RES: [Serusers] radacc do not generate log files

Daniel-Constantin Mierla daniel at iptel.org
Fri Feb 20 09:59:38 CET 2004 

Hello,
never send mails only to private address, please use the mailing list.

No, you have to set the flag before relaying the message. If you want to 
account all calls you can put it before record_route();

.Daniel

On 2/19/2004 10:13 PM, Jadylson Bomfim wrote:

>Daniel
>
>Some like this ?
>
>#
># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
>#
># simple quick-start config script
>#
>
># ----------- global configuration parameters ------------------------
>
>#debug=3         # debug level (cmd line: -dddddddddd)
>#fork=yes
>#log_stderror=no	# (cmd line: -E)
>
>#/* Uncomment these lines to enter debugging mode 
>debug=7
>fork=no
>log_stderror=yes
>#*/
>
>check_via=no	# (cmd. line: -v)
>dns=no           # (cmd. line: -r)
>rev_dns=no      # (cmd. line: -R)
>#port=5060
>#children=4
>fifo="/tmp/ser_fifo"
>
># ------------------ module loading ----------------------------------
>
># Uncomment this if you want to use SQL database
>loadmodule "/usr/local/lib/ser/modules/mysql.so"
>
>loadmodule "/usr/local/lib/ser/modules/sl.so"
>loadmodule "/usr/local/lib/ser/modules/tm.so"
>loadmodule "/usr/local/lib/ser/modules/rr.so"
>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>loadmodule "/usr/local/lib/ser/modules/acc.so"
># Uncomment this if you want digest authentication
># mysql.so must be loaded !
>loadmodule "/usr/local/lib/ser/modules/auth.so"
>loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
># ----------------- setting module-specific parameters ---------------
>
># -- usrloc params --
>
>#modparam("usrloc", "db_mode",   0)
>
># Uncomment this if you want to use SQL database 
># for persistent storage and comment the previous line
>modparam("usrloc", "db_mode", 2)
>
># -- auth params --
># Uncomment if you are using auth module
>#
>#modparam("auth_db", "calculate_ha1", yes)
>#
># If you set "calculate_ha1" parameter to yes (which true in this
>config), 
># uncomment also the following parameter)
>#
>#modparam("auth_db", "password_column", "kknd22")
>modparam("auth_radius","radius_config","/usr/local/etc/radiusclient/radi
>usclient.conf")
>modparam("auth_radius","service_type",15)
>modparam("acc","radius_config","/usr/local/etc/radiusclient/radiusclient
>.conf")
>modparam("acc", "service_type", 15)
>modparam("acc", "radius_flag", 1)
>modparam("acc", "radius_missed_flag", 3)
>modparam("acc","radius_flag",2)
>
>
>
># -- rr params --
># add value to ;lr param to make some broken UAs happy
>modparam("rr", "enable_full_lr", 1)
>
># -------------------------  request routing logic -------------------
>
># main routing logic
>
>route{
>
>	# initial sanity checks -- messages with
>	# max_forwards==0, or excessively long requests
>	if (!mf_process_maxfwd_header("10")) {
>		sl_send_reply("483","Too Many Hops");
>		break;
>	};
>	if ( msg:len > max_len ) {
>		sl_send_reply("513", "Message too big");
>		break;
>	};
>
>	# we record-route all messages -- to make sure that
>	# subsequent messages will go through our proxy; that's
>	# particularly good if upstream and downstream entities
>	# use different transport protocol
>	record_route();	
>	# loose-route processing
>	if (loose_route()) {
>		t_relay();
>		break;
>	};
>
>	# if the request is for other domain use UsrLoc
>	# (in case, it does not work, use the following command
>	# with proper names and addresses in it)
>	if (uri==myself) {
>
>		if (method=="REGISTER") {
>
># Uncomment this if you want to use digest authentication
>			if (!radius_www_authorize("")) {
>				www_challenge("", "1");
>				break;
>			};
>
>			save("location");
>			break;
>		};
>
>		# native SIP destinations are handled using our USRLOC
>DB
>		if (!lookup("location")) {
>			sl_send_reply("404", "Not Found");
>			break;
>		};
>	};
>	# forward to current uri now; use stateful forwarding; that
>	# works reliably even if we forward from TCP to UDP
>	if (!t_relay()) {
>		sl_reply_error();
>	};
>
>if (method=="INVITE" || method=="BYE" || method=="CANCEL") { 
> setflag(1);
>};
>
>}
>
>
>Tks Jadylson
>
>-----Mensagem original-----
>De: Daniel-Constantin Mierla [mailto:daniel at iptel.org] 
>Enviada em: quinta-feira, 19 de fevereiro de 2004 17:54
>Para: Jadylson Bomfim
>Cc: serusers at lists.iptel.org
>Assunto: Re: [Serusers] radacc do not generate log files
>
>
>I dont know what happened with my email client, but you have to ignore 
>all slashes in my example. So, it would look like
>
>if (method=="INVITE" || method=="BYE" || method=="CANCEL") {
>  setflag(1);
>};
>
>
>.Daniel
>
>On 2/19/2004 9:08 PM, Daniel-Constantin Mierla wrote:
>
>  
>
>>Hello,
>>you have to set the flag to 1 for those request you want to account,
>>with setflag("1").
>>For example
>>
>>/if (//method=="INVITE" || //method=="BYE" || method=="CANCEL") { / / 
>>setflag(1); //}; /
>>
>>If you search into mailing list archive you will find many examples.
>>
>>.Daniel
>>
>>On 2/19/2004 8:21 PM, Jadylson Bomfim wrote:
>>
>>    
>>
>>>Folks,
>>> 
>>>I´m trying to use SER 0.8.12 with FreeRadius 0.9.3 and RadiusClient
>>>0.3.2
>>>So, I get authentication but the radacc do not generate log neither 
>>>details directory either "details file"
>>> 
>>>Could someone help me to fix this ?
>>> 
>>>I hope that information bellow help you
>>>
>>>============== radiusd -X command ===============
>>>
>>> 
>>>
>>>rad_recv: Access-Request packet from host 127.0.0.1:32867, id=111,
>>>length=236
>>>
>>>User-Name = "16008 at 192.168.0.252"
>>>
>>>Digest-Attributes = "\n\00716008"
>>>
>>>Digest-Attributes = "\001\017192.168.0.252"
>>>
>>>Digest-Attributes = "\002*4035094b8e9d86159d3443828c5dd602835c91d9"
>>>
>>>Digest-Attributes = "\004\023sip:192.168.0.252"
>>>
>>>Digest-Attributes = "\003\nREGISTER"
>>>
>>>Digest-Attributes = "\005\006auth"
>>>
>>>Digest-Attributes = "\t\n00000001"
>>>
>>>Digest-Attributes = "\010\013abcdefghi"
>>>
>>>Digest-Response = "76ec656e18c4e282ae8318f1a1ede8d8"
>>>
>>>Service-Type = Sip-Session
>>>
>>>Sip-Uri-User = "16008"
>>>
>>>NAS-IP-Address = 127.0.0.1
>>>
>>>NAS-Port = 5060
>>>
>>>modcall: entering group authorize for request 0
>>>
>>>modcall[authorize]: module "preprocess" returns ok for request 0
>>>
>>>modcall[authorize]: module "chap" returns noop for request 0
>>>
>>>modcall[authorize]: module "eap" returns noop for request 0
>>>
>>>rlm_digest: Converting Digest-Attributes to something sane...
>>>
>>>Digest-User-Name = "16008"
>>>
>>>Digest-Realm = "192.168.0.252"
>>>
>>>Digest-Nonce = "4035094b8e9d86159d3443828c5dd602835c91d9"
>>>
>>>Digest-Uri = "sip:192.168.0.252"
>>>
>>>Digest-Method = "REGISTER"
>>>
>>>Digest-Qop = "auth"
>>>
>>>Digest-Nonce-Count = "00000001"
>>>
>>>Digest-Cnonce = "abcdefghi"
>>>
>>>rlm_digest: Adding Auth-Type = DIGEST
>>>
>>>modcall[authorize]: module "digest" returns ok for request 0
>>>
>>>rlm_realm: Looking up realm "192.168.0.252" for User-Name =
>>>"16008 at 192.168.0.252"
>>>
>>>rlm_realm: No such realm "192.168.0.252"
>>>
>>>modcall[authorize]: module "suffix" returns noop for request 0
>>>
>>>users: Matched DEFAULT at 152
>>>
>>>users: Matched 16008 at 192.168.0.252 at 218
>>>
>>>modcall[authorize]: module "files" returns ok for request 0
>>>
>>>modcall[authorize]: module "mschap" returns noop for request 0
>>>
>>>modcall: group authorize returns ok for request 0
>>>
>>>rad_check_password: Found Auth-Type Digest
>>>
>>>auth: type "digest"
>>>
>>>modcall: entering group authenticate for request 0
>>>
>>>A1 = 16008:192.168.0.252:teste
>>>
>>>A2 = REGISTER:sip:192.168.0.252
>>>
>>>KD =
>>>
>>>      
>>>
>ced97c4bdc31efb9e87d518cbf7199de:4035094b8e9d86159d3443828c5dd602835c91d
>9:00000001:abcdefghi:auth:157f8b98cafef48ffc426fbd0e38c842 
>  
>
>>>modcall[authenticate]: module "digest" returns ok for request 0
>>>
>>>modcall: group authenticate returns ok for request 0
>>>
>>>radius_xlat: 'Authenticated'
>>>
>>>Login OK: [16008 at 192.168.0.252/<no User-Password attribute>] (from
>>>client localhost port 5060) Sending Access-Accept of id 111 to 
>>>127.0.0.1:32867
>>>
>>>Reply-Message = "Authenticated"
>>>
>>>Finished request 0
>>>
>>> 
>>>
>>> 
>>>
>>>========= ser.cfg file ================
>>>
>>>#
>>>
>>># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
>>>
>>>#
>>>
>>># simple quick-start config script
>>>
>>>#
>>>
>>># ----------- global configuration parameters 
>>>------------------------
>>>
>>>#debug=3 # debug level (cmd line: -dddddddddd)
>>>
>>>#fork=yes
>>>
>>>#log_stderror=no # (cmd line: -E)
>>>
>>>#/* Uncomment these lines to enter debugging mode
>>>
>>>debug=7
>>>
>>>fork=no
>>>
>>>log_stderror=yes
>>>
>>>#*/
>>>
>>>check_via=no # (cmd. line: -v)
>>>
>>>dns=no # (cmd. line: -r)
>>>
>>>rev_dns=no # (cmd. line: -R)
>>>
>>>#port=5060
>>>
>>>#children=4
>>>
>>>fifo="/tmp/ser_fifo"
>>>
>>># ------------------ module loading 
>>>----------------------------------
>>>
>>># Uncomment this if you want to use SQL database
>>>
>>>loadmodule "/usr/local/lib/ser/modules/mysql.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/sl.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/tm.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/rr.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/acc.so"
>>>
>>># Uncomment this if you want digest authentication
>>>
>>># mysql.so must be loaded !
>>>
>>>loadmodule "/usr/local/lib/ser/modules/auth.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>>>
>>>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>>>
>>># ----------------- setting module-specific parameters 
>>>---------------
>>>
>>># -- usrloc params --
>>>
>>>#modparam("usrloc", "db_mode", 0)
>>>
>>># Uncomment this if you want to use SQL database
>>>
>>># for persistent storage and comment the previous line
>>>
>>>modparam("usrloc", "db_mode", 2)
>>>
>>># -- auth params --
>>>
>>># Uncomment if you are using auth module
>>>
>>>#
>>>
>>>#modparam("auth_db", "calculate_ha1", yes)
>>>
>>>#
>>>
>>># If you set "calculate_ha1" parameter to yes (which true in this
>>>config),
>>>
>>># uncomment also the following parameter)
>>>
>>>#
>>>
>>>#modparam("auth_db", "password_column", "kknd22")
>>>
>>>modparam("auth_radius","radius_config","/usr/local/etc/radiusclient/r
>>>adiusclient.conf")
>>>
>>>
>>>modparam("auth_radius","service_type",15)
>>>
>>>modparam("acc","radius_config","/usr/local/etc/radiusclient/radiuscli
>>>ent.conf")
>>>
>>>
>>>modparam("acc", "service_type", 15)
>>>
>>>modparam("acc", "radius_flag", 1)
>>>
>>>modparam("acc", "radius_missed_flag", 2)
>>>
>>>modparam("acc","radius_flag",1)
>>>
>>> 
>>>
>>> 
>>>
>>># -- rr params --
>>>
>>># add value to ;lr param to make some broken UAs happy
>>>
>>>modparam("rr", "enable_full_lr", 1)
>>>
>>># ------------------------- request routing logic -------------------
>>>
>>># main routing logic
>>>
>>>route{
>>>
>>># initial sanity checks -- messages with
>>>
>>># max_forwards==0, or excessively long requests
>>>
>>>if (!mf_process_maxfwd_header("10")) {
>>>
>>>sl_send_reply("483","Too Many Hops");
>>>
>>>break;
>>>
>>>};
>>>
>>>if ( msg:len > max_len ) {
>>>
>>>sl_send_reply("513", "Message too big");
>>>
>>>break;
>>>
>>>};
>>>
>>># we record-route all messages -- to make sure that
>>>
>>># subsequent messages will go through our proxy; that's
>>>
>>># particularly good if upstream and downstream entities
>>>
>>># use different transport protocol
>>>
>>>record_route();
>>>
>>># loose-route processing
>>>
>>>if (loose_route()) {
>>>
>>>t_relay();
>>>
>>>break;
>>>
>>>};
>>>
>>># if the request is for other domain use UsrLoc
>>>
>>># (in case, it does not work, use the following command
>>>
>>># with proper names and addresses in it)
>>>
>>>if (uri==myself) {
>>>
>>>if (method=="REGISTER") {
>>>
>>># Uncomment this if you want to use digest authentication
>>>
>>>if (!radius_www_authorize("")) {
>>>
>>>www_challenge("", "1");
>>>
>>>break;
>>>
>>>};
>>>
>>>save("location");
>>>
>>>break;
>>>
>>>};
>>>
>>># native SIP destinations are handled using our USRLOC DB
>>>
>>>if (!lookup("location")) {
>>>
>>>sl_send_reply("404", "Not Found");
>>>
>>>break;
>>>
>>>};
>>>
>>>};
>>>
>>># forward to current uri now; use stateful forwarding; that
>>>
>>># works reliably even if we forward from TCP to UDP
>>>
>>>if (!t_relay()) {
>>>
>>>sl_reply_error();
>>>
>>>};
>>>
>>>}
>>>
>>>Thanks in advance
>>> 
>>>Jadylson Bomfim
>>>Redevox Telecom
>>>+55 34 32347813
>>>www.redevox.com.br
>>>
>>>---
>>>Outgoing mail is certified Virus Free.
>>>Checked by AVG anti-virus system (http://www.grisoft.com).
>>>Version: 6.0.592 / Virus Database: 375 - Release Date: 18/2/2004
>>>
>>>---------------------------------------------------------------------
>>>---
>>>
>>>_______________________________________________
>>>Serusers mailing list
>>>serusers at lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
>>> 
>>>
>>>      
>>>
>>_______________________________________________
>>Serusers mailing list
>>serusers at lists.iptel.org
>>http://lists.iptel.org/mailman/listinfo/serusers
>>
>>    
>>
>
>---
>Incoming mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.592 / Virus Database: 375 - Release Date: 18/2/2004
> 
>
>---
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.592 / Virus Database: 375 - Release Date: 18/2/2004
> 
>
>
>  
>

More information about the sr-users mailing list