[Serusers] SER 0.9.0 on Mandrake 10.0 with 3rd Party Radius AAA
Greger V. Teigre
greger at teigre.com
Thu May 12 10:14:16 CEST 2005
I'm not sure what the question really is? You compile the acc module with radius (edit the Makefile). See the README in modules/acc and the radius guide on iptel.org.
Basically, you define the accounting flag (ex. 1) and define how to log and every time in ser.cfg you want a message to be accounted, you do setflag(1). SER will send RADIUS accounting messages to port 1813 of your RADIUS server.
g-)
---- Original Message ----
From: Ozan Blotter
To: serusers at lists.iptel.org
Sent: Wednesday, May 11, 2005 12:31 PM
Subject: [Serusers] SER 0.9.0 on Mandrake 10.0 with 3rd Party Radius AAA
> Hi List,
>
> Is there anyone using "Advanced VoIP Billing Software", i have a few
> questions regarding to it :
>
> Both Billing Software and SER installed on same machine and LAN IP is
> 192.168.1.11 (test system)
>
> Linux Dist : Mandrake 10.0 (OS)
> Apache : Installed (base web server)
> Java : Installed (important for tomcat)
> Tomcat : Installed (important for web interface)
> Perl & PHP : Installed (and a few perl modules for various
> applications)
> MySql : Installed (advanced voip needs it and creates to database
> like "raddb" and "voipbilling")
> PostgreSql : Installed (no need for it at this time)
> Radiusclient-ng : Installed (it's needed for SER itself)
>
> I followed steps on
> http://www.iptel.org/ser/doc/ser_radius/ser_radius.html except
> freeradius server as normal.
>
> I've installed SER from RPM's for Mandrake:
>
> ser-0.9.0-1mdk.i586.rpm
> ser-jabber-0.9.0-1mdk.i586.rpm
> ser-mysql-0.9.0-1mdk.i586.rpm
> ser-radius-0.9.0-1mdk.i586.rpm
>
> <<<<< SER.CFG >>>>>
>
> [root at localhost ser]# cat ser.cfg
> #
> # $Id: ser.cfg,v 1.27 2005/03/10 14:16:25 andrei Exp $
> #
> # simple quick-start config script
> #
>
> # ----------- global configuration parameters ------------------------
>
> #debug=3 # debug level (cmd line: -dddddddddd)
> #fork=yes
> #log_stderror=no # (cmd line: -E)
> #memlog=5 # memory debug log level
> #log_facility=LOG_LOCAL0 # sets the facility used for logging (see
> syslog(3))
>
> /* Uncomment these lines to enter debugging mode
> fork=no
> log_stderror=yes
> */
>
> check_via=no # (cmd. line: -v)
> dns=no # (cmd. line: -r)
> rev_dns=no # (cmd. line: -R)
> #port=5060
> #children=4
> fifo="/tmp/ser_fifo"
> #user=ser
> #group=ser
> #fifo_user=ser # owner of the ser fifo
> #fifo_group=ser
> #fifo_mode=0660 # fifo's permissions
> #disable_core=yes #disables core dumping
> #open_fd_limit=1024 # sets the open file descriptors limit
> #mhomed=yes # usefull for multihomed hosts, small performance penalty
> #disable_tcp=yes
> #tcp_accept_aliases=yes # accepts the tcp alias via option (see NEWS)
>
> # ------------------ module loading ----------------------------------
>
> loadmodule "/usr/lib/ser/modules/sl.so"
> loadmodule "/usr/lib/ser/modules/tm.so"
> loadmodule "/usr/lib/ser/modules/rr.so"
> loadmodule "/usr/lib/ser/modules/maxfwd.so"
> loadmodule "/usr/lib/ser/modules/usrloc.so"
> loadmodule "/usr/lib/ser/modules/registrar.so"
> loadmodule "/usr/lib/ser/modules/textops.so"
> loadmodule "/usr/lib/ser/modules/auth.so"
> loadmodule "/usr/lib/ser/modules/acc.so"
> loadmodule "/usr/lib/ser/modules/auth_radius.so"
> loadmodule "/usr/lib/ser/modules/xlog.so"
>
> # ----------------- setting module-specific parameters ---------------
>
> modparam("auth_radius", "radius_config",
> "/usr/local/etc/radiusclient-ng/radiusclient.conf")
> modparam("auth_radius", "service_type", 15)
> modparam("rr", "enable_full_lr", 1)
>
> # ------------------------- request routing logic -------------------
>
> # main routing logic
>
> route{
>
> # initial sanity checks -- messages with
> # max_forwards==0, or excessively long requests
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> break;
> };
> if (msg:len >= max_len ) {
> sl_send_reply("513", "Message too big");
> break;
> };
>
> # we record-route all messages -- to make sure that
> # subsequent messages will go through our proxy; that's
> # particularly good if upstream and downstream entities
> # use different transport protocol
> if (!method=="REGISTER") record_route();
>
> # subsequent messages withing a dialog should take the
> # path determined by record-routing
> if (loose_route()) {
> # mark routing logic in request
> append_hf("P-hint: rr-enforced\r\n");
> route(1);
> break;
> };
>
> if (!uri==myself) {
> # mark routing logic in request
> append_hf("P-hint: outbound\r\n");
> route(1);
> break;
> };
>
> # if the request is for other domain use UsrLoc
> # (in case, it does not work, use the following command
> # with proper names and addresses in it)
> if (uri==myself) {
>
> if (method=="REGISTER") {
>
> # Uncomment this if you want to use digest authentication
> if (!radius_www_authorize("")) {
> www_challenge("","0");
> break;
> };
>
> save("location");
> break;
> };
>
> lookup("aliases");
> if (!uri==myself) {
> append_hf("P-hint: outbound alias\r\n");
> route(1);
> break;
> };
>
> # native SIP destinations are handled using our
> USRLOC DB
> if (!lookup("location")) {
> sl_send_reply("404", "Not Found");
> break;
> };
> };
> append_hf("P-hint: usrloc applied\r\n");
> route(1);
> }
>
> route[1]
> {
> # send it out now; use stateful forwarding as it works
> reliably
> # even for UDP2TCP
> if (!t_relay()) {
> sl_reply_error();
> };
> }
>
>
> <<<<< SER --- When I run it >>>>>
>
> [root at localhost root]# ser -c
> 0(2178) WARNING: fix_socket_list: could not rev. resolve 192.168.1.11
> 0(2178) WARNING: fix_socket_list: could not rev. resolve 192.168.1.11
> Listening on
> udp: 127.0.0.1 [127.0.0.1]:5060
> udp: 192.168.1.11 [192.168.1.11]:5060
> tcp: 127.0.0.1 [127.0.0.1]:5060
> tcp: 192.168.1.11 [192.168.1.11]:5060
> Aliases:
> tcp: localhost:5060
> udp: localhost:5060
>
> config file ok, exiting...
> [root at localhost root]
>
>
> <<<<< RADIUS --- When I run it >>>>>
>
> [root at localhost advradius]# ./runserver.sh
>
> Wed, 11 May 2005 13:05:58 095: FINE:
> <GlobalConf>
> AuthenticationPort = 1812
> AccountingPort = 1813
> BindAddress = null
> DictionaryFile = /billing/advradius/conf/dictionary
> LogDirectory = /billing/advradius/log
> LogLevel = FINE
> ConsoleWrite = true
> FileWrite = true
> ConsiderSrcIPAsNASIP = false
> </GlobalConf>
>
>
> Wed, 11 May 2005 13:05:58 739: FINE:
> <ThreadPoolManager>
> NumThreads = 10
> MaximumWorkTime = 5000
> KeepAliveTime = -1
> ExpiryThreadSleepInterval = 5000
> </ThreadPoolManager>
>
>
> Wed, 11 May 2005 13:05:58 882: FINE:
> <Client DEFAULT>
> NASIdentifier = default
> Secret = mysecret
> Realm = db
> </Client>
>
>
> Wed, 11 May 2005 13:05:58 917: FINE:
> <Realm db>
> 18AuthBy = [db]
> AcctPolicy = BACK-UP
> Accounting = [db, file_acct]
> Session = db
> </Realm>
>
>
> Wed, 11 May 2005 13:05:59 708: FINE:
> <DBParams DEFAULT>
> DriverName = org.gjt.mm.mysql.Driver
> DBURL = jdbc:mysql://127.0.0.1:3306/voipbilling
> UserName = root
> UserPassword =
> </DBParams>
>
>
> Wed, 11 May 2005 13:05:59 967: FINE:
> <AuthBy db>
> CheckList = [(5, (260, 0)) , (6, (0, 0)) ]
> ReplyList = [(1, (101, 9)) , (2, (102, 9)) , (3, (103, 9)) ,
> (4, (6, 0)) , (7, (0, 0)) ]
> BackStore = DB
> PwdEncType = 0
> SimultaneousLogin = 0
> BackStore = DB
> DBParams = null
> AuthQuery = Select CallAmnt, CallTime, ReturnCode,
> AuthServiceType, Password, OtherCheckItems, OtherReplyItems from
> TblActiveSessions where AuthConfID = $cisco-h323-conf-id and AuthType
> = @GetRequestNumber@
> AttribMapping = ColMapped
> </AuthBy>
>
>
> Wed, 11 May 2005 13:05:59 990: FINE:
> <Session db>
> BackStore = DB
> InsertSession = Insert INTO TblActiveSessions ( UserName,
> TimeStart, AuthType, CalledNumber, AuthCallingNumber,
> AuthNASIPAddress, AuthNASPort, AuthNASPortType, AuthConfID,
> CallOrigin, CallType, AcctSessionID ) values ($User-Name,
> $Event-Time, 3, $Called-Station-Id, $Calling-Station-Id,
> $NAS-IP-Address, $NAS-Port, $NAS-Port-Type, $cisco-h323-conf-id,
> $cisco-h323-call-origin, $cisco-h323-call-type, $Acct-Session-Id)
> DeleteSession = Delete from TblActiveSessions where
> AuthConfID = $cisco-h323-conf-id
> CountSession = Select count(*) from TblActiveSessions where
> LoginName = $User-Name and AuthConfId=$cisco-h323-conf-id
> BackStore = DB
> </Session>
>
>
> Wed, 11 May 2005 13:06:00 039: FINE:
> <Accounting db>
> BackStore = DB
> InsertAcct = Insert INTO TblCallsRad ( TimeClose, UserName,
> ActualDuration, CallingNumber, CalledNumber, ConfID, CallOrigin,
> CallType, AcctSessionID, NASIPAddress, BytesIn, BytesOut, DelayTime,
> AcctStatusType, RemoteAddress, RemoteGatewayID, TerminationCause, )
> values ( $Event-Time, $User-Name, $Acct-Session-Time:NUMBER,
> $Calling-Station-Id, $Called-Station-Id, $cisco-h323-conf-id,
> $cisco-h323-call-origin, $cisco-h323-call-type, $Acct-Session-Id,
> $NAS-IP-Address, $Acct-Input-Octets:NUMBER,
> $Acct-Output-Octets:NUMBER, $Acct-Delay-Time:NUMBER,
> $Acct-Status-Type, $cisco-h323-remote-address, $cisco-h323-gw-id,
> $cisco-h323-disconnect-cause, )
> QueueLength = 5000
> RecordAcctStart = FALSE
> DBParams = null
> InsertCheckpointAcct = null
> </Accounting>
>
>
> Wed, 11 May 2005 13:06:00 070: FINE:
> <Accounting file_acct>
> BackStore = FILE
> InsertAcct = null
> QueueLength = 5000
> RecordAcctStart = TRUE
>
> FileNameFormat = yyyy-MM-dd-HH.csv
> AcctDirectory = AcctLog
> </Accounting>
>
> Your evaluation license will expire in 25 day(s).
>
> Wed, 11 May 2005 13:06:00 137: INFO: Listener started at: 1812
>
> Wed, 11 May 2005 13:06:00 143: INFO: Listener started at: 1813
> Started Successfully <<<
>
> Anyone have any idea how to implement this valuable software in SER
> because we're gonna pay for it.
>
>
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20050512/e3306db4/attachment.htm>
More information about the sr-users
mailing list