20 Nov
2004
20 Nov
'04
12:30 a.m.
Hi there
Lucas Aimaretto wrote:
I read a couple of days ago (in this list) that one could
call an authorize during the INVITE step, but I didn't try
it, yet (still fighting with RADIUS Start acct packet)
why would be a
2a auth for the same user? do you mean
you desire a new auth per call?
Well, suppouse the following ...
User "A" exists in radius' database, and he is only allowed to call
users B,C,D and E. What about if user "A" wants to call user "F",
how do I control that ??? Another option is, yes!, to send everything
(username,
calling-station-id and called-station-id) in just one message, so as to
check destination too in only the 1st auth ... But I do not see SER
being sending the Called-Station-Id attribute in the auth process nor
the calling-station-id (which is NULL). I just see the Username
attribute. Look ...
that's because your auth is being sent during the REGISTER step,
not the INVITE step (REGISTER and INVITE are SIP terms
for authorizing the client on the server and to instantiate
a call to a SIP endpoing, just for clarification)
radrecv: Access Request from host c0a801fd code=1,
id=47, length=281
User-Name = "1992005(a)192.168.1.253"
Digest-Attributes = "\012\0111992005"
Digest-Attributes = "\001\017192.168.1.253"
Digest-Attributes = "\002*419e6d1044b039c6a5570602eb629a2b6b2cb881"
Digest-Attributes = "\004\033sip:1992001@192.168.1.253"
Digest-Attributes = "\003\010INVITE"
Digest-Response = "5844c35bc08dfe74b5481c959c13d65e"
Service-Type = Sip-Session
Sip-Uri-User = "1992005"
Cisco-AVPair =
"call-id=3CBA2689-8049-4D01-AB08-1DE8EE7B20BE(a)192.168.1.178"
NAS-IP-Address = 192.168.1.253
NAS-Port-Id = 5060
SQL: Attempting to reserve socket
SQL: Reserved socket 0
Username is now 1992005
Calling station Id is now (null)
CalledID==NULL
credit_amount (18.90)
Sending Access Ack of id 47 to c0a801fd (nas linux)
Credit-Amount =
"V9:T102:L26:683332332d6372656469742d616d6f756e743d31382e3930"
SQL: Socket 0 used for 0.70 seconds
SQL: Released socket 0
Do you see ?
I got the picture but really don't know how to solve
that, yet -- that's on my TODO list, as soon as I discover
WHY I can't generate the Start RADIUS acct packets -
I put setflag(1) on every "if" inside my nathelper.cfg
example which I'm testing and still doesn't get these
packets on my RADIUS server :-(
How can I (if possible) do that (to send also
[Called/Calling]-Station-Id)?
sorry, haven't a clue, right now :^)
Cheers
!3runo