If it helps any bit: I got the following errors from /var/log/messages:
mod_init(): Unable to bind database module init_mod(): Error while initialising module auth_db
Does anyone know how the above can be solved?...Im not that familiar with linux so if I have to modify something, please make the instructions as basic as possible!
Always apprecitive of help, Aisling.
---- Original Message ---- From: ashling.odriscoll@cit.ie To: serusers@iptel.org Subject: FW: SER Authentication Prob Date: Mon, 24 Jan 2005 19:26:13 -0000
Hi all,
Hope somebody can help-I really am stumped as to why this won't work and would really appreciate if someone could shed some light on the problem....
I currently have SER set up and clients are registering successfully. However I want clients to authenticate before they can register. Howevere when I uncomment the relevant lines in the ser.cfg file, my clients can't register. The only thing I can think of is that SER is behind NAT and my clients may/may not be behind NAT....I have included my ser.cfg file below...I have spent along time trying to understand why this is happening so any help will be appreciated!
Thanks, Aisling.
# # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script #
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 #children=4 fifo="/tmp/ser_fifo"
alias=84.203.148.14
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database #loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/nathelper.so" #loadmodule "/usr/lib/ser/modules/mediaproxy.so" loadmodule "/usr/lib/ser/modules/textops.so" #loadmodule "/usr/lib/ser/modules/maxfwd.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! #loadmodule "/usr/lib/ser/modules/auth.so" #loadmodule "/usr/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
#!!Nathelper #modparam("registrar","nat_flag",6) #modparam("nathelper","natping_interval",30) #Ping intervals 30 seconds #modparam("nathelper","ping_nated_only",1) #Ping only clinets behind NAT
# -------------------------request routing logic-------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; };
#############Aisling Insert################ # #!Nat Insert # #the below line tests if the IP of the received packet is different from the IP in the via header and also # #sees if the IP address in the contact header is private # if (nat_uac_test("3")){ # if (method == "REGISTER" || ! search("^Record-Route:")){ # log("Log: Someone trying to register from private IP,rewriting\n"); # # fixed_nated_contact(); #Rewrite contact with source IP # if (method == "INVITE"){ # fix_nated_sdp("1"); #Add direction=active to SDP # }; # force_rport(); # Add rport parameter to topmost Via # setflag(6); # Mark as Nated # }; # }; ###################End#####################
# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol
if (!method == "REGISTER") record_route();
# loose-route processing if (loose_route()) { t_relay(); break; };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication # if (!www_authorize("84.203.148.14", "subscriber")) { # www_challenge("84.203.148.14", "0"); # break; # }; save("location"); break; };
# native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; };
#inserted by klaus if (method == "INVITE"){ record_route(); force_rtp_proxy(); /* set up reply processing*/ t_on_reply("1"); };
# forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); };
}
#insert by klaus
onreply_route[1]{ if (status=~"[12][0-9][0-9]") force_rtp_proxy(); }
#route[1] #{ #if client or server know to be behind NAT, enable relay # if (isflagset(6)){ # force_rtp_proxy(); # }; # # #NAT processing of replies; apply to all transaction (for example, # #reinvites from public to private UA are hard to identify as # #Nated at the moment of request processing); look at replies # t_on_reply("1"); # # #send it out now; use stateful forwarding as it works reliably # #even for UDP2TCP # if(!t_relay()){ # sl_reply_error(); # }; #}
#!!NatHelper
#onreply_route[1]{ #Nated Transaction?? #if (isflagset(6) && status =~ "(183)\2[0-9][0-9]"){ # #fixed_nated_contact(); # force_rtp_proxy(); # } #else if (nat_uac_test("1")){ # fix_nated_contact(); # }; #}
-------------------Legal Disclaimer---------------------------------------
The above electronic mail transmission is confidential and intended only for the person to whom it is addressed. Its contents may be protected by legal and/or professional privilege. Should it be received by you in error please contact the sender at the above quoted email address. Any unauthorised form of reproduction of this message is strictly prohibited. The Institute does not guarantee the security of any information electronically transmitted and is not liable if the information contained in this communication is not a proper and complete record of the message as transmitted by the sender nor for any delay in its receipt.
the config you posted does not match the errors which say that the auth_db module can't find a database module. But in you config the line loadmodule "/usr/lib/ser/modules/auth_db.so" is commented, so the auth_db shouldn't be loaded.
Anyhow, you need loadmodule "/usr/lib/ser/modules/mysql.so" to load mysql database module.
Daniel
On 01/25/05 10:53, Ashling O'Driscoll wrote:
If it helps any bit: I got the following errors from /var/log/messages:
mod_init(): Unable to bind database module init_mod(): Error while initialising module auth_db
Does anyone know how the above can be solved?...Im not that familiar with linux so if I have to modify something, please make the instructions as basic as possible!
Always apprecitive of help, Aisling.
---- Original Message ---- From: ashling.odriscoll@cit.ie To: serusers@lists.iptel.org Subject: FW: SER Authentication Prob Date: Mon, 24 Jan 2005 19:26:13 -0000
Hi all,
Hope somebody can help-I really am stumped as to why this won't work and would really appreciate if someone could shed some light on the problem....
I currently have SER set up and clients are registering successfully. However I want clients to authenticate before they can register. Howevere when I uncomment the relevant lines in the ser.cfg file, my clients can't register. The only thing I can think of is that SER is behind NAT and my clients may/may not be behind NAT....I have included my ser.cfg file below...I have spent along time trying to understand why this is happening so any help will be appreciated!
Thanks, Aisling.
# # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script #
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 #children=4 fifo="/tmp/ser_fifo"
alias=84.203.148.14
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database #loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/nathelper.so" #loadmodule "/usr/lib/ser/modules/mediaproxy.so" loadmodule "/usr/lib/ser/modules/textops.so" #loadmodule "/usr/lib/ser/modules/maxfwd.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! #loadmodule "/usr/lib/ser/modules/auth.so" #loadmodule "/usr/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
#!!Nathelper #modparam("registrar","nat_flag",6) #modparam("nathelper","natping_interval",30) #Ping intervals 30 seconds #modparam("nathelper","ping_nated_only",1) #Ping only clinets behind NAT
# -------------------------request routing logic-------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; };
#############Aisling Insert################ # #!Nat Insert # #the below line tests if the IP of the received packet is different from the IP in the via header and also # #sees if the IP address in the contact header is private # if (nat_uac_test("3")){ # if (method == "REGISTER" || ! search("^Record-Route:")){ # log("Log: Someone trying to register from private IP,rewriting\n"); # # fixed_nated_contact(); #Rewrite contact with source IP # if (method == "INVITE"){ # fix_nated_sdp("1"); #Add direction=active to SDP # }; # force_rport(); # Add rport parameter to topmost Via # setflag(6); # Mark as Nated # }; # }; ###################End#####################
# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol
if (!method == "REGISTER") record_route();
# loose-route processing if (loose_route()) { t_relay(); break; };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") {# Uncomment this if you want to use digest authentication # if (!www_authorize("84.203.148.14", "subscriber")) { # www_challenge("84.203.148.14", "0"); # break; # }; save("location"); break; };
# native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; };};
#inserted by klaus if (method == "INVITE"){ record_route(); force_rtp_proxy(); /* set up reply processing*/ t_on_reply("1"); };
# forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); };
}
#insert by klaus
onreply_route[1]{ if (status=~"[12][0-9][0-9]") force_rtp_proxy(); }
#route[1] #{ #if client or server know to be behind NAT, enable relay # if (isflagset(6)){ # force_rtp_proxy(); # }; # # #NAT processing of replies; apply to all transaction (for example, # #reinvites from public to private UA are hard to identify as # #Nated at the moment of request processing); look at replies # t_on_reply("1"); # # #send it out now; use stateful forwarding as it works reliably # #even for UDP2TCP # if(!t_relay()){ # sl_reply_error(); # }; #}
#!!NatHelper
#onreply_route[1]{ #Nated Transaction?? #if (isflagset(6) && status =~ "(183)\2[0-9][0-9]"){ # #fixed_nated_contact(); # force_rtp_proxy(); # } #else if (nat_uac_test("1")){ # fix_nated_contact(); # }; #}
-------------------Legal Disclaimer---------------------------------------
The above electronic mail transmission is confidential and intended only for the person to whom it is addressed. Its contents may be protected by legal and/or professional privilege. Should it be received by you in error please contact the sender at the above quoted email address. Any unauthorised form of reproduction of this message is strictly prohibited. The Institute does not guarantee the security of any information electronically transmitted and is not liable if the information contained in this communication is not a proper and complete record of the message as transmitted by the sender nor for any delay in its receipt.
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Uncomment auth, auth_db and mysql.so to make mysql auth work. You must fist create Ser dbs with ser_mysql.sh. See if they were created before you try ser.cfg configuration, otherwise, there'll be an error again.
Best Regards. Felipe Martins
On Tue, 25 Jan 2005 09:53:49 -0000 "Ashling O'Driscoll" ashling.odriscoll@cit.ie wrote:
If it helps any bit: I got the following errors from /var/log/messages:
mod_init(): Unable to bind database module init_mod(): Error while initialising module auth_db
Does anyone know how the above can be solved?...Im not that familiar with linux so if I have to modify something, please make the instructions as basic as possible!
Always apprecitive of help, Aisling.
---- Original Message ---- From: ashling.odriscoll@cit.ie To: serusers@lists.iptel.org Subject: FW: SER Authentication Prob Date: Mon, 24 Jan 2005 19:26:13 -0000
Hi all,
Hope somebody can help-I really am stumped as to why this won't work and would really appreciate if someone could shed some light on the problem....
I currently have SER set up and clients are registering successfully. However I want clients to authenticate before they can register. Howevere when I uncomment the relevant lines in the ser.cfg file, my clients can't register. The only thing I can think of is that SER is behind NAT and my clients may/may not be behind NAT....I have included my ser.cfg file below...I have spent along time trying to understand why this is happening so any help will be appreciated!
Thanks, Aisling.
# # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script #
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 #children=4 fifo="/tmp/ser_fifo"
alias=84.203.148.14
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database #loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" loadmodule "/usr/lib/ser/modules/nathelper.so" #loadmodule "/usr/lib/ser/modules/mediaproxy.so" loadmodule "/usr/lib/ser/modules/textops.so" #loadmodule "/usr/lib/ser/modules/maxfwd.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! #loadmodule "/usr/lib/ser/modules/auth.so" #loadmodule "/usr/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
#!!Nathelper #modparam("registrar","nat_flag",6) #modparam("nathelper","natping_interval",30) #Ping intervals 30 seconds #modparam("nathelper","ping_nated_only",1) #Ping only clinets behind NAT
# -------------------------request routing logic-------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; };
#############Aisling Insert################ # #!Nat Insert # #the below line tests if the IP of the received packet is different from the IP in the via header and also # #sees if the IP address in the contact header is private # if (nat_uac_test("3")){ # if (method == "REGISTER" || ! search("^Record-Route:")){ # log("Log: Someone trying to register from private IP,rewriting\n"); # # fixed_nated_contact(); #Rewrite contact with source IP # if (method == "INVITE"){ # fix_nated_sdp("1"); #Add direction=active to SDP # }; # force_rport(); # Add rport parameter to topmost Via # setflag(6); # Mark as Nated # }; # }; ###################End#####################
# we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol
if (!method == "REGISTER") record_route();
# loose-route processing if (loose_route()) { t_relay(); break; };
# if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) {
if (method=="REGISTER") {# Uncomment this if you want to use digest authentication # if (!www_authorize("84.203.148.14", "subscriber")) { # www_challenge("84.203.148.14", "0"); # break; # }; save("location"); break; };
# native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; };};
#inserted by klaus if (method == "INVITE"){ record_route(); force_rtp_proxy(); /* set up reply processing*/ t_on_reply("1"); };
# forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); };
}
#insert by klaus
onreply_route[1]{ if (status=~"[12][0-9][0-9]") force_rtp_proxy(); }
#route[1] #{ #if client or server know to be behind NAT, enable relay # if (isflagset(6)){ # force_rtp_proxy(); # }; # # #NAT processing of replies; apply to all transaction (for example, # #reinvites from public to private UA are hard to identify as # #Nated at the moment of request processing); look at replies # t_on_reply("1"); # # #send it out now; use stateful forwarding as it works reliably # #even for UDP2TCP # if(!t_relay()){ # sl_reply_error(); # }; #}
#!!NatHelper
#onreply_route[1]{ #Nated Transaction?? #if (isflagset(6) && status =~ "(183)\2[0-9][0-9]"){ # #fixed_nated_contact(); # force_rtp_proxy(); # } #else if (nat_uac_test("1")){ # fix_nated_contact(); # }; #}
-------------------Legal Disclaimer---------------------------------------
The above electronic mail transmission is confidential and intended only for the person to whom it is addressed. Its contents may be protected by legal and/or professional privilege. Should it be received by you in error please contact the sender at the above quoted email address. Any unauthorised form of reproduction of this message is strictly prohibited. The Institute does not guarantee the security of any information electronically transmitted and is not liable if the information contained in this communication is not a proper and complete record of the message as transmitted by the sender nor for any delay in its receipt.
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Ashling O'Driscoll -
Daniel-Constantin Mierla -
Felipe Martins