Hi there
Lucas Aimaretto wrote:
why would be a 2a auth for the same user? do you mean you desire a new auth per call?
Well, suppouse the following ...
User "A" exists in radius' database, and he is only allowed to call users B,C,D and E. What about if user "A" wants to call user "F", how do I control that ???
I read a couple of days ago (in this list) that one could call an authorize during the INVITE step, but I didn't try it, yet (still fighting with RADIUS Start acct packet)
Another option is, yes!, to send everything (username, calling-station-id and called-station-id) in just one message, so as to check destination too in only the 1st auth ... But I do not see SER being sending the Called-Station-Id attribute in the auth process nor the calling-station-id (which is NULL). I just see the Username attribute. Look ...
that's because your auth is being sent during the REGISTER step, not the INVITE step (REGISTER and INVITE are SIP terms for authorizing the client on the server and to instantiate a call to a SIP endpoing, just for clarification)
radrecv: Access Request from host c0a801fd code=1, id=47, length=281 User-Name = "1992005@192.168.1.253" Digest-Attributes = "\012\0111992005" Digest-Attributes = "\001\017192.168.1.253" Digest-Attributes = "\002*419e6d1044b039c6a5570602eb629a2b6b2cb881" Digest-Attributes = "\004\033sip:1992001@192.168.1.253" Digest-Attributes = "\003\010INVITE" Digest-Response = "5844c35bc08dfe74b5481c959c13d65e" Service-Type = Sip-Session Sip-Uri-User = "1992005" Cisco-AVPair = "call-id=3CBA2689-8049-4D01-AB08-1DE8EE7B20BE@192.168.1.178" NAS-IP-Address = 192.168.1.253 NAS-Port-Id = 5060 SQL: Attempting to reserve socket SQL: Reserved socket 0 Username is now 1992005 Calling station Id is now (null) CalledID==NULL credit_amount (18.90) Sending Access Ack of id 47 to c0a801fd (nas linux) Credit-Amount = "V9:T102:L26:683332332d6372656469742d616d6f756e743d31382e3930" SQL: Socket 0 used for 0.70 seconds SQL: Released socket 0
Do you see ?
I got the picture but really don't know how to solve that, yet -- that's on my TODO list, as soon as I discover WHY I can't generate the Start RADIUS acct packets - I put setflag(1) on every "if" inside my nathelper.cfg example which I'm testing and still doesn't get these packets on my RADIUS server :-(
How can I (if possible) do that (to send also [Called/Calling]-Station-Id)?
sorry, haven't a clue, right now :^)
Cheers !3runo