Hi all,
I have configured openser(1.0.0) to authenticate and account via freeradius. It is working properly and fine. But one problem that I am facing is trusting the gateways.
I dont want to authenticate the gateways but trust them through their IP address.
Is there a way I can do it in freeradius?
If avp_radius can be used, pls explain where do i store the IPs that I trust in freeradius.
If anyone can help in this regard it would be appreciated.
Thanks a lot in advance.
Jayesh.
Send instant messages to your online friends http://in.messenger.yahoo.com
Hi,
A question to the NAT experts:
I wonder if there are known side effects if I use fix_nated_contact() in
combination with nat_flag in the registrar module instead of
fix_nated_register() to save NATed contacts?
What I want to do is checking for NAT on a stateless SER acting as load
balancer, then forwarding it to a proxy in the LAN, like:
# remove P-Nated-HF here if present...
if(method == REGISTER &&
!search("^Contact:[ ]*\*") &&
client_nat_test("7"))
{
fix_nated_contact();
append_hf("P-Nated: 1\r\n");
force_rport();
}
# forwarding to proxy using dispatcher module
And in the proxy:
modparam("registrar", "nat_flag", 1)
# ...
if(method == REGISTER)
{
if(is_present_hf("P-Nated")) setflag(1);
save("location");
}
# ...
if(method == INVITE)
{
# a request for a local user...
lookup("location");
setdsturi("sip:<address of loadbalancer>");
t_relay();
}
Of course a mechanism has to be provided to let the loadbalancer or an
external application NAT-ping the address provided in the rewritten contact.
As far as I have seen, the difference is that this approach would save
the NAT-adress of the contact in usrloc with an empty received-param,
while fix_nated_register() saves the private adress of the contact with
the NAT-adress in the received-param.
I would assume (not verified yet), that in the case of using
fix_nated_contact(), the NAT-address is set as r-uri after a lookup,
with an empty dst-uri, which will have to be set to the load balancer's
address to traverse the client-side NAT.
In case of using fix_nated_register(), I assume the r-uri is set to the
client's private address, and the received-address as dst-uri.
Traversing the client's NAT wouldn't be that easy in this case because
you would have to save the received-address somewhere in the message and
forward the request to the load-balancer, which in turn has to forward
it to the client's NAT address.
So would this approach using fix_nated_contact() for REGISTERs make
sense for using a SER-based load balancer? Or are there any limitations
I haven't considered?
Thanks,
Andy
When UA1 makes a call to UA2, both ringing. Then UA1 cancels the
call, a strange log message (from ngrep) will be got below. After
that UA2 will ring 3 times itself. You can see in line 718, there is
a cancel method. After that, there are many Record-Route, Via in the
sip CANCEL method (line 763, line 1578 and many). Does anyone know
what the problem is?
http://meerkat.no-ip.com/openser/cancel.log
Hello All,
Am a newbee to SER and interested to know how it works. I am tryin to
install SER in RH9 box and facing some issues. If somebody can send the
detailed step by step procedure on how to install then it will be really
helpful for me.
I am facing problem in Mysql part, first of all am not familiar with
Mysql moreover i need to connect mysql with SER which is quite difficult
for me. Please help me on this regard
Regards
Dinesh
Hi all
Hopefully someone can answer this.
I am running ser with mysql and I have noticed that serctl moni shows a
smaller number in "location" than the mysql "location" table.
Eg
serctl moni shows 404 in location
mysql shows 556 in location
I have
modparam("usrloc", "db_mode", 2)
even when I refresh the sql query many times over a long time, the tables
never match.
It seems that ser can't delete some of the entries
Any help or hints would be appreciated
Rick
Hi all,
Unfortunately the previous thread on this topic ended
without a definitive statement or conclusion, probably
because of the New Year holiday (btw, Happy New Year to
all of you!). So here's another try:
OpenSER is currently session stateful but not call
stateful. This is valid also/especially for the AVP
module: You can store AVPs on a per-contact base but
(imho) _not_ specific to a call or dialog. The reason
for this is that the AVP module does not allow/
implement the use of call-dependent variables as AVP
names.
Adding this feature to OpenSER doesn't require a change
in interfaces (implementation effort is another topic ;).
It's just about enabling the use of AVP or header values
(like, e.g. call-id) as the _name_ of another AVP for
DBS storage.
I attach a specific example below.
Can some of the developers and/or maintainers please
comment and/or give some hints on the feasibility of
this approach?
Is it possible to add this feature to OpenSER? What
effort is required to add this enhancement to the AVP
module? Please come back if some details are unclear,
I might have missed something important.
Many thanks in advance for your reply and help,
Best regards
--Joachim
PS: Example: The task is to process any SIP message that
passes through our proxy. We must compute a unique ID
specific to the call on the first message belonging to
this call and store it in DBS. Whenever another message
that is part of this call/dialog arrives, we retrieve the
unique ID from the DBS and, e.g., append it as a specific
header field value.
The only way how this can be done is to use some call-
specific AVP name (e.g. call-id), as we do not have any
influence on the structure of the AVP value (so regexp-
search based on AVP value does not help).
# This is the AVP name that is required to retrieve
# our specific, call-dependent AVP value from the
# database whenever a message that belongs to this
# call passes our OpenSER proxy.
avp_printf("s:myTmpHeaderName", "$from/username$hdr(call-id)");
# This is the value we'd like to store. Could be also
# only "$Ts", i.e., we can _not_ rely on regular
# expression search for later retrieving the AVP
# from the DBS based on its value.
avp_printf("s:myTmpHeaderValue", "$hdr(call-id)-$Ts");
# This storing of the call-dependent info in DBS does
# currently not work. OpenSER complains at start-up
# about the variable AVP name/key on both of the
# following lines. The former variant seems much more
# flexible to me than the latter one.
avp_db_store("s:myTmpHeaderName","s:myTmpHeaderValue");
avp_db_store("$hdr(call-id)","s:myTmpHeaderValue");
# This load obviously does also not work.
avp_db_load("$hdr(call-id)","s:myTmpHeaderValue");
Another strange thing.
When I call one of our users, it rings ok, but if I hangup and retry the
same number, Ser seems not finding that user, if the user reset his phone,
no problems, it rings again...
Olivier
Hi, Friends,
Is there a way (line in the server.conf) to push a especif entry in
/etc/hosts to openvpn clients?
I mean, something like:
"command" domain.com 20.x.x.x
Then, from the start to the finish of the openvpn, the client always knows
that domain.com is 200.X.X.X and won't consult the dns.
[]'s
--
Walter Luis
Hi all,
I have a ser(0.9.4/Freebsd) server well working, but in some cases, I have a
strang behavior.
I use rtpproxy for nat traversal,all my users can call pstn, but when we try
to call one of our users from internal or from pstn, Ser sends many invites
and callee never answer to these invite.
I must conclude that they don't receive it...
All the users having that problems are under a nated network.
Any idea ?
Olivier
Having received zero messages on the ser list since the 20th, I thought I'd
see if there's an issue with the list or if it's just been bizarrely quiet.
N.
