sr-users June 2004

sr-users@lists.kamailio.org

176 participants
387 discussions

by Peter Boot

I am having trouble with getting messaging between two SIP clients each behind difference NATs, each making connection to SER using STUN. The clients are reaching each other successfully for the INVITE, ACK, REQUEST BYE messaging but during the call the clients are attempting to reach each other on their private IPs ie IPs behind their NATs. Is there a config alteration that I should make to fix ? Or am I looking in the wrong place ? My ser.cfg is below, thanks in advance Peter # ----------- global configuration parameters ------------------------ debug=7 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=no # (cmd line: -E) # Uncomment these lines to enter debugging mode #fork=no #log_stderror=yes check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/ser_fifo" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/acc.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/textops.so" loadmodule "/usr/local/lib/ser/modules/vm.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" # Transaction Module Params modparam("tm", "fr_inv_timer", 90) # Acounting Module Params # set the reporting log level modparam("acc", "log_level", 1) # number of flag, which will be used for accounting; if a message is labeled with this flag, its completion status will be reported modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "db_url", "mysql://xxx:xxx@localhost/ser") modparam("acc", "db_flag", 11) modparam("acc", "db_missed_flag", 12) modparam("acc", "failed_transactions", 1) # !! Nathelper loadmodule "/usr/local/lib/ser/modules/nathelper.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # !! Nathelper modparam("registrar", "nat_flag", 6) modparam("nathelper", "natping_interval", 30) # Ping interval 30 s modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind NAT # ------------------------- request routing logic ------------------- # main routing logic route{ /* ********* ROUTINE CHECKS ********************************** */ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if (msg:len >= max_len ) { sl_send_reply("513", "Message too big"); break; }; # Process record-routing #if (loose_route()) { t_relay(); break; }; # labeled all transaction for accounting setflag(11); # record-route INVITES to make sure BYEs will visit our server too if (method=="INVITE") record_route(); # forward the request statefuly now; (we need *stateful* forwarding, # because the stateful mode correlates requests with replies and # drops retranmissions; otherwise, we would have to report on # every single message received) /* if (!t_relay()) { sl_reply_error(); break; }; */ # !! Nathelper # Special handling for NATed clients; first, NAT test is # executed: it looks for via!=received and RFC1918 addresses # in Contact (may fail if line-folding is used); also, # the received test should, if completed, should check all # vias for rpesence of received if (nat_uac_test("3")) { # Allow RR-ed requests, as these may indicate that # a NAT-enabled proxy takes care of it; unless it is # a REGISTER if (method == "REGISTER" || ! search("^Record-Route:")) { log("LOG: Someone trying to register from private IP, rewriting\n"); # This will work only for user agents that support symmetric # communication. We tested quite many of them and majority is # smart enough to be symmetric. In some phones it takes a configuration # option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is # called "symmetric media" and "symmetric signalling". fix_nated_contact(); # Rewrite contact with source IP of signalling if (method == "INVITE") { fix_nated_sdp("1"); # Add direction=active to SDP }; force_rport(); # Add rport parameter to topmost Via setflag(11); # Mark as NATed }; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); break; }; if (!uri=~"xxx.com.au") { # mark routing logic in request append_hf("P-hint: outbound\r\n"); route(1); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri=~"xxx.com.au") { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("xxx.com.au", "subscriber")) { www_challenge("xxx.com.au", "0"); break; }; save("location"); break; }; lookup("aliases"); if (!uri=~"xxx.com.au") { append_hf("P-hint: outbound alias\r\n"); route(1); break; }; # attempt handoff to PSTN ## This assumes that the caller is registered in our realm if (uri=~"^sip:[0-9]*@sip.xxx.com.au") { log("Forwarding to PSTN\n"); t_relay_to_udp( "xxx.xxx.xxx.xxx", "xxx"); ## Our Cisco router break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Foundx"); break; }; }; append_hf("P-hint: usrloc applied\r\n"); route(1); } route[1] { # !! Nathelper /* if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")){ sl_send_reply("479", "We don't forward to private IP addresses"); break; }; */ # if client or server know to be behind a NAT, enable relay if (isflagset(6)) { force_rtp_proxy(); }; # NAT processing of replies; apply to all transactions (for example, # re-INVITEs from public to private UA are hard to identify as # NATed at the moment of request processing); look at replies t_on_reply("1"); # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; } # !! Nathelper onreply_route[1] { # NATed transaction ? if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { fix_nated_contact(); force_rtp_proxy(); # otherwise, is it a transaction behind a NAT and we did not # know at time of request processing ? (RFC1918 contacts) } else if (nat_uac_test("1")) { fix_nated_contact(); }; } --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.698 / Virus Database: 455 - Release Date: 6/2/2004

20 years, 1 month

[Serusers] help on ser sip server

by yahia wassim

dear all, i have some problems with the sip ser server. * i've tried to register to the iptel.org public server with an instant messaging client (jain-sip client) and it works. but when sending a message to another client registred with the same server i've the 202 response (accepted for later delivery) instead of 200 ok response. the real problem is when using the web interface of the iptel.org server for instant messaging to send a message to my jain-sip client i had a 404 rsponse (not found). * i used another client to register with the iptel.org server. it was the sip-communicator for multimedia communications. it comes to register with the proxy correctly. but when i dial up a number (sip address) to contact another client and invite him to share a session and i have the same response 404 not found. * i've tried to install the ser server on my machine and to use it as a local server. when sending a register request to this server it loops back on itself (by adding the via header field corresponding to its sip address) and it generate a response : to many hops 483. could someone help me to resolve one of these problems at least... thanks for all. Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout ! Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/ Dialoguez en direct avec vos amis grâce à Yahoo! Messenger !Téléchargez Yahoo! Messenger sur http://fr.messenger.yahoo.com

20 years, 1 month

[Serusers] Problems with GS hard phones( latest firmware)

by Habiyakare Aimable

Hi all We are having problems with our Grandstream BT100 and handytones phones with the latest firmware. Those phones with firmware 1.0.4.50 the server is able to talk to them and there is no one way audio problem For softphones there is no such problem For phones with the latest firmware (1.0.5) there is one way audio. When I send an OPTIONS SIP method to one of them I get 400 (Bad Request) from those phone while when I do the same thing on a phone with previous version I get 200 OK message . Here is a sipsak trace to the phone # 04400112 which has 1.0.5 firmware As you can see it the last message received is 400 (Bad Request) while it should be 200 OK as the message below This message was sent to 04400202 which is a handytone 286 with 1.0.4.5 firmware I am able to call the phone below and from these two to any other softphone but the one above gives me one audio And again the HandyTones I talked about last time still do not work. Any idea of what is wrong? Regards,

20 years, 1 month

[Serusers] Problems Following upgrade to MySQL 4.0.20

by Shad Mortazavi

Dear Group, I got a copy of ser + sems + serweb and voicemail working, thanks to some great input from the group. I saw that there was error 77 on the missed calls page on serweb. I understood from the user group that this is due to a missing function in version 3.1.x of Mysql. I upgraded my MySQL version 4.0.22. I booted ran the fix privileges routine as advised. MySQL started. I then started my testing and now my Voice Mail and Forwarding to my Asterisk Box are broken ☹. I can see from the debug(below) that the system can no longer find the user in the voicemail group? So there is some change in the table/db or the interaction of the script with the DB. I tried dropping the DB, recreating is with the ser_mysql.sh command, and reading the users and I keep getting the same result; Here is the debug. You can see from the debug that 5(2226) is_user_in(): User is not in group 'voicemail, before the upgrade the system showed the user in the voicemail group??? Before this issue my voicemail would go to the voicemail.cfg script and record a voicemail, now I get Not Found and no voicemail turned on from; if ( !( isflagset(4) || (uri =~ "conference") || (uri =~ "echo") ) ) { log(1, "no voicemail subscriber->return 404"); sl_send_reply("404", "Not Found and no voicemail turned on"); break; }; As always your help would be appreciated. Here is the debug. 5(2226) SIP Request: 5(2226) method: <INVITE> 5(2226) uri: <sip:ella@convergenceone.com> 5(2226) version: <SIP/2.0> 5(2226) parse_headers: flags=1 5(2226) Found param type 235, <rport> = <n/a>; state=6 5(2226) Found param type 232, <branch> = <z9hG4bKF54DAB3D6C0C455FBF00B605D4C8A3CD>; state=16 5(2226) end of header reached, state=5 5(2226) parse_headers: Via found, flags=1 5(2226) parse_headers: this is the first via 5(2226) After parse_msg... 5(2226) preparing to run routing scripts... 5(2226) ------------------------------------------- 5(2226) entering main loop 5(2226) INVITE message received 5(2226) DEBUG : is_maxfwd_present: searching for max_forwards header 5(2226) parse_headers: flags=128 5(2226) end of header reached, state=9 5(2226) DEBUG: get_hdr_field: <To> [31]; uri=[sip:ella@convergenceone.com] 5(2226) DEBUG: to body [<sip:ella@convergenceone.com> ] 5(2226) get_hdr_field: cseq <CSeq>: <54246> <INVITE> 5(2226) DEBUG: is_maxfwd_present: value = 70 5(2226) parse_headers: flags=256 5(2226) DEBUG: get_hdr_body : content_length=270 5(2226) found end of header 5(2226) find_first_route(): No Route headers found 5(2226) loose_route(): There is no Route HF 5(2226) check_self - checking if host==us: 18==9 && [convergenceone.com] == [127.0.0.1] 5(2226) check_self - checking if port 5060 matches port 5060 5(2226) check_self - checking if host==us: 18==13 && [convergenceone.com] == [192.168.0.206] 5(2226) check_self - checking if port 5060 matches port 5060 5(2226) lookup(): 'ella' Not found in usrloc 5(2226) is_user_in(): User is not in group 'voicemail ' 5(2226) lookup(): 'ella' Not found in usrloc 5(2226) requested user not found 5(2226) ------------------------------------------- 5(2226) entering route[4] = requested user not online 5(2226) no voicemail subscriber->return 404 5(2226) parse_headers: flags=-1 5(2226) check_via_address(192.168.0.1, 144.137.65.167, 0) 5(2226) receive_msg: cleaning up 7(2234) SIP Request: 7(2234) method: <ACK> 7(2234) uri: <sip:ella@convergenceone.com> 7(2234) version: <SIP/2.0> 7(2234) parse_headers: flags=1 7(2234) Found param type 235, <rport> = <n/a>; state=6 7(2234) Found param type 232, <branch> = <z9hG4bKF54DAB3D6C0C455FBF00B605D4C8A3CD>; state=16 7(2234) end of header reached, state=5 7(2234) parse_headers: Via found, flags=1 7(2234) parse_headers: this is the first via 7(2234) After parse_msg... 7(2234) parse_headers: flags=4 7(2234) DEBUG: add_param: tag=b27e1a1d33761e85846fc98f5f3a7e58.9612 7(2234) end of header reached, state=29 7(2234) DEBUG: get_hdr_field: <To> [73]; uri=[sip:ella@convergenceone.com] 7(2234) DEBUG: to body [<sip:ella@convergenceone.com>] 7(2234) DEBUG: sl_filter_ACK : local ACK found -> dropping it! Kind Regards Shad Mortazavi --------------------------------------------------- Nexus Technical Manager n|m Nexus Management Inc Neutral Bay Sydney

20 years, 1 month

[Serusers] General problems with SER 0.8.12

by hasseman＠slackware.se

Problems: 1. SER do not start properly after reboot. 2. Can´t not log on to SIP-server trough NAT. Description: 1. SER do not start properly after reboot. First of all i must point out that i have no more than a couple of weeks experience. I downloaded the "Admin guide" and the "Dan Austin howto" as reference dokumentation to set up a basic SER server. I followed it step by step and tested it. I found out that ive got some problem with ser when i restarted the machine. I restarted the machine, startted ser with "ser start" witch gived me: Listening on: 127.0.0.1[127.0.0.1]:5060 192.168.1.3[192.168.1.3]:5060 But when i was checking the status with "serctl monitor" It semed to me as ether the ser server or the ser_fifo was down cause it dident give me any status att all. when i checked the lokal processes with "ps aux" it dident give me anything on "ser start" as it usualy do. So i tried out the default ser.cfg and it worked.... ps aux gived me "ser start". Then i tried the default ser.cfg with mysql auth support and it worked. I rebooted and the same problem all over again. 2. Can not log on to SIP-server trough NAT. I can make local connections and initiate calls but not trough my dial.mine.nu adress. I have routed port 5060-5062 in my firewall against the server machine.(i think it would be sufficient to at least log on) I can make connections against iptel.org reference server but not against my local server. Enviromental variables: OS: Slackware 9.1 (Linux) client: Kphone and W-messenger. server: ser 0.8.12 Host-name:SIPserver.hasselan Domain: hasselan SIP-domain: SIPserver.hasselan Mysql: 4.0.18 external domain: dial.mine.nu configurationsfile= default ser.cfg + auth modules and mysql support. following lines were edited: www_authorise =SIPserver.hasselan www_challenge SIPserver.hasselan

20 years, 1 month

[Serusers] radius-server with sip attributes problem

by varala ramakanth

hello friends, i have installed free radius server-0.9.3 and radius client-0.3.2 and followed the ser howto radtest is success full and i updated dictionary of radius client with of in web available dictionary.ser ( of sip related attributies> and i included statement of INCLUDE <path of dicionary.ser> when i start radiusd -x its givens error as Errors reading dictionary: dict_init: /usr/local/etc/raddb/dictionary[23]: Couldn't open dictionary " /usr/local/etc/raddb/dictionary.ser": No such file or directory Errors reading radiusd.conf so i gone to "/usr/local/share/freeradius/" path and appended whole dictionary.ser contets into it and also kept link as INclude dictinary.ser even though if i create packet "digest" User-Name = "test", Digest-Response = "631d6d73147add2f9e437f59bbc3aeb7", Digest-Realm = "testrealm", Digest-Nonce = "1234abcd" , Digest-Method = "INVITE", Digest-URI = "sip:5555551212@example.com", Digest-Algorithm = "MD5", Digest-User-Name = "test" and run with root@/usr/local/src# radclient -f digest localhost auth <shared_secret> it s giveng error as radclient:No token read where we expected an attribute name i checked both in client and server dictionary attributes are present for the all that which are included in the pakcet. if include only User-Name = "test",User-Password="test" in the digest packet and check it s sucessfull so what may be the wrong sip method digest packet please help me with regards rama kanth __________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/

20 years, 1 month

[Serusers] SER behind a NAT router

by chen_far

hello, How can I configure the SER SIP server which is behind a NAT router? Currently I put the SER into my router's DMZ but it still doesn't work. Thanks.

20 years, 1 month

[Serusers] send mail problem

by mohammad mirzaee

HI ALL; FIRST: In order to get voicemail worked , do I need to install 2 copies of ser? SECOND:I used dbtext for subscribtion_table and it is as follows: email, user. domain Should the email field be a valid sip address or it can be any valid email address? BEST REGARDS mohammad

20 years, 1 month

RE: [Serusers] Problem with ATA186 and NAT (Linksys).

by Tom Lowe

Hello Andrei. Perfect. That seems to have done the trick! (adding force_rport() to the NAT section) Thanks both of you for your help! Tom Tom Lowe, President/CTO Compro Technologies, Inc. 512 South Main Street Forked River, NJ 08731 My Phone: +1-609-290-0544 Main Phone: +1-609-242-2211 Fax: +1-609-242-2212 Email: tom(a)comprotech.com Web: www.comprotech.com -----Original Message----- From: Andrei Pelinescu-Onciul [mailto:pelinescu-onciul@fokus.fraunhofer.de] Sent: Saturday, June 05, 2004 3:36 AM To: Tom Lowe Cc: Gregory D. Burns; serusers(a)lists.iptel.org Subject: Re: [Serusers] Problem with ATA186 and NAT (Linksys). On Jun 04, 2004 at 18:21, Tom Lowe <tom(a)comprotech.com> wrote: > > I actually tried that once, but I tried it again just to be sure. > > My linksys is LAN side is 192.168.51.X. So my Linksys is 192.168.51.1 > and my ATA is 192.168.51.153. I put 192.168.51.1 in the NATIP field. > It worked....so to prove that's the solution, I removed it, and it > still works. So that's not the solution. > > Out of curiosity, Can anyone say what this NATIP field actually > accomplishes? Asterisk doesn't require you to populate that field > with anything. > > My understanding of the mechanics behind NAT is that, if the router > receives a request for a port that is already mapped to another user, it > will assign a new port. That's what was happening here. 5060 was > already mapped to another user (I believe a softphone on my PC), so it > used 15060. > > So, it sends to SER 5060 from 15060. SER should respond to 15060 from > 5060, Router will tranlate the 15060 to 5060 and deliver it to my ATA. > The problem was that SER was sending to 5060 instead of 15060. No, ser should respond to the port in Via, or if rport is present to the source port of the packet. Your CISCO ATA doesn't include rport (it seems they don't support it), Solution: in your ser.cfg nat block add force_rport() (this will force ser to behave as if rport was present). > > I suspect that the original mapping in the router expired, so now it's > using 5060 instead of 15060, which is allowing it to work. > > So, to test this theory, I fired up XTEN on my PC. Sure enough, it's > mapping another, but now, SER is responding with the proper port. Because xten includes rport in its Via. > > I'm wondering if that section of code in my ser.cfg file that is > calling the nathelper commands if the originator is an ATA is actually causing > damage rather than fixing things? (I got that code from someone else > who suposedly got this all working with ATA behind a NAT) I'm going > to have to wait until this mapping times out again to try it back > around the other way. You should have a section dealing with all kinds of natted UACs, not only ATA. See nat_uac_test(...), it can test in various ways if an icoming request is comming from behind a nat. Andrei

20 years, 1 month

[Serusers] which ver of rtpproxy with ser0.8.12 from src on FreeBSD4.9 ??

by Adrian Acosta

20 years, 1 month

← Newer
1
...
27
28
29
30
31
32
33
...
39
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users June 2004