13 Nov
2005
13 Nov
'05
4:47 p.m.
Dear serusers,
I am running SER 9.4 . it works great. I am running SER outside on public
address
I am also having small problem behind NAT. To resolv this I am running
Stun server - public address with Stun Client - private address ( behind
NAT address )
The clients were not able to find its location.
But If i do enter Public ip addresss for that system by finding via
www.ip2location.com , Both incomming and out going works. The Problem is
every time , i have to manually enter the ipaddress.
Not sure, if I have to put both Stun server and Stun Client on the public
network. And not sure, Stun Client process gives the ip address of the
location
Please help me
Regards
Nesan
----- Original Message -----
From: <serusers-request(a)lists.iptel.org>
To: <serusers(a)lists.iptel.org>
Sent: Sunday, November 13, 2005 5:00 AM
Subject: Serusers Digest, Vol 31, Issue 15
-------------------------------------------------------------------------- ------
-------------------------------------------------------------------------- ------
-------------------------------------------------------------------------- ------
--
Thomas Storino Britis
TCNet Informatica e Telecomunicacoes LTDA
------------------------------
Message: 4
Date: Sat, 12 Nov 2005 14:59:01 -0700
From: Daryl Sanders <daryl.sanders(a)gmail.com>
Subject: [Serusers] Multi-domain setup problem
To: users(a)openser.org, SER Users <serusers(a)lists.iptel.org>
Message-ID:
<cffd7ecd0511121359l3d7a135ev84f81087534e3a84(a)mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Hi Everyone,
I just added a second domain to my openser box and screwed things up somehow.
Send Serusers mailing list submissions to
serusers(a)lists.iptel.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.iptel.org/mailman/listinfo/serusers
or, via email, send a message with subject or body 'help' to
serusers-request(a)lists.iptel.org
You can reach the person managing the list at
serusers-owner(a)lists.iptel.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Serusers digest..."
Today's Topics:
1. LCR question (Juha Heinanen)
2. Question Compiling acc.so (Leo Papadopoulos)
3. Re: NAT Traversal (Thomas Britis)
4. Multi-domain setup problem (Daryl Sanders)
5. Re: Question Compiling acc.so (sip)
6. Re: mediaproxy for incoming (George Lambson)
----------------------------------------------------------------------
Message: 1
Date: Sat, 12 Nov 2005 15:48:01 +0200
From: Juha Heinanen <jh(a)tutpro.com>
Subject: [Serusers] LCR question
To: Stefan Prelle <s.prelle(a)broadnet.de>
Cc: serusers(a)lists.iptel.org
Message-ID: <17269.62097.141780.968729(a)rautu.tutpro.com>
Content-Type: text/plain; charset=us-ascii
Stefan Prelle writes:
need
I am having huge performance problems. The
OpenSER drops to effectivly
1 CPS. My lcr table contains only 20 entries and I have just 2 gateways
configured, so this shouldn't be a problem.
currently load_gws() makes a complex mysql query, but only one mysql
query per second seems very slow to me. load_gws could be rewritten
totally in c, but so far nobody has had time to do so.
-- juha
------------------------------
Message: 2
Date: Sat, 12 Nov 2005 10:26:34 -0500
From: "Leo Papadopoulos" <leo(a)telecomcto.com>
Subject: [Serusers] Question Compiling acc.so
To: <serusers(a)lists.iptel.org>
Message-ID: <006201c5e79d$77ea4250$0a01010a@leoathlon>
Content-Type: text/plain; charset="us-ascii"
Dear serusers,
I am running ser 0.9.3
I want to enable the accounting package to write to MySQL. I realize I to recompile to do this.
Can I just compile ONLY the acc and somehow install this acc module? If
so,
how?
Is it just easier or better to recompile all of SER?
________________________________
Telecom CTO
Leo Papadopoulos
10 Old Stone Court
Ridgefield, CT 06877
Tel: 203-438-8117
Cell: 203-788-6364
E-mail: leo(a)telecomCTO.com
Web site: www.telecomCTO.com
------------------------------
Message: 3
Date: Sat, 12 Nov 2005 09:36:54 -0200
From: Thomas Britis <thomas(a)tcnet.com.br>
Subject: Re: [Serusers] NAT Traversal
To: "Greger V. Teigre" <greger(a)teigre.com>
Cc: serusers(a)lists.iptel.org
Message-ID: <4375D3D6.1070805(a)tcnet.com.br>
Content-Type: text/plain; charset=us-ascii; format=flowed
I tried. Everything goes fine until I change the default configuration
from onsip.org. All the configuration files are basical and needs a lot
of changes to make me happy, heh.
If anyone has an idea, it would be great.
Thank you.
Greger V. Teigre wrote:
> Seems like you could use the Getting Started document from ONsip.org ;-)
> g-)
> ----- Original Message ----- From: "Thomas Britis"
<thomas(a)tcnet.com.br>
> To: <serusers(a)lists.iptel.org>
> Sent: Friday, November 11, 2005 5:58 PM
> Subject: [Serusers] NAT Traversal
>
>
>> Hi,
>>
>> I'm working on a popular cenario (I think) of SER's implementation but
>> I'm having some difficult on making clients behind NAT to work well.
>> I tried to use rtpproxy and mediaproxy (not together, of course) but
>> without success.
>> Here is my scenario: SER with public IP address with rtpproxy and/or
>> mediaproxy up and running. Clients are behind NAT with NO firewall
>> blocking any ports. Or even one client behind NAT and other with valid
>> IP (by the way, all clients that are not behind nat works fine). The
one
behind nat do not receive any voice but can send it.
I'm attaching my ser.cfg (both, the rtpproxy and mediaproxy one) and
appreciate any help.
Thank's in advance.
--
Thomas Storino Britis
TCNet Informatica e Telecomunicacoes LTDA
#
# $Id: ser.cfg,v 1.25.2.1 2005/02/18 14:30:44 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
# TCNet Configuration
# hostname matching an alias will satisfy the condition uri==myself.
listen="200.167.20.34"
alias="e-voip.com.br"
alias="200.167.20.34"
uid="ser"
gid="ser"
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://ser:pass@localhost/ser"
# Modules
loadmodule "/tcnet/ser/lib/ser/modules/domain.so"
loadmodule "/tcnet/ser/lib/ser/modules/mysql.so"
loadmodule "/tcnet/ser/lib/ser/modules/sl.so"
loadmodule "/tcnet/ser/lib/ser/modules/tm.so"
loadmodule "/tcnet/ser/lib/ser/modules/rr.so"
loadmodule "/tcnet/ser/lib/ser/modules/maxfwd.so"
loadmodule "/tcnet/ser/lib/ser/modules/usrloc.so"
loadmodule "/tcnet/ser/lib/ser/modules/registrar.so"
loadmodule "/tcnet/ser/lib/ser/modules/auth.so"
loadmodule "/tcnet/ser/lib/ser/modules/auth_db.so"
loadmodule "/tcnet/ser/lib/ser/modules/uri.so"
loadmodule "/tcnet/ser/lib/ser/modules/uri_db.so"
loadmodule "/tcnet/ser/lib/ser/modules/nathelper.so"
loadmodule "/tcnet/ser/lib/ser/modules/mediaproxy.so"
loadmodule "/tcnet/ser/lib/ser/modules/textops.so"
loadmodule "/tcnet/ser/lib/ser/modules/avpops.so"
loadmodule "/tcnet/ser/lib/ser/modules/acc.so"
# Modules parameter
# auth_db
modparam("auth_db|uri_db|usrloc", "db_url",
"mysql://ser:pass@localhost/ser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
# mediaproxy
modparam("mediaproxy", "mediaproxy_socket",
"/var/run/proxydispatcher.sock")
modparam("mediaproxy", "natping_interval", 30)
modparam("mediaproxy", "sip_asymmetrics",
"/tcnet/mediaproxy/sip-asymmetrics-clients")
modparam("mediaproxy", "rtp_asymmetrics",
"/tcnet/mediaproxy/rtp-asymmetrics-clients")
# usrloc
modparam("usrloc", "db_mode", 2)
# rr
modparam("rr", "enable_full_lr", 1)
# registrar
modparam("registrar", "nat_flag", 6)
# acc
modparam("acc", "radius_config",
"/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
modparam("acc", "radius_flag", 1)
modparam("acc", "radius_missed_flag", 2)
modparam("acc", "log_fmt", "miocfst")
modparam("acc", "failed_transactions", 1)
# tm
modparam("tm", "fr_inv_timer", 27)
modparam("tm", "fr_inv_timer_avp", "inv_timeout")
# main routing logic
route {
if (method == "BYE" || method == "CANCEL") {
end_media_session();
setflag(1); # accounting
setflag(2); # missed call
};
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
if (method!="ACK") {
sl_send_reply("483", "Too Many Hops");
break;
};
};
if (msg:len > max_len) {
if (method!="ACK") {
sl_send_reply("513", "Message too big");
break;
};
};
if (method!="REGISTER") {
record_route ();
};
if (loose_route()) {
if (method=="BYE" || method=="CANCEL") {
end_media_session();
setflag(1);
setflag(2);
};
if (method=="INVITE" || method=="ACK") {
use_media_proxy();
};
route(1);
break;
};
if (uri == myself) {
if (method == "REGISTER") {
if (search("^(Contact|m):
.*(a)(200\.167\.20\.34|evoip03\.tcnet\.com\.br|sip\.e-voip\.com\.br)")) {
log("LOG: alert: someone trying to set aor==contact\n");
sl_send_reply("476", "No Server Address in Contacts Allowed");
break;
};
route(2); # WWW authentication
if (!save("location")) {
sl_reply_error();
};
break;
};
if (method == "INVITE") {
route(3); # PROXY authentication
if (uri=~"^sip:0") {
route(4); # Asterisk
};
consume_credentials();
#lookup("location");
if (!lookup("location")) {
if (!lookup("aliases")) {
if (uri=~"^sip:[3789][0-9]") {
prefix("035");
route(4); # Asterisk
} else {
sl_send_reply ("404", "Not Found");
break;
};
};
};
setflag(1);
setflag(2);
route(1);
break;
};
};
route(1);
}
# Fix NATED client on reply route.
onreply_route[1] {
if (client_nat_test("1") && status=~"(183)|(2[0-9][0-9])") {
fix_contact();
};
use_media_proxy ();
}
# Normal relay
route[1] {
if (uri =~ "[@:](192\.168\.|10\.|172\.16)" &&
!search("^Route:")) {
sl_send_reply("479", "We don't forward to private IP
addresses");
break;
};
t_on_reply("1");
t_on_failure("1");
if (!t_relay()) {
sl_reply_error();
};
}
# WWW authentication
route[2] {
if (client_nat_test("3")) {
setflag(6);
force_rport();
fix_contact();
};
sl_send_reply("100", "Trying");
if (!www_authorize("", "subscriber")) {
www_challenge("", "0");
break;
};
if (!check_to()) {
sl_send_reply ("401", "Unauthorized");
break;
};
}
# PROXY authentication
route[3] {
if (!proxy_authorize("", "subscriber")) {
proxy_challenge("", "0");
break;
};
}
# Asterisk - E-Voip
route[4] {
t_on_reply("1");
rewritehost("200.167.20.26");
avp_write("i:45", "inv_timeout");
}
failure_route[1] {
end_media_session();
}
#
# $Id: ser.cfg,v 1.25.2.1 2005/02/18 14:30:44 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
# TCNet Configuration
# hostname matching an alias will satisfy the condition uri==myself.
listen="200.167.20.34"
alias="e-voip.com.br"
alias="200.167.20.34"
uid="ser"
gid="ser"
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://ser:pass@localhost/ser"
# Modules
loadmodule "/tcnet/ser/lib/ser/modules/mysql.so"
loadmodule "/tcnet/ser/lib/ser/modules/sl.so"
loadmodule "/tcnet/ser/lib/ser/modules/tm.so"
loadmodule "/tcnet/ser/lib/ser/modules/rr.so"
loadmodule "/tcnet/ser/lib/ser/modules/maxfwd.so"
loadmodule "/tcnet/ser/lib/ser/modules/usrloc.so"
loadmodule "/tcnet/ser/lib/ser/modules/registrar.so"
loadmodule "/tcnet/ser/lib/ser/modules/auth.so"
loadmodule "/tcnet/ser/lib/ser/modules/auth_db.so"
loadmodule "/tcnet/ser/lib/ser/modules/uri.so"
loadmodule "/tcnet/ser/lib/ser/modules/uri_db.so"
loadmodule "/tcnet/ser/lib/ser/modules/nathelper.so"
loadmodule "/tcnet/ser/lib/ser/modules/textops.so"
loadmodule "/tcnet/ser/lib/ser/modules/avpops.so"
loadmodule "/tcnet/ser/lib/ser/modules/acc.so"
# Modules parameter
# auth_db
modparam("auth_db|uri_db|usrloc", "db_url",
"mysql://ser:pass@localhost/ser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
# nathelper
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock",
"unix:/var/run/rtpproxy.sock")
# usrloc
modparam("usrloc", "db_mode", 2)
# rr
modparam("rr", "enable_full_lr", 1)
# registrar
modparam("registrar", "nat_flag", 6)
# acc
modparam("acc", "radius_config",
"/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
modparam("acc", "radius_flag", 1)
modparam("acc", "radius_missed_flag", 2)
modparam("acc", "log_fmt", "miocfst")
modparam("acc", "failed_transactions", 1)
# tm
modparam("tm", "fr_inv_timer", 27)
modparam("tm", "fr_inv_timer_avp", "inv_timeout")
# main routing logic
route {
if (method == "BYE" || method == "CANCEL") {
unforce_rtp_proxy();
setflag(1); # accounting
setflag(2); # missed call
};
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
break;
};
if (msg:len > max_len) {
sl_send_reply("513", "Message too big");
break;
};
if (method!="REGISTER") {
record_route ();
};
if (loose_route()) {
if (method == "BYE") {
setflag(1);
setflag(2);
unforce_rtp_proxy();
};
route(1);
break;
};
if (uri == myself) {
if (method=="INVITE") {
fix_nated_sdp ("1");
};
if (method == "REGISTER") {
if (search("^(Contact|m):
.*(a)(200\.167\.20\.34|evoip03\.tcnet\.com\.br|sip\.e-voip\.com\.br)")) {
log("LOG: alert: someone trying to set aor==contact\n");
sl_send_reply("476", "No Server Address in Contacts Allowed");
break;
};
route(2); # WWW authentication
if (!save("location")) {
sl_reply_error();
};
break;
};
if (method == "INVITE") {
route(3); # PROXY authentication
if (uri=~"^sip:0") {
route(4); # Asterisk
};
consume_credentials();
#lookup("location");
if (!lookup("location")) {
if (!lookup("aliases")) {
if (uri=~"^sip:[3789][0-9]") {
prefix("035");
route(4); # Asterisk
} else {
sl_send_reply ("404", "Not Found");
break;
};
};
};
setflag(1);
setflag(2);
route(1);
break;
};
};
route(1);
}
# Fix NATED client on reply route.
onreply_route[1] {
if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") {
if (!search("Content-Length:[ ]*0")) {
force_rtp_proxy();
};
};
}
# Normal relay
route[1] {
if (uri =~ "[@:](192\.168\.|10\.|172\.16)" &&
!search("^Route:")) {
sl_send_reply("479", "We don't forward to private IP
addresses");
break;
};
t_on_reply("1");
if (isflagset(6) || isflagset(5)) {
log (1, "oi");
force_rtp_proxy ();
};
if (!t_relay()) {
sl_reply_error();
};
}
# WWW authentication
route[2] {
if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) {
setflag(6);
fix_nated_register();
force_rport();
};
sl_send_reply("100", "Trying");
if (!www_authorize("", "subscriber")) {
www_challenge("", "0");
break;
};
if (!check_to()) {
sl_send_reply ("401", "Unauthorized");
break;
};
if (isflagset(5)) {
setflag(6);
};
}
# PROXY authentication
route[3] {
if (nat_uac_test("19")) {
setflag(6);
};
if (!proxy_authorize("", "subscriber")) {
proxy_challenge("", "0");
break;
};
}
# Asterisk - E-Voip
route[4] {
if (isflagset(6)) {
force_rport();
fix_nated_contact();
force_rtp_proxy();
};
t_on_reply("1");
rewritehost("200.167.20.26");
avp_write("i:45", "inv_timeout");
}
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
Maybe someone can help figure out what's going
on.
I'm using the new onsip config (unmodified except IPs & replacing
breaks w/returns).
I'm using mediaproxy for NAT. Everything worked properly prior to
adding the new domain.
I did add the new domain to the domain table, and have loaded the
domain module with modparams as follows.
modparam("domain", "db_url",
"mysql://openser:mypass@myhost/openser")
modparam("domain", "db_mode", 1)
modparam("domain", "domain_table", "domain")
modparam("domain", "domain_col", "domain")
Existing domain: sip1.mydomain.com
New domain: sip1.mydomain.com
user1: X-Lite (behind NAT)
private-IP (192.168.x.x)
Registers using domain sip1.mydomain.com
user2: Linksys PAP2-NA
public-IP (same subnet as Utsarcom)
Registers using domain sip1.mydomain.com
user3: Utstarcom iAN-02EX
public-IP (63.225.x.x)
Registers using domain sip2.mydomain.com
Here is what happens now...
- All users can register fine.
- user1 & user2 can only receives calls from user3 (can't call others
or pstn , 407 Proxy Auth Required)
- user3 is the only one who can call others (calls to user1,user2, &
pstn are fine)
It's probably just something simple I missed, but I can't seem to
figure it out. As always, thanks for your assistance.
- Daryl
------------------------------
Message: 5
Date: Sat, 12 Nov 2005 17:02:34 -0500
From: "sip" <sip(a)arcdiv.com>
Subject: Re: [Serusers] Question Compiling acc.so
To: "Leo Papadopoulos" <leo(a)telecomcto.com>om>,
<serusers(a)lists.iptel.org>
Message-ID: <20051112215625.M80825(a)infinideas.com>
Content-Type: text/plain; charset=iso-8859-1
It's actually pretty easy to just recompile/install a module at a time.
The
recompilation part is in the docs (INSTALL file).
Basically, from the root directory of your source code...
make modules=modules/acc modules
That would recompile the acc module. My recommendation, however, is to go
INTO the src/modules/acc directoy and do a make clean (it will whine about
how
you should run this from the root directory, but
ignore that -- that's
just a
stock message and doesn't pertain to make cleans).
THEN recompile the
module
from the root of the src tree to make sure any stale
object files are no
longer lying about mucking up your recompile.
Once it's been compiled, stop ser (important step), and just copy the
resulting .so (which will be in the modules/acc directory) file into the
/usr/local/lib/ser/modules directory and you're good to go.
Restart ser and watch for weird error messages in the log. :)
STOPPING ser is very important if you're replacing one of its modules, or
it
will panic, die, and leave a bunch of core files
sitting in your / tree.
Always messy.
N.
On Sat, 12 Nov 2005 10:26:34 -0500, Leo Papadopoulos wrote
my SIP
UAs and have to put the host name of my SER server to get them to log
in, even though I set the environment variable for the SIP domain of the
server to my domain. Do you think that it might be related?
Dear serusers,
I am running ser 0.9.3
I want to enable the accounting package to write to MySQL. I realize
I need to recompile to do this.
Can I just compile ONLY the acc and somehow install this acc module?
If so, how? Is it just easier or better to recompile all of SER?
________________________________
Telecom CTO
Leo Papadopoulos
10 Old Stone Court
Ridgefield, CT 06877
Tel: 203-438-8117
Cell: 203-788-6364
E-mail: leo(a)telecomCTO.com
Web site: www.telecomCTO.com
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
------------------------------
Message: 6
Date: Sat, 12 Nov 2005 17:50:37 -0700
From: George Lambson <LambsonGE(a)mtc.byu.edu>
Subject: Re: [Serusers] mediaproxy for incoming
To: greger(a)teigre.com
Cc: serusers(a)lists.iptel.org
Message-ID: <s3762bd8.008(a)mtcemail.mtc.byu.edu>
Content-Type: text/plain; charset=US-ASCII
Any idea what I might be doing wrong?
I have had some issues with setting up the served domain. I use x-lite for
Thanks,
George
me
>> "Greger V. Teigre"
<greger(a)teigre.com> 11/11/2005 12:19:59 AM >>>
I believe the
standard NAT traversal configs from onsip.org should handle
that.
g-)
----- Original Message -----
From: "George Lambson" <LambsonGE(a)mtc.byu.edu>
To: <serusers(a)lists.iptel.org>
Sent: Friday, November 11, 2005 12:51 AM
Subject: [Serusers] mediaproxy for incoming
> Is anyone using mediaproxy for INCOMING calls?
>
> What I mean is: is SER capable of accepting INVITE messages from an
> unregistered UA that is behind a NAT Firewall and connecting them with a
> registered UA?
>
> I would like to be able to receive incoming calls for my domain from
> anyone on the internet and connect them to the proper user. Please tell anyone if you
are successfully doing this.
Thanks,
George
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
------------------------------
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
End of Serusers Digest, Vol 31, Issue 15
****************************************
6953
days inactive
6953
days old
0 comments
1 participants
participants (1)
-
Elangainesan Shanmugam