking of locking the user hardphone MAC Address onto Layer 2 Switch level. This way even if the user move around their phone, it will be blocked. The disadvantage is that it will create opreration nightmare and will only work in ETTx environment. In a broadband wireless environment, there may be no layer 2 switch in between the network and subsriber. There are 2 categories of subscribers. One is only want to use their home phone just like what the legacy voice network do. They won't bother to know about username/password. (For example illiterate elderly citizen). I must cater for these kind of users. Yet provide a secure environment for them. Another is subscribers who want to have more flexibility. They may have hardphone, softphone, pda, notebook who can logon everywhere in the on-net network. These users may have more than one phone number to their home per user account. These users will have to be reseponsile for their username/password. I am looking for all possibbilities and limitations there is before drawing any implementation plan. So far, my testing is working well. SER, Cisco 7960, ATA186, Cisco Voice Gateway, Softphone/IPAQ w/WLAN, MSN Messenger, etc Thanks SSng -----Original Message----- From: Jan Janak [mailto:jan@iptel.org] Sent: Tuesday, March 11, 2003 7:30 PM To: Ng, Soo Sim Cc: Jiri Kuthan; serusers(a)lists.iptel.org Subject: Re: [Serusers] multiple registration on one user login Hello, do you still need such a restriction ? Jan. On 10-03 11:12, Ng, Soo Sim wrote: > Thanks to all giving your thought and advice. > > SSng > > -----Original Message----- > From: Jiri Kuthan [mailto:jiri@iptel.org] > Sent: Thursday, March 06, 2003 6:49 AM > To: Ng, Soo Sim; serusers(a)lists.iptel.org > Subject: RE: [Serusers] multiple registration on one user login > > > Hello, > > I fear that such a case can't be avoided with allowing only > a single registration. If I steal your phone away from your > desk, you will not register with it anymore, but I will and > we will have exactly one valid registration. Leaving SIP > phones with hard-wired passwords on your desk has simply the > same potential as leaving your credit-card or cell-phone there. > > What can be done about fraud? > > User education -- don't leave your money and phone unattended. > Hotline -- report stolen phones to lock the account. > PIN Lock -- use phones which can log-off and log-on (I'm not aware > of any now -- only 3com used to do that) > > -Jiri > > ps -- ability to move is a feature. I know people who are very glad > to use Vonage's US phone number and move with their ATAs and the > US phone number around in Europe. > > At 11:37 PM 3/5/2003, Ng, Soo Sim wrote: > >Jiri, > > > >Scenario is providing IP Telephony to the household. > >I am more concern about the security of the Hardphone. I am thinking of auto-provisioned the hardphone (eg C7960, ATA186) without subsriber intervention. What the subscriber know is their phone # (Just like legacy phone system). > > > >Since the Hardphone is 'hard-coded', the phone can move round the vicinity of the redisential area and still able to make a call. Potentially this will lead to abuse, as someone may take the phone to a different location when owner is not around and make a 'free' call, return back the phone and the billing still charge the original subsriber. > > > >Any other suggestion to counter this issue is much appreacited. > > > >SSng > > > >-----Original Message----- > >From: Jiri Kuthan [mailto:jiri@iptel.org] > >Sent: Wednesday, March 05, 2003 12:18 AM > >To: Ng, Soo Sim; serusers(a)lists.iptel.org > >Subject: Re: [Serusers] multiple registration on one user login > > > > > >At 03:08 PM 3/4/2003, Ng, Soo Sim wrote: > >>I have such requirements. In providing sip-based residential ip telephony, I would like to restrict each home subsriber is only allowed to register one UA per account. This would make easy for billing purposes and for security reasons. > >> > >>Is there a way to achieve this requirement with SER? > > > >If that is your desparate wish, it is little overhead to make you happy. > >I'm still not sure though, it is a useful thing. > > > >Maybe an operator can make more revennues if my wife can accept calls at > >any phone in my building and initiate calls in parallel with my doughter. > > > >What are exactly the billing/security reasons here? > > > >-Jiri > > -- > Jiri Kuthan http://iptel.org/~jiri/ > > _______________________________________________ > Serusers mailing list > serusers(a)lists.iptel.org > http://lists.iptel.org/mailman/listinfo/serusers

21 years, 8 months

Re: [Serusers] Alternative to Mysql?

by Jan Janak

Sorry, auth was excluded from compilation by default. Either update sip_router/Makefile from the repository or edit sip_router/Makefile, look for line containing excluded_modules, remove auth from it and do again make all. Jan. PS: Please CC the mailing list too. On 12-03 16:39, David Beckemeyer wrote: > > Thanks for your help. > > For some reason modules/auth/auth.so didn't get built so that ser.cfg > doesn't start. > > ser: ERROR: load_module: could not open module <./modules/auth/auth.so>: ./modules/auth/auth.so: cannot open shared object file: No such file or directory > ser: parse error (40,13-36): failed to load module > ser: parse error (92,26-27): unknown command, missing loadmodule? > ser: INFO: signal 15 received > > It looks like the Makefile nevver tried to build that module. > > Other modules got built, as follows: > modules/acc/acc.so > modules/auth_db/auth_db.so > modules/dbtext/dbtext.so > modules/domain/domain.so > modules/enum/enum.so > modules/exec/exec.so > modules/group/group.so > modules/maxfwd/maxfwd.so > modules/pike/pike.so > modules/print/print.so > modules/registrar/registrar.so > modules/rr/rr.so > modules/sl/sl.so > modules/textops/textops.so > modules/tm/tm.so > modules/uri/uri.so > modules/usrloc/usrloc.so > modules/vm/vm_mod.so > > On Thu, Mar 13, 2003 at 01:15:26AM +0100, Jan Janak wrote: > > Hello David, > > > > attached please find updated ser.cfg with authentication enabled using > > plaintext files instead of mysql. > > > > Do the following: > > 1) Get the latest CVS snapshot (yes, again) > > 2) Compile it, but do not install it (don't do make install) > > 3) Create a directory where your plaintext files containing database > > tables will be stored > > 4) Put attached "subscriber" and "location" files in the directory > > 5) Edit attached ser.cfg > > 6) Replace /home/janakj/ser with path to the directory (2 occurrencies) > > 7) save ser.cfg in sip_router directory (the CVS snaphot) > > 7) Edit subscriber and replace jan with your username, heslo with your > > password and iptel.org with your domain > > 8) cd sip_router > > 9) ./ser -f ser.cfg > > > > Please report any problems to us. > > > > Jan. > > > > PS: See sip_router/modules/dbtext/Readme for description of format of > > the plaintext files. > > > > On 12-03 13:57, David Beckemeyer wrote: > > > > > > Unstable indeed. I built SER from CVS and even using the > > > stock (no DB) ser.cfg, it won't start, and reports: > > > > > > ERROR: bad config file (16 errors) > > > > > > ser: parse error (36,13-47): failed to load module > > > ser: set_mod_param(): Parameter not found > > > ser: parse error (46,34-35): Can't set module parameter > > > ser: parse error (70,36-37): unknown command, missing loadmodule? > > > ser: parse error (71,38-39): unknown command, missing loadmodule? > > > ser: parse error (75,41-42): unknown command, missing loadmodule? > > > ser: parse error (80,19-20): unknown command, missing loadmodule? > > > ser: parse error (95,19-20): unknown command, missing loadmodule? > > > ser: parse error (100,25-26): unknown command, missing loadmodule? > > > ser: parse error (101,36-37): unknown command, missing loadmodule? > > > ser: parse error (106,15-16): unknown command, missing loadmodule? > > > ser: parse error (107,18-19): unknown command, missing loadmodule? > > > ser: INFO: signal 15 received > > > > > > On Wed, Mar 12, 2003 at 08:40:04PM +0100, Daniel-Constantin MIERLA wrote: > > > > > > > > > > > > Hello, > > > > see dbtext for that. But notice that the module has not been thoroughly > > > > tested. It is not included in v0.8.10 so you have to use a CVS snapshot > > > > which is quite unstable these days due to lots of changes. If you want > > > > to use it before the new release of ser is out you might get weird > > > > situations, but you can provide us some help with testing ... It is your > > > > choice ... > > > > > > > > -.- > > > > Best regards, > > > > Daniel > > > > > > > > > > > > David Beckemeyer wrote: > > > > > > > > >I'm trying to get SER up and I need auth. I'm not a Mysql user > > > > >and, frankly, I'd rather not need to learn it, just to get > > > > >authentication support. I wish there were a middle-ground > > > > >between no-auth at all and a full-blown Mysql installation. > > > > > > > > > >I tried the Cookbook approach, using Dan Austin's HOWTO for > > > > >setting up Mysql for SER, but the commands do not work as shown > > > > >so I'm left with learning Mysql through and through to debug > > > > >why those cookbook commands don't work. > > > > > > > > > >I'm very familiar with SIP and I want to test SER, not a new Sql > > > > >server DB engine. It seems like Mysql is a distraction to that > > > > >effort. > > > > > > > > > >Is anyone working on something like a flat-file module to > > > > >replace Mysql? Any pointers for the best place to start on > > > > >developing such a module (i.e. shortcuts)? > > > > > > > > > >Thanks, > > > > > > > > > > - david > > > > > > > > > >_______________________________________________ > > > > >Serusers mailing list > > > > >serusers(a)lists.iptel.org > > > > >http://lists.iptel.org/mailman/listinfo/serusers > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > Serusers mailing list > > > > serusers(a)lists.iptel.org > > > > http://lists.iptel.org/mailman/listinfo/serusers > > > _______________________________________________ > > > Serusers mailing list > > > serusers(a)lists.iptel.org > > > http://lists.iptel.org/mailman/listinfo/serusers > > > # > > # $Id: dbtext.cfg,v 1.2 2003/03/13 00:07:28 janakj Exp $ > > # > > # simple quick-start config script > > # > > > > # ----------- global configuration parameters ------------------------ > > > > debug=3 # debug level (cmd line: -dddddddddd) > > fork=yes > > log_stderror=no # (cmd line: -E) > > > > /* > > debug=7 > > fork=no > > log_stderror=yes > > */ > > > > check_via=no # (cmd. line: -v) > > dns=no # (cmd. line: -r) > > rev_dns=no # (cmd. line: -R) > > port=5060 > > children=4 > > fifo="/tmp/ser_fifo" > > > > # ------------------ module loading ---------------------------------- > > > > # Uncomment this if you want to use SQL database > > loadmodule "./modules/dbtext/dbtext.so" > > > > loadmodule "./modules/sl/sl.so" > > loadmodule "./modules/tm/tm.so" > > loadmodule "./modules/rr/rr.so" > > loadmodule "./modules/maxfwd/maxfwd.so" > > loadmodule "./modules/usrloc/usrloc.so" > > loadmodule "./modules/registrar/registrar.so" > > > > # Uncomment this if you want digest authentication > > # mysql.so must be loaded ! > > loadmodule "./modules/auth/auth.so" > > loadmodule "./modules/auth_db/auth_db.so" > > > > # ----------------- setting module-specific parameters --------------- > > > > # -- usrloc params -- > > > > #modparam("usrloc", "db_mode", 0) > > > > # Uncomment this if you want to use SQL database > > # for persistent storage and comment the previous line > > modparam("usrloc", "db_mode", 1) > > modparam("usrloc", "db_url", "/home/janakj/ser") > > modparam("auth_db", "db_url", "/home/janakj/ser") > > > > # -- auth params -- > > # Uncomment if you are using auth module > > # > > modparam("auth_db", "calculate_ha1", yes) > > # > > # If you set "calculate_ha1" parameter to yes (which true in this config), > > # uncomment also the following parameter) > > # > > modparam("auth_db", "password_column", "password") > > > > # ------------------------- request routing logic ------------------- > > > > # main routing logic > > > > route{ > > > > # initial sanity checks -- messages with > > # max_forwards==0, or excessively long requests > > if (!mf_process_maxfwd_header("10")) { > > sl_send_reply("483","Too Many Hops"); > > break; > > }; > > if (len_gt( max_len )) { > > sl_send_reply("513", "Message too big"); > > break; > > }; > > > > # Do strict routing if pre-loaded route headers present > > loose_route(); > > > > # if the request is for other domain use UsrLoc > > # (in case, it does not work, use the following command > > # with proper names and addresses in it) > > if (uri==myself) { > > > > if (method=="REGISTER") { > > if (!www_authorize("", "subscriber")) { > > www_challenge("", "0"); > > break; > > }; > > > > save("location"); > > break; > > }; > > > > # native SIP destinations are handled using our USRLOC DB > > if (!lookup("location")) { > > sl_send_reply("404", "Not Found"); > > break; > > }; > > }; > > # forward to current uri now > > if (!t_relay()) { > > sl_reply_error(); > > }; > > > > } > > > > > user(str) contact(str) expires(int) q(double) callid(str) cseq(int) > > > username(str) password(str) ha1(str) domain(str) ha1b(str) > > jan:heslo:xxx:iptel.org:xxx > > > > >

21 years, 8 months

[Serusers] �� !

by sbags＠netnet.net

21 years, 8 months

[Serusers] Alternative to Mysql?

by David Beckemeyer

I'm trying to get SER up and I need auth. I'm not a Mysql user and, frankly, I'd rather not need to learn it, just to get authentication support. I wish there were a middle-ground between no-auth at all and a full-blown Mysql installation. I tried the Cookbook approach, using Dan Austin's HOWTO for setting up Mysql for SER, but the commands do not work as shown so I'm left with learning Mysql through and through to debug why those cookbook commands don't work. I'm very familiar with SIP and I want to test SER, not a new Sql server DB engine. It seems like Mysql is a distraction to that effort. Is anyone working on something like a flat-file module to replace Mysql? Any pointers for the best place to start on developing such a module (i.e. shortcuts)? Thanks, - david

21 years, 8 months

[Serusers] Any progress for radius?

by Yang Xiang

Hi, I saw many changes in CVS about radius. Is there any progress for radius? The radius modules from release 0.8.10 are unfortunately not usable. It seems there will be some fundamental changes in terms of radius_auth and radius_acc. How will the new structure look? Best regards Yang

21 years, 8 months

[Serusers] SER Programmer's Guide update

by Jan Janak

Hello, We are going to update the SER Programmer's Guide (If you don't know it: http://iptel.org/ser/devel.html ). If you have any suggestions, ideas or even want to contribute something, please let us know. The document will be intended mainly for 3rd party module developers and feedback from you is very important to us. Any feedback will be appreciated, thank you. regards, Jan.

21 years, 8 months

[Serusers] ��

by 782-35-67

21 years, 8 months

[Serusers] �� !

by gryllus＠charter.net

21 years, 8 months

[Serusers] SIPIt 13 Press Release and Registration Information

by Jerry Yin

Sorry if you receive duplicated mail from other groups. ============================================================================ ======= Mitel Networks To Host Leading Global SIP Interoperability Event SIPit 13 to showcase the interoperability and implementations of Session Initiation Protocol (SIP) from over 60 companies OTTAWA, CANADA, March 11, 2003 - Mitel Networks, a market-leader in voice, video, and data convergence over broadband networks, today announced that it will host and sponsor the 13th annual SIPit, a global SIP interoperability testing event. The event will take place August 18 to 23 at the Brookstreet Hotel in Ottawa, Canada and attract over 60 vendors and 150 engineers from around the globe. SIPit is an international event endorsed by the SIP Forum and overseen by the Internet Engineering Task Force (IETF). SIPit provides a critical industry benchmark in the drive to make SIP the defacto standard for real-time Internet communication services. SIP is an open, Internet-genuine protocol for establishing and managing multi-party, mixed-media sessions over converged networks. The purpose of SIPit is to test the interoperability of SIP implementations and products and perform testing on advanced features and functionality. Vendors then have the opportunity to address any incompatibilities for their commercial releases. The testing at SIPit also accelerates the drive towards new drafts of the SIP specification based on new requirements and findings at the event. SIPit is open exclusively to vendors offering SIP-based solutions that will see market availability and is not an exhibition, public demonstration, conference or workshop. "The promise of SIP to enable businesses the choice and flexibility of true open interoperability in a multi-vendor environment will gain velocity as manufacturers collaborate in testing their standards based solutions," said Paul Butcher, Chief Operating Officer, Mitel Networks. "The opportunity to test our products at SIPit, with the devices and services of over 60 of the world's leading implementers, provides a tremendous opportunity to measure the interoperability of our own SIP-based solutions and of the industry as a whole." An early supporter of SIP, Mitel Networks has participated in the previous six SIPit events. At SIPit13 Mitel Networks will test a range of SIP-based desktop devices and communications platforms including the 5055 SIP Phone and the 3050 Integrated Communications Platform. For registration and information about SIPit13 in Ottawa, please visit: www.mitel.com/sipit. About SIP An Internet Engineering Task Force (IETF) standard, SIP is an open, Internet-genuine protocol for establishing and managing multi-party, mixed-media sessions over converged networks. SIP enables the creation and deployment of feature-rich services that go far beyond simple VoIP calls. About Mitel Networks Mitel Networks is a market-leader for voice, video, and data convergence over broadband networks. With a focus on the user experience, the company delivers advanced communications solutions that are easily customized for individual business needs. Through intuitive desktop appliances and applications, businesses are provided with innovative ways to manage information and resources. Vertical markets benefit from integrated solutions that protect existing investments, while enabling new ways to be more cost effective and productive. Mitel Networks is headquartered in Ottawa, Canada with offices, partners, and resellers worldwide. For more information please visit www.mitel.com -30- For more information, please contact: Jon Carvill Mitel Networks 613.592.2122 jon_carvill(a)mitel.com

21 years, 8 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users