sr-users July 2004

sr-users@lists.kamailio.org

178 participants
449 discussions

[Serusers] ATA186 v3.1.1 LooseRoute logic

by Ezequiel Colombo

I are testing the last (v3.1.1) version of SIP firmware for Cisco ATA186 and see some bug or misimplementation of loose routing logic. I want known if my interpretation of the loose routing are correct. The test scenario is: U1(ATA186) -- callto -- U2(X-Lite) U1 = 200.80.35.6:25263 SER= 200.80.35.17:5060 U2 = 200.80.35.6:26198 After the answer (200 OK) from X-Lite the Cisco ATA 186 send a different ACK message with version 3.1.0 and 3.1.0 firmware. The ACK sent by version 3.1.1 never reack X-Lite causing it to re-send the 200 OK message. In version v3.1.0 the ACK to a 200OK is sent by ATA with URI equal to the proxy address as indicated by Record-Route in the previously received 200OK, and with a Route: header equal to the URI of the remote party (U2). With this SER perform loose-routing, take the URI in the Route: hf and sent the message to U2. In version v3.1.1 the ACK to a 200OK is sent by ATA with URI equal to the U2 address (without port information) and a Route: header indicating the URI of the proxy. So is expected that SER perform loose-routing taking the URI in the Route: header and send the message to itself in this case (Route contain address of proxy instead of U2) but not, the loose-routing is not performed for unknown reason (may be ftag or lr ?) and the message is sent to the original uri (U2 ip without port) and never arrive because the U2 endpoint are listen in other port (26198 instead of 5060). User-Agent: Cisco ATA 186 v3.1.0 atasip (040211A). U 2004/07/15 12:25:12.056963 200.80.35.6:25263 -> 200.80.35.17:5060 ACK sip:9903@200.80.35.17 SIP/2.0. Route: <sip:demo@200.80.35.6:26198>. Via: SIP/2.0/UDP 10.10.0.19:5060. From: ATA186_1 <sip:ecolombo@arcotel.net>;tag=3551834793. To: <sip:9903@arcotel.net;user=phone>;tag=3517445666. Call-ID: 2858614495(a)10.10.0.19. CSeq: 2 ACK. User-Agent: Cisco ATA 186 v3.1.0 atasip (040211A). Proxy-Authorization: Digest username="ecolombo",realm="arcotel.net",nonce="40f6a2fec75c5e94e41551df450c5 8d95c645346",uri="sip :9903@arcotel.net",response="15cb50684f467e0c3144cfa68c678372". Content-Length: 0. User-Agent: Cisco ATA 186 v3.1.1 atasip (040629A). U 2004/07/15 11:23:27.392577 200.80.35.6:25263 -> 200.80.35.17:5060 ACK sip:demo@200.80.35.6 SIP/2.0. Route: <sip:9903@200.80.35.17;ftag=335027039;lr=on>. Via: SIP/2.0/UDP 10.10.0.19:5060. From: ATA186_1 <sip:ecolombo@arcotel.net>;tag=335027039. To: <sip:9903@arcotel.net;user=phone>;tag=1196191453. Call-ID: 3372571447(a)10.10.0.19. CSeq: 2 ACK. User-Agent: Cisco ATA 186 v3.1.1 atasip (040629A). Proxy-Authorization: Digest username="ecolombo",realm="arcotel.net",nonce="40f69484a8e0e9df8bcd477930f1b 6188e0d79ce",uri="sip :9903@arcotel.net",response="a4e2468e2d5984d6cc9cc8a5487e767c". Content-Length: 0.

20 years, 3 months

[Serusers] SERWEB - WHERE ARE THE PACKAGES?

by oezen001＠cs.fiu.edu

Hi there, I would like to install serweb but cannot find the packages to install. I followed the link from the iptel.org website to the belios website but there were no packages available for download. Please help. regards, Onyeka

20 years, 3 months

[Serusers] Ser + Asterisk + Voicemail

by Bill Brigden

Hi all, I have been reading the archives for the ser mailing list, as well as looking round the voip-info.org site, and cant really find an answer to my question... We are using ser as a sip proxy + registrar to the subscribers database (mysql). At the moment it is doing a fine job routing calls between sip users on the same server + accepting calls from pstn network into the server (setting up aliases of numbers to users). I have tried using sems, and I can get it to work - however its more limited than asterisk in terms of functionality (like being able to call in for voicemail, rather than just emailing them..) If I set up a rule to forward to an asterisk server (running on same server, different port) - how can I handle the auth / setup of the mailbox for them? Ie. They have already registered on the ser box, so is it possible to link asterisk in, so that the same username / password is used if people call in to the voicemail admin to retrieve voicemails? Or, do we have to create the users twice, once in ser and once in asterisk? Let me know if I have got the wrong end of the stick (or if I have phrased it badly!!) Cheers, Bill.

20 years, 3 months

[Serusers] How drop the first three digits of dialed number

by gc

Can anybody show me how to drop the first three digits of dialed number in the ser.cfg? I remember I saw this in the archive and can not find it again. GC

20 years, 3 months

[Serusers] simple CLI SUA wanted!

by Cyprien Simons

Hi everybody, I'm testing some SIP software, and I don't need at all VoIP. I'm working remotely, that's why I even can't. So, I'm searching a simple SIP User Agent, which work through the CLI and use SER in proxy mode. I mean, every message should go through the SER, there is no redirect mode. And I just need to be able to send simple text messages. Any ideas? Cyprien

20 years, 3 months

RE: [Serusers] Radius Authentication Help

by Sean Lowry

Yes please i will take a copy of the dictionary.sip i have however been testing different things that the list has been sending and i'm getting a different error now the error is 7(16599) res: -1 7(16599) radius_authorize_sterman(): Failure please find below some debug any help at all is always grealy appreciated Sean 6(16595) SIP Request: 6(16595) method: <REGISTER> 6(16595) uri: <sip:sip.keycom.co.uk> 6(16595) version: <SIP/2.0> 6(16595) parse_headers: flags=1 6(16595) end of header reached, state=5 6(16595) parse_headers: Via found, flags=1 6(16595) parse_headers: this is the first via 6(16595) After parse_msg... 6(16595) preparing to run routing scripts... 6(16595) DEBUG : is_maxfwd_present: searching for max_forwards header 6(16595) parse_headers: flags=128 6(16595) end of header reached, state=9 6(16595) DEBUG: get_hdr_field: <To> [34]; uri=[sip:sean@sip.keycom.co.uk] 6(16595) DEBUG: to body [Sean <sip:sean@sip.keycom.co.uk> ] 6(16595) get_hdr_field: cseq <CSeq>: <131> <REGISTER> 6(16595) DEBUG: get_hdr_body : content_length=0 6(16595) found end of header 6(16595) DEBUG: is_maxfwd_present: max_forwards header not found! 6(16595) end of header reached, state=9 6(16595) parse_headers: flags=256 6(16595) find_first_route(): No Route headers found 6(16595) loose_route(): There is no Route HF 6(16595) check_self - checking if host==us: 16==9 && [sip.keycom.co.uk] == [127.0.0.1] 6(16595) check_self - checking if port 5060 matches port 5060 6(16595) check_self - checking if host==us: 16==12 && [sip.keycom.co.uk] == [192.168.1.68] 6(16595) check_self - checking if port 5060 matches port 5060 6(16595) REGISTER: Authenticating user 6(16595) parse_headers: flags=4096 6(16595) pre_auth(): Credentials with given realm not found 6(16595) REGISTER: challenging user 6(16595) build_auth_hf(): 'WWW-Authenticate: Digest realm="sip.keycom.co.uk", nonce="40f66c016fa9044424946dfc574f83781285a9cc" ' 6(16595) parse_headers: flags=-1 6(16595) check_via_address(192.168.1.91, 212.9.98.1, 0) 6(16595) receive_msg: cleaning up 7(16599) SIP Request: 7(16599) method: <REGISTER> 7(16599) uri: <sip:sip.keycom.co.uk> 7(16599) version: <SIP/2.0> 7(16599) parse_headers: flags=1 7(16599) end of header reached, state=5 7(16599) parse_headers: Via found, flags=1 7(16599) parse_headers: this is the first via 7(16599) After parse_msg... 7(16599) preparing to run routing scripts... 7(16599) DEBUG : is_maxfwd_present: searching for max_forwards header 7(16599) parse_headers: flags=128 7(16599) end of header reached, state=9 7(16599) DEBUG: get_hdr_field: <To> [34]; uri=[sip:sean@sip.keycom.co.uk] 7(16599) DEBUG: to body [Sean <sip:sean@sip.keycom.co.uk> ] 7(16599) get_hdr_field: cseq <CSeq>: <132> <REGISTER> 7(16599) DEBUG: get_hdr_body : content_length=0 7(16599) found end of header 7(16599) DEBUG: is_maxfwd_present: max_forwards header not found! 7(16599) end of header reached, state=9 7(16599) parse_headers: flags=256 7(16599) find_first_route(): No Route headers found 7(16599) loose_route(): There is no Route HF 7(16599) check_self - checking if host==us: 16==9 && [sip.keycom.co.uk] == [127.0.0.1] 7(16599) check_self - checking if port 5060 matches port 5060 7(16599) check_self - checking if host==us: 16==12 && [sip.keycom.co.uk] == [192.168.1.68] 7(16599) check_self - checking if port 5060 matches port 5060 7(16599) REGISTER: Authenticating user 7(16599) check_nonce(): comparing [40f66c016fa9044424946dfc574f83781285a9cc] and [40f66c016fa9044424946dfc574f83781285a9cc] 7(16599) res: -1 7(16599) radius_authorize_sterman(): Failure 7(16599) REGISTER: challenging user 7(16599) build_auth_hf(): 'WWW-Authenticate: Digest realm="sip.keycom.co.uk", nonce="40f66c016fa9044424946dfc574f83781285a9cc" ' 7(16599) parse_headers: flags=-1 7(16599) check_via_address(192.168.1.91, 212.9.98.1, 0) 7(16599) receive_msg: cleaning up 6(16595) SIP Request: 6(16595) method: <REGISTER> 6(16595) uri: <sip:sip.keycom.co.uk> 6(16595) version: <SIP/2.0> 6(16595) parse_headers: flags=1 6(16595) end of header reached, state=5 6(16595) parse_headers: Via found, flags=1 6(16595) parse_headers: this is the first via 6(16595) After parse_msg... 6(16595) preparing to run routing scripts... 6(16595) DEBUG : is_maxfwd_present: searching for max_forwards header 6(16595) parse_headers: flags=128 6(16595) end of header reached, state=9 6(16595) DEBUG: get_hdr_field: <To> [34]; uri=[sip:sean@sip.keycom.co.uk] 6(16595) DEBUG: to body [Sean <sip:sean@sip.keycom.co.uk> ] 6(16595) get_hdr_field: cseq <CSeq>: <133> <REGISTER> 6(16595) DEBUG: get_hdr_body : content_length=0 6(16595) found end of header 6(16595) DEBUG: is_maxfwd_present: max_forwards header not found! 6(16595) end of header reached, state=9 6(16595) parse_headers: flags=256 6(16595) find_first_route(): No Route headers found 6(16595) loose_route(): There is no Route HF 6(16595) check_self - checking if host==us: 16==9 && [sip.keycom.co.uk] == [127.0.0.1] 6(16595) check_self - checking if port 5060 matches port 5060 6(16595) check_self - checking if host==us: 16==12 && [sip.keycom.co.uk] == [192.168.1.68] 6(16595) check_self - checking if port 5060 matches port 5060 6(16595) REGISTER: Authenticating user 6(16595) check_nonce(): comparing [40f66c016fa9044424946dfc574f83781285a9cc] and [40f66c016fa9044424946dfc574f83781285a9cc] 6(16595) res: -1 6(16595) radius_authorize_sterman(): Failure 6(16595) REGISTER: challenging user 6(16595) build_auth_hf(): 'WWW-Authenticate: Digest realm="sip.keycom.co.uk", nonce="40f66c038f1b06eb1345a6f925a274094c66039a" ' 6(16595) parse_headers: flags=-1 6(16595) check_via_address(192.168.1.91, 212.9.98.1, 0) 6(16595) receive_msg: cleaning up 7(16599) SIP Request: 7(16599) method: <REGISTER> 7(16599) uri: <sip:sip.keycom.co.uk> 7(16599) version: <SIP/2.0> 7(16599) parse_headers: flags=1 7(16599) end of header reached, state=5 7(16599) parse_headers: Via found, flags=1 7(16599) parse_headers: this is the first via 7(16599) After parse_msg... 7(16599) preparing to run routing scripts... 7(16599) DEBUG : is_maxfwd_present: searching for max_forwards header 7(16599) parse_headers: flags=128 7(16599) end of header reached, state=9 7(16599) DEBUG: get_hdr_field: <To> [34]; uri=[sip:sean@sip.keycom.co.uk] 7(16599) DEBUG: to body [Sean <sip:sean@sip.keycom.co.uk> > -----Original Message----- > From: Zeus Ng [SMTP:zeus.ng@isquare.com.au] > Sent: 15 July 2004 12:10 > To: 'Sean Lowry' > Cc: serusers(a)lists.iptel.org > Subject: RE: [Serusers] Radius Authentication Help > > I do remember that I need both dictionary.ser and dictionary.sip to work. > Can't remember where I get the dictionary.sip from. I can email you a copy > of you want. > > Zeus > > > -----Original Message----- > > From: Sean Lowry [mailto:Sean.Lowry@keycom.co.uk] > > Sent: Thursday, 15 July 2004 8:25 PM > > To: 'Zeus Ng' > > Subject: RE: [Serusers] Radius Authentication Help > > > > > > it's inside the dictionary.ser that i had to go and download > > (wasn't included in the module). it contains > > > > i put an include statment into the dictionary to include > > dictionary.ser > > > > this then gets me a different attribute error > > > > > > Maxfwd module- initializing > > . > > sip:/etc/radiusclient# acc - initializing > > exec - initializing > > print - initializing > > textops - initializing > > voicemail - initializing > > 7(15981) REGISTER: Authenticating user > > 7(15981) REGISTER: challenging user > > 5(15976) REGISTER: Authenticating user > > 5(15976) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > 5(15976) REGISTER: challenging user > > 7(15981) REGISTER: Authenticating user > > 7(15981) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > 7(15981) REGISTER: challenging user > > 5(15976) REGISTER: Authenticating user > > 5(15976) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > > > > normally it's PW_USER_NAME attribute > > > > Sean > > > > > > > > > -----Original Message----- > > > From: Zeus Ng [SMTP:zeus.ng@isquare.com.au] > > > Sent: 15 July 2004 11:25 > > > To: 'Sean Lowry' > > > Cc: serusers(a)lists.iptel.org > > > Subject: RE: [Serusers] Radius Authentication Help > > > > > > Look at your /etc/radiusclient/dictionary* files and see if the > > > following line exist. > > > > > > ATTRIBUTE Digest-User-Name 1072 string > > > > > > If not, your are missing the attributes for SIP specific dictionary > > > translation. There are more attributes for sip. The above > > is just one > > > of them. > > > > > > Zeus > > > > > > > -----Original Message----- > > > > From: serusers-bounces(a)lists.iptel.org > > > > [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Sean Lowry > > > > Sent: Thursday, 15 July 2004 7:26 PM > > > > To: serusers(a)lists.iptel.org > > > > Subject: [Serusers] Radius Authentication Help > > > > > > > > > > > > running on debian > > > > ser verion = 0.8.12 > > > > ser-radius-module = 0.8.12 > > > > > > > > > > > > Ser.cfg > > > > > > > > # > > > > # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # > > > > # simple quick-start config script > > > > # > > > > > > > > # ----------- global configuration parameters > > > > ------------------------ > > > > > > > > > > > > #debug=4 # debug level (cmd line: -dddddddddd) > > > > #fork=yes > > > > log_stderror=yes # (cmd line: -E) > > > > > > > > /* Uncomment these lines to enter debugging mode > > > > #debug=7 > > > > fork=no > > > > log_stderror=yes > > > > */ > > > > > > > > > > > > > > > > > > > > # ----------------- setting module-specific parameters > > > > --------------- > > > > > > > > # -- usrloc params -- > > > > > > > > #modparam("usrloc", "db_url", "mysql://ser:heslo@hosthost/ser") > > > > modparam("usrloc", "db_mode", 1) > > > > > > > > # Uncomment this if you want to use SQL database > > > > # for persistent storage and comment the previous line > > > > > > > > # -- auth params -- > > > > # Uncomment if you are using auth module > > > > # > > > > #modparam("auth_db", "calculate_ha1", yes) > > > > # > > > > # If you set "calculate_ha1" parameter to yes (which true in > > > > this config), > > > > # uncomment also the following parameter) > > > > # > > > > #modparam("auth_db", "password_column", "password") > > > > > > > > modparam("auth_radius", "radius_config", > > > > "/etc/radiusclient/radiusclient.conf") > > > > #modparam("auth_radius", "service_type", 15) > > > > > > > > > > > > #group radius > > > > modparam("group_radius", "radius_config", > > > > "/etc/radiusclient/radiusclient.conf") > > > > modparam("group_radius", "use_domain", 1) > > > > > > > > > > > > # -- rr params -- > > > > # add value to ;lr param to make some broken UAs happy > > > > modparam("rr", "enable_full_lr", 1) modparam("registrar", > > > > "default_expires", 120) #sets default for expiry if > > > > registrant doesn't specify modparam("registrar", "default_q", > > > > 1000)# sets default q value in registration > > > > > > > > > > > > # ------------------------- request routing logic > > > > ------------------- > > > > > > > > # main routing logic > > > > > > > > > > > > > > > > route{ > > > > > > > > # initial sanity checks -- messages with > > > > # max_forwards==0, or excessively long requests > > > > if (!mf_process_maxfwd_header("10")) { > > > > sl_send_reply("483","Too Many Hops"); > > > > break; > > > > }; > > > > if ( msg:len > max_len ) { > > > > sl_send_reply("513", "Message too big"); > > > > break; > > > > }; > > > > > > > > # we record-route all messages -- to make sure that > > > > # subsequent messages will go through our proxy; that's > > > > # particularly good if upstream and downstream entities > > > > # use different transport protocol > > > > record_route(); > > > > # loose-route processing > > > > if (loose_route()) { > > > > t_relay(); > > > > break; > > > > }; > > > > > > > > # if the request is for other domain use UsrLoc > > > > # (in case, it does not work, use the following command > > > > # with proper names and addresses in it) > > > > if (uri==myself) { > > > > > > > > if (method=="REGISTER") { > > > > > > > > if (search("^(Contact|m): > > > > .*@(--private--information)")) { > > > > log("LOG: alert: someone trying to set > > > > aor==contact\n"); > > > > sl_send_reply("476", "No Server Address > > > > in Contacts Allowed" ); > > > > break; > > > > }; > > > > > > > > # Uncomment this if you want to use digest > > > > authentication > > > > > > > > log(1, "REGISTER: Authenticating user\n"); > > > > > > > > if (!radius_www_authorize("")) { > > > > log(1, "REGISTER: challenging user\n"); > > > > www_challenge("", "1"); > > > > break; > > > > }; > > > > > > > > save("location"); > > > > break; > > > > }; > > > > > > > > if (uri=~"^sip:71[0-9]{2}@.*") > > > > { > > > > #xlog("L_ERR", "LOG - method<%rm> uri<%ru> > > > > from<%fu> to<%tu>\n"); > > > > rewritehostport("192.168.1.252"); > > > > forward(uri:host, uri:port); > > > > xlog("L_ERR", "LOG - method<%rm> uri<%ru> > > > > from<%fu> to<%tu>\n"); > > > > break; > > > > }; > > > > > > > > > > > > # native SIP destinations are handled using > > > > our USRLOC DB > > > > if (!lookup("location")) { > > > > sl_send_reply("404", "Not Found"); > > > > break; > > > > }; > > > > }; > > > > # forward to current uri now; use stateful > > forwarding; that > > > > # works reliably even if we forward from TCP to UDP > > > > if (!t_relay()) { > > > > sl_reply_error(); > > > > }; > > > > > > > > } > > > > > > > > > > > > > > > > > > > > Error when running this configuration > > > > > > > > stateless - initializing > > > > Maxfwd module- initializing > > > > . > > > > sip:/etc/ser# acc - initializing > > > > exec - initializing > > > > print - initializing > > > > textops - initializing > > > > voicemail - initializing > > > > 5(14802) REGISTER: Authenticating user > > > > 5(14802) REGISTER: challenging user > > > > 6(14806) REGISTER: Authenticating user > > > > 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > > 6(14806) REGISTER: challenging user > > > > 5(14802) REGISTER: Authenticating user > > > > 5(14802) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > > 5(14802) REGISTER: challenging user > > > > 6(14806) REGISTER: Authenticating user > > > > 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > > 6(14806) REGISTER: challenging user > > > > > > > > > > > > now if i uncomment out the radius service type > > > > > > > > #modparam("auth_radius", "service_type", 15) > > > > > > > > > > > > sip:/etc/ser# stateless - initializing > > > > Maxfwd module- initializing > > > > acc - initializing > > > > exec - initializing > > > > print - initializing > > > > textops - initializing > > > > voicemail - initializing > > > > 7(14958) REGISTER: Authenticating user > > > > 7(14958) REGISTER: challenging user > > > > 8(14959) REGISTER: Authenticating user > > > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > > > 8(14959) REGISTER: challenging user > > > > 7(14958) REGISTER: Authenticating user > > > > 7(14958) sterman(): Unable to add PW_USER_NAME attribute > > > > 7(14958) REGISTER: challenging user > > > > 8(14959) REGISTER: Authenticating user > > > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > > > 8(14959) REGISTER: challenging user > > > > 7(14958) REGISTER: Authenticating user > > > > 7(14958) sterman(): Unable to add PW_USER_NAME attribute > > > > 7(14958) REGISTER: challenging user > > > > 8(14959) REGISTER: Authenticating user > > > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > > > 8(14959) REGISTER: challenging user > > > > > > > > > > > > > > > > now i have freeradius running in debug so i can see if > > > > anything it talking to it and i see nothing at all from > > freeradius. > > > > > > > > sip:/home/sean# freeradius -x > > > > Starting - reading configuration files ... > > > > Using deprecated naslist file. Support for this will go away > > > > soon. Using deprecated clients file. Support for this will > > > > go away soon. Using deprecated realms file. Support for this > > > > will go away soon. > > > > Module: Loaded expr > > > > Module: Instantiated expr (expr) > > > > Module: Loaded PAP > > > > Module: Instantiated pap (pap) > > > > Module: Loaded CHAP > > > > Module: Instantiated chap (chap) > > > > Module: Loaded MS-CHAP > > > > Module: Instantiated mschap (mschap) > > > > Module: Loaded DIGEST > > > > Module: Instantiated digest (digest) > > > > Module: Loaded System > > > > Module: Instantiated unix (unix) > > > > Module: Loaded eap > > > > rlm_eap: Loaded and initialized the type md5 > > > > rlm_eap: Loaded and initialized the type leap > > > > Module: Instantiated eap (eap) > > > > Module: Loaded preprocess > > > > Module: Instantiated preprocess (preprocess) > > > > Module: Loaded realm > > > > Module: Instantiated realm (suffix) > > > > Module: Loaded SQL > > > > rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) > > > > loaded and linked rlm_sql (sql): Attempting to connect to > > > > radius@localhost:/radius rlm_sql (sql): starting 0 rlm_sql > > > > (sql): Attempting to connect rlm_sql_mysql #0 > > > > rlm_sql_mysql: Starting connect to MySQL server for #0 > > > > rlm_sql (sql): Connected new DB handle, #0 > > > > rlm_sql (sql): starting 1 > > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 > > > > rlm_sql_mysql: Starting connect to MySQL server for #1 > > > > rlm_sql (sql): Connected new DB handle, #1 > > > > rlm_sql (sql): starting 2 > > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 > > > > rlm_sql_mysql: Starting connect to MySQL server for #2 > > > > rlm_sql (sql): Connected new DB handle, #2 > > > > rlm_sql (sql): starting 3 > > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 > > > > rlm_sql_mysql: Starting connect to MySQL server for #3 > > > > rlm_sql (sql): Connected new DB handle, #3 > > > > rlm_sql (sql): starting 4 > > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 > > > > rlm_sql_mysql: Starting connect to MySQL server for #4 > > > > rlm_sql (sql): Connected new DB handle, #4 > > > > Module: Instantiated sql (sql) > > > > Module: Loaded Acct-Unique-Session-Id > > > > Module: Instantiated acct_unique (acct_unique) > > > > Module: Loaded detail > > > > Module: Instantiated detail (detail) > > > > Module: Loaded radutmp > > > > Module: Instantiated radutmp (radutmp) > > > > Initializing the thread pool... > > > > Listening on IP address *, ports 1812/udp and 1813/udp, with > > > > proxy on 1814/udp. Ready to process requests. > > > > > > > > > > > > > > > > > > > > i have tested the raidus server to see if it's authenticating. > > > > > > > > > > > > Sending Access-Request of id 7 to 127.0.0.1:1812 > > > > User-Name = "bob" > > > > User-Password = "bob" > > > > NAS-IP-Address = ~~~changed private~~~ > > > > NAS-Port = 1814 > > > > rad_recv: Access-Accept packet from host 127.0.0.1:1812, > > > > id=7, length=20 > > > > > > > > > > > > everything is working as you would expect does anyone have > > > > any ideas at all as to where i'm going wrong. > > > > > > > > > > > > Thanks in advance > > > > > > > > Sean > > > > > > > > _______________________________________________ > > > > Serusers mailing list > > > > serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers > > > > > >

20 years, 3 months

RE: [Serusers] Radius Authentication Help

by Zeus Ng

I do remember that I need both dictionary.ser and dictionary.sip to work. Can't remember where I get the dictionary.sip from. I can email you a copy of you want. Zeus > -----Original Message----- > From: Sean Lowry [mailto:Sean.Lowry@keycom.co.uk] > Sent: Thursday, 15 July 2004 8:25 PM > To: 'Zeus Ng' > Subject: RE: [Serusers] Radius Authentication Help > > > it's inside the dictionary.ser that i had to go and download > (wasn't included in the module). it contains > > i put an include statment into the dictionary to include > dictionary.ser > > this then gets me a different attribute error > > > Maxfwd module- initializing > . > sip:/etc/radiusclient# acc - initializing > exec - initializing > print - initializing > textops - initializing > voicemail - initializing > 7(15981) REGISTER: Authenticating user > 7(15981) REGISTER: challenging user > 5(15976) REGISTER: Authenticating user > 5(15976) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > 5(15976) REGISTER: challenging user > 7(15981) REGISTER: Authenticating user > 7(15981) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > 7(15981) REGISTER: challenging user > 5(15976) REGISTER: Authenticating user > 5(15976) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > normally it's PW_USER_NAME attribute > > Sean > > > > > -----Original Message----- > > From: Zeus Ng [SMTP:zeus.ng@isquare.com.au] > > Sent: 15 July 2004 11:25 > > To: 'Sean Lowry' > > Cc: serusers(a)lists.iptel.org > > Subject: RE: [Serusers] Radius Authentication Help > > > > Look at your /etc/radiusclient/dictionary* files and see if the > > following line exist. > > > > ATTRIBUTE Digest-User-Name 1072 string > > > > If not, your are missing the attributes for SIP specific dictionary > > translation. There are more attributes for sip. The above > is just one > > of them. > > > > Zeus > > > > > -----Original Message----- > > > From: serusers-bounces(a)lists.iptel.org > > > [mailto:serusers-bounces@lists.iptel.org] On Behalf Of Sean Lowry > > > Sent: Thursday, 15 July 2004 7:26 PM > > > To: serusers(a)lists.iptel.org > > > Subject: [Serusers] Radius Authentication Help > > > > > > > > > running on debian > > > ser verion = 0.8.12 > > > ser-radius-module = 0.8.12 > > > > > > > > > Ser.cfg > > > > > > # > > > # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # > > > # simple quick-start config script > > > # > > > > > > # ----------- global configuration parameters > > > ------------------------ > > > > > > > > > #debug=4 # debug level (cmd line: -dddddddddd) > > > #fork=yes > > > log_stderror=yes # (cmd line: -E) > > > > > > /* Uncomment these lines to enter debugging mode > > > #debug=7 > > > fork=no > > > log_stderror=yes > > > */ > > > > > > > > > > > > > > > # ----------------- setting module-specific parameters > > > --------------- > > > > > > # -- usrloc params -- > > > > > > #modparam("usrloc", "db_url", "mysql://ser:heslo@hosthost/ser") > > > modparam("usrloc", "db_mode", 1) > > > > > > # Uncomment this if you want to use SQL database > > > # for persistent storage and comment the previous line > > > > > > # -- auth params -- > > > # Uncomment if you are using auth module > > > # > > > #modparam("auth_db", "calculate_ha1", yes) > > > # > > > # If you set "calculate_ha1" parameter to yes (which true in > > > this config), > > > # uncomment also the following parameter) > > > # > > > #modparam("auth_db", "password_column", "password") > > > > > > modparam("auth_radius", "radius_config", > > > "/etc/radiusclient/radiusclient.conf") > > > #modparam("auth_radius", "service_type", 15) > > > > > > > > > #group radius > > > modparam("group_radius", "radius_config", > > > "/etc/radiusclient/radiusclient.conf") > > > modparam("group_radius", "use_domain", 1) > > > > > > > > > # -- rr params -- > > > # add value to ;lr param to make some broken UAs happy > > > modparam("rr", "enable_full_lr", 1) modparam("registrar", > > > "default_expires", 120) #sets default for expiry if > > > registrant doesn't specify modparam("registrar", "default_q", > > > 1000)# sets default q value in registration > > > > > > > > > # ------------------------- request routing logic > > > ------------------- > > > > > > # main routing logic > > > > > > > > > > > > route{ > > > > > > # initial sanity checks -- messages with > > > # max_forwards==0, or excessively long requests > > > if (!mf_process_maxfwd_header("10")) { > > > sl_send_reply("483","Too Many Hops"); > > > break; > > > }; > > > if ( msg:len > max_len ) { > > > sl_send_reply("513", "Message too big"); > > > break; > > > }; > > > > > > # we record-route all messages -- to make sure that > > > # subsequent messages will go through our proxy; that's > > > # particularly good if upstream and downstream entities > > > # use different transport protocol > > > record_route(); > > > # loose-route processing > > > if (loose_route()) { > > > t_relay(); > > > break; > > > }; > > > > > > # if the request is for other domain use UsrLoc > > > # (in case, it does not work, use the following command > > > # with proper names and addresses in it) > > > if (uri==myself) { > > > > > > if (method=="REGISTER") { > > > > > > if (search("^(Contact|m): > > > .*@(--private--information)")) { > > > log("LOG: alert: someone trying to set > > > aor==contact\n"); > > > sl_send_reply("476", "No Server Address > > > in Contacts Allowed" ); > > > break; > > > }; > > > > > > # Uncomment this if you want to use digest > > > authentication > > > > > > log(1, "REGISTER: Authenticating user\n"); > > > > > > if (!radius_www_authorize("")) { > > > log(1, "REGISTER: challenging user\n"); > > > www_challenge("", "1"); > > > break; > > > }; > > > > > > save("location"); > > > break; > > > }; > > > > > > if (uri=~"^sip:71[0-9]{2}@.*") > > > { > > > #xlog("L_ERR", "LOG - method<%rm> uri<%ru> > > > from<%fu> to<%tu>\n"); > > > rewritehostport("192.168.1.252"); > > > forward(uri:host, uri:port); > > > xlog("L_ERR", "LOG - method<%rm> uri<%ru> > > > from<%fu> to<%tu>\n"); > > > break; > > > }; > > > > > > > > > # native SIP destinations are handled using > > > our USRLOC DB > > > if (!lookup("location")) { > > > sl_send_reply("404", "Not Found"); > > > break; > > > }; > > > }; > > > # forward to current uri now; use stateful > forwarding; that > > > # works reliably even if we forward from TCP to UDP > > > if (!t_relay()) { > > > sl_reply_error(); > > > }; > > > > > > } > > > > > > > > > > > > > > > Error when running this configuration > > > > > > stateless - initializing > > > Maxfwd module- initializing > > > . > > > sip:/etc/ser# acc - initializing > > > exec - initializing > > > print - initializing > > > textops - initializing > > > voicemail - initializing > > > 5(14802) REGISTER: Authenticating user > > > 5(14802) REGISTER: challenging user > > > 6(14806) REGISTER: Authenticating user > > > 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > 6(14806) REGISTER: challenging user > > > 5(14802) REGISTER: Authenticating user > > > 5(14802) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > 5(14802) REGISTER: challenging user > > > 6(14806) REGISTER: Authenticating user > > > 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > > 6(14806) REGISTER: challenging user > > > > > > > > > now if i uncomment out the radius service type > > > > > > #modparam("auth_radius", "service_type", 15) > > > > > > > > > sip:/etc/ser# stateless - initializing > > > Maxfwd module- initializing > > > acc - initializing > > > exec - initializing > > > print - initializing > > > textops - initializing > > > voicemail - initializing > > > 7(14958) REGISTER: Authenticating user > > > 7(14958) REGISTER: challenging user > > > 8(14959) REGISTER: Authenticating user > > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > > 8(14959) REGISTER: challenging user > > > 7(14958) REGISTER: Authenticating user > > > 7(14958) sterman(): Unable to add PW_USER_NAME attribute > > > 7(14958) REGISTER: challenging user > > > 8(14959) REGISTER: Authenticating user > > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > > 8(14959) REGISTER: challenging user > > > 7(14958) REGISTER: Authenticating user > > > 7(14958) sterman(): Unable to add PW_USER_NAME attribute > > > 7(14958) REGISTER: challenging user > > > 8(14959) REGISTER: Authenticating user > > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > > 8(14959) REGISTER: challenging user > > > > > > > > > > > > now i have freeradius running in debug so i can see if > > > anything it talking to it and i see nothing at all from > freeradius. > > > > > > sip:/home/sean# freeradius -x > > > Starting - reading configuration files ... > > > Using deprecated naslist file. Support for this will go away > > > soon. Using deprecated clients file. Support for this will > > > go away soon. Using deprecated realms file. Support for this > > > will go away soon. > > > Module: Loaded expr > > > Module: Instantiated expr (expr) > > > Module: Loaded PAP > > > Module: Instantiated pap (pap) > > > Module: Loaded CHAP > > > Module: Instantiated chap (chap) > > > Module: Loaded MS-CHAP > > > Module: Instantiated mschap (mschap) > > > Module: Loaded DIGEST > > > Module: Instantiated digest (digest) > > > Module: Loaded System > > > Module: Instantiated unix (unix) > > > Module: Loaded eap > > > rlm_eap: Loaded and initialized the type md5 > > > rlm_eap: Loaded and initialized the type leap > > > Module: Instantiated eap (eap) > > > Module: Loaded preprocess > > > Module: Instantiated preprocess (preprocess) > > > Module: Loaded realm > > > Module: Instantiated realm (suffix) > > > Module: Loaded SQL > > > rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) > > > loaded and linked rlm_sql (sql): Attempting to connect to > > > radius@localhost:/radius rlm_sql (sql): starting 0 rlm_sql > > > (sql): Attempting to connect rlm_sql_mysql #0 > > > rlm_sql_mysql: Starting connect to MySQL server for #0 > > > rlm_sql (sql): Connected new DB handle, #0 > > > rlm_sql (sql): starting 1 > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 > > > rlm_sql_mysql: Starting connect to MySQL server for #1 > > > rlm_sql (sql): Connected new DB handle, #1 > > > rlm_sql (sql): starting 2 > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 > > > rlm_sql_mysql: Starting connect to MySQL server for #2 > > > rlm_sql (sql): Connected new DB handle, #2 > > > rlm_sql (sql): starting 3 > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 > > > rlm_sql_mysql: Starting connect to MySQL server for #3 > > > rlm_sql (sql): Connected new DB handle, #3 > > > rlm_sql (sql): starting 4 > > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 > > > rlm_sql_mysql: Starting connect to MySQL server for #4 > > > rlm_sql (sql): Connected new DB handle, #4 > > > Module: Instantiated sql (sql) > > > Module: Loaded Acct-Unique-Session-Id > > > Module: Instantiated acct_unique (acct_unique) > > > Module: Loaded detail > > > Module: Instantiated detail (detail) > > > Module: Loaded radutmp > > > Module: Instantiated radutmp (radutmp) > > > Initializing the thread pool... > > > Listening on IP address *, ports 1812/udp and 1813/udp, with > > > proxy on 1814/udp. Ready to process requests. > > > > > > > > > > > > > > > i have tested the raidus server to see if it's authenticating. > > > > > > > > > Sending Access-Request of id 7 to 127.0.0.1:1812 > > > User-Name = "bob" > > > User-Password = "bob" > > > NAS-IP-Address = ~~~changed private~~~ > > > NAS-Port = 1814 > > > rad_recv: Access-Accept packet from host 127.0.0.1:1812, > > > id=7, length=20 > > > > > > > > > everything is working as you would expect does anyone have > > > any ideas at all as to where i'm going wrong. > > > > > > > > > Thanks in advance > > > > > > Sean > > > > > > _______________________________________________ > > > Serusers mailing list > > > serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers > > > >

20 years, 3 months

[Serusers] RE: Exported functions: "hf_present" and "Hf_delete"

by Andrew K. Caruana

Hi there, We would like to confirm whether the read about "hf_present" and "hf_delete" exported functions, have actually been implemented or else are still awaiting to be implemented in textops. Thanks in advanced. Regards, Andrew and Charles

20 years, 3 months

[Serusers] Radius Authentication Help

by Sean Lowry

running on debian ser verion = 0.8.12 ser-radius-module = 0.8.12 Ser.cfg # # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ #debug=4 # debug level (cmd line: -dddddddddd) #fork=yes log_stderror=yes # (cmd line: -E) /* Uncomment these lines to enter debugging mode #debug=7 fork=no log_stderror=yes */ # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_url", "mysql://ser:heslo@hosthost/ser") modparam("usrloc", "db_mode", 1) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line # -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password") modparam("auth_radius", "radius_config", "/etc/radiusclient/radiusclient.conf") #modparam("auth_radius", "service_type", 15) #group radius modparam("group_radius", "radius_config", "/etc/radiusclient/radiusclient.conf") modparam("group_radius", "use_domain", 1) # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) modparam("registrar", "default_expires", 120) #sets default for expiry if registrant doesn't specify modparam("registrar", "default_q", 1000)# sets default q value in registration # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { if (search("^(Contact|m): .*@(--private--information)")) { log("LOG: alert: someone trying to set aor==contact\n"); sl_send_reply("476", "No Server Address in Contacts Allowed" ); break; }; # Uncomment this if you want to use digest authentication log(1, "REGISTER: Authenticating user\n"); if (!radius_www_authorize("")) { log(1, "REGISTER: challenging user\n"); www_challenge("", "1"); break; }; save("location"); break; }; if (uri=~"^sip:71[0-9]{2}@.*") { #xlog("L_ERR", "LOG - method<%rm> uri<%ru> from<%fu> to<%tu>\n"); rewritehostport("192.168.1.252"); forward(uri:host, uri:port); xlog("L_ERR", "LOG - method<%rm> uri<%ru> from<%fu> to<%tu>\n"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); }; } Error when running this configuration stateless - initializing Maxfwd module- initializing . sip:/etc/ser# acc - initializing exec - initializing print - initializing textops - initializing voicemail - initializing 5(14802) REGISTER: Authenticating user 5(14802) REGISTER: challenging user 6(14806) REGISTER: Authenticating user 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute 6(14806) REGISTER: challenging user 5(14802) REGISTER: Authenticating user 5(14802) sterman(): Unable to add PW_DIGEST_USER_NAME attribute 5(14802) REGISTER: challenging user 6(14806) REGISTER: Authenticating user 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute 6(14806) REGISTER: challenging user now if i uncomment out the radius service type #modparam("auth_radius", "service_type", 15) sip:/etc/ser# stateless - initializing Maxfwd module- initializing acc - initializing exec - initializing print - initializing textops - initializing voicemail - initializing 7(14958) REGISTER: Authenticating user 7(14958) REGISTER: challenging user 8(14959) REGISTER: Authenticating user 8(14959) sterman(): Unable to add PW_USER_NAME attribute 8(14959) REGISTER: challenging user 7(14958) REGISTER: Authenticating user 7(14958) sterman(): Unable to add PW_USER_NAME attribute 7(14958) REGISTER: challenging user 8(14959) REGISTER: Authenticating user 8(14959) sterman(): Unable to add PW_USER_NAME attribute 8(14959) REGISTER: challenging user 7(14958) REGISTER: Authenticating user 7(14958) sterman(): Unable to add PW_USER_NAME attribute 7(14958) REGISTER: challenging user 8(14959) REGISTER: Authenticating user 8(14959) sterman(): Unable to add PW_USER_NAME attribute 8(14959) REGISTER: challenging user now i have freeradius running in debug so i can see if anything it talking to it and i see nothing at all from freeradius. sip:/home/sean# freeradius -x Starting - reading configuration files ... Using deprecated naslist file. Support for this will go away soon. Using deprecated clients file. Support for this will go away soon. Using deprecated realms file. Support for this will go away soon. Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded DIGEST Module: Instantiated digest (digest) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded eap rlm_eap: Loaded and initialized the type md5 rlm_eap: Loaded and initialized the type leap Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded SQL rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to radius@localhost:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Instantiated sql (sql) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. i have tested the raidus server to see if it's authenticating. Sending Access-Request of id 7 to 127.0.0.1:1812 User-Name = "bob" User-Password = "bob" NAS-IP-Address = ~~~changed private~~~ NAS-Port = 1814 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=7, length=20 everything is working as you would expect does anyone have any ideas at all as to where i'm going wrong. Thanks in advance Sean

20 years, 3 months

RE: [Serusers] Radius Authentication Help

by Sean Lowry

Hi martin, i tried changing the config in raidus client to the below but still no change i still get the error 6(15162) sterman(): Unable to add PW_USER_NAME attribute when a try and register a client with the ser server. Sean > -----Original Message----- > From: Martin Koenig [SMTP:martin.koenig@toplink-plannet.de] > Sent: 15 July 2004 10:38 > To: Sean Lowry; serusers(a)lists.iptel.org > Subject: Re: [Serusers] Radius Authentication Help > > Try to set your radius server in radiusclient.conf with portnumber. > > I.e.: > > authserver localhost:1645 > > Greetings, > Martin > > Sean Lowry wrote: > > running on debian > > ser verion = 0.8.12 > > ser-radius-module = 0.8.12 > > > > > > Ser.cfg > > > > # > > # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ > > # > > # simple quick-start config script > > # > > > > # ----------- global configuration parameters ------------------------ > > > > > > #debug=4 # debug level (cmd line: -dddddddddd) > > #fork=yes > > log_stderror=yes # (cmd line: -E) > > > > /* Uncomment these lines to enter debugging mode > > #debug=7 > > fork=no > > log_stderror=yes > > */ > > > > > > > > > > # ----------------- setting module-specific parameters --------------- > > > > # -- usrloc params -- > > > > #modparam("usrloc", "db_url", "mysql://ser:heslo@hosthost/ser") > > modparam("usrloc", "db_mode", 1) > > > > # Uncomment this if you want to use SQL database > > # for persistent storage and comment the previous line > > > > # -- auth params -- > > # Uncomment if you are using auth module > > # > > #modparam("auth_db", "calculate_ha1", yes) > > # > > # If you set "calculate_ha1" parameter to yes (which true in this > config), > > # uncomment also the following parameter) > > # > > #modparam("auth_db", "password_column", "password") > > > > modparam("auth_radius", "radius_config", > > "/etc/radiusclient/radiusclient.conf") > > #modparam("auth_radius", "service_type", 15) > > > > > > #group radius > > modparam("group_radius", "radius_config", > > "/etc/radiusclient/radiusclient.conf") > > modparam("group_radius", "use_domain", 1) > > > > > > # -- rr params -- > > # add value to ;lr param to make some broken UAs happy > > modparam("rr", "enable_full_lr", 1) > > modparam("registrar", "default_expires", 120) #sets default for expiry > if > > registrant doesn't specify > > modparam("registrar", "default_q", 1000)# sets default q value in > > registration > > > > > > # ------------------------- request routing logic ------------------- > > > > # main routing logic > > > > > > > > route{ > > > > # initial sanity checks -- messages with > > # max_forwards==0, or excessively long requests > > if (!mf_process_maxfwd_header("10")) { > > sl_send_reply("483","Too Many Hops"); > > break; > > }; > > if ( msg:len > max_len ) { > > sl_send_reply("513", "Message too big"); > > break; > > }; > > > > # we record-route all messages -- to make sure that > > # subsequent messages will go through our proxy; that's > > # particularly good if upstream and downstream entities > > # use different transport protocol > > record_route(); > > # loose-route processing > > if (loose_route()) { > > t_relay(); > > break; > > }; > > > > # if the request is for other domain use UsrLoc > > # (in case, it does not work, use the following command > > # with proper names and addresses in it) > > if (uri==myself) { > > > > if (method=="REGISTER") { > > > > if (search("^(Contact|m): > > .*@(--private--information)")) { > > log("LOG: alert: someone trying to set > > aor==contact\n"); > > sl_send_reply("476", "No Server Address in > Contacts > > Allowed" ); > > break; > > }; > > > > # Uncomment this if you want to use digest > authentication > > > > log(1, "REGISTER: Authenticating user\n"); > > > > if (!radius_www_authorize("")) { > > log(1, "REGISTER: challenging user\n"); > > www_challenge("", "1"); > > break; > > }; > > > > save("location"); > > break; > > }; > > > > if (uri=~"^sip:71[0-9]{2}@.*") > > { > > #xlog("L_ERR", "LOG - method<%rm> uri<%ru> from<%fu> > > to<%tu>\n"); > > rewritehostport("192.168.1.252"); > > forward(uri:host, uri:port); > > xlog("L_ERR", "LOG - method<%rm> uri<%ru> from<%fu> > > to<%tu>\n"); > > break; > > }; > > > > > > # native SIP destinations are handled using our USRLOC > DB > > if (!lookup("location")) { > > sl_send_reply("404", "Not Found"); > > break; > > }; > > }; > > # forward to current uri now; use stateful forwarding; that > > # works reliably even if we forward from TCP to UDP > > if (!t_relay()) { > > sl_reply_error(); > > }; > > > > } > > > > > > > > > > Error when running this configuration > > > > stateless - initializing > > Maxfwd module- initializing > > . > > sip:/etc/ser# acc - initializing > > exec - initializing > > print - initializing > > textops - initializing > > voicemail - initializing > > 5(14802) REGISTER: Authenticating user > > 5(14802) REGISTER: challenging user > > 6(14806) REGISTER: Authenticating user > > 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > 6(14806) REGISTER: challenging user > > 5(14802) REGISTER: Authenticating user > > 5(14802) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > 5(14802) REGISTER: challenging user > > 6(14806) REGISTER: Authenticating user > > 6(14806) sterman(): Unable to add PW_DIGEST_USER_NAME attribute > > 6(14806) REGISTER: challenging user > > > > > > now if i uncomment out the radius service type > > > > #modparam("auth_radius", "service_type", 15) > > > > > > sip:/etc/ser# stateless - initializing > > Maxfwd module- initializing > > acc - initializing > > exec - initializing > > print - initializing > > textops - initializing > > voicemail - initializing > > 7(14958) REGISTER: Authenticating user > > 7(14958) REGISTER: challenging user > > 8(14959) REGISTER: Authenticating user > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > 8(14959) REGISTER: challenging user > > 7(14958) REGISTER: Authenticating user > > 7(14958) sterman(): Unable to add PW_USER_NAME attribute > > 7(14958) REGISTER: challenging user > > 8(14959) REGISTER: Authenticating user > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > 8(14959) REGISTER: challenging user > > 7(14958) REGISTER: Authenticating user > > 7(14958) sterman(): Unable to add PW_USER_NAME attribute > > 7(14958) REGISTER: challenging user > > 8(14959) REGISTER: Authenticating user > > 8(14959) sterman(): Unable to add PW_USER_NAME attribute > > 8(14959) REGISTER: challenging user > > > > > > > > now i have freeradius running in debug so i can see if anything it > talking > > to it and i see nothing at all from freeradius. > > > > sip:/home/sean# freeradius -x > > Starting - reading configuration files ... > > Using deprecated naslist file. Support for this will go away soon. > > Using deprecated clients file. Support for this will go away soon. > > Using deprecated realms file. Support for this will go away soon. > > Module: Loaded expr > > Module: Instantiated expr (expr) > > Module: Loaded PAP > > Module: Instantiated pap (pap) > > Module: Loaded CHAP > > Module: Instantiated chap (chap) > > Module: Loaded MS-CHAP > > Module: Instantiated mschap (mschap) > > Module: Loaded DIGEST > > Module: Instantiated digest (digest) > > Module: Loaded System > > Module: Instantiated unix (unix) > > Module: Loaded eap > > rlm_eap: Loaded and initialized the type md5 > > rlm_eap: Loaded and initialized the type leap > > Module: Instantiated eap (eap) > > Module: Loaded preprocess > > Module: Instantiated preprocess (preprocess) > > Module: Loaded realm > > Module: Instantiated realm (suffix) > > Module: Loaded SQL > > rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and > linked > > rlm_sql (sql): Attempting to connect to radius@localhost:/radius > > rlm_sql (sql): starting 0 > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 > > rlm_sql_mysql: Starting connect to MySQL server for #0 > > rlm_sql (sql): Connected new DB handle, #0 > > rlm_sql (sql): starting 1 > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 > > rlm_sql_mysql: Starting connect to MySQL server for #1 > > rlm_sql (sql): Connected new DB handle, #1 > > rlm_sql (sql): starting 2 > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 > > rlm_sql_mysql: Starting connect to MySQL server for #2 > > rlm_sql (sql): Connected new DB handle, #2 > > rlm_sql (sql): starting 3 > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 > > rlm_sql_mysql: Starting connect to MySQL server for #3 > > rlm_sql (sql): Connected new DB handle, #3 > > rlm_sql (sql): starting 4 > > rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 > > rlm_sql_mysql: Starting connect to MySQL server for #4 > > rlm_sql (sql): Connected new DB handle, #4 > > Module: Instantiated sql (sql) > > Module: Loaded Acct-Unique-Session-Id > > Module: Instantiated acct_unique (acct_unique) > > Module: Loaded detail > > Module: Instantiated detail (detail) > > Module: Loaded radutmp > > Module: Instantiated radutmp (radutmp) > > Initializing the thread pool... > > Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on > > 1814/udp. > > Ready to process requests. > > > > > > > > > > i have tested the raidus server to see if it's authenticating. > > > > > > Sending Access-Request of id 7 to 127.0.0.1:1812 > > User-Name = "bob" > > User-Password = "bob" > > NAS-IP-Address = ~~~changed private~~~ > > NAS-Port = 1814 > > rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=7, length=20 > > > > > > everything is working as you would expect does anyone have any ideas at > all > > as to where i'm going wrong. > > > > > > Thanks in advance > > > > Sean > > > > _______________________________________________ > > Serusers mailing list > > serusers(a)lists.iptel.org > > http://lists.iptel.org/mailman/listinfo/serusers

20 years, 3 months

← Newer
1
...
25
26
27
28
29
30
31
...
45
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users July 2004