Yes, I think the documentation needs an update. :)
-----Original Message-----
From: Daniel-Constantin Mierla [mailto:daniel@voice-system.ro]
Sent: Tuesday, November 29, 2005 9:52 PM
To: rick(a)eltopia.com
Cc: users(a)openser.org
Subject: Re: [Users] Forwarding from dispatcher
On 11/29/05 23:15, Rick Richardson wrote:
> I might be missing something obvious. But I have set up a dispatching
> openSER box using the recommended .cfg file from the dispatcher module
> docs and a custom list.
>
> On init, The parser complains of the forward(); function because it has
> no params. I looked at the core docs and they say they forward()
> requires a host and port, which makes sense, however, I don't know what
> to put in as a param as it is decided by the ds_select_dst() function.
>
> In short, what do I pass to forward to make it use the destination
> decided by ds_select_dst?
>
use "forward(uri:host, uri:port)"
Cheers,
Daniel
> thanks,
>
> Rick
>
>
> _______________________________________________
> Users mailing list
> Users(a)openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
>
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users
Lokesh,
Comment lines start with # not ;
George
> Date: Wed, 30 Nov 2005 11:18:58 -0000
> From: "Lokesh Kumar" <lokesh(a)interacesso.pt>
> Subject: Re: [Users] Can anyone share his openser.cfg..in which
> openser is routing calls to pstn gateway
> To: "Norman Brandinger" <norm(a)goes.com>
> Cc: serusers(a)iptel.org, users(a)openser.org
> Message-ID: <004901c5f59f$dbb87030$2f00a8c0@lokesh>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hello Norman,
> When I type openser start it gives me " ERROR: Bad config
> file (4 errors).
> here is the messages i got from cat /var/log/messages
> ---------
> Nov 30 11:05:01 ser crond(pam_unix)[26819]: session closed
> for user root Nov 30 11:07:16 ser openser: ERROR:
> load_module: could not open module
> <modules/sl/sl.so>: modules/sl/sl.so: cannot open shared
> object file: No such file or directory Nov 30 11:07:16 ser
> openser: parse error (10,13-14): failed to load module Nov 30
> 11:07:16 ser openser: ERROR: load_module: could not open module
> <modules/tm/tm.so>: modules/tm/tm.so: cannot open shared
> object file: No such file or directory Nov 30 11:07:16 ser
> openser: parse error (11,13-14): failed to load module Nov 30
> 11:07:16 ser openser: parse error (12,1-2): syntax error Nov
> 30 11:07:16 ser openser: parse error (12,1-2):
> Nov 30 11:09:11 ser openser: ERROR: load_module: could not open module
> <modules/sl/sl.so>: modules/sl/sl.so: cannot open shared
> object file: No such file or directory Nov 30 11:09:11 ser
> openser: parse error (10,13-14): failed to load module Nov 30
> 11:09:11 ser openser: ERROR: load_module: could not open module
> <modules/tm/tm.so>: modules/tm/tm.so: cannot open shared
> object file: No such file or directory Nov 30 11:09:11 ser
> openser: parse error (11,13-14): failed to load module Nov 30
> 11:09:11 ser openser: parse error (12,1-2): syntax error Nov
> 30 11:09:11 ser openser: parse error (12,1-2):
> [root@ser openser]#
> ------------------------------
>
> Here is my openser.cfg , In which i had commented mysql, and
> auth modules.I want the things works without any AAA, initially.
>
>
>
> #
> # $Id: pstn.cfg,v 1.2 2005/07/25 16:27:33 miconda Exp $ # #
> example: ser configured as PSTN gateway guard; PSTN gateway
> is located # at 192.168.0.10 #
>
> # ------------------ module loading ----------------------------------
>
> loadmodule "modules/sl/sl.so"
> loadmodule "modules/tm/tm.so"
> ;loadmodule "modules/acc/acc.so"
> loadmodule "modules/rr/rr.so"
> loadmodule "modules/maxfwd/maxfwd.so"
> ;loadmodule "modules/mysql/mysql.so"
> ;loadmodule "modules/auth/auth.so"
> ;loadmodule "modules/auth_db/auth_db.so"
> ;loadmodule "modules/group/group.so"
> loadmodule "modules/uri/uri.so"
>
> # ----------------- setting module-specific parameters ---------------
>
> ;modparam("auth_db", "db_url","mysql://ser:heslo@localhost/ser")
> ;modparam("auth_db", "calculate_ha1", yes)
> ;modparam("auth_db", "password_column", "password")
>
> # -- acc params --
> ;modparam("acc", "log_level", 1)
> # that is the flag for which we will account -- don't forget
> to # set the same one :-) ;modparam("acc", "log_flag", 1 )
>
> # ------------------------- request routing logic -------------------
>
> # main routing logic
>
> route{
>
> /* ********* ROUTINE CHECKS
> ********************************** */
>
> # filter too old messages
> if (!mf_process_maxfwd_header("10")) {
> log("LOG: Too many hops\n");
> sl_send_reply("483","Too Many Hops");
> return;
> };
> if (len_gt( max_len )) {
> sl_send_reply("513", "Wow -- Message too large");
> return;
> };
>
> /* ********* RR ********************************** */
>
> /* grant Route routing if route headers present */
> if (loose_route()) { t_relay(); return; };
>
> /* record-route INVITEs -- all subsequent requests
> must visit us */
> if (method=="INVITE") {
> record_route();
>
>
> };
>
> # now check if it really is a PSTN destination which
> should be handled
> # by our gateway; if not, and the request is an
> invitation, drop it --
> # we cannot terminate it in PSTN; relay non-INVITE
> requests -- it may
> # be for example BYEs sent by gateway to call originator
> if (!uri=~"sip:\+?[0-9]+@.*") {
> if (method=="INVITE") {
> sl_send_reply("403", "Call cannot be
> served here");
> } else {
> forward(uri:host, uri:port);
> };
> return;
> };
>
> # account completed transactions via syslog
> setflag(1);
>
> # free call destinations ... no authentication needed
> if ( is_user_in("Request-URI", "free-pstn") /* free
> destinations */
> | uri=~"sip:[79][0-9][0-9][0-9]@.*"
> /* local PBX */
> | uri=~"sip:98[0-9][0-9][0-9][0-9]") {
> log("free call");
> } else if (src_ip==212.xx.35.xx) {
> # our gateway doesn't support digest authentication;
> # verify that a request is coming from it by source
> # address
> log("gateway-originated request");
> } else {
> # in all other cases, we need to check the
> request against
> # access control lists; first of all, verify request
> # originator's identity
>
> if (!proxy_authorize( "gateway" /* realm */,
> "subscriber" /* table name */)) {
> proxy_challenge( "gateway" /* realm
> */, "0" /* no qop */ );
> return;
> };
>
> # authorize only for INVITEs -- RR/Contact
> may result in weird
> # things showing up in d-uri that would break
> our logic; our
> # major concern is INVITE which causes PSTN costs
>
> if (method=="INVITE") {
>
> # does the authenticated user have a
> permission for local
> # calls (destinations beginning with
> a single zero)?
> # (i.e., is he in the "local" group?)
> if (uri=~"sip:0[1-9][0-9]+@.*") {
> if
> (!is_user_in("credentials", "local")) {
> sl_send_reply("403",
> "No permission for local calls");
> return;
> };
> # the same for long-distance
> (destinations begin with two zeros")
> } else if (uri=~"sip:00[1-9][0-9]+@.*") {
> if
> (!is_user_in("credentials", "ld")) {
> sl_send_reply("403",
> " no permission for LD ");
> return;
> };
> # the same for
> international calls (three zeros)
> } else if (uri=~"sip:000[1-9][0-9]+@.*") {
> if
> (!is_user_in("credentials", "int")) {
> sl_send_reply("403",
> "International permissions needed");
> return;
> };
> # everything else (e.g.,
> interplanetary calls) is denied
> } else {
> sl_send_reply("403", "Forbidden");
> return;
> };
>
> }; # INVITE to authorized PSTN
>
> }; # authorized PSTN
>
> # if you have passed through all the checks, let your
> call go to GW!
>
> rewritehostport("212.xx.35.xx:5060");
>
> # forward the request now
> if (!t_relay()) {
> sl_reply_error();
> return;
> };
>
> }
>
Disclaimer
The information in this e-mail and any attachments is confidential. It is intended solely for the attention and use of the named addressee(s). If you are not the intended recipient, or person responsible for delivering this information to the intended recipient, please notify the sender immediately. Unless you are the intended recipient or his/her representative you are not authorized to, and must not, read, copy, distribute, use or retain this message or any part of it. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.
/Hi,
//
//I had installed already the version 0.8.12 running at a MySql SERVER. The service
////at this moment, STARTS normally with no interruption but when I do use the command line :
////"serctl + [any option] - I got the error : "Error opening ser's FIFO /tmp/ser_fifo".Make sure you have line fifo=/tmp/ser_fifo in your config
but ser.config file like this
#
# $Id: ser.cfg,v 1.25.2.1 2005/02/18 14:30:44 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
log_stderror=no # (cmd line: -E)
/*Uncomment these lines to enter debugging mode
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/uri_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "db_url", "mysql:/ser:reddy@10.232.19.169/ser")
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= 2048 ) {
sl_send_reply("513", "Message too big");
break;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
if (!www_authorize("10.232.19.169", "subscriber")) {
www_challenge("10.232.19.169", "0");
break;
};
save("location");
break;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
break;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
/
Will it work with SER or only for OpenSER? I'm sorry but I don't know the
difference beteween those 2.
Jose Simoes
On 11/28/05, Jim Dalton <jim.dalton(a)transnexus.com> wrote:
>
> One alternative to consider is a certificate authority/peering server that
> issues a digitally signed token authorizing each call between SER and
> Asterisk. This eliminates the threat of IP spoofing and the need top
> maintain IP access lists on each SER and Asterisk box. See
> http://osp-module.berlios.de/.
>
> Jim Dalton
>
>
> ------------------------------
> *From:* serusers-bounces(a)iptel.org [mailto:serusers-bounces@lists.iptel.org] *On
> Behalf Of *Voipers Portugal
> *Sent:* Friday, November 25, 2005 2:21 PM
> *To:* sip(a)perceval.net
> *Cc:* serusers(a)lists.iptel.org
> *Subject:* Re: [Serusers] SER and Asterisk authentication
>
>
> Thanks, i'll read it now. But this only solves one part of the problem,
> that is, Asterisk can authenticate in SER. And how SER can authenticate in
> Asterisk? Is it possible only by IP?
>
> Jose Simoes
>
>
> On 11/25/05, Arek Bekiersz <sip(a)perceval.net> wrote:
> >
> > OK, I understand your problem.
> > Please read <carefully> Asterisk Wiki for sip.conf at:
> >
> > http://www.voip-info.org/tiki-index.php?page=Asterisk+config+sip.conf
> >
> >
> > To register, you just need to insert this into general section of
> > Asterisk's sip.conf:
> >
> > [general]
> > ; Register with a SIP provider - register username at SER as
> > local_asterisk_extension at Asterisk
> >
> > register =>
> > username:digest_password@your.ser.server/local_asterisk_extension
> >
> > [your.ser.server]
> > type=friend
> > host=your_ser.server
> > username=username
> >
> >
> > --
> > Arek
> >
> >
> >
> > Voipers Portugal wrote:
> > > But what do I have to add? I can add a user, with username Asterisk,
> > but
> > > how can I associate that user to the INVITE message from Asterisk to
> > the
> > > SER? Don't understand how SER can authenticate if i cannot associate
> > the
> > > RADIUS/LDAP user to the Asterisk box.
> > >
> > > Jose Simoes
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers(a)lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
> >
>
>
I have a test setup like:
UAC1-----SER------Third Party Proxy----UAC2
UAC1 registers to SER directly while UAC2 registers to SER via a third party
proxy. When UAC1 calls UAC2, the third party proxy replies a 100 trying then
503 Service Unavailable to SER. There is no Retry-After in the 503 message.
SER keeps re-sending INVITE.
By RFC, If no Retry-After is given, the client MUST act as if it had
received a 500 (Server Internal Error) response.
Is this a bug on SER?
Thanks,
Pat
I'm using latest stable SER (0.9.5.pre2), and we have problems with a
Grandstream GXP-2000 phone with firmware 1.0.1.9.
We are trying to initiate a call from a Cisco gateway via SER to the
GXP.
SER tries to set up the call, but there seem to be an ACK missing
somewhere, so the Cisco keeps retrying the call.
>From the trace I could see this message:
sl_filter_ACK: to late to be a local ACK!
Would this patch fix this problem?
Also I did a re-compile from CVS (rev. rel_0_9_0) today.
Would this patch have been applied?
Thanks,
Bjorn
-----Original Message-----
From: serusers-bounces(a)iptel.org [mailto:serusers-bounces@lists.iptel.org] On
Behalf Of SER.Jan Janak
Sent: Tuesday, November 29, 2005 7:42 AM
To: Cesc
Cc: OpenSER-dev; SER-Users
Subject: Re: [Serusers] Local ACKs for SER-SEMS
Great, thanks a lot. I just commited your fix.
Jan.
On 28-11-2005 18:51, Cesc wrote:
> Hi,
>
> I found it ... now it works. There is a pseudo-patch at the end of the
> message (pseudo because it cannot directly be applied ... it is just
> to mark the three lines i needed to change ... ). The patch is for
> ser-rel-0.9.4 (i send it to openser-devel ... i did not look, but
> probably the problem is there too).
>
> It is just a small bug ... from 0.9.0 to 0.9.4 a part of the loop was
> moved outside the loop, to the end of the function ... and in a place
> where there used to be a return now the loop would just continue ...
> Then, the matching_3261 function would, if a transaction matching the
> ACK was found, would always return e2e ack ... even though the
> ack_matching function returned it as a local transaction ...
>
> For me, this patch fixes it ... but as it is a delicate part, i am not
> sure if it affects other parts ... i don't think so, but ...
>
> Tks for all who took a look at the problem (greger, jan, samuel, ...
)!
>
> Regards,
>
> Cesc
> PS - This should affect anyone using SEMS ... so, if no one saw it ...
> does it mean there is really a few people using it? what a pitty ...
>
>
> Index: modules/tm/t_lookup.c
> ===================================================================
> --- modules/tm/t_lookup.c (revision 8)
> +++ modules/tm/t_lookup.c (working copy)
>
> @@ -292,9
> struct via_body *via1;
> int is_ack;
> int dlg_parsed;
> - int ret;
> + int ret = 0;
> struct cell *e2e_ack_trans;
>
> e2e_ack_trans=0;
> via1=p_msg->via1;
> is_ack=p_msg->REQ_METHOD==METHOD_ACK;
>
> @@ -327,16
> if (is_ack && p_cell->uas.status<300 &&
e2e_ack_trans==0) {
> /* make sure we have parsed all things we need
for dialog
> * matching */
> if (!dlg_parsed) {
> dlg_parsed=1;
> if (!parse_dlg(p_msg)) {
> LOG(L_ERR, "ERROR:
matching_3261: dlg parsing failed\n");
> return 0;
> }
> }
> ret=ack_matching(p_cell /* t w/invite */, p_msg
/* ack */);
> if (ret>0) {
> e2e_ack_trans=p_cell;
> + break;
> }
> /* this ACK is neither local "negative" one, nor
a proxied
> * end-2-end one, nor an end-2-end one for a UAS
transaction
>
> @@ -358,9
>
> /* just check if it we found an e2e ACK previously */
> if (e2e_ack_trans) {
> *trans=e2e_ack_trans;
> - return 2;
> + return ret;
> }
> DBG("DEBUG: RFC3261 transaction matching failed\n");
> return 0;
> }
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
Hi All,
Is it possible to Implement 3 way call confrence using SER.
I am using ser 0.8.14 with asterisk b2bua.
If it is possible from where can i get the help or config files.
Thanks in advance
Vidhya sagar Dixit
---------------------------------
Yahoo! Music Unlimited - Access over 1 million songs. Try it free.
Hi All,
I encountered a situation that somehow a UA keep on Registering with the
server with the same IP but on different port. So SER, thought that
there are multiple instances of the same username and save the various
location into the database.
The problem is it registers so often that the memory is full not very
long.
I suspect it has something to do firewall but I am not sure.
Has anyone encounter this problem before? Any hint??
For the time being, is there a way to limit the number of REGISTER
message that the SER will take?
Regards,
TC Chan
hi,
i want to configure the openser to behave as a redurect server i.e when i send a request to the openser server it send back the request to client with zero or more addresses in the contact field.
so can anybody pls send a sample configuration file which will force openser to behave as a redirect server.
regards,
jyoti sankar nayak.
---------------------------------
Yahoo! DSL Something to write home about. Just $16.99/mo. or less
