[Serusers] SER & freeradius !

Daniel-Constantin Mierla daniel at iptel.org
Mon Mar 15 10:49:03 CET 2004


Hello,

On 3/15/2004 5:34 AM, Anton wrote:

>Hello Daniel-Constantin Mierla & List
>
>I've followed your advice, and still not see any reply from ser when monitor
>net traffic by ethereal .
>  
>
did you see the log messages written by

xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");

for REGISTER requests?

To see more debug messages into console, set

debug=7

into your config file.

Have you tested your radius configuration as described in RADIUS  How-To? (http://iptel.org/ser/doc/ser_radius/ser_radius.html#AEN146).

.Daniel

>Please, help me configure SER.
>Thank you very much & best regard
>Anton
>
>PS:  Here is my ser.cfg:
>==================
>debug=3
>fork=yes
>log_stderror=yes
>
>check_via=no # (cmd. line: -v)
>dns=no           # (cmd. line: -r)
>rev_dns=no      # (cmd. line: -R)
>port=5060
>children=4
>fifo="/tmp/ser_fifo"
>alias="fptnet.vn"
>alias="hnluat.edu"
>alias="sgluat.edu"
>alias="sg.fptnet.com"
>alias="fptnet.com"
>
>#loadmodule "/usr/local/lib/ser/modules/mysql.so"
>loadmodule "/usr/local/lib/ser/modules/sl.so"
>loadmodule "/usr/local/lib/ser/modules/tm.so"
>loadmodule "/usr/local/lib/ser/modules/rr.so"
>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
>#loadmodule "/usr/local/lib/ser/modules/uri.so"
>loadmodule "/usr/local/lib/ser/modules/auth.so"
>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>#loadmodule "/usr/local/lib/ser/modules/acc.so"
>loadmodule "/usr/local/lib/ser/modules/xlog.so"
>
>modparam("usrloc", "db_mode",   0)
>#modparam("uri_radius", "service_type", 11)
>modparam("rr", "enable_full_lr", 1)
>modparam("auth_radius", "radius_config",
>"/usr/local/etc/radiusclient/radiusclient.conf")
>#modparam("acc", "radius_config",
>"/usr/local/etc/radiusclient/radiusclient.conf")
>#modparam("xlog", "buf_size", 8192)
>
>
>###
>#modparam("acc", "log_level", 1)
>#modparam("acc", "log_flag", 1)
>#modparam("acc", "radius_flag", 1)
>modparam("tm", "fr_inv_timer", 15 )
>modparam("tm", "fr_timer", 10 )
>modparam("auth", "secret", "testing123")
>modparam("auth_radius", "service_type", 15)
>###
>
>
>route{
>
> if (!mf_process_maxfwd_header("10")) {
>  sl_send_reply("483","Too Many Hops");
>  break;
> };
># if ( msg:len > max_len ) {
>#  sl_send_reply("513", "Message too big");
>#  break;
># };
>
> record_route();
> if (loose_route()) {
>  t_relay();
>  break;
> };
>
> if (uri==myself) {
>  xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
>  if (method=="REGISTER") {
>   # if (!www_authorize("mydomain", "subscriber")) {
>   if (!radius_www_authorize("fptnet.vn")) {
>    www_challenge("fptnet.vn", "0");
>    break;
>   };
>
>   save("location");
>   break;
>  };
>
>  setflag(1);
>  if (method=="INVITE") record_route();
>
>  if (method=="REGISTER") {
>         log(1, "REGISTER received\n");
>         } else {
>                 log(1, "non-REGISTER received\n");
>         };
>         if (uri=~"sip:.*[@:]fptnet.vn") {
>                 log(1, "request for fptnet.vn\n");
>         } else {
>                 log(1, "request for other domain received\n");
>         };
>
>  if (!lookup("location")) {
>   sl_send_reply("404", "Not Found");
>   break;
>  };
> #};
>  if (!t_relay()) {
>   sl_reply_error();
>  };
>
> };
>}
>
>
>
>=============================
>
>----- Original Message ----- 
>From: "Daniel-Constantin Mierla" <daniel at iptel.org>
>To: "Anton" <antontran at fptnet.com.vn>
>Cc: <serusers at lists.iptel.org>
>Sent: Friday, March 12, 2004 5:07 PM
>Subject: Re: [Serusers] SER & freeradius !
>
>
>  
>
>>Hello,
>>it might be possible that the condition uri=~"fptnet.vn" does not match.
>>It is better to use uri==myself and put alias="fptnet.vn" and other
>>hostnames you may have just below the line fifo="/tmp/ser_fifo".
>>
>>If still doesnt work, watch the network (using ngrep or ethereal) and
>>see how the SIP messages are routed. Also you can set log_stderror=yes,
>>start ser from a console and you will be able to see lot of debug
>>    
>>
>messages.
>  
>
>>.Daniel
>>
>>On 3/12/2004 4:22 AM, Anton wrote:
>>
>>    
>>
>>>Hello List,
>>>
>>>Please help me!
>>>I've installed Ser & followed the RADIUS Howto in ser website.
>>>Every thing seems to run, but radius is idle all the time, SIPPS
>>>cannot registre with SER.
>>>
>>>Here is my ser.cfg file
>>>
>>>What I'm wrong ?
>>>Any info is appreciated,
>>>Best regards,
>>>Anton
>>>
>>>=============================ser.cfg file ===============
>>>
>>>debug=7
>>>fork=yes
>>>log_stderror=no
>>>
>>>check_via=no # (cmd. line: -v)
>>>dns=no           # (cmd. line: -r)
>>>rev_dns=no      # (cmd. line: -R)
>>>port=5060
>>>children=4
>>>fifo="/tmp/ser_fifo"
>>>
>>>#loadmodule "/usr/local/lib/ser/modules/mysql.so"
>>>loadmodule "/usr/local/lib/ser/modules/sl.so"
>>>loadmodule "/usr/local/lib/ser/modules/tm.so"
>>>loadmodule "/usr/local/lib/ser/modules/rr.so"
>>>loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
>>>loadmodule "/usr/local/lib/ser/modules/usrloc.so"
>>>loadmodule "/usr/local/lib/ser/modules/registrar.so"
>>>#loadmodule "/usr/local/lib/ser/modules/uri_radius.so"
>>>#loadmodule "/usr/local/lib/ser/modules/uri.so"
>>>loadmodule "/usr/local/lib/ser/modules/auth.so"
>>>#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
>>>loadmodule "/usr/local/lib/ser/modules/auth_radius.so"
>>>#loadmodule "/usr/local/lib/ser/modules/acc.so"
>>>loadmodule "/usr/local/lib/ser/modules/xlog.so"
>>>
>>>modparam("usrloc", "db_mode",   0)
>>>#modparam("uri_radius", "service_type", 11)
>>>modparam("rr", "enable_full_lr", 1)
>>>modparam("auth_radius", "radius_config",
>>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>>#modparam("acc", "radius_config",
>>>"/usr/local/etc/radiusclient/radiusclient.conf")
>>>#modparam("xlog", "buf_size", 8192)
>>>
>>>
>>>###
>>>#modparam("acc", "log_level", 1)
>>>#modparam("acc", "log_flag", 1)
>>>#modparam("acc", "radius_flag", 1)
>>>modparam("tm", "fr_inv_timer", 15 )
>>>modparam("tm", "fr_timer", 10 )
>>>modparam("auth", "secret", "testing123")
>>>modparam("auth_radius", "service_type", 15)
>>>###
>>>
>>>
>>>route{
>>>
>>>    if (!mf_process_maxfwd_header("10")) {
>>>          sl_send_reply("483","Too Many Hops");
>>>          break;
>>>     };
>>># if ( msg:len > max_len ) {
>>>#  sl_send_reply("513", "Message too big");
>>>#  break;
>>># };
>>>
>>>     record_route();
>>>     if (loose_route()) {
>>>          t_relay();
>>>          break;
>>>     };
>>>
>>>     if (uri=~"fptnet.vn") {
>>>          xlog("L_ERR", " method <%rm> <%fu> <%tu>\n");
>>>          if (method=="REGISTER") {
>>>   # if (!www_authorize("mydomain", "subscriber")) {
>>>               if (!radius_www_authorize("fptnet.com.vn")) {
>>>                    www_challenge("fptnet.com.vn", "0");
>>>                    break;
>>>               };
>>>
>>>               save("location");
>>>               break;
>>>          };
>>>
>>>          setflag(1);
>>>          if (method=="INVITE") record_route();
>>>
>>>          if (method=="REGISTER") {
>>>             log(1, "REGISTER received\n");
>>>             } else {
>>>                 log(1, "non-REGISTER received\n");
>>>             };
>>>         if (uri=~"sip:.*[@:]fptnet.vn") {
>>>                 log(1, "request for fptnet.vn\n");
>>>         } else {
>>>                 log(1, "request for other domain received\n");
>>>         };
>>>
>>>  if (!lookup("location")) {
>>>   sl_send_reply("404", "Not Found");
>>>   break;
>>>  };
>>> #};
>>>  if (!t_relay()) {
>>>   sl_reply_error();
>>>  };
>>>
>>> };
>>>}
>>>
>>>
>>>
>>>
>>>
>>>------------------------------------------------------------------------
>>>
>>>_______________________________________________
>>>Serusers mailing list
>>>serusers at lists.iptel.org
>>>http://lists.iptel.org/mailman/listinfo/serusers
>>>
>>>      
>>>
>
>_______________________________________________
>Serusers mailing list
>serusers at lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>
>  
>




More information about the sr-users mailing list