but I did not use save location on my config file .. what I defined is save
alias and lookup alias only..
below is my running config file .. please do some comment .. thanks ..
# ------------------------- request routing logic -------------------
# main routing logic
route{ setflag(2);
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
if (!method=="REGISTER") record_route();
if (loose_route()) {
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
append_hf("P-hint: outbound\r\n");
sl_send_reply("403", "Forbidden Unauthorized
Domain");
break;
};
if (uri=~"zipper.pacific.net.ph") {
if ((method=="BYE")||(method=="ACK")){
setflag(2);
}
if (method=="REGISTER") {
route(2);
break;
};
if (method=="INVITE") {
route(3);
break;
};
if (uri!=myself) {
route(1);
break;
};
}
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
if (!t_relay()) {
sl_reply_error();
};
}
route[2] {
log(1, "REGISTER: Authenticating user\n");
if (!radius_www_authorize("")) {
www_challenge("","0");
break; };
save("aliases"); consume_credentials(); break;
if (!save("location")) {
sl_reply_error();
};
}
route[3] {
if (!radius_www_authorize("domain.com")) {
www_challenge("domain.com","1");
break; }
consume_credentials();
lookup("aliases");
if (uri!=myself) { route(1); break; };
if (!lookup("location")) {
if (method=="INVITE" || method=="ACK") {
sl_send_reply("404", "Extension number does not
exist");
break;
};
sl_send_reply("404", "Extension number does not exist");
break;
} else { setflag(3); t_relay(); break; };
route(1);
}
===========================
At 07:46 PM 5/17/2005, Samuel Osorio Calvo wrote:
Hi,
the "normal" mechanism is to have two table, aliases and location. In the
first one you have a "permament" binding between a an alias and the user
name (AoR). In the latter, you update the binding between the username
(AoR) and the current location treating the incoming REGISTER with
save("location").
In your attached config file there is save("location"), which will update
the location table:
if (method=="REGISTER")
{
# Uncomment this if you want to use digest
authentication
if
(!www_authorize("justser.com", "subscriber")) {
www_challenge("justser.com", "0");
break;
};
save("location");
break;
};
, so you would have:
ALIASES LOCATION
900--->test test--->UA'sIP
When you do lookup("location") in
# native SIP destinations are
handled
using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not
Found");
break;
};
};
you will rewrite the Req-URI to the binding existing in the location
table, that's why they can reach the user with the username. And you
sohuld do it because the user's UA will recognise requests with test in
the Req-URI as targeted to itself but not requests with 900 in the Req-URI.
That's why you should make something like
lookup("aliases");
lookup("location");
in the config file to handle aliases.
If you don't want other people to reach the user with the AoR (I'm
wondering you would like suche feature...): you should make somehting like
(it's just a possible approach from many differents and don't know if it
will work always....just experiment):
if( lookup("aliases") ){
if( ! lookup("location") ){
sl_send_reply("404", "Not Found");
break;
}
}
Hope it's clearer.....
Samuel
Unclassified.
>> "Edgardo O. Gonzales II"
<edgardo.g(a)pacific.net.ph> 05/17/05 01:20PM >>>
Hi!
I have a little problem with regards to alias and my routing table because
as I understand the logic of logging and authorization, client can login using
a username and password assigned by the administrator.
For example, I have the following information
username : test
password : test123
extension / alias : 900
By enabling radius support, for aaa, I was able to login using my username
and password.
Other parties can also call my extension / alias number which is 900 but I
wonder why they can
also call my username which is test. I have save("alias") on my config.
why is this happening.
thanks,
ed
At 03:24 AM 5/17/2005, Jose Bertuzzi wrote:
>Hello guys; I have everything in place to acc into
>mysql. I am already logging some BYEs, INVITEs and
>ACKs.
>
>Where do I have to place the setflag statement to
>properly log messages from and/to gw 66.166.166.66
>only?
>
>My ser.cfg is as follows:
>
>
># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei
>Exp $
>#
># simple quick-start config script
>#
>
># ----------- global configuration parameters
>------------------------
>
>#debug=3 # debug level (cmd line: -dddddddddd)
>#fork=yes
>#log_stderror=no # (cmd line: -E)
>
>/* Uncomment these lines to enter debugging mode
>debug=7
>fork=no
>log_stderror=yes
>*/
>
>check_via=no # (cmd. line: -v)
>dns=no # (cmd. line: -r)
>rev_dns=no # (cmd. line: -R)
>#port=5060
>#children=4
>fifo="/tmp/ser_fifo"
>#fifo_mode=0666
>
>
># ------------------ module loading
>----------------------------------
>
># Uncomment this if you want to use SQL database
>loadmodule "/usr/local/lib/ser/modules/mysql.so"
>
>loadmodule "/usr/local/lib/ser/modules/sl.so"
>loadmodule "/usr/local/lib/ser/modules/tm.so"
>loadmodule "/usr/local/lib/ser/modules/rr.so"
>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>loadmodule "/usr/local/lib/ser/modules/acc.so"
>#loadmodule "/usr/local/lib/ser/modules/group.so"
>
>
># Uncomment this if you want digest authentication
># mysql.so must be loaded !
>loadmodule "/usr/local/lib/ser/modules/auth.so"
>loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>
># ----------------- setting module-specific parameters
>---------------
>
># -- usrloc params --
>
>#modparam("usrloc", "db_mode", 0)
>
># Uncomment this if you want to use SQL database
># for persistent storage and comment the previous line
>modparam("usrloc", "db_mode", 2)
>
># -- auth params --
># Uncomment if you are using auth module
>#
>modparam("auth_db", "calculate_ha1", yes)
>#
># If you set "calculate_ha1" parameter to yes (which
>true in this config),
># uncomment also the following parameter)
>#
>modparam("auth_db", "password_column", "password")
>
># -- rr params --
># add value to ;lr param to make some broken UAs happy
>modparam("rr", "enable_full_lr", 1)
>
>
># -- acc params --
>
>modparam("acc", "db_url",
>"mysql://ser:heslo@localhost/ser")
>#modparam("acc", "log_level", 1)
>#modparam("acc", "log_flag", 1)
>modparam("acc", "db_flag", 1)
>
>
>
># ------------------------- request routing logic
>-------------------
>
># main routing logic
>
>route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long
>requests
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> break;
> };
> if ( msg:len > max_len ) {
> sl_send_reply("513", "Message too
>big");
> break;
> };
>
> # we record-route all messages -- to make sure
>that
> # subsequent messages will go through our
>proxy; that's
> # particularly good if upstream and downstream
>entities
> # use different transport protocol
> record_route();
> # loose-route processing
> if (loose_route()) {
> t_relay();
> break;
> };
>
> # if the request is for other domain use
>UsrLoc
> # (in case, it does not work, use the
>following command
> # with proper names and addresses in it)
> if (uri=~"justser.com") {
>
> if (src_ip==66.166.166.66 and
>method=="INVITE") { ## Llamadas desde PSTN
> forward(uri:host, uri:port);
> ##
> break;
> ##
> };
> ##
>
>
if (method=="REGISTER")
{
# Uncomment this if you want to use digest
authentication
if
(!www_authorize("justser.com", "subscriber")) {
www_challenge("justser.com", "0");
break;
};
save("location");
break;
};
>
>
>
> if
>(uri=~"^sip:1305[0-9]*@justser.com") { ##
> prefix("3000#");
> ##
>
>rewritehostport("66.166.166.66:5060"); ##
>TERMINATION
> forward(uri:host, uri:port);
> ## AREA CODE 305
> #setflag(1); ##
> break;
> ##
> };
> ##
>
>
> if
>(uri=~"^sip:1786[0-9]*@justser.com") { ##
> prefix("3000#");
> ##
>
>rewritehostport("66.166.166.66:5060"); ##
>TERMINATION
> forward(uri:host, uri:port);
> ## AREA CODE 786
> break;
> ##
> };
> ##
>
>
>
>
# native SIP destinations are
handled
using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not
Found");
break;
};
};
> # forward to current uri now; use stateful
>forwarding; that
> # works reliably even if we forward from TCP
>to UDP
>
> setflag(1);
>
> if (!t_relay()) {
> sl_reply_error();
> };
>
>}
>
>
>
>
>Yahoo! Mail
>Stay connected, organized, and protected. Take the tour:
>http://tour.mail.yahoo.com/mailtour.html
>
>_______________________________________________
>Serusers mailing list
>serusers(a)lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers