26 Sep
2004
26 Sep
'04
6:44 p.m.
I am running a version of SER compiled from ser-0.8.12_src. I tried to load ser-0.8.14 but
I could not get it to recognize the RTP proxy. Here is a copy of my ser.cfg. Any help
would be greatly appreciated:
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
listen=64.77.16.75
listen=127.0.0.1
port=5060
children=16
check_via=yes # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
fifo="/tmp/ser_fifo"
# syn_branch - Shall the server use stateful synonym branches? It is
# faster but not reboot-safe. Default is yes.
syn_branch=yes
memlog=3
# hostname matching an alias will satisfy the condition uri==myself".
alias=ari.com
alias=64.77.16.75
# sip_warning - Should replies include extensive warnings? By default
# yes, it is good for trouble-shooting.
sip_warning=yes
# server_signature - Should locally-generated messages include server's
# signature? By default yes, it is good for trouble-shooting.
server_signature=yes
# reply_to_via - A hint to reply modules whether they should send reply
# to IP advertised in Via. Turned off by default, which means that
# replies are sent to IP address from which requests came.
reply_to_via=no
# mhomed -- enable calculation of outbound interface; useful on
# multihomed servers.
mhomed=0
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
loadmodule "/usr/local/lib/ser/modules/group.so"
loadmodule "/usr/local/lib/ser/modules/msilo.so"
loadmodule "/usr/local/lib/ser/modules/enum.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
modparam("usrloc|group|msilo|uri",
"db_url","mysql://ser:heslo@localhost/ser")
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- tm params --
modparam("tm", "fr_timer", 20 )
modparam("tm", "fr_inv_timer", 90 )
modparam("tm", "wt_timer", 20 )
# -- msilo params
modparam("msilo", "registrar", "sip:registrar@ari.com")
# -- enum params --
#
modparam("enum", "domain_suffix", "e164.arpa.")
# -- nathelper params --
#
modparam("registrar", "nat_flag", 1)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
#modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind NAT
# -- acc params --
# that is the flag for which we will account -- don't forget to
#modparam("acc", "db_flag", 1 )
#modparam("acc", "db_missed_flag", 3 )
# ------------------------- request routing logic -------------------
# main routing logic
route {
/* ********* ROUTINE CHECKS ********************************** */
# filter too old messages
if (!mf_process_maxfwd_header("10")) {
log(1, "LOG: Too many hops\n");
sl_send_reply("483","Alas Too Many Hops");
break;
};
if ( msg:len >= max_len ) {
sl_send_reply("513", "Wow -- Message too large");
break;
};
if (search("^(Contact|m): .*(a)(192\.168\.|10\.|172\.16)")) {
log(1, "src address different than via header->NAT
detected\n");
log(1, "force_rport and fix_nated_contact and setflag(5)\n");
#try NAT traversal, works only if the client is symmetrical
force_rport();
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for request\r\n");
# flag 5 indicates that incoming request is from NATed client
setflag(5);
};
/* ********* RR ********************************** */
# to be safe, record route everything; UAs may use different
# transport protocols and need to have SER in path
record_route();
setflag(1);
# if route forces us to forward to some explicit destination,
# do so; check however first that a cheater didn't preload
# a gateway destination to bypass PSTN ACLs
if (loose_route()) {
log(1, "Loose Route\n");
if ((uri=~"sip:[+0-9]+@64\.77\.16\.126")) {
# it is gateway -- proceed to ACLs
route(3);
break;
};
# route HF determined next hop; forward there
append_hf("P-hint: rr-enforced\r\n");
t_relay();
break;
};
/* ********* check for requests targeted out of our domain... *******
*/
# sign of our domain: there is '@' (username) or : (nothing) in
# front of our domain name ; ('.' is not there -- we handle all
# xxx.iptel.org as outbound hosts);if none of these cases matches,
# proceed with processing of outbound requests in route[2]
if (!(uri==myself)) {
log(1, "Not myself\n");
route(2);
break;
};
/* ************ requests for our domain ********** */
/* now, the request is for sure for our domain */
# registers always MUST be authenticated to
# avoid stealing incoming calls
if (method=="REGISTER") {
# Make sure that user's dont register infinite loops
if (search("^(Contact|m): .*(a)(ari\.com|64\.77\.16\.75)")) {
log(1, "LOG: alert: someone trying to set
aor==contact\n");
sl_send_reply("476", "No Server Address in Contacts
Allowed" );
break;
};
if (search("^(Contact|m): .*64\.77\.16\.126")) {
log(1, "LOG: alert: protected contacts\n");
sl_send_reply("476", "No Server Address in Contacts
Allowed" );
break;
};
if (!www_authorize("ari.com" /* realm */,"subscriber"
/* table name */ )) {
# challenge if none or invalid credentials
www_challenge( "ari.com" /* realm */,"0" /*
no qop -- some phones can't deal with it */);
break;
};
# prohibit attempts to grab someone else's To address
# using valid credentials;
if (!check_to()) {
log(1, "LOG: To Cheating attempt\n");
sl_send_reply("403", "That is ugly -- use To=id in
REGISTERs");
break;
};
if (isflagset(5)) {
#register from nated client, save nat_flag=6
#in location table
setflag(6);
};
# it is an authenticated request, update Contact database now
if (!(save("location"))) {
sl_reply_error();
};
m_dump();
break;
};
# NAT Traversal Code
if ((isflagset(5)) || (isflagset(6))) {
log(1, "at least one of the participants is
NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy, set
NATED-INVITE flag(7)");
force_rtp_proxy();
append_hf("P-hint: request forced to rtp proxy\r\n");
setflag(7);
};
};
# native SIP destinations are handled using our USRLOC DB
if (lookup("location")) {
log(1, "Native SIP destination detected\n");
append_hf("P-hint: USRLOC\r\n");
if (!t_relay()) {
sl_reply_error();
break;
};
};
# now check if it's about PSTN destinations through our gateway;
if (uri=~"sip:\+?[0-9][0-9]*@.*") {
log(1, "PSTN destination to be used\n");
route(3);
break;
};
} # route
#----------------- PSTN ----------------------------------------------
# logic for calls to the PSTN
route[3] {
# turn accounting on
setflag(1);
/* require all who call PSTN to be members of the "int" group;
apply ACLs only to INVITEs -- we don't need to protect other requests, as
they
don't imply charges; also it could cause troubles when a call comes in via
PSTN
and goes to a party that can't authenticate (voicemail, other domain) --
BYEs would
fail then; exempt Cisco gateway from authentication by IP address --it does
not
support digest
*/
if (src_ip==64.77.16.126) {
log(1, "From ARI Gateway");
}
else {
if ((method=="INVITE") && (!(src_ip==64.77.16.126))) {
log(1, "LOG: need to auth PSTN invite");
if (!proxy_authorize( "ari.com" /* realm
*/,"subscriber" /* table name */)) {
proxy_challenge( "ari.com" /* realm */,
"0" /* no qop */ );
break;
};
# let's check from=id ... avoids accounting confusion
if (method=="INVITE" & !check_from()) {
log(1, "LOG: From Cheating attempt\n");
sl_send_reply("403", "That is ugly -- use
From=id next time (gw)");
break;
};
if(!is_user_in("credentials", "int")) {
sl_send_reply("403", "NO PSTN
Privileges...");
break;
};
consume_credentials();
}; # INVITE to authorized PSTN
}
# if you have passed through all the checks, let your call go to GW!
log(1, "Rewriting Host and port");
rewritehostport("64.77.16.126:5060");
# snom conditioner
if (method=="INVITE" && search("User-Agent: snom")) {
replace("100rel, ", "");
};
t_relay_to_udp ("64.77.16.126","5060");
t_relay_to_tcp ("64.77.16.126","5060");
break;
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
log(1, "-------------------------------------------\n");
log(1, "onreply_route[1] entered\n");
if (isflagset(6)) {
log(1, "transaction was sent to a NATED client -> fix nated
contact\n");
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for response\r\n");
}
if ( (status=~"100") ) {
log(1, "status 100 received\n");
};
if ( (status=~"180") ) {
log(1, "status 180 received\n");
};
if ( (status=~"202") ) {
log(1, "status 202 received\n");
};
if ( (status=~"200" || status=~"183") ) {
log(1, "status 2xx or 183");
if ( isflagset(7) ) {
log(1, "marked(7) as NATED-INVITE -> force_rtp_proxy
\n");
force_rtp_proxy();
append_hf("P-hint: response forced to rtp proxy\r\n");
};
};
}
#------------------- OUTBOUND ----------------------------------------
# routing logic for outbound requests targeted out of our domain
# (keep in mind messages to our users can end up here too: for example,
# an INVITE may be UsrLoc-ed, then the other party uses outbound
# proxy with r-uri=the usr_loced addredd (typically IP))
route[2] {
append_hf("P-hint: OUTBOUND\r\n");
t_relay();
}
#------- ALIASED OUTBOUND --------------------------------------------
# routing logic for inbound requests aliased outbound; unlike
# with real outbound requests we do not force authentication
# as these calls are server by our server and we do not want
# to disqualify unathenticated request originatiors from other
# domains
route[5] {
append_hf("P-hint: ALIASED-OUTBOUND\r\n");
t_relay();
}
-----Original Message-----
From: Brian J. Rathman
Sent: Sunday, September 26, 2004 10:31 AM
To: 'serusers(a)lists.iptel.org'
Subject: One Way audio cut through problem
I am noticing that when I try and make calls through SER using a Cisco ATA186 and
terminating through a T1 card on a Cisco Router that I get one way audio until I speak
into the phone connected to the ATA. The called party can hear me, but I do not hear
anything from them until I say something, then the audio cuts through. The issue with this
is that I am trying to setup these devices to call into an IVR on my end and if the
calling party must speak first, then they are not going to hear the IVR. Has anyone else
seen something like this before? I am running a version of SER compiled from the
26 Sep
26 Sep
7:04 p.m.
There was a other tread about this early'er today.
try the RTPproxy from cvs.
-Atle
* Brian J. Rathman <brian(a)strata-com.com> [040926 16:44]:
I am running a version of SER compiled from
ser-0.8.12_src. I tried to load ser-0.8.14 but I could not get it to recognize the RTP
proxy. Here is a copy of my ser.cfg. Any help would be greatly appreciated:
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
listen=64.77.16.75
listen=127.0.0.1
port=5060
children=16
check_via=yes # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
fifo="/tmp/ser_fifo"
# syn_branch - Shall the server use stateful synonym branches? It is
# faster but not reboot-safe. Default is yes.
syn_branch=yes
memlog=3
# hostname matching an alias will satisfy the condition uri==myself".
alias=ari.com
alias=64.77.16.75
# sip_warning - Should replies include extensive warnings? By default
# yes, it is good for trouble-shooting.
sip_warning=yes
# server_signature - Should locally-generated messages include server's
# signature? By default yes, it is good for trouble-shooting.
server_signature=yes
# reply_to_via - A hint to reply modules whether they should send reply
# to IP advertised in Via. Turned off by default, which means that
# replies are sent to IP address from which requests came.
reply_to_via=no
# mhomed -- enable calculation of outbound interface; useful on
# multihomed servers.
mhomed=0
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
loadmodule "/usr/local/lib/ser/modules/group.so"
loadmodule "/usr/local/lib/ser/modules/msilo.so"
loadmodule "/usr/local/lib/ser/modules/enum.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
modparam("usrloc|group|msilo|uri",
"db_url","mysql://ser:heslo@localhost/ser")
# -- usrloc params --
#modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -- tm params --
modparam("tm", "fr_timer", 20 )
modparam("tm", "fr_inv_timer", 90 )
modparam("tm", "wt_timer", 20 )
# -- msilo params
modparam("msilo", "registrar", "sip:registrar@ari.com")
# -- enum params --
#
modparam("enum", "domain_suffix", "e164.arpa.")
# -- nathelper params --
#
modparam("registrar", "nat_flag", 1)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
#modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind NAT
# -- acc params --
# that is the flag for which we will account -- don't forget to
#modparam("acc", "db_flag", 1 )
#modparam("acc", "db_missed_flag", 3 )
# ------------------------- request routing logic -------------------
# main routing logic
route {
/* ********* ROUTINE CHECKS ********************************** */
# filter too old messages
if (!mf_process_maxfwd_header("10")) {
log(1, "LOG: Too many hops\n");
sl_send_reply("483","Alas Too Many Hops");
break;
};
if ( msg:len >= max_len ) {
sl_send_reply("513", "Wow -- Message too large");
break;
};
if (search("^(Contact|m): .*(a)(192\.168\.|10\.|172\.16)")) {
log(1, "src address different than via header->NAT
detected\n");
log(1, "force_rport and fix_nated_contact and setflag(5)\n");
#try NAT traversal, works only if the client is symmetrical
force_rport();
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for request\r\n");
# flag 5 indicates that incoming request is from NATed client
setflag(5);
};
/* ********* RR ********************************** */
# to be safe, record route everything; UAs may use different
# transport protocols and need to have SER in path
record_route();
setflag(1);
# if route forces us to forward to some explicit destination,
# do so; check however first that a cheater didn't preload
# a gateway destination to bypass PSTN ACLs
if (loose_route()) {
log(1, "Loose Route\n");
if ((uri=~"sip:[+0-9]+@64\.77\.16\.126")) {
# it is gateway -- proceed to ACLs
route(3);
break;
};
# route HF determined next hop; forward there
append_hf("P-hint: rr-enforced\r\n");
t_relay();
break;
};
/* ********* check for requests targeted out of our domain... *******
*/
# sign of our domain: there is '@' (username) or : (nothing) in
# front of our domain name ; ('.' is not there -- we handle all
# xxx.iptel.org as outbound hosts);if none of these cases matches,
# proceed with processing of outbound requests in route[2]
if (!(uri==myself)) {
log(1, "Not myself\n");
route(2);
break;
};
/* ************ requests for our domain ********** */
/* now, the request is for sure for our domain */
# registers always MUST be authenticated to
# avoid stealing incoming calls
if (method=="REGISTER") {
# Make sure that user's dont register infinite loops
if (search("^(Contact|m): .*(a)(ari\.com|64\.77\.16\.75)")) {
log(1, "LOG: alert: someone trying to set
aor==contact\n");
sl_send_reply("476", "No Server Address in
Contacts Allowed" );
break;
};
if (search("^(Contact|m): .*64\.77\.16\.126")) {
log(1, "LOG: alert: protected contacts\n");
sl_send_reply("476", "No Server Address in
Contacts Allowed" );
break;
};
if (!www_authorize("ari.com" /* realm */,"subscriber"
/* table name */ )) {
# challenge if none or invalid credentials
www_challenge( "ari.com" /* realm */,"0" /*
no qop -- some phones can't deal with it */);
break;
};
# prohibit attempts to grab someone else's To address
# using valid credentials;
if (!check_to()) {
log(1, "LOG: To Cheating attempt\n");
sl_send_reply("403", "That is ugly -- use To=id in
REGISTERs");
break;
};
if (isflagset(5)) {
#register from nated client, save nat_flag=6
#in location table
setflag(6);
};
# it is an authenticated request, update Contact database now
if (!(save("location"))) {
sl_reply_error();
};
m_dump();
break;
};
# NAT Traversal Code
if ((isflagset(5)) || (isflagset(6))) {
log(1, "at least one of the participants is
NATed->record_route\n");
record_route();
log(1, " -->setting up reply processing
->onreply_route[1]");
t_on_reply("1");
if (method=="INVITE") {
log(1, " INVITE request-->force_rtp_proxy, set
NATED-INVITE flag(7)");
force_rtp_proxy();
append_hf("P-hint: request forced to rtp proxy\r\n");
setflag(7);
};
};
# native SIP destinations are handled using our USRLOC DB
if (lookup("location")) {
log(1, "Native SIP destination detected\n");
append_hf("P-hint: USRLOC\r\n");
if (!t_relay()) {
sl_reply_error();
break;
};
};
# now check if it's about PSTN destinations through our gateway;
if (uri=~"sip:\+?[0-9][0-9]*@.*") {
log(1, "PSTN destination to be used\n");
route(3);
break;
};
} # route
#----------------- PSTN ----------------------------------------------
# logic for calls to the PSTN
route[3] {
# turn accounting on
setflag(1);
/* require all who call PSTN to be members of the "int" group;
apply ACLs only to INVITEs -- we don't need to protect other requests, as
they
don't imply charges; also it could cause troubles when a call comes in via
PSTN
and goes to a party that can't authenticate (voicemail, other domain) --
BYEs would
fail then; exempt Cisco gateway from authentication by IP address --it does
not
support digest
*/
if (src_ip==64.77.16.126) {
log(1, "From ARI Gateway");
}
else {
if ((method=="INVITE") && (!(src_ip==64.77.16.126))) {
log(1, "LOG: need to auth PSTN invite");
if (!proxy_authorize( "ari.com" /* realm
*/,"subscriber" /* table name */)) {
proxy_challenge( "ari.com" /* realm */,
"0" /* no qop */ );
break;
};
# let's check from=id ... avoids accounting confusion
if (method=="INVITE" & !check_from()) {
log(1, "LOG: From Cheating attempt\n");
sl_send_reply("403", "That is ugly -- use
From=id next time (gw)");
break;
};
if(!is_user_in("credentials", "int")) {
sl_send_reply("403", "NO PSTN
Privileges...");
break;
};
consume_credentials();
}; # INVITE to authorized PSTN
}
# if you have passed through all the checks, let your call go to GW!
log(1, "Rewriting Host and port");
rewritehostport("64.77.16.126:5060");
# snom conditioner
if (method=="INVITE" && search("User-Agent: snom"))
{
replace("100rel, ", "");
};
t_relay_to_udp ("64.77.16.126","5060");
t_relay_to_tcp ("64.77.16.126","5060");
break;
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
log(1, "-------------------------------------------\n");
log(1, "onreply_route[1] entered\n");
if (isflagset(6)) {
log(1, "transaction was sent to a NATED client -> fix nated
contact\n");
fix_nated_contact();
append_hf("P-hint: fixed NAT contact for response\r\n");
}
if ( (status=~"100") ) {
log(1, "status 100 received\n");
};
if ( (status=~"180") ) {
log(1, "status 180 received\n");
};
if ( (status=~"202") ) {
log(1, "status 202 received\n");
};
if ( (status=~"200" || status=~"183") ) {
log(1, "status 2xx or 183");
if ( isflagset(7) ) {
log(1, "marked(7) as NATED-INVITE -> force_rtp_proxy
\n");
force_rtp_proxy();
append_hf("P-hint: response forced to rtp proxy\r\n");
};
};
}
#------------------- OUTBOUND ----------------------------------------
# routing logic for outbound requests targeted out of our domain
# (keep in mind messages to our users can end up here too: for example,
# an INVITE may be UsrLoc-ed, then the other party uses outbound
# proxy with r-uri=the usr_loced addredd (typically IP))
route[2] {
append_hf("P-hint: OUTBOUND\r\n");
t_relay();
}
#------- ALIASED OUTBOUND --------------------------------------------
# routing logic for inbound requests aliased outbound; unlike
# with real outbound requests we do not force authentication
# as these calls are server by our server and we do not want
# to disqualify unathenticated request originatiors from other
# domains
route[5] {
append_hf("P-hint: ALIASED-OUTBOUND\r\n");
t_relay();
}
-----Original Message-----
From: Brian J. Rathman
Sent: Sunday, September 26, 2004 10:31 AM
To: 'serusers(a)lists.iptel.org'
Subject: One Way audio cut through problem
I am noticing that when I try and make calls through SER using a Cisco ATA186 and
terminating through a T1 card on a Cisco Router that I get one way audio until I speak
into the phone connected to the ATA. The called party can hear me, but I do not hear
anything from them until I say something, then the audio cuts through. The issue with this
is that I am trying to setup these devices to call into an IVR on my end and if the
calling party must speak first, then they are not going to hear the IVR. Has anyone else
seen something like this before? I am running a version of SER compiled from the
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
7352
days inactive
7352
days old
1 comments
2 participants
participants (2)
-
Atle Samuelsen -
Brian J. Rathman