10 Dec
2014
10 Dec
'14
9:42 p.m.
Radius server sends a response containing an attribute (Session-Timeout (27): 2342).
How is the value saved in the AVPs using module auch_radius?
Config:
modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
modparam("auth_radius", "service_type",15)
modparam("auth_radius", "use_ruri_flag", 22)
modparam("auth_radius", "auth_extra",
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
if (is_method("REGISTER"))
{
# authenticate the REGISTER requests (uncomment to enable auth)
if (!radius_www_authorize("$td")) {
www_challenge("$td", "0");
exit;
}
if ($au!=$tU)
{
sl_send_reply("403","Forbidden auth ID");
exit;
}
}
...............................
if (from_uri==myself)
{
if (!radius_proxy_authorize("$fd", "$fU")) {
proxy_challenge("$fd", "0");
exit;
}
--
С уважением
Инженер по телекоммуникациям
Калала Александр
vel: 375291146285
life: 375256819996
skype: klistrod
VoIP Network Engineer
dCAP, CCNAVoice
Kalala Alexander
http://callcenters.by/
http://skytel.by/
http://voiplab.by/
http://asterisk-pbx.by/
11 Dec
11 Dec
3:05 p.m.
Not using radius myself, but a quick look at the code reveals that some
avps are generated after authentication. You can print the list of the
avps with avp_print():
http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
Then you can see what is getting back from radius.
Cheers,
Daniel
On 10/12/14 20:42, Kalala Alexander wrote:
Radius server sends a response containing an attribute
(Session-Timeout (27): 2342).
How is the value saved in the AVPs using module auch_radius?
Config:
modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
modparam("auth_radius", "service_type",15)
modparam("auth_radius", "use_ruri_flag", 22)
modparam("auth_radius", "auth_extra",
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
if (is_method("REGISTER"))
{
# authenticate the REGISTER requests (uncomment to enable auth)
if (!radius_www_authorize("$td")) {
www_challenge("$td", "0");
exit;
}
if ($au!=$tU)
{
sl_send_reply("403","Forbidden auth ID");
exit;
}
}
...............................
if (from_uri==myself)
{
if (!radius_proxy_authorize("$fd", "$fU")) {
proxy_challenge("$fd", "0");
exit;
}
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
3:57 p.m.
I have done avp_print (); Here's the output:
1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():
name=<digest_challenge>
1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():
val_str=<Proxy-Authenticate: Digest realm="sip.voip.by",
nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
Received no attributes in the AVP (For Example "Session-Timeout")...
The answer comes from the Radius after proxy_challenge("$fd", "0");
Access-Accept (2)
AVP: l=6 t=Session-Timeout(27): 11234
11.12.2014, 16:06, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
Not using radius myself, but a quick look at the code
reveals that some
avps are generated after authentication. You can print the list of the
avps with avp_print():
http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
Then you can see what is getting back from radius.
Cheers,
Daniel
On 10/12/14 20:42, Kalala Alexander wrote:
--
С уважением
Инженер по телекоммуникациям
Калала Александр
vel: 375291146285
life: 375256819996
skype: klistrod
VoIP Network Engineer
dCAP, CCNAVoice
Kalala Alexander
http://callcenters.by/
http://skytel.by/
http://voiplab.by/
http://asterisk-pbx.by/
Radius server sends a response containing an
attribute (Session-Timeout (27): 2342).
How is the value saved in the AVPs using module auch_radius?
Config:
modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
modparam("auth_radius", "service_type",15)
modparam("auth_radius", "use_ruri_flag", 22)
modparam("auth_radius", "auth_extra",
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
if (is_method("REGISTER"))
{
# authenticate the REGISTER requests (uncomment to enable auth)
if (!radius_www_authorize("$td")) {
www_challenge("$td", "0");
exit;
}
if ($au!=$tU)
{
sl_send_reply("403","Forbidden auth ID");
exit;
}
}
...............................
if (from_uri==myself)
{
if (!radius_proxy_authorize("$fd", "$fU"))
{
proxy_challenge("$fd", "0");
exit;
}
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
5:10 p.m.
Looking a bit deeper in the code, apparently only SIP_AVP (code 27) are
added as avps -- see generate_avps():
modules/auth_radius/sterman.c
For adding all radius avps, I guess some extra C code needs to be pushed
there.
Cheers,
Daniel
On 11/12/14 14:57, Kalala Alexander wrote:
I have done avp_print (); Here's the output:
1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():
name=<digest_challenge>
1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():
val_str=<Proxy-Authenticate: Digest realm="sip.voip.by",
nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
Received no attributes in the AVP (For Example "Session-Timeout")...
The answer comes from the Radius after proxy_challenge("$fd", "0");
Access-Accept (2)
AVP: l=6 t=Session-Timeout(27): 11234
11.12.2014, 16:06, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
> Not using radius myself, but a quick look at the code reveals that some
> avps are generated after authentication. You can print the list of the
> avps with avp_print():
>
> http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
>
> Then you can see what is getting back from radius.
>
> Cheers,
> Daniel
>
> On 10/12/14 20:42, Kalala Alexander wrote:
>> Radius server sends a response containing an attribute (Session-Timeout (27):
2342).
>> How is the value saved in the AVPs using module auch_radius?
>>
>> Config:
>>
>> modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
>> modparam("auth_radius", "service_type",15)
>> modparam("auth_radius", "use_ruri_flag", 22)
>> modparam("auth_radius", "auth_extra",
>>
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
>>
>> if (is_method("REGISTER"))
>> {
>> # authenticate the REGISTER requests (uncomment to enable auth)
>> if (!radius_www_authorize("$td")) {
>> www_challenge("$td", "0");
>> exit;
>> }
>>
>> if ($au!=$tU)
>> {
>> sl_send_reply("403","Forbidden auth
ID");
>> exit;
>> }
>> }
>>
>> ...............................
>>
>> if (from_uri==myself)
>> {
>> if (!radius_proxy_authorize("$fd",
"$fU")) {
>> proxy_challenge("$fd",
"0");
>> exit;
>>
>> }
> --
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users(a)lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
5:55 p.m.
Thanks for the answer, but
from RFC2865
https://tools.ietf.org/html/rfc2865#page-48
modules/auth_radius/authrad_mod.c
++ attrs[A_SESSION_TIMEOUT].n = "Session-Timeout";
lib/kcore/radius.h
++ #define A_SESSION_TIMEOUT 27
can rad_dict.h
How to specificy in C++, this attribute? in modules/auth_radius/sterman.c
11.12.2014, 18:11, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
Looking a bit deeper in the code, apparently only
SIP_AVP (code 27) are
added as avps -- see generate_avps():
modules/auth_radius/sterman.c
For adding all radius avps, I guess some extra C code needs to be pushed
there.
Cheers,
Daniel
On 11/12/14 14:57, Kalala Alexander wrote:
--
С уважением
Инженер по телекоммуникациям
Калала Александр
vel: 375291146285
life: 375256819996
skype: klistrod
VoIP Network Engineer
dCAP, CCNAVoice
Kalala Alexander
http://callcenters.by/
http://skytel.by/
http://voiplab.by/
http://asterisk-pbx.by/
I have done avp_print (); Here's the
output:
1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():
name=<digest_challenge>
1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():
val_str=<Proxy-Authenticate: Digest realm="sip.voip.by",
nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
Received no attributes in the AVP (For Example "Session-Timeout")...
The answer comes from the Radius after proxy_challenge("$fd", "0");
Access-Accept (2)
AVP: l=6 t=Session-Timeout(27): 11234
11.12.2014, 16:06, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
> Not using radius myself, but a quick look at the code reveals that some
> avps are generated after authentication. You can print the list of the
> avps with avp_print():
>
> http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
>
> Then you can see what is getting back from radius.
>
> Cheers,
> Daniel
>
> On 10/12/14 20:42, Kalala Alexander wrote:
>> Radius server sends a response containing an attribute (Session-Timeout (27):
2342).
>> How is the value saved in the AVPs using module auch_radius?
>>
>> Config:
>>
>> modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
>> modparam("auth_radius", "service_type",15)
>> modparam("auth_radius", "use_ruri_flag", 22)
>> modparam("auth_radius", "auth_extra",
>>
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
>>
>> if (is_method("REGISTER"))
>> {
>> # authenticate the REGISTER requests (uncomment to enable
auth)
>> if (!radius_www_authorize("$td")) {
>> www_challenge("$td", "0");
>> exit;
>> }
>>
>> if ($au!=$tU)
>> {
>> sl_send_reply("403","Forbidden auth
ID");
>> exit;
>> }
>> }
>>
>> ...............................
>>
>> if (from_uri==myself)
>> {
>> if (!radius_proxy_authorize("$fd",
"$fU")) {
>> proxy_challenge("$fd",
"0");
>> exit;
>>
>> }
> --
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users(a)lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
16 Dec
16 Dec
1:09 a.m.
To understand - did you try to make those changes with Session-Timeout
in the source code? Because A_SESSION_TIMEOUT is not there by default.
I think SIP_AVP has a special encoding of the value, cannot be just
replaced to get the Session-Timeout.
Cheers,
Daniel
On 11/12/14 16:55, Kalala Alexander wrote:
Thanks for the answer, but
from RFC2865
https://tools.ietf.org/html/rfc2865#page-48
modules/auth_radius/authrad_mod.c
++ attrs[A_SESSION_TIMEOUT].n = "Session-Timeout";
lib/kcore/radius.h
++ #define A_SESSION_TIMEOUT 27
can rad_dict.h
How to specificy in C++, this attribute? in modules/auth_radius/sterman.c
11.12.2014, 18:11, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
> Looking a bit deeper in the code, apparently only SIP_AVP (code 27) are
> added as avps -- see generate_avps():
>
> modules/auth_radius/sterman.c
>
> For adding all radius avps, I guess some extra C code needs to be pushed
> there.
>
> Cheers,
> Daniel
>
> On 11/12/14 14:57, Kalala Alexander wrote:
>> I have done avp_print (); Here's the output:
>>
>> 1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():
name=<digest_challenge>
>> 1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():
val_str=<Proxy-Authenticate: Digest realm="sip.voip.by",
nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
>>
>> Received no attributes in the AVP (For Example "Session-Timeout")...
>> The answer comes from the Radius after proxy_challenge("$fd",
"0");
>>
>> Access-Accept (2)
>> AVP: l=6 t=Session-Timeout(27): 11234
>>
>> 11.12.2014, 16:06, "Daniel-Constantin Mierla"
<miconda(a)gmail.com>om>:
>>> Not using radius myself, but a quick look at the code reveals that some
>>> avps are generated after authentication. You can print the list of the
>>> avps with avp_print():
>>>
>>>
http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
>>>
>>> Then you can see what is getting back from radius.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> On 10/12/14 20:42, Kalala Alexander wrote:
>>>> Radius server sends a response containing an attribute (Session-Timeout
(27): 2342).
>>>> How is the value saved in the AVPs using module auch_radius?
>>>>
>>>> Config:
>>>>
>>>> modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
>>>> modparam("auth_radius", "service_type",15)
>>>> modparam("auth_radius", "use_ruri_flag", 22)
>>>> modparam("auth_radius", "auth_extra",
>>>>
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
>>>>
>>>> if (is_method("REGISTER"))
>>>> {
>>>> # authenticate the REGISTER requests (uncomment to
enable auth)
>>>> if (!radius_www_authorize("$td")) {
>>>> www_challenge("$td", "0");
>>>> exit;
>>>> }
>>>>
>>>> if ($au!=$tU)
>>>> {
>>>> sl_send_reply("403","Forbidden
auth ID");
>>>> exit;
>>>> }
>>>> }
>>>>
>>>> ...............................
>>>>
>>>> if (from_uri==myself)
>>>> {
>>>> if (!radius_proxy_authorize("$fd",
"$fU")) {
>>>> proxy_challenge("$fd",
"0");
>>>> exit;
>>>>
>>>> }
>>> --
>>> Daniel-Constantin Mierla
>>> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>>
>>> _______________________________________________
>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>>> sr-users(a)lists.sip-router.org
>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> --
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users(a)lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
15 Dec
15 Dec
2:31 p.m.
Daniel,
Possible to make changes to the module for the understanding of AVP from Radius?
11.12.2014, 18:11, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
Looking a bit deeper in the code, apparently only
SIP_AVP (code 27) are
added as avps -- see generate_avps():
modules/auth_radius/sterman.c
For adding all radius avps, I guess some extra C code needs to be pushed
there.
Cheers,
Daniel
On 11/12/14 14:57, Kalala Alexander wrote:
--
С уважением
Инженер по телекоммуникациям
Калала Александр
vel: 375291146285
life: 375256819996
skype: klistrod
VoIP Network Engineer
dCAP, CCNAVoice
Kalala Alexander
http://callcenters.by/
http://skytel.by/
http://voiplab.by/
http://asterisk-pbx.by/
I have done avp_print (); Here's the
output:
1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():
name=<digest_challenge>
1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():
val_str=<Proxy-Authenticate: Digest realm="sip.voip.by",
nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
Received no attributes in the AVP (For Example "Session-Timeout")...
The answer comes from the Radius after proxy_challenge("$fd", "0");
Access-Accept (2)
AVP: l=6 t=Session-Timeout(27): 11234
11.12.2014, 16:06, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
> Not using radius myself, but a quick look at the code reveals that some
> avps are generated after authentication. You can print the list of the
> avps with avp_print():
>
> http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
>
> Then you can see what is getting back from radius.
>
> Cheers,
> Daniel
>
> On 10/12/14 20:42, Kalala Alexander wrote:
>> Radius server sends a response containing an attribute (Session-Timeout (27):
2342).
>> How is the value saved in the AVPs using module auch_radius?
>>
>> Config:
>>
>> modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
>> modparam("auth_radius", "service_type",15)
>> modparam("auth_radius", "use_ruri_flag", 22)
>> modparam("auth_radius", "auth_extra",
>>
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
>>
>> if (is_method("REGISTER"))
>> {
>> # authenticate the REGISTER requests (uncomment to enable
auth)
>> if (!radius_www_authorize("$td")) {
>> www_challenge("$td", "0");
>> exit;
>> }
>>
>> if ($au!=$tU)
>> {
>> sl_send_reply("403","Forbidden auth
ID");
>> exit;
>> }
>> }
>>
>> ...............................
>>
>> if (from_uri==myself)
>> {
>> if (!radius_proxy_authorize("$fd",
"$fU")) {
>> proxy_challenge("$fd",
"0");
>> exit;
>>
>> }
> --
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users(a)lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
16 Dec
16 Dec
1:11 a.m.
On 15/12/14 13:31, Kalala Alexander wrote:
Daniel,
Possible to make changes to the module for the understanding of AVP from Radius?
As said, it will probably require a bit of C coding. I haven't dealt
with Radius for many years. What is the AVP id for Session-Timeout (as
defined in the radius dictionary)?
Daniel
11.12.2014, 18:11, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
> Looking a bit deeper in the code, apparently only SIP_AVP (code 27) are
> added as avps -- see generate_avps():
>
> modules/auth_radius/sterman.c
>
> For adding all radius avps, I guess some extra C code needs to be pushed
> there.
>
> Cheers,
> Daniel
>
> On 11/12/14 14:57, Kalala Alexander wrote:
>> I have done avp_print (); Here's the output:
>>
>> 1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():
name=<digest_challenge>
>> 1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():
val_str=<Proxy-Authenticate: Digest realm="sip.voip.by",
nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
>>
>> Received no attributes in the AVP (For Example "Session-Timeout")...
>> The answer comes from the Radius after proxy_challenge("$fd",
"0");
>>
>> Access-Accept (2)
>> AVP: l=6 t=Session-Timeout(27): 11234
>>
>> 11.12.2014, 16:06, "Daniel-Constantin Mierla"
<miconda(a)gmail.com>om>:
>>> Not using radius myself, but a quick look at the code reveals that some
>>> avps are generated after authentication. You can print the list of the
>>> avps with avp_print():
>>>
>>>
http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
>>>
>>> Then you can see what is getting back from radius.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> On 10/12/14 20:42, Kalala Alexander wrote:
>>>> Radius server sends a response containing an attribute (Session-Timeout
(27): 2342).
>>>> How is the value saved in the AVPs using module auch_radius?
>>>>
>>>> Config:
>>>>
>>>> modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
>>>> modparam("auth_radius", "service_type",15)
>>>> modparam("auth_radius", "use_ruri_flag", 22)
>>>> modparam("auth_radius", "auth_extra",
>>>>
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
>>>>
>>>> if (is_method("REGISTER"))
>>>> {
>>>> # authenticate the REGISTER requests (uncomment to
enable auth)
>>>> if (!radius_www_authorize("$td")) {
>>>> www_challenge("$td", "0");
>>>> exit;
>>>> }
>>>>
>>>> if ($au!=$tU)
>>>> {
>>>> sl_send_reply("403","Forbidden
auth ID");
>>>> exit;
>>>> }
>>>> }
>>>>
>>>> ...............................
>>>>
>>>> if (from_uri==myself)
>>>> {
>>>> if (!radius_proxy_authorize("$fd",
"$fU")) {
>>>> proxy_challenge("$fd",
"0");
>>>> exit;
>>>>
>>>> }
>>> --
>>> Daniel-Constantin Mierla
>>> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>>
>>> _______________________________________________
>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>>> sr-users(a)lists.sip-router.org
>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> --
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users(a)lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
8:20 a.m.
Thank you for your reply Daniel, I understand that you are very busy with work.
These attributes indentichny and are one and same data. Billing System (Radius server)
these attributes allow the maximum call time for the client.
Perhaps there is contact Ovidiu Sas or Juha Heinanen, who developed this module?
Yes, just substitute the code C++ Session-Timeout does not work ((
It would be nice to do to download any attribute value, for example:
modparam("auth_radius", "auth_get",
"Session-Timeout=$avp(time);h323-credit-time=$avp(cisco-time)");
/etc/radiusclient-ng/dictionary
ATTRIBUTE Session-Timeout 27 integer
/etc/radiusclient-ng/dictionary.cisco
VENDOR Cisco 9
ATTRIBUTE h323-credit-time 102 string Cisco
16.12.2014, 02:11, "Daniel-Constantin Mierla" <miconda(a)gmail.com>om>:
On 15/12/14 13:31, Kalala Alexander wrote:
--
С уважением
Инженер по телекоммуникациям
Калала Александр
vel: 375291146285
life: 375256819996
skype: klistrod
VoIP Network Engineer
dCAP, CCNAVoice
Kalala Alexander
http://callcenters.by/
http://skytel.by/
http://voiplab.by/
http://asterisk-pbx.by/
Daniel,
Possible to make changes to the module for the understanding of AVP from Radius?
As said, it will probably require a bit of C coding. I haven't dealt
with Radius for many years. What is the AVP id for Session-Timeout (as
defined in the radius dictionary)?
Daniel
11.12.2014, 18:11, "Daniel-Constantin
Mierla" <miconda(a)gmail.com>om>:
> Looking a bit deeper in the code, apparently only SIP_AVP (code 27) are
> added as avps -- see generate_avps():
>
> modules/auth_radius/sterman.c
>
> For adding all radius avps, I guess some extra C code needs to be pushed
> there.
>
> Cheers,
> Daniel
>
> On 11/12/14 14:57, Kalala Alexander wrote:
>> I have done avp_print (); Here's the output:
>>
>> 1(11832) INFO: avpops [avpops_impl.c:1488]: ops_print_avp():
name=<digest_challenge>
>> 1(11832) INFO: avpops [avpops_impl.c:1496]: ops_print_avp():
val_str=<Proxy-Authenticate: Digest realm="sip.voip.by",
nonce="VIgtSVSILB3mhgkw9TUSxb2W5cVvKr4S", qop="auth"
>>
>> Received no attributes in the AVP (For Example
"Session-Timeout")...
>> The answer comes from the Radius after proxy_challenge("$fd",
"0");
>>
>> Access-Accept (2)
>> AVP: l=6 t=Session-Timeout(27): 11234
>>
>> 11.12.2014, 16:06, "Daniel-Constantin Mierla"
<miconda(a)gmail.com>om>:
>>> Not using radius myself, but a quick look at the code reveals that some
>>> avps are generated after authentication. You can print the list of the
>>> avps with avp_print():
>>>
>>>
http://kamailio.org/docs/modules/stable/modules/avpops.html#avpops.f.avp_pr…
>>>
>>> Then you can see what is getting back from radius.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> On 10/12/14 20:42, Kalala Alexander wrote:
>>>> Radius server sends a response containing an attribute
(Session-Timeout (27): 2342).
>>>> How is the value saved in the AVPs using module auch_radius?
>>>>
>>>> Config:
>>>>
>>>> modparam("auth_radius",
"radius_config","/etc/radiusclient-ng/radiusclient.conf")
>>>> modparam("auth_radius", "service_type",15)
>>>> modparam("auth_radius", "use_ruri_flag", 22)
>>>> modparam("auth_radius", "auth_extra",
>>>>
"Calling-Station-Id=$fU;Called-Station-Id=$tU;Acct-Session-Id=$ci")
>>>>
>>>> if (is_method("REGISTER"))
>>>> {
>>>> # authenticate the REGISTER requests (uncomment to
enable auth)
>>>> if (!radius_www_authorize("$td")) {
>>>> www_challenge("$td",
"0");
>>>> exit;
>>>> }
>>>>
>>>> if ($au!=$tU)
>>>> {
>>>> sl_send_reply("403","Forbidden
auth ID");
>>>> exit;
>>>> }
>>>> }
>>>>
>>>> ...............................
>>>>
>>>> if (from_uri==myself)
>>>> {
>>>> if (!radius_proxy_authorize("$fd",
"$fU")) {
>>>> proxy_challenge("$fd",
"0");
>>>> exit;
>>>>
>>>> }
>>> --
>>> Daniel-Constantin Mierla
>>> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>>
>>> _______________________________________________
>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>>> sr-users(a)lists.sip-router.org
>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
> --
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users(a)lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users 
9:23 a.m.
Kalala Alexander writes:
These attributes indentichny and are one and same
data. Billing System
(Radius server) these attributes allow the maximum call time for the
client.
Perhaps there is contact Ovidiu Sas or Juha Heinanen, who developed
this module?
i haven't used radius auth for a long time.
It would be nice to do to download any attribute
value, for example:
modparam("auth_radius", "auth_get",
"Session-Timeout=$avp(time);h323-credit-time=$avp(cisco-time)");
you can download anything from your radius server to kamailio avps as
side effect of authentication or using radius_load_* calls. if you want
session-timeout, return it from your radius server as SIP-AVP with name
session-timaout and value whatever.
-- juha
12:32 p.m.
Please forgive me for my english ...
"side effect of authentication" What is it?
Most billing system using RADIUS do not know what SIP_AVP ....
The parameter "Session-Timeout" or "h323-credit-time" come only in
response Access-Accept,
When requesting Access-Request (with Digest data for authentication).
Function "radius_load_*сalles" creates a new the "Access-Request" and
"Session-Timeout" is no longer there ...
Perhaps in modules/auth_radius/sterman.c
Embed code(misc_radius):
static void generate_avps_rad(VALUE_PAIR* received)
{
int_str name, val;
unsigned short flags;
VALUE_PAIR *vp;
vp = received;
for( ; vp ; vp=vp->next) {
flags = AVP_NAME_STR;
switch(vp->type)
{
case PW_TYPE_STRING:
flags |= AVP_VAL_STR;
name.s.len = strlen(vp->name);
val.s.len = strlen(vp->strvalue);
name.s.s = vp->name;
val.s.s = vp->strvalue;
if (add_avp( flags, name, val ) < 0) {
LM_ERR("unable to create a new AVP\n");
} else {
LM_DBG("AVP '%.*s'/%d='%.*s'/%d has been added\n",
(flags&AVP_NAME_STR)?name.s.len:4,
(flags&AVP_NAME_STR)?name.s.s:"null",
(flags&AVP_NAME_STR)?0:name.n,
(flags&AVP_VAL_STR)?val.s.len:4,
(flags&AVP_VAL_STR)?val.s.s:"null",
(flags&AVP_VAL_STR)?0:val.n );
}
continue;
case PW_TYPE_INTEGER:
name.s.len = strlen(vp->name);
name.s.s = vp->name;
val.n = vp->lvalue;
if (add_avp( flags, name, val ) < 0) {
LM_ERR("unable to create a new AVP\n");
} else {
LM_DBG("AVP '%.*s'/%d='%.*s'/%d has been added\n",
(flags&AVP_NAME_STR)?name.s.len:4,
(flags&AVP_NAME_STR)?name.s.s:"null",
(flags&AVP_NAME_STR)?0:name.n,
(flags&AVP_VAL_STR)?val.s.len:4,
(flags&AVP_VAL_STR)?val.s.s:"null",
(flags&AVP_VAL_STR)?0:val.n );
}
continue;
default:
LM_ERR("skip attribute type %d (non-string)", vp->type);
continue;
}
return;
}
}
16.12.2014, 10:24, "Juha Heinanen" <jh(a)tutpro.com>om>:
Kalala Alexander writes:
--
С уважением
Инженер по телекоммуникациям
Калала Александр
vel: 375291146285
life: 375256819996
skype: klistrod
VoIP Network Engineer
dCAP, CCNAVoice
Kalala Alexander
http://callcenters.by/
http://skytel.by/
http://voiplab.by/
http://asterisk-pbx.by/
These attributes indentichny and are one and
same data. Billing System
(Radius server) these attributes allow the maximum call time for the
client.
Perhaps there is contact Ovidiu Sas or Juha Heinanen, who developed
this module?
i haven't used radius auth for a long time.
It would be nice to do to download any attribute
value, for example:
modparam("auth_radius", "auth_get",
"Session-Timeout=$avp(time);h323-credit-time=$avp(cisco-time)");
you can download anything from your radius server to kamailio avps as
side effect of authentication or using radius_load_* calls. if you want
session-timeout, return it from your radius server as SIP-AVP with name
session-timaout and value whatever.
-- juha
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
3635
days inactive
3641
days old
10 comments
3 participants
participants (3)
-
Daniel-Constantin Mierla -
Juha Heinanen -
Kalala Alexander