[OpenSER-Users] Openser with freeradius not accounting BYE method

Untitled Document I´m has a problem that my openser sometimes not accounting bye method and this cause a call without pay. See the openser.cfg: # # $Id: ser.cfg,v 1.25.2.1 2005/02/18 14:30:44 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ debug=4 # debug level (cmd line: -dddddddddd) ##-- # # Uncomment these lines to daemonize fork=yes log_stderror=no # (cmd line: -E) ##-- # # Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes ##-- alias=sip.processavoip.net listen=201.32.70.20 #syn_branch=1 memlog=3 sip_warning=1 server_signature=yes reply_to_via=0 mhomed=0 disable_dns_blacklist=yes unix_sock="/tmp/openser.sock" check_via=0 # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 mpath="/usr/local/lib/openser/modules/" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "mysql.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "auth.so" loadmodule "auth_radius.so" loadmodule "uri.so" loadmodule "domain.so" loadmodule "permissions.so" loadmodule "mediaproxy.so" loadmodule "nathelper.so" loadmodule "acc.so" loadmodule "xlog.so" loadmodule "dbtext.so" loadmodule "uri_db.so" loadmodule "mi_fifo.so" loadmodule "group.so" # ----------------- setting module-specific parameters --------------- # -- mi-fifo params -- modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo") # -- usrloc params -- modparam("usrloc", "db_mode", 2) modparam("usrloc", "nat_bflag", 6) modparam("usrloc", "domain_column", "fk_domains") modparam("usrloc", "user_column", "fk_accounts") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) ## -- database params -- modparam("acc|usrloc|group|domain|uri_db|permissions", "db_url", "mysql://root:master@localhost/openser") # -- radius params -- modparam("acc|auth_radius", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") # -- radius permissions -- modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") # -- group params -- modparam("group", "table", "accounts_groups") modparam("group", "user_column", "fk_accounts") modparam("group", "domain_column", "fk_domains") modparam("group", "group_column", "pk_accounts_groups") modparam("group", "use_domain", 0) ## -- acc params -- modparam("acc", "radius_missed_flag", 3) modparam("acc", "radius_flag", 2) #modparam("acc", "radius_extra", "via=$hdr(Via[*]); email=$avp(s:email)") modparam("acc", "log_level", 2) modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;dst_user=$rU;dst_domain=$rd") modparam("acc", "radius_extra", "User-Name=$fU;Suffix=$fd;Sip-Translated-Request-URI=$ru") modparam("acc", "service_type", 15) modparam("acc", "failed_transaction_flag", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_flag", 1) ## -- acc params without radius -- #modparam("acc", "db_missed_flag", 3) #modparam("acc", "db_flag", 2) #modparam("acc", "db_table_acc", "call_history") #modparam("acc", "db_table_missed_calls", "call_history_missed") # -- uri_db params -- modparam("uri_db", "subscriber_table", "accounts") modparam("uri_db", "subscriber_domain_column", "fk_domains") modparam("uri_db", "subscriber_user_column", "pk_accounts") # -- domain params -- modparam("domain", "domain_table", "domains") modparam("domain", "domain_col", "pk_domains") # -- nathelper, mediaproxy nd registrar params -- modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@openser.org") modparam("nathelper", "rtpproxy_disable", 1) modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT modparam("registrar|nathelper", "received_avp", "$avp(i:42)") # to configure nat at openser 1.2, 1.3 or 1.4 modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy.sock") modparam("mediaproxy", "natping_interval", 30) #modparam("mediaproxy", "sip_asymmetrics", "/etc/openser/sip-clients") #modparam("mediaproxy", "rtp_asymmetrics", "/etc/openser/rtp-clients") #modparam("registrar", "received_avp", "$avp(s:rcv)") # to configure nat at openser 1.2, 1.3 or 1.4 # -- tm params -- # set time for which ser will be waiting for a final response; # fr_inv_timer sets value for INVITE transactions, fr_timer # for all others #modparam("tm", "fr_inv_timer", 15 ) #Tempo maximo do ring antes de atender #modparam("tm", "fr_timer", 1) #modparam("tm", "wt_timer", 1) # ------------------------- request routing logic ------------------- # main routing logic route { # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Muitos Hops"); log(1, "486: Muitos Hops\n"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message to big"); log(1, "513: Message too bi \n"); exit; }; ##-- # Eh feita a gravacao de todas as mensagens para se certificar que todas as mensagens # passem pelo proxy o que eh importante particularmente se as entidades estao usando # um protocolo de transporte diferente ##-- if (method!="REGISTER") { record_route(); }; route(6); ##-- # Secao de finalizacao da chamada ##-- if (method=="BYE" || method=="CANCEL") { end_media_session(); }; ##-- # mensagens subsequentes dentro de um dialogo deveriam tomar um caminho pre-determinado # pela gravacao das rotas (record route) ##-- if (loose_route()) { # marca a logica de roteamento no pedido append_hf("P-hint: rr_enforced\r\n"); if (has_totag() && (method=="INVITE" || method=="ACK")) { xlog("L_ERR", "Main Route: Fixing SDP to $fu $rm (loose route)\n"); if (client_nat_test("3") || isflagset(5)) { setbflag(6); use_media_proxy(); }; }; xlog("L_ERR", "Main Route: Loose Route relaying\n"); route(1); exit; }; if (!uri==myself) { # marca a logica de roteamento no pedido append_hf("P-hint: rr_enforced\r\n"); xlog("L_ERR", "Main Route: Relaing mesage to proxy destination \n"); route(4); route(1); }; ##-- # Verifica baseado na tabela de dominios se a parte host da R-URI comtem um dos dominios # quais o proxy eh responsavel ##-- if (!is_uri_host_local()) { if (is_from_local() || allow_trusted()) { route(4); route(1); } else { sl_send_reply("403", "Forbinden..."); } exit; }; ##-- # A rotina abixo eh chamada para marcar o registro com NAT ##-- if (method=="CANCEL") { route(1); exit; } else if (method=="REGISTER") { route(2); exit; } else if (method=="INVITE") { route(3); exit; }; ##-- # Verifica se existem aliases para este endereco e se eles nao pertencem # a teste dominio encaminhamos para frente ##-- lookup("aliases"); if (uri!=myself) { xlog("L_ERR", "Main Route: aliases relayin to other domain proxy\n"); route(4); route(1); exit; }; ##-- # Verifica se encontra o usuario na base de localizacao ##-- if (!lookup("location")) { sl_send_reply("404", "Usuario nao encontrado"); exit; }; route(1); exit; } route[1] { ##-- # Envie isto agora; use "statefull fowarding" pois funciona de forma confiavel de UDP para TCP # Ativa a contabilizacao das chamadas ##-- xlog("L_ERR", "Route[1]: Relaying message\r\n"); setflag(2); ##-- # Ativa a contabilizacao das chamadas perdidas ##-- setflag(3); t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" || method=="ACK") { end_media_session(); }; sl_reply_error(); }; } route[2] { ##-- # Tratamento padrao para as mensagens de Register ##-- sl_send_reply("100", "Registrando...."); xlog("L_ERR", "Route[2]: Trying Auth: $fu $si\n"); if (isflagset(5) && client_nat_test("7")) { xlog("L_ERR", "Route[2]: Client behind NAT - flag(6)\n"); setbflag(6); fix_nated_register(); force_rport(); # se quiser usar natping options descomente a linha abaixo # setbflag(7); }; if (!radius_www_authorize("")) { www_challenge("", "0"); xlog("L_ERR", "Route[2]: Client Unauthorized: $fu $si\r\n"); sl_send_reply("401", "Unauthorized"); exit; }; if (!check_to()) { xlog("L_ERR", "Route[2]: Client Unauthorized: $fu $si\r\n"); sl_send_reply("401", "Unauthorized"); exit; } else { xlog("L_ERR", "Route[2]: Authenticate: $fu $si\r\n"); }; consume_credentials(); if (!save("location")) { xlog("L_ERR", "Route[2]: Can't save register location\r\n"); sl_reply_error(); }; } route[3] { ##-- # Tratamento padrao para as mensagens de INVITE ##-- xlog("L_ERR", "Route[3]: INVITE: $fu -> $tu $ci\r\n"); # setflag(1); if (!allow_trusted()) { if (!radius_proxy_authorize("")) { proxy_challenge("", "0"); # Realm will be autogenerated exit; } else if (!check_from()) { sl_send_reply("403", "Usue from=ID"); xlog("L_ERR", "Route[3]: Error 403 $fu -> $tu\r\n"); exit; }; } consume_credentials(); ##-- # Verifica se existem aliases para este endereco e se eles nao pertencem # a teste dominio encaminhamos para frente ##-- lookup("aliases"); if (uri!=myself) { xlog("L_ERR", "Main Route: aliases relayin to other domain proxy\n"); route(4); route(1); }; ##-- # VoIP Local ##-- if (uri=~"sip:[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao VoIP local: $fU -> $tu\n"); } else { ##-- # Nacional ##-- if (uri=~"sip:0[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao Nacional: $fU -> $tu\n"); } else { ##-- # Internacional ##-- if (uri=~"sip:00[1-9][0-9]+@.*") { xlog("L_NOTICE", "OpenSER: Ligacao Interacional: $fU -> $tu\n"); }; }; route(5); exit; }; if (!lookup("location")) { append_hf("P-hint: usuario nao encontrado\r\n"); sl_send_reply("404", "Usuario nao encontrado"); exit; }; append_hf("P_hint: usrloc applied\r\n"); t_on_failure("1"); route(4); route(1); } route[4] { ##-- # Secao de travessia do nat ##-- if (isflagset(5)) { setbflag(6); }; if (isflagset(5) || isbflagset(6) || isbflagset(7)) { use_media_proxy(); xlog("L_ERR", "Rota[4]: Travessia de NAT mediaproxy\n"); }; } route[5] { ##-- # Encaminhamento para a rede publica (PSTN) ##-- xlog("L_ERR", "Route[5]: Relaying to PSTN\n"); rewritehostport("201.32.70.21"); route(4); route(1); } route[6] { force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); }; setflag(5); }; } failure_route[1] { if (t_check_status("487")) { exit; }; if (isbflagset(6) || isflagset(5)) { end_media_session(); }; onreply_route[1] { ##-- # Bloco de tratamento de respostas ##-- if ((isflagset(5) || isbflagset(6)) && status=~"(180)|(183)|(2[0-9][0-9])") { use_media_proxy(); # search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); } if (isbflagset(6)) { fix_nated_contact(); } } -------------------------------------------------------------------------- Alcindo Schleder Sistema Processa Acessoria e Comunicações Ltda. a.. MSN: a_schleder(a)hotmail.com b.. Skipe: alcindo_schleder Demétrio P. dos Santos, 705 - 95670-000 - Gramado-RS-Brasil Celular + 55 54 9966 7591 alcindo(a)processa.org Fone +55 54 3286-1738 comercial(a)processa.org