hello
I´ve just upgraded SER from version 0.8.99-dev1 to 0.9.0 and my radius
accounting system doesn't work properly, it only generates the start
log but I can´t see any "Stop record" in radius logs when call its
finished... see my configuration file below (same that I used with
0.8.99-dev1).
thanks
RaFael
File: /usr/local/etc/ser/Ser_VM_RadAcc_NatHelp-Test1.cfg
# This default script includes nathelper support. To make it work
# you will also have to install Maxim's RTP proxy. The proxy is enforced
# if one of the parties is behind a NAT.
#
# If you have an endpoing in the public internet which is known to
# support symmetric RTP (Cisco PSTN gateway or voicemail, for example),
# then you don't have to force RTP proxy. If you don't want to enforce
# RTP proxy for some destinations than simply use t_relay() instead of
# route(1)
#
# Sections marked with !! Nathelper contain modifications for nathelper
#
# Also Include Mysql support for digest authentication, Pstn forward,
# voicemail and Radius Accounting module.
# ----------- global configuration parameters ------------------------
#/* Uncomment these lines to enter debugging mode
debug=9
fork=yes
log_stderror=yes
#*/
listen=****
port=5060
# hostname matching an alias will satisfy the condition uri==myself".
alias=domain.com
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
children=4
fifo="/tmp/ser_fifo"
# sip_warning - Should replies include extensive warnings?
# By default yes, it is good for trouble-shooting.
sip_warning=yes
# ------------------ module loading ----------------------------------
loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/group.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
loadmodule "/usr/local/lib/ser/modules/uri_db.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
# digest authentication
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
# !! Nathelper
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# ----------------- setting module-specific parameters ---------------
modparam("usrloc", "db_mode", 2)
# storing passwords in our database in plain text:
# modparam("auth_db", "calculate_ha1", yes)
# modparam("auth_db", "password_column", "password")
# For Rad Accounting
modparam("acc","radius_config","/usr/local/etc/radiusclient/radiusclient.conf")
modparam("acc", "service_type", 15)
modparam("acc", "radius_flag", 1)
modparam("acc", "radius_missed_flag", 3)
modparam("acc", "report_ack", 0) # 1 reporta dos starts en acc
modparam("tm", "fr_timer", 20 )
modparam("tm", "fr_inv_timer", 30 )
modparam("tm", "wt_timer", 20 )
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
modparam("group", "db_url",
"mysql://ser:heslo@localhost/ser") #
mysql in cvs head vs
# modparam("uri", "db_url", "sql://ser:heslo@localhost/ser")
# in ser0814
modparam("uri_db", "db_url",
"mysql://ser:heslo@localhost/ser") # in
cvs head version
# ------------- registration parameters
modparam("registrar", "nat_flag", 6)
modparam("registrar", "min_expires", 60)
modparam("registrar", "max_expires", 86400)
modparam("registrar", "default_expires", 3600)
modparam("registrar", "desc_time_order", 1)
modparam("registrar", "append_branches", 1)
# !! Nathelper
# modparam("registrar", "nat_flag", 6)
modparam("nathelper", "natping_interval", 30) # Ping interval 30 s
modparam("nathelper", "ping_nated_only", 1) # Ping only clients
behind NAT
# -------------------------- request routing logic --------------------------
route {
log(1, "-------------------------------------------\n");
log(1, "entering main loop\n");
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# !! Nathelper
# Special handling for NATed clients; first, NAT test is
# executed: it looks for via!=received and RFC1918 addresses
# in Contact (may fail if line-folding is used); also,
# the received test should, if completed, should check all
# vias for rpesence of received
if (nat_uac_test("19")) {
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (method == "REGISTER" || !
search("^Record-Route:")) {
log("LOG: Someone trying to register from private
IP, rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and
majority is
# smart enough to be symmetric. In some phones it
takes a configuration
# option. With Cisco 7960, it is called
NAT_Enable=Yes, with kphone it is
# called "symmetric media" and "symmetric
signalling".
fix_nated_contact(); # Rewrite contact with source
IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
};
};
# record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
# t_relay();
route(1); # Nathelper!!
break;
};
# Set flag for Radius Accounting:
if (method=="INVITE") {
log(1, "INVITE MESSAGE RECEIVED - START ACC\n");
setflag(1); /* set for accounting (the same value as
in log_flag!) */
};
if (method=="BYE") {
log (1, "BYE - STOP ACCOUNTING\n");
setflag(1);
};
if (method=="CANCEL") {
log (1, "CANCEL - STOP ACCOUNTING\n");
setflag(1);
};
setflag(3); # Set Radius Missed Flag
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
# t_relay();
route(1);
break;
};
if (uri==myself) {
if (method == "REGISTER") {
log(1, "ANALYZING REGISTER REQUEST\n");
# to use digest authentication
if (!www_authorize("domain.com",
"subscriber")) {
www_challenge("domain.com", "0");
break;
};
if (!save("location")) {
sl_reply_error();
};
break;
};
/* ***************** Dial out to PSTN logic
****************** */
### Pendiente agregar seguridad a esta etapa, usar
Digest-Auth o "credentials"
# forward n digit requests to gateway AS5350 (Celulares Lima)
if(uri=~"^sip:9"){
log(1,"n digit expression match - Celulares");
rewritehostport("X.X.X.X:5060");
route(2);
break;
};
# forward international calls to Asterisk (a FWD, H323gws)
if(uri=~"^sip:00"){
rewritehostport("Y.Y.Y.Y:5060");
log(1,"n digit expression match - LDI");
route(2);
break;
};
/*
********************************************************************
*/
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
# t_relay();
route(1);
break;
};
# does the user wish redirection on no availability?
(i.e., is he
# in the voicemail group?) -- determine it now and store it in
# flag 4, before we rewrite the flag using UsrLoc
if (is_user_in("Request-URI", "voicemail")) {
log(1, "requested user is in voicemail group");
setflag(4);
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
log(1,"unable to locate user");
# handle user which was not found
route(4);
break;
};
}; # End of "if(uri==myself)"
append_hf("P-hint: usrloc applied\r\n");
route(1);
# if user is on-line and is in Voicemail group, enable redirection
if (method == "INVITE" && isflagset(4)) {
log(1, "invite for voicemail user->initiate
failureroute[1]\n");
t_on_failure("1");
};
# t_relay();
}
route[1]
{
# !! Nathelper
if (uri=~"[@:](192\.168\.)" && !search("^Route:")){
sl_send_reply("479", "We don't forward to private IP
addresses");
break;
};
# if client or server know to be behind a NAT, enable relay
if (isflagset(6)) {
force_rtp_proxy();
};
# NAT processing of replies; apply to all transactions (for example,
# re-INVITEs from public to private UA are hard to identify as
# NATed at the moment of request processing); look at replies
t_on_reply("1");
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
break;
}
# !! Nathelper
onreply_route[1] {
# NATed transaction ?
if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
fix_nated_contact();
force_rtp_proxy();
# otherwise, is it a transaction behind a NAT and we did not
# know at time of request processing ? (RFC1918 contacts)
} else if (nat_uac_test("1")) {
fix_nated_contact();
};
}
# ----------------- SIP-to-PSTN call routed -------------------
route[2]{
log(1,"route[2]:SIP-to-GW call routed");
if(!t_relay()){
sl_reply_error();
};
}
# --------------- Handling of Unavailable user ----------------
route[4] {
# non-Voip -- just send "off-line"
if (!(method=="INVITE" || method=="ACK" ||
method=="CANCEL" ||
method=="BYE")) {
sl_send_reply("404", "Not Found");
acc_rad_request("404 Not Found");
break;
};
# not voicemail subscriber
if (!isflagset(4)) {
sl_send_reply("404", "Not Found and no voicemail turned
on");
acc_rad_request("404 Not Found");
break;
};
# forward to voicemail adding prefix to simplify * "extension.conf"
prefix("vm");
rewritehostport("Y.Y.Y.Y:5060");
t_relay_to_udp("Y.Y.Y.Y", "5060");
}
# if forwarding downstream did not succeed, try voicemail running at Asterisk
failure_route[1]{
if (t_check_status("485")){
revert_uri ();
prefix("vm");
rewritehostport ("Y.Y.Y.Y:5060");
append_branch();
t_relay();
break;
}
}
--
rrgv