[Serusers] SER & freeradius !
Anton
antontran at fptnet.com.vn
Mon Mar 15 08:20:51 CET 2004
Hello Daniel-Constantin Mierla & List
Very interesting that when I've commented out the line about to
authentification, e.g:
if (!radius_www_authorize("fptnet.vn")) {
www_challenge("fptnet.vn", "0");
break;
};
it works ! SIPPC can registred with SER !
What am I wrong ?
Please HELP !
Multiple thanks & regards,
Anton
----- Original Message -----
From: "Anton" <antontran at fptnet.com.vn>
To: <daniel at iptel.org>
Cc: <serusers at lists.iptel.org>
Sent: Monday, March 15, 2004 11:34 AM
Subject: Re: [Serusers] SER & freeradius !
> Hello Daniel-Constantin Mierla & List
>
> I've followed your advice, and still not see any reply from ser when
monitor
> net traffic by ethereal .
>
> Please, help me configure SER.
> Thank you very much & best regard
> Anton
>
> PS: Here is my ser.cfg:
> ==================
> debug=3
> fork=yes
> log_stderror=yes
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> port=5060
> children=4
> fifo="/tmp/ser_fifo"
> alias="fptnet.vn"
> alias="hnluat.edu"
> alias="sgluat.edu"
> alias="sg.fptnet.com"
> alias="fptnet.com"
>
> #loadmodule "/usr/local/lib/ser/modules/mysql.so"
> loadmodule "/usr/local/lib/ser/modules/sl.so"
> loadmodule "/usr/local/lib/ser/modules/tm.so"
> loadmodule "/usr/local/lib/ser/modules/rr.so"
> loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> loadmodule "/usr/local/lib/ser/modules/registrar.so"
> #loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
> #loadmodule "/usr/local/lib/ser/modules/uri.so"
> loadmodule "/usr/local/lib/ser/modules/auth.so"
> #loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
> #loadmodule "/usr/local/lib/ser/modules/acc.so"
> loadmodule "/usr/local/lib/ser/modules/xlog.so"
>
> modparam("usrloc", "db_mode", 0)
> #modparam("uri_radius", "service_type", 11)
> modparam("rr", "enable_full_lr", 1)
> modparam("auth_radius", "radius_config",
> "/usr/local/etc/radiusclient/radiusclient.conf")
> #modparam("acc", "radius_config",
> "/usr/local/etc/radiusclient/radiusclient.conf")
> #modparam("xlog", "buf_size", 8192)
>
>
> ###
> #modparam("acc", "log_level", 1)
> #modparam("acc", "log_flag", 1)
> #modparam("acc", "radius_flag", 1)
> modparam("tm", "fr_inv_timer", 15 )
> modparam("tm", "fr_timer", 10 )
> modparam("auth", "secret", "testing123")
> modparam("auth_radius", "service_type", 15)
> ###
>
>
> route{
>
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> break;
> };
> # if ( msg:len > max_len ) {
> # sl_send_reply("513", "Message too big");
> # break;
> # };
>
> record_route();
> if (loose_route()) {
> t_relay();
> break;
> };
>
> if (uri==myself) {
> xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
> if (method=="REGISTER") {
> # if (!www_authorize("mydomain", "subscriber")) {
> if (!radius_www_authorize("fptnet.vn")) {
> www_challenge("fptnet.vn", "0");
> break;
> };
>
> save("location");
> break;
> };
>
> setflag(1);
> if (method=="INVITE") record_route();
>
> if (method=="REGISTER") {
> log(1, "REGISTER received\n");
> } else {
> log(1, "non-REGISTER received\n");
> };
> if (uri=~"sip:.*[@:]fptnet.vn") {
> log(1, "request for fptnet.vn\n");
> } else {
> log(1, "request for other domain received\n");
> };
>
> if (!lookup("location")) {
> sl_send_reply("404", "Not Found");
> break;
> };
> #};
> if (!t_relay()) {
> sl_reply_error();
> };
>
> };
> }
>
>
>
> =============================
>
> ----- Original Message -----
> From: "Daniel-Constantin Mierla" <daniel at iptel.org>
> To: "Anton" <antontran at fptnet.com.vn>
> Cc: <serusers at lists.iptel.org>
> Sent: Friday, March 12, 2004 5:07 PM
> Subject: Re: [Serusers] SER & freeradius !
>
>
> > Hello,
> > it might be possible that the condition uri=~"fptnet.vn" does not match.
> > It is better to use uri==myself and put alias="fptnet.vn" and other
> > hostnames you may have just below the line fifo="/tmp/ser_fifo".
> >
> > If still doesnt work, watch the network (using ngrep or ethereal) and
> > see how the SIP messages are routed. Also you can set log_stderror=yes,
> > start ser from a console and you will be able to see lot of debug
> messages.
> >
> > .Daniel
> >
> > On 3/12/2004 4:22 AM, Anton wrote:
> >
> > > Hello List,
> > >
> > > Please help me!
> > > I've installed Ser & followed the RADIUS Howto in ser website.
> > > Every thing seems to run, but radius is idle all the time, SIPPS
> > > cannot registre with SER.
> > >
> > > Here is my ser.cfg file
> > >
> > > What I'm wrong ?
> > > Any info is appreciated,
> > > Best regards,
> > > Anton
> > >
> > > =============================ser.cfg file ===============
> > >
> > > debug=7
> > > fork=yes
> > > log_stderror=no
> > >
> > > check_via=no # (cmd. line: -v)
> > > dns=no # (cmd. line: -r)
> > > rev_dns=no # (cmd. line: -R)
> > > port=5060
> > > children=4
> > > fifo="/tmp/ser_fifo"
> > >
> > > #loadmodule "/usr/local/lib/ser/modules/mysql.so"
> > > loadmodule "/usr/local/lib/ser/modules/sl.so"
> > > loadmodule "/usr/local/lib/ser/modules/tm.so"
> > > loadmodule "/usr/local/lib/ser/modules/rr.so"
> > > loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> > > loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> > > loadmodule "/usr/local/lib/ser/modules/registrar.so"
> > > #loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
> > > #loadmodule "/usr/local/lib/ser/modules/uri.so"
> > > loadmodule "/usr/local/lib/ser/modules/auth.so"
> > > #loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> > > loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
> > > #loadmodule "/usr/local/lib/ser/modules/acc.so"
> > > loadmodule "/usr/local/lib/ser/modules/xlog.so"
> > >
> > > modparam("usrloc", "db_mode", 0)
> > > #modparam("uri_radius", "service_type", 11)
> > > modparam("rr", "enable_full_lr", 1)
> > > modparam("auth_radius", "radius_config",
> > > "/usr/local/etc/radiusclient/radiusclient.conf")
> > > #modparam("acc", "radius_config",
> > > "/usr/local/etc/radiusclient/radiusclient.conf")
> > > #modparam("xlog", "buf_size", 8192)
> > >
> > >
> > > ###
> > > #modparam("acc", "log_level", 1)
> > > #modparam("acc", "log_flag", 1)
> > > #modparam("acc", "radius_flag", 1)
> > > modparam("tm", "fr_inv_timer", 15 )
> > > modparam("tm", "fr_timer", 10 )
> > > modparam("auth", "secret", "testing123")
> > > modparam("auth_radius", "service_type", 15)
> > > ###
> > >
> > >
> > > route{
> > >
> > > if (!mf_process_maxfwd_header("10")) {
> > > sl_send_reply("483","Too Many Hops");
> > > break;
> > > };
> > > # if ( msg:len > max_len ) {
> > > # sl_send_reply("513", "Message too big");
> > > # break;
> > > # };
> > >
> > > record_route();
> > > if (loose_route()) {
> > > t_relay();
> > > break;
> > > };
> > >
> > > if (uri=~"fptnet.vn") {
> > > xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
> > > if (method=="REGISTER") {
> > > # if (!www_authorize("mydomain", "subscriber")) {
> > > if (!radius_www_authorize("fptnet.com.vn")) {
> > > www_challenge("fptnet.com.vn", "0");
> > > break;
> > > };
> > >
> > > save("location");
> > > break;
> > > };
> > >
> > > setflag(1);
> > > if (method=="INVITE") record_route();
> > >
> > > if (method=="REGISTER") {
> > > log(1, "REGISTER received\n");
> > > } else {
> > > log(1, "non-REGISTER received\n");
> > > };
> > > if (uri=~"sip:.*[@:]fptnet.vn") {
> > > log(1, "request for fptnet.vn\n");
> > > } else {
> > > log(1, "request for other domain received\n");
> > > };
> > >
> > > if (!lookup("location")) {
> > > sl_send_reply("404", "Not Found");
> > > break;
> > > };
> > > #};
> > > if (!t_relay()) {
> > > sl_reply_error();
> > > };
> > >
> > > };
> > > }
> > >
> > >
> > >
> > >
> > >
> >
>------------------------------------------------------------------------
> > >
> > >_______________________________________________
> > >Serusers mailing list
> > >serusers at lists.iptel.org
> > >http://lists.iptel.org/mailman/listinfo/serusers
> > >
>
More information about the sr-users
mailing list