[Serusers] cannot load module acc.so - sr-users

4 Sep 2008


      hello,
I cannot load the acc.so module.The config file is
below:
# ------------- version 0.8.11-0
# ------------- Initial global variables
debug=3
fork=yes
log_stderror=no
listen=10.1.2.3
listen=127.0.0.1
# hostname matching an alias will satisfy the
condition uri==myself".
alias=bigu.edu
alias=10.1.2.3
# dns - Uses dns to check if it is necessary to add a
"received=" field
# to a via. Default is no.
# rev_dns - Same as dns but use reverse DNS.
dns=no
rev_dns=no
port=5060
children=4
# check_via - Turn on or off Via host checking when
forwarding replies.
# Default is no. arcane. looks for discrepancy between
name and
# ip address when forwarding replies.
check_via=yes
# syn_branch - Shall the server use stateful synonym
branches? It is
# faster but not reboot-safe. Default is yes.
syn_branch=yes
# memlog - Debugging level for final memory statistics
report. Default
# is L_DBG -- memory statistics are dumped only if
debug is set high.
memlog=3
# sip_warning - Should replies include extensive
warnings? By default
# yes, it is good for trouble-shooting.
sip_warning=yes
# fifo - FIFO special file pathname
fifo="/tmp/ser_fifo"
# server_signature - Should locally-generated messages
include server's
# signature? By default yes, it is good for
trouble-shooting.
server_signature=yes
# reply_to_via - A hint to reply modules whether they
should send reply
# to IP advertised in Via. Turned off by default,
which means that
# replies are sent to IP address from which requests
came.
reply_to_via=no
# user | uid - uid to be used by the server. 99 =
nobody.
uid="nobody"
# group | gid - gid to be used by the server. 99 =
nobody.
gid="nobody"
# mhomed -- enable calculation of outbound interface;
useful on
# multihomed servers.
mhomed=0
# ------------- external module loading
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/exec.so"
loadmodule "/usr/local/lib/ser/modules/group.so"
loadmodule "/usr/local/lib/ser/modules/print.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
# ------------- tm parameters
modparam("tm", "fr_timer", 12)
modparam("tm", "fr_inv_timer", 24)
# ------------- rr parameters
# set ";lr" tag to ?�?;lr=true?�?
modparam("rr", "enable_full_lr", 1)
# ------------- accounting parameters
modparam("acc", "log_missed_flag", 3)
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
# ------------- usrloc parameters
# 2 enables write-back to persistent mysql storage for
speed
# disable=0, write-through=1
modparam("usrloc", "db_mode", 2)
# minimize write back window - default is 60 seconds
modparam("usrloc", "timer_interval", 10)
# database location
modparam("usrloc", "db_url",
"sql://ser:>password>@localhost/ser")
# ------------- auth parameters
# database location
modparam("auth_db", "db_url",
"sql://ser:>password>@localhost/ser")
# allows clear text passwords in the mysql database
modparam("auth_db", "calculate_ha1", yes)
# name of password column in mysql database
modparam("auth_db", "password_column", "password")
# ------------- routing logic
route {
# ------------- routine checks
# stop forwarding at 10 hops to prevent infinite
loops
  if (!mf_process_maxfwd_header("10")) {
    log(1, "LOG: Too many hops\n");
    sl_send_reply("483", "Too many hops");
    break;
  };
# prevents private ip space from being used
  if (search("^(Contact|m):
.*@(192.168.|10.|172.16)")) {
    if (method=="REGISTER") {
      log(1, "LOG: Someone trying to register from
private IP\n");
      sl_send_reply("479", "Please don't use private
IP addresses" );
      break;
    };
  };
# separate the destination r-uri from the set of
proxies that must be traversed
  loose_route();
# if the host portion of the request uri is not
local, send it directly
  # to route processing.
  if (!(uri==myself)) {
    route(2);
    break;
  };
# All REGISTER attempts are processed and must
always be authenticated
  if (method=="REGISTER") {
# make sure that users don't register infinite
loops
    if (search("^(Contact|m):
.*@(10.1.2.3|(proxy.)?bigu.edu)")) {
      log(1, "LOG: alert: someone trying to set
aor==contact\n");
      sl_send_reply("476", "No Server Address in
Contacts Allowed" );
      break;
    };
# challenge/response
    if (!www_authorize("bigu.edu", "subscriber")) {
      www_challenge("bigu.edu", "0");
      break;
    };
# only registered users are allowed
    if (!is_user("replicator") & !check_to()) {
      log(1, "LOG: unregistered user registration
attempt\n");
      sl_send_reply("403", "Only registered users are
allowed");
      break;
    };
# it is an authenticated request, update Contact
database now
    if (!save("location")) {
      sl_reply_error();
    };
    break;
  };
# process traffic local to BigU and the PSTN
  # Find the canonical username
  lookup("aliases");
# check domain again, if it is not still local after
the alias
  # table lookup, just send it on its way. We do not
authenticate
  # traffic we forward
  if
(!(uri=~"^sip:(.+@)?(10.1.2.3|(proxy.)?bigu.edu)([:;?].*)?$"))
{
    route(5);
    break;
  };
# now check for destinations through the gateway.
911 and 9911
  # are always sent to the gateway. The assumption is
that other all
  # numeric usernames between 5 and 20 digits are
really pstn numbers
  # and so they are routed to the gateway
  if ( (uri=~"^sip:911@.*") | (uri=~"^sip:9911@.*") |
(uri=~"sip:[0-9]{5,20}@.*") ) {
    route(3);
    break;
  };
# does the user wish redirection on no availability?
(i.e., is he
  # in the voicemail (ser->grp) group?)
  if (is_user_in("Request-URI", "voicemail")) {
    t_on_failure("4");
    setflag(4);
  };
# handle local SIP destinations not found in usrloc
db
# mostly offline or non-existent users
  if (!lookup("location")) {
    route(4);
    break;
  };
# check whether some inventive user has uploaded
gateway
  # contacts to usrloc to bypass authorization logic
  if (uri=~"@10.1.2.5([;:].*)*" ) {
    log(1, "LOG: Gateway address in UsrLoc\n");
    route(3);
    break;
  };
# this flag is used with the acc module to report
missed calls
  # to syslog.
  setflag(3);
# do it (words to live by)
  append_hf("P-hint: USRLOC\r\n");
  if (!t_relay()) {
    sl_reply_error();
    break;
  };
} /* end of initial routing logic */
# ------------- process traffic leaving BigU for
Internet
route[2] {
# outbound requests are allowed only for registered
BigU users
  if (!(src_ip==10.1.2.3) &
    !(proxy_authorize("bigu.edu", "subscriber"))) {
# ACK and CANCEL have no security mechanisms so
they are just
    # noted
    if (method=="ACK" | method=="BYE") {
      log(1, "LOG: failed outbound authentication for
ACK granted\n");
    } else if (method=="CANCEL") {
      log(1, "LOG: failed outbound authentication for
CANCEL granted\n");
    } else {
      proxy_challenge("bigu.edu", "0");
      break;
    };
  };
# to maintain credibility of our proxy, we check
...
From in INVITEs
if (!src_ip==10.1.2.3 & method=="INVITE" &
!check_from()) {
    log(1, "LOG: Spoofed from attempt\n");
    sl_send_reply("403", "Use From=id next time");
    break;
  };
append_hf("P-hint: OUTBOUND ON INTERNET\r\n");
  if (!t_relay()) {
    sl_reply_error();
    break;
  };
}
# ------------- process traffic leaving Internet for
PSTN
route[3] {
# all calls through the gateway must be record
routed to assure
  # acl acceptance on the gateway
  record_route();
# send out emergency calls to pstn gateway
immediately
  if ( (uri=~"^sip:911@.*") | (uri=~"^sip:9911@.*") )
{
    rewritehostport("10.1.2.5:5060");
    forward(uri:host, uri:port);
    break;
  };
# five digit numeric addresses are internal freebies
sent to the pbx
  # without authentication
  if
(uri=~"^sip:[0-9]{5}@(10.1.2.3|(proxy,)?.bigu.edu)")
{
    rewritehostport("10.1.2.5:5060");
    forward(uri:host, uri:port);
    break;
  };
# all numeric addresses beginning with 9 go to the
pbx on the way
  # to the PSTN
# first the caller needs to be authenticated
  if
(uri=~"^sip:9[0-9]*@(10.1.2.3|(proxy.)?bigu.edu)") {
    if (!(src_ip==10.1.2.3 | method==ACK |
method=="CANCEL" | method=="BYE")) {
      if (!proxy_authorize("bigu.edu", "subscriber"))
{
        proxy_challenge( "bigu.edu","0");
        break;
      } else if (method=="INVITE" & !check_from()) {
        log(1, "LOG: Spoofed from attempt\n");
        sl_send_reply("403", "Use From=id next time");
        break;
      };
    };
if (method=="INVITE") {
# if the r-uri begins 91, does the authenticated
user have
      # permission for long distance
      if (uri=~"sip:91[0-9]*@.*") {
        if (!is_user_in("credentials", "ld")) {
          sl_send_reply("403", "Local calls only");
          break;
        };
      };
    };
# authenticated and authorized, now accounting is
set
    setflag(1);
  };
rewritehostport("10.1.2.5:5060");
  append_hf("P-hint: GATEWAY\r\n");
  if (!t_relay()) {
    sl_reply_error();
    break;
  };
}
# ------------- process calls for users offline
route[4] {
if (!t_newtran()) {
    sl_reply_error();
  };
if (!t_reply("404", "Not Found")) {
    sl_reply_error();
  };
  break;
}
# ------------- process aliased outbound traffic
# inbound requests that have been aliased to a
non-BigU domain
# are not authenticated by BigU
route[5] {
append_hf("P-hint: ALIASED-OUTBOUND\r\n");
  if (!t_relay()) {
    sl_reply_error();
    break;
  };
}
# ------------- CC-Diversion to voicemail
failure_route[4] {
append_branch("sip:80000@10.1.2.5");
  append_urihf("CC-Diversion: ", "\r\n");
  append_hf("P-hint: OFFLINE-VOICEMAIL\r\n");
  t_relay();
}
Can anyone help
BR
Ivy
___________________________________________________________ 
 �Ż����䣬�����������䣡 
http://cn.mail.yahoo.com/