[Serusers] SER & freeradius !
Daniel-Constantin Mierla
daniel at iptel.org
Mon Mar 15 10:49:03 CET 2004
Hello,
On 3/15/2004 5:34 AM, Anton wrote:
>Hello Daniel-Constantin Mierla & List
>
>I've followed your advice, and still not see any reply from ser when monitor
>net traffic by ethereal .
>
>
did you see the log messages written by
xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
for REGISTER requests?
To see more debug messages into console, set
debug=7
into your config file.
Have you tested your radius configuration as described in RADIUS How-To? (http://iptel.org/ser/doc/ser_radius/ser_radius.html#AEN146).
.Daniel
>Please, help me configure SER.
>Thank you very much & best regard
>Anton
>
>PS: Here is my ser.cfg:
>==================
>debug=3
>fork=yes
>log_stderror=yes
>
>check_via=no # (cmd. line: -v)
>dns=no # (cmd. line: -r)
>rev_dns=no # (cmd. line: -R)
>port=5060
>children=4
>fifo="/tmp/ser_fifo"
>alias="fptnet.vn"
>alias="hnluat.edu"
>alias="sgluat.edu"
>alias="sg.fptnet.com"
>alias="fptnet.com"
>
>#loadmodule "/usr/local/lib/ser/modules/mysql.so"
>loadmodule "/usr/local/lib/ser/modules/sl.so"
>loadmodule "/usr/local/lib/ser/modules/tm.so"
>loadmodule "/usr/local/lib/ser/modules/rr.so"
>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
>#loadmodule "/usr/local/lib/ser/modules/uri.so"
>loadmodule "/usr/local/lib/ser/modules/auth.so"
>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>#loadmodule "/usr/local/lib/ser/modules/acc.so"
>loadmodule "/usr/local/lib/ser/modules/xlog.so"
>
>modparam("usrloc", "db_mode", 0)
>#modparam("uri_radius", "service_type", 11)
>modparam("rr", "enable_full_lr", 1)
>modparam("auth_radius", "radius_config",
>"/usr/local/etc/radiusclient/radiusclient.conf")
>#modparam("acc", "radius_config",
>"/usr/local/etc/radiusclient/radiusclient.conf")
>#modparam("xlog", "buf_size", 8192)
>
>
>###
>#modparam("acc", "log_level", 1)
>#modparam("acc", "log_flag", 1)
>#modparam("acc", "radius_flag", 1)
>modparam("tm", "fr_inv_timer", 15 )
>modparam("tm", "fr_timer", 10 )
>modparam("auth", "secret", "testing123")
>modparam("auth_radius", "service_type", 15)
>###
>
>
>route{
>
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> break;
> };
># if ( msg:len > max_len ) {
># sl_send_reply("513", "Message too big");
># break;
># };
>
> record_route();
> if (loose_route()) {
> t_relay();
> break;
> };
>
> if (uri==myself) {
> xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
> if (method=="REGISTER") {
> # if (!www_authorize("mydomain", "subscriber")) {
> if (!radius_www_authorize("fptnet.vn")) {
> www_challenge("fptnet.vn", "0");
> break;
> };
>
> save("location");
> break;
> };
>
> setflag(1);
> if (method=="INVITE") record_route();
>
> if (method=="REGISTER") {
> log(1, "REGISTER received\n");
> } else {
> log(1, "non-REGISTER received\n");
> };
> if (uri=~"sip:.*[@:]fptnet.vn") {
> log(1, "request for fptnet.vn\n");
> } else {
> log(1, "request for other domain received\n");
> };
>
> if (!lookup("location")) {
> sl_send_reply("404", "Not Found");
> break;
> };
> #};
> if (!t_relay()) {
> sl_reply_error();
> };
>
> };
>}
>
>
>
>=============================
>
>----- Original Message -----
>From: "Daniel-Constantin Mierla" <daniel at iptel.org>
>To: "Anton" <antontran at fptnet.com.vn>
>Cc: <serusers at lists.iptel.org>
>Sent: Friday, March 12, 2004 5:07 PM
>Subject: Re: [Serusers] SER & freeradius !
>
>
>
>
>>Hello,
>>it might be possible that the condition uri=~"fptnet.vn" does not match.
>>It is better to use uri==myself and put alias="fptnet.vn" and other
>>hostnames you may have just below the line fifo="/tmp/ser_fifo".
>>
>>If still doesnt work, watch the network (using ngrep or ethereal) and
>>see how the SIP messages are routed. Also you can set log_stderror=yes,
>>start ser from a console and you will be able to see lot of debug
>>
>>
>messages.
>
>
>>.Daniel
>>
>>On 3/12/2004 4:22 AM, Anton wrote:
>>
>>
>>
>>>Hello List,
>>>
>>>Please help me!
>>>I've installed Ser & followed the RADIUS Howto in ser website.
>>>Every thing seems to run, but radius is idle all the time, SIPPS
>>>cannot registre with SER.
>>>
>>>Here is my ser.cfg file
>>>
>>>What I'm wrong ?
>>>Any info is appreciated,
>>>Best regards,
>>>Anton
>>>
>>>=============================ser.cfg file ===============
>>>
>>>debug=7
>>>fork=yes
>>>log_stderror=no
>>>
>>>check_via=no # (cmd. line: -v)
>>>dns=no # (cmd. line: -r)
>>>rev_dns=no # (cmd. line: -R)
>>>port=5060
>>>children=4
>>>fifo="/tmp/ser_fifo"
>>>
>>>#loadmodule "/usr/local/lib/ser/modules/mysql.so"
>>>loadmodule "/usr/local/lib/ser/modules/sl.so"
>>>loadmodule "/usr/local/lib/ser/modules/tm.so"
>>>loadmodule "/usr/local/lib/ser/modules/rr.so"
>>>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>>>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>>>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>>>#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
>>>#loadmodule "/usr/local/lib/ser/modules/uri.so"
>>>loadmodule "/usr/local/lib/ser/modules/auth.so"
>>>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>>>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>>>#loadmodule "/usr/local/lib/ser/modules/acc.so"
>>>loadmodule "/usr/local/lib/ser/modules/xlog.so"
>>>
>>>modparam("usrloc", "db_mode", 0)
>>>#modparam("uri_radius", "service_type", 11)
>>>modparam("rr", "enable_full_lr", 1)
>>>modparam("auth_radius", "radius_config",
>>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>>#modparam("acc", "radius_config",
>>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>>#modparam("xlog", "buf_size", 8192)
>>>
>>>
>>>###
>>>#modparam("acc", "log_level", 1)
>>>#modparam("acc", "log_flag", 1)
>>>#modparam("acc", "radius_flag", 1)
>>>modparam("tm", "fr_inv_timer", 15 )
>>>modparam("tm", "fr_timer", 10 )
>>>modparam("auth", "secret", "testing123")
>>>modparam("auth_radius", "service_type", 15)
>>>###
>>>
>>>
>>>route{
>>>
>>> if (!mf_process_maxfwd_header("10")) {
>>> sl_send_reply("483","Too Many Hops");
>>> break;
>>> };
>>># if ( msg:len > max_len ) {
>>># sl_send_reply("513", "Message too big");
>>># break;
>>># };
>>>
>>> record_route();
>>> if (loose_route()) {
>>> t_relay();
>>> break;
>>> };
>>>
>>> if (uri=~"fptnet.vn") {
>>> xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
>>> if (method=="REGISTER") {
>>> # if (!www_authorize("mydomain", "subscriber")) {
>>> if (!radius_www_authorize("fptnet.com.vn")) {
>>> www_challenge("fptnet.com.vn", "0");
>>> break;
>>> };
>>>
>>> save("location");
>>> break;
>>> };
>>>
>>> setflag(1);
>>> if (method=="INVITE") record_route();
>>>
>>> if (method=="REGISTER") {
>>> log(1, "REGISTER received\n");
>>> } else {
>>> log(1, "non-REGISTER received\n");
>>> };
>>> if (uri=~"sip:.*[@:]fptnet.vn") {
>>> log(1, "request for fptnet.vn\n");
>>> } else {
>>> log(1, "request for other domain received\n");
>>> };
>>>
>>> if (!lookup("location")) {
>>> sl_send_reply("404", "Not Found");
>>> break;
>>> };
>>> #};
>>> if (!t_relay()) {
>>> sl_reply_error();
>>> };
>>>
>>> };
>>>}
>>>
>>>
>>>
>>>
>>>
>>>------------------------------------------------------------------------
>>>
>>>_______________________________________________
>>>Serusers mailing list
>>>serusers at lists.iptel.org
>>>http://lists.iptel.org/mailman/listinfo/serusers
>>>
>>>
>>>
>
>_______________________________________________
>Serusers mailing list
>serusers at lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>
>
>
More information about the sr-users
mailing list