Re: [SR-Users] Kamailio auth_radius: duplicate User-Name attribute

Hello, Daniel, thank you for your attention to my problem. I actually don't need accounting support, I just want to implement an authorization using radius. But for testing purposes, I loaded the acc module and set "radius_extra" param. Nothing has changed. Here is a part of my config: ... modparam("acc", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") modparam("acc", "radius_extra", "User-Name=$Au") ... modparam("auth_radius", "radius_config", "/etc/radiusclient-ng/radiusclient.conf") modparam("auth_radius", "auth_extra", "NAS-Identifier=$var(ident)") ... route { #Definitions $var(ident) = "kamserv.example.com"; ... route(3); #Auth ... } ... route[3] { if (is_method("REGISTER")) { if (is_from_local()) { if (!radius_www_authorize("$td")) { www_challenge("$sel(to.uri.host)", "1"); exit; } else { avp_db_delete("$sel(to.uri)","$avp(s:ip)"); avp_db_delete("$sel(to.uri)","$avp(s:dpid)"); avp_db_delete("$sel(to.uri)","$avp(s:fr_timer)"); avp_db_delete("$sel(to.uri)","$avp(s:calls_limit)"); avp_db_store("$sel(to.uri)","$avp(s:ip)"); avp_db_store("$sel(to.uri)","$avp(s:dpid)"); avp_db_store("$sel(to.uri)","$avp(s:fr_timer)"); avp_db_store("$sel(to.uri)","$avp(s:calls_limit)"); if ($au!=$sel(to.uri.user))||($au!=$sel(from.uri.user)) { sl_send_reply("403","Forbidden auth ID"); exit; } else { if ($avp(s:ip)!='any' && $sel(src.ip)!=$avp(s:ip)) { sl_send_reply("403","Forbidden"); exit; } } } } else { sl_send_reply("403","Forbidden"); exit; } } else { if ($sel(src.ip)=="192.168.0.2") { return; } else if (is_from_local()) { if (!radius_proxy_authorize("$sel(from.uri.host)","$sel(from.uri.user)")) { proxy_challenge("$sel(from.uri.host)", "1"); exit; } if ($avp(s:ip)!='any' && $sel(src.ip)!=$avp(s:ip)) { sl_send_reply("403","Forbidden"); exit; } if (is_method("PUBLISH")) { if ($au!=$sel(to.uri.user)) { sl_send_reply("403","Forbidden auth ID"); exit; } } else if ($au!=$sel(from.uri.user)) { sl_send_reply("403","Forbidden auth ID"); exit; } consume_credentials(); } else { sl_send_reply("403","Forbidden"); exit; } } } ... And again a part of the freeradius log: rad_recv: Access-Request packet from host 127.0.0.1 port 58933, id=135, length=298 *User-Name = "2219001(a)example.com"* Digest-Attributes = 0x0a0932323139303031 Digest-Attributes = 0x01106c696e6b2d726567696f6e2e7275 Digest-Attributes = 0x0222545848676630317833314f7076767759512b6b73674c63554d51784f6c347634 Digest-Attributes = 0x04147369703a6c696e6b2d726567696f6e2e7275 Digest-Attributes = 0x030a5245474953544552 Digest-Attributes = 0x050661757468 Digest-Attributes = 0x090a3030303030303031 Digest-Attributes = 0x080c39636238383130616531 Digest-Response = "efdcf92b58f694b97928856614057436" Service-Type = Sip-Session Sip-Uri-User = "2219001" *User-Name = "call-id=zomdnicqsndxrnh@koffe-work"* NAS-Identifier = "kamserv.example.com" NAS-Port = 5060 NAS-IP-Address = 127.0.0.1 Regards, Fedor. 2011/3/5 Daniel-Constantin Mierla <miconda(a)gmail.com> Hello,