sr-users December 2004

sr-users@lists.kamailio.org

184 participants
400 discussions

by Girish

Hi all, I have seen a problem(?) with adding headers to sip messages using append_hf. SER never allowed me to add a new header after proxy-authorization is enabled for INVITEs. In normal cases it permits me to add custom headers. But, the following piece of code never worked: if (!radius_proxy_authorize("")) { proxy_challenge("", "0"); break; } prefix ("12345678"); append_hf ("Credit-Time: 360\r\n"); After spending some time with this, i was able to add the header like this: if (!radius_proxy_authorize("")) { proxy_challenge("", "0"); break; } if (is_present_hf ("Proxy-Authorization")){ remove_hf ("Proxy-Authorization"); } prefix ("12345678"); append_hf ("Credit-Time: 360\r\n"); Any specific reason for this behaviour? Can anyone shed some light on why SER is not allowing me to add new headers when there is a Proxy-Authorization header present? Thanks, ===== Girish Gopinath <gr_sh2003(a)yahoo.com> __________________________________ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail

19 years, 5 months

[Serusers] serweb error when access login page

by support

Hi, When I try to access the serweb admin login page or user login page, I encounter the error and cannot access it: Database error: pconnect(officehk123.vttsys.com, ser, $Password) failed. MySQL Error: () Session halted. What is the problem of my setting? Thank you. Thomas

19 years, 5 months

[Serusers] problem in parsing header fields.

by Rajendrakumar Veerappan

Hello All, I am using compiled version of SER from the development tree. While i started my proxy, i keepon receiving the following error message. 6(32094) ERROR: CSeq EoL expected 6(32094) ERROR: parse_cseq: bad cseq 6(32094) ERROR: get_hdr_field: bad cseq 6(32094) ERROR: bad header field 6(32094) ERROR: build_res_buf_from_sip_req: alas, parse_headers failed 7(32097) ERROR: CSeq EoL expected 7(32097) ERROR: parse_cseq: bad cseq 7(32097) ERROR: get_hdr_field: bad cseq 7(32097) ERROR: bad header field 7(32097) find_first_route(): Error while parsing headers could anybody helpme out. Raj.

19 years, 5 months

[Serusers] RTPProxy issues

by Ezequiel Colombo

Hi, i am testing RTPProxy with SER-0.8.14-4 and have 2 questions. First, for what reason nathelper module insert "a=nortpproxy:yes" to SDP when use force_rtp_proxy() ??? This cause UACs like Azatel and Cisco IOS warning about this unknown attribute. And the other, i see in my ser logs a message like: "ERROR: send_rtpp_command: can't read reply from a RTP proxy" when use unforce_rtp_proxy() Thanks Ezequiel Colombo

19 years, 5 months

[Serusers] hijack another account

by kcassidy＠kakelma.mine.nu

Hi All, I found an interesting problem. Set up is using xlite, SER 0.8.12 with digest authentication enabled. I just realized that after I get registered with account A. Then change the "username" (keep authorization user to A) in Xlite to someone's SIP account (B). I can make calls using B's credits while registration I'm using is still A's. Is there a way to fix this? In xlite you have parameters: Username: (use for actual call, pass on to GW (e.g. pstn) Authorization User: (use for registration) Password: (use for registration)

19 years, 5 months

[Serusers] Splitting NAT traversal from proxy functionality

by Klaus Darilion

Hi all! This is a "request for comments" and I would be happy If you give me your opinions. And maybe we could see some of the results in ser. :-) When configuring ser (editing the ser.cfg), IMO a big problem is the mixture of routing logic and NAT traversal. Every time I think about routing policies (inbound, outbound, in-dialog, out-dialog ...) I always have to take care about the NAT traversal. ser.cfg would be much easier to handle if we do not have to take care about NAT traversal. Therefore, already several companies use dedicated NAT traversal devices which will be configured as outbound proxy in the user agents (eg. Jasomi Peer Point). I want to use another ser instance as dedicated outbound proxy - that is NAT traversal and nothing more (maybe some kind of protection using the permissions and pike modules). AFAIK this is not possible with current ser out-of-the-box. If this is wrong, please correct me and ignore the rest of this email. I came up with 2 solutions for this problem: 1. Using the "Path:" header as described in RFC3327 2. Enhance ser to rewrite the Contact: in the outbound proxy, store the real contact, and forward to the main proxy. Now, a bit more detailed for the follwing setup: UA1 -- OBProxy -- mainProxy -- ..... UA2 1. During registration, the OBP adds an "Path:" header with its SIP URI to the REGISTER message. The mainProxy does not only save the AOR and the Contact: URI, but also the Path: headers. If the main proxy "lookup()" the contact of UA1, it also retrieves the stored Path and creates the Route: headers. Therefore, the OBP stays always in the signaling path for out-dialog transactions. To stay also in the signaling path for in-dialog transaction, RecordRoute will be used (as usual). Advantages: The OBProxy does not have to save()/lookup(), therefore no kind of storage is required. Will be needed for 3GPP. Disadv: The UA has to send keep-alive messages (CRLF) to keep the NAT binding alive. Todo: save() must also save the "Path", lookup() must retrieve the "Path" and add it to the "Route". Adding the Path header can be done by a new function or using "subst/append_hf". 2. The outbound proxy receives a REGISTER with e.g. Contact: <sip:klaus@10.0.0.4:5060>. First it uses fix_nated_contact: => Contact: <sip:klaus@1.2.3.4:4321>. Then it creates a new contact URI which uses the fixed contact as username and the IP Address of the OBP as domain part, e.g: Contact: <sip:klaus%401.2.3.4%3A4321@5.6.7.8> Then, the outbound proxy saves in the location table the fixed contact and the modified contact (instead of the AOR) and then it forwards the modified REGISTER to the mainProxy. Now, the main proxy will store <sip:klaus%401.2.3.4%3A4321@5.6.7.8> as contact for the AOR of UA1. Thus, if the main proxy makes a "lookup()", it will forward the requests to the OBP. Then the OBP also makes a lookup and retreives the fixed contact address. Todo: create a new "save_obp" function which rewrites the contact and stores the fixed and new contact (instead of fixed contact and AOR). What do you think about this? (I prefer Version 1) I think this will be a good enhancement to ser and should not be that hard to implement. regards, Klaus

19 years, 5 months

[Serusers] error: uac does not spread accross the whole hash table

by Rao

I am getting following error on 0.8.12 release on solaris Nov 30 15:16:04 serz ./ser[19619]: [ID 767465 daemon.warning] Warning: uac does not spread accross the whole hash table Looking at the code: #define RAND_MAX 32767 And /* always use a power of 2 for hash table size */ #define T_TABLE_POWER 16 #define TABLE_ENTRIES (1 << (T_TABLE_POWER)) == 64K int uac_init(void) { str src[3]; if (RAND_MAX < TABLE_ENTRIES) { LOG(L_WARN, "Warning: uac does not spread " "accross the whole hash table\n"); } <....> } So it seems that this condition will always be true. Which seems like a bug in uac.c. However I don't always see the error message even though tm module is always loaded sny ideas why ? Also I dont see any serious operational issues due to this warning. Is that correct? Thanks. Rao. __________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com

19 years, 5 months

[Serusers] Ser crush

by Mike Tkachuk

Hello All, I'm using ser 0.8.14 release from tarball. version: 0.8.14 (i386/freebsd) flags: STATS:Off, USE_IPV6, USE_TCP, DISABLE_NAGLE, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535 @(#) $Id: main.c,v 1.168.4.3 2004/06/28 15:41:21 andrei Exp $ main.c compiled on 17:34:33 Aug 5 2004 with gcc 3.3 And I have some problems with it - it crush sometimes (I think I can reproduce it.) GDB message: Core was generated by `ser'. Program terminated with signal 11, Segmentation fault. Reading symbols from /lib/libc.so.5...done. ___CUTED__ Reading symbols from /libexec/ld-elf.so.1...done. Loaded symbols for /libexec/ld-elf.so.1 #0 0x2a1beed5 in clone_authorized_hooks (new=0x28338808, old=0x80cc750) at sip_msg.c:233 233 ((struct auth_body*)new->proxy_auth->parsed)->authorized = new_ptr; I want to ask, is someone faced with this problem, if yes, is it fixed in CVS 0.8.14 branch? Thank you for help. P.S. I can provide core dumps if someone interesting, also if I will be able to reproduce it, I can dump all SIP signaling. ~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,. Mike Tkachuk, ph:380-3433-47067 YES ISP, fx:380-3433-47067 Valova 17, mike|a|yes.net.ua Kolomyia, www.yes.net.ua Ukraine 78200 FWD: 66518 01.12.2004 ICQ# 57698805 MSN: mike_tkachuk|a|hotmail.com ~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,.

19 years, 5 months

[Serusers] Forwarding to backup gateway

by David Filion

Hi, At work are planning to use SER to route traffic between a pstn gateway, Asterisk, and direct lookups. We would like to set up the routing to try a second gateway if it cannot contact the primary gateway. Below is the config file and attached is the output from a sample session. Ideally, we would like to see If( ! forward to GW2) Forward(GW1); } >From what I've read in the archives, forward() cannot be used (yes, I tried it anyway:-) ). The config below does get to the failure_route but at that point two errors appear: 1(21749) ERROR: t_forward_nonack: no branched for fwding 1(21749) ERROR: failure_route: t_relay_to failed Any tips/pointers? David # ----------- global configuration parameters ------------------------ listen=XXX.XXX.XXX.XXX alias=XXX.com alias=XXX.XXX.com #debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode */ debug=7 fork=no log_stderror=yes check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # -- tm params -- #modparam("tm", "fr_timer", 10) modparam("tm", "fr_inv_timer", 15) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication # if (!www_authorize("iptel.org", "subscriber")) { # www_challenge("iptel.org", "0"); # break; # }; save("location"); break; }; if (method=="INVITE") { # local user ids if (uri=~"^sip:1[0-9][0-9][0-9][0-9][0-9][0-9]@") { forward("sip.dotality.com"); break; }; # Phone #s if (uri=~"^sip:[2-9][0-9][0-9][0-9][0-9][0-9][0-9]@") { log("---> TRYING GW2 <---\n"); t_on_failure("1"); t_relay_to_udp("gw2","5060"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); }; }; }; } # Fallback route for pstn gateways. failure_route[1] { log("---> TRYING GW1 <---\n"); t_relay_to_udp("GW1","5060"); break; }

19 years, 5 months

[Serusers] Forward to Quintum GW - One way audio

by Pavel Siderov

Hi guys, I have a strange problem when tying to forward call to Quintum gw. Callee is hearing what I speak but I don't hear anything. Forwarding to another SER is ok. Both - users with real ips and natted. Somebody can help me? Here is my config file: debug=10 # debug level (cmd line: -dddddddddd) #fork=yes log_stderror=yes # (cmd line: -E) /* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" #fork=no # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/textops.so" loadmodule "/usr/local/lib/ser/modules/domain.so" loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" loadmodule "/usr/local/lib/ser/modules/acc.so" loadmodule "/usr/local/lib/ser/modules/group.so" loadmodule "/usr/local/lib/ser/modules/nathelper.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://ser:heslo@192.168.2.15/ser") modparam("usrloc","user_column","username") modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("rr", "enable_full_lr", 1) #modparam("acc", "db_url", "mysql://ser:heslo@192.168.2.15/ser") #modparam("acc", "log_level", 2) #modparam("acc", "log_flag", 3) #modparam("acc", "log_level", 1) # number of flag, which will be used for accounting; if a message is # labeled with this flag, its completion status will be reported modparam("acc", "log_flag", 1) modparam("acc", "log_fmt", "cdfimorstup") modparam("acc", "db_url", "mysql://ser:heslo@192.168.2.15/ser") modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 1) modparam("acc", "log_missed_flag", 1) #modparam("acc", "report_cancels", 1) modparam("acc", "report_ack", 1) #modparam("mediaproxy", "mediaproxy_socket", "/var/run/proxydispatcher.sock") #modparam("mediaproxy", "natping_interval", 20) modparam("nathelper","rtpproxy_sock", "/var/run/rtpproxy.sock") modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) listen=193.2.6.17 # ------------------------- request routing logic ------------------- # main routing logic route{ if (!mf_process_maxfwd_header("70")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; if (nat_uac_test("3")) { if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(6); # Mark as NATed }; }; if (!method=="REGISTER") record_route(); if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri==myself) { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("193.2.6.17", "subscriber")) { www_challenge("193.2.6.17", "0"); break; }; save("location"); break; }; lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; if (uri=~"^sip:[1-9]*@193.2.6.17") { # QUINTUM GW rewritehost("194.24.1.6"); append_branch("194.24.1.6"); # t_relay_to_udp("194.24.1.6", "5060"); t_relay(); rewritehostport("194.24.1.6:5060"); append_hf("P-hint: VoipSwitch GATEWAY"); break; } } else { if (uri=~"^sip:[0]*@193.2.6.17") { ### Other SER setflag(1); rewritehostport("bla.mydomain.com:5060"); append_branch("bla.mydomain.com"); t_relay(); break; }; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; # }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; } # !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; } Thanks In Advance! Pavel Siderov

19 years, 5 months

← Newer
1
...
32
33
34
35
36
37
38
39
40
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users December 2004