Hi,
the "normal" mechanism is to have two table, aliases and location. In the first one you have a "permament" binding between a an alias and the user name (AoR). In the latter, you update the binding between the username (AoR) and the current location treating the incoming REGISTER with save("location").
In your attached config file there is save("location"), which will update the location table:
if (method=="REGISTER") {# Uncomment this if you want to use digest authentication if (!www_authorize("justser.com", "subscriber")) {
www_challenge("justser.com", "0"); break; };
save("location"); break; };
, so you would have: ALIASES LOCATION 900--->test test--->UA'sIP
When you do lookup("location") in
# native SIP destinations are handledusing our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; };
you will rewrite the Req-URI to the binding existing in the location table, that's why they can reach the user with the username. And you sohuld do it because the user's UA will recognise requests with test in the Req-URI as targeted to itself but not requests with 900 in the Req-URI. That's why you should make something like lookup("aliases"); lookup("location"); in the config file to handle aliases.
If you don't want other people to reach the user with the AoR (I'm wondering you would like suche feature...): you should make somehting like (it's just a possible approach from many differents and don't know if it will work always....just experiment):
if( lookup("aliases") ){ if( ! lookup("location") ){ sl_send_reply("404", "Not Found"); break; } }
Hope it's clearer.....
Samuel
Unclassified.
"Edgardo O. Gonzales II" edgardo.g@pacific.net.ph 05/17/05 01:20PM >>>
Hi!
I have a little problem with regards to alias and my routing table because as I understand the logic of logging and authorization, client can login using a username and password assigned by the administrator.
For example, I have the following information
username : test password : test123 extension / alias : 900
By enabling radius support, for aaa, I was able to login using my username and password. Other parties can also call my extension / alias number which is 900 but I wonder why they can also call my username which is test. I have save("alias") on my config.
why is this happening.
thanks, ed
At 03:24 AM 5/17/2005, Jose Bertuzzi wrote:
Hello guys; I have everything in place to acc into mysql. I am already logging some BYEs, INVITEs and ACKs.
Where do I have to place the setflag statement to properly log messages from and/to gw 66.166.166.66 only?
My ser.cfg is as follows:
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script #
# ----------- global configuration parameters
#debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" #fifo_mode=0666
# ------------------ module loading
# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/acc.so" #loadmodule "/usr/local/lib/ser/modules/group.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
# -- acc params --
modparam("acc", "db_url", "mysql://ser:heslo@localhost/ser") #modparam("acc", "log_level", 1) #modparam("acc", "log_flag", 1) modparam("acc", "db_flag", 1)
# ------------------------- request routing logic
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively longrequests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; };
# we record-route all messages -- to make surethat # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; };
# if the request is for other domain useUsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri=~"justser.com") {
if (src_ip==66.166.166.66 andmethod=="INVITE") { ## Llamadas desde PSTN forward(uri:host, uri:port); ## break; ## }; ##
if (method=="REGISTER") {# Uncomment this if you want to use digest authentication if (!www_authorize("justser.com", "subscriber")) {
www_challenge("justser.com", "0"); break; };
save("location"); break; }; if(uri=~"^sip:1305[0-9]*@justser.com") { ## prefix("3000#"); ##
rewritehostport("66.166.166.66:5060"); ## TERMINATION forward(uri:host, uri:port); ## AREA CODE 305 #setflag(1); ## break; ## }; ##
if(uri=~"^sip:1786[0-9]*@justser.com") { ## prefix("3000#"); ##
rewritehostport("66.166.166.66:5060"); ## TERMINATION forward(uri:host, uri:port); ## AREA CODE 786 break; ## }; ##
# native SIP destinations are handledusing our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP
setflag(1); if (!t_relay()) { sl_reply_error(); };}
Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers