Lokesh,
Comment lines start with # not ;
George
Date: Wed, 30 Nov 2005 11:18:58 -0000 From: "Lokesh Kumar" lokesh@interacesso.pt Subject: Re: [Users] Can anyone share his openser.cfg..in which openser is routing calls to pstn gateway To: "Norman Brandinger" norm@goes.com Cc: serusers@iptel.org, users@openser.org Message-ID: 004901c5f59f$dbb87030$2f00a8c0@lokesh Content-Type: text/plain; charset="iso-8859-1"
Hello Norman, When I type openser start it gives me " ERROR: Bad config file (4 errors). here is the messages i got from cat /var/log/messages
Nov 30 11:05:01 ser crond(pam_unix)[26819]: session closed for user root Nov 30 11:07:16 ser openser: ERROR: load_module: could not open module <modules/sl/sl.so>: modules/sl/sl.so: cannot open shared object file: No such file or directory Nov 30 11:07:16 ser openser: parse error (10,13-14): failed to load module Nov 30 11:07:16 ser openser: ERROR: load_module: could not open module <modules/tm/tm.so>: modules/tm/tm.so: cannot open shared object file: No such file or directory Nov 30 11:07:16 ser openser: parse error (11,13-14): failed to load module Nov 30 11:07:16 ser openser: parse error (12,1-2): syntax error Nov 30 11:07:16 ser openser: parse error (12,1-2): Nov 30 11:09:11 ser openser: ERROR: load_module: could not open module <modules/sl/sl.so>: modules/sl/sl.so: cannot open shared object file: No such file or directory Nov 30 11:09:11 ser openser: parse error (10,13-14): failed to load module Nov 30 11:09:11 ser openser: ERROR: load_module: could not open module <modules/tm/tm.so>: modules/tm/tm.so: cannot open shared object file: No such file or directory Nov 30 11:09:11 ser openser: parse error (11,13-14): failed to load module Nov 30 11:09:11 ser openser: parse error (12,1-2): syntax error Nov 30 11:09:11 ser openser: parse error (12,1-2): [root@ser openser]#
Here is my openser.cfg , In which i had commented mysql, and auth modules.I want the things works without any AAA, initially.
# # $Id: pstn.cfg,v 1.2 2005/07/25 16:27:33 miconda Exp $ # # example: ser configured as PSTN gateway guard; PSTN gateway is located # at 192.168.0.10 #
# ------------------ module loading ----------------------------------
loadmodule "modules/sl/sl.so" loadmodule "modules/tm/tm.so" ;loadmodule "modules/acc/acc.so" loadmodule "modules/rr/rr.so" loadmodule "modules/maxfwd/maxfwd.so" ;loadmodule "modules/mysql/mysql.so" ;loadmodule "modules/auth/auth.so" ;loadmodule "modules/auth_db/auth_db.so" ;loadmodule "modules/group/group.so" loadmodule "modules/uri/uri.so"
# ----------------- setting module-specific parameters ---------------
;modparam("auth_db", "db_url","mysql://ser:heslo@localhost/ser") ;modparam("auth_db", "calculate_ha1", yes) ;modparam("auth_db", "password_column", "password")
# -- acc params -- ;modparam("acc", "log_level", 1) # that is the flag for which we will account -- don't forget to # set the same one :-) ;modparam("acc", "log_flag", 1 )
# ------------------------- request routing logic -------------------
# main routing logic
route{
/* ********* ROUTINE CHECKS********************************** */
# filter too old messages if (!mf_process_maxfwd_header("10")) { log("LOG: Too many hops\n"); sl_send_reply("483","Too Many Hops"); return; }; if (len_gt( max_len )) { sl_send_reply("513", "Wow -- Message too large"); return; }; /* ********* RR ********************************** */ /* grant Route routing if route headers present */ if (loose_route()) { t_relay(); return; }; /* record-route INVITEs -- all subsequent requestsmust visit us */ if (method=="INVITE") { record_route();
}; # now check if it really is a PSTN destination whichshould be handled # by our gateway; if not, and the request is an invitation, drop it -- # we cannot terminate it in PSTN; relay non-INVITE requests -- it may # be for example BYEs sent by gateway to call originator if (!uri=~"sip:+?[0-9]+@.*") { if (method=="INVITE") { sl_send_reply("403", "Call cannot be served here"); } else { forward(uri:host, uri:port); }; return; };
# account completed transactions via syslog setflag(1); # free call destinations ... no authentication needed if ( is_user_in("Request-URI", "free-pstn") /* freedestinations */ | uri=~"sip:[79][0-9][0-9][0-9]@.*" /* local PBX */ | uri=~"sip:98[0-9][0-9][0-9][0-9]") { log("free call"); } else if (src_ip==212.xx.35.xx) { # our gateway doesn't support digest authentication; # verify that a request is coming from it by source # address log("gateway-originated request"); } else { # in all other cases, we need to check the request against # access control lists; first of all, verify request # originator's identity
if (!proxy_authorize( "gateway" /* realm */, "subscriber" /* table name */)) { proxy_challenge( "gateway" /* realm*/, "0" /* no qop */ ); return; };
# authorize only for INVITEs -- RR/Contactmay result in weird # things showing up in d-uri that would break our logic; our # major concern is INVITE which causes PSTN costs
if (method=="INVITE") { # does the authenticated user have apermission for local # calls (destinations beginning with a single zero)? # (i.e., is he in the "local" group?) if (uri=~"sip:0[1-9][0-9]+@.*") { if (!is_user_in("credentials", "local")) { sl_send_reply("403", "No permission for local calls"); return; }; # the same for long-distance (destinations begin with two zeros") } else if (uri=~"sip:00[1-9][0-9]+@.*") { if (!is_user_in("credentials", "ld")) { sl_send_reply("403", " no permission for LD "); return; }; # the same for international calls (three zeros) } else if (uri=~"sip:000[1-9][0-9]+@.*") { if (!is_user_in("credentials", "int")) { sl_send_reply("403", "International permissions needed"); return; }; # everything else (e.g., interplanetary calls) is denied } else { sl_send_reply("403", "Forbidden"); return; };
}; # INVITE to authorized PSTN }; # authorized PSTN # if you have passed through all the checks, let yourcall go to GW!
rewritehostport("212.xx.35.xx:5060"); # forward the request now if (!t_relay()) { sl_reply_error(); return; };}
Disclaimer The information in this e-mail and any attachments is confidential. It is intended solely for the attention and use of the named addressee(s). If you are not the intended recipient, or person responsible for delivering this information to the intended recipient, please notify the sender immediately. Unless you are the intended recipient or his/her representative you are not authorized to, and must not, read, copy, distribute, use or retain this message or any part of it. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.