[Serusers] bugs on alias or save location
Edgardo O. Gonzales II
edgardo.g at pacific.net.ph
Tue May 17 15:19:11 CEST 2005
but I did not use save location on my config file .. what I defined is save
alias and lookup alias only..
below is my running config file .. please do some comment .. thanks ..
# ------------------------- request routing logic -------------------
# main routing logic
route{ setflag(2);
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
if (!method=="REGISTER") record_route();
if (loose_route()) {
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
append_hf("P-hint: outbound\r\n");
sl_send_reply("403", "Forbidden Unauthorized Domain");
break;
};
if (uri=~"zipper.pacific.net.ph") {
if ((method=="BYE")||(method=="ACK")){
setflag(2);
}
if (method=="REGISTER") {
route(2);
break;
};
if (method=="INVITE") {
route(3);
break;
};
if (uri!=myself) {
route(1);
break;
};
}
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
if (!t_relay()) {
sl_reply_error();
};
}
route[2] {
log(1, "REGISTER: Authenticating user\n");
if (!radius_www_authorize("")) {
www_challenge("","0");
break; };
save("aliases"); consume_credentials(); break;
if (!save("location")) {
sl_reply_error();
};
}
route[3] {
if (!radius_www_authorize("domain.com")) {
www_challenge("domain.com","1");
break; }
consume_credentials();
lookup("aliases");
if (uri!=myself) { route(1); break; };
if (!lookup("location")) {
if (method=="INVITE" || method=="ACK") {
sl_send_reply("404", "Extension number does not exist");
break;
};
sl_send_reply("404", "Extension number does not exist");
break;
} else { setflag(3); t_relay(); break; };
route(1);
}
===========================
At 07:46 PM 5/17/2005, Samuel Osorio Calvo wrote:
>Hi,
>
>the "normal" mechanism is to have two table, aliases and location. In the
>first one you have a "permament" binding between a an alias and the user
>name (AoR). In the latter, you update the binding between the username
>(AoR) and the current location treating the incoming REGISTER with
>save("location").
>
>In your attached config file there is save("location"), which will update
>the location table:
>
> > if (method=="REGISTER") {
> >
> ># Uncomment this if you want to use digest
> >authentication
> > if
> >(!www_authorize("justser.com", "subscriber")) {
> >
> >www_challenge("justser.com", "0");
> > break;
> > };
> >
> > save("location");
> > break;
> > };
>
>, so you would have:
> ALIASES LOCATION
>900--->test test--->UA'sIP
>
>When you do lookup("location") in
>
> > # native SIP destinations are handled
> >using our USRLOC DB
> > if (!lookup("location")) {
> > sl_send_reply("404", "Not
> >Found");
> > break;
> > };
> > };
>
>you will rewrite the Req-URI to the binding existing in the location
>table, that's why they can reach the user with the username. And you
>sohuld do it because the user's UA will recognise requests with test in
>the Req-URI as targeted to itself but not requests with 900 in the Req-URI.
>That's why you should make something like
>lookup("aliases");
>lookup("location");
>in the config file to handle aliases.
>
>If you don't want other people to reach the user with the AoR (I'm
>wondering you would like suche feature...): you should make somehting like
>(it's just a possible approach from many differents and don't know if it
>will work always....just experiment):
>
>if( lookup("aliases") ){
> if( ! lookup("location") ){
> sl_send_reply("404", "Not Found");
> break;
> }
>}
>
>Hope it's clearer.....
>
>Samuel
>
>
>
>Unclassified.
> >>> "Edgardo O. Gonzales II" <edgardo.g at pacific.net.ph> 05/17/05 01:20PM >>>
>
>
>Hi!
>
>
>I have a little problem with regards to alias and my routing table because
>as I understand the logic of logging and authorization, client can login using
>a username and password assigned by the administrator.
>
>For example, I have the following information
>
>username : test
>password : test123
>extension / alias : 900
>
>By enabling radius support, for aaa, I was able to login using my username
>and password.
>Other parties can also call my extension / alias number which is 900 but I
>wonder why they can
>also call my username which is test. I have save("alias") on my config.
>
>why is this happening.
>
>thanks,
>ed
>
>
>At 03:24 AM 5/17/2005, Jose Bertuzzi wrote:
> >Hello guys; I have everything in place to acc into
> >mysql. I am already logging some BYEs, INVITEs and
> >ACKs.
> >
> >Where do I have to place the setflag statement to
> >properly log messages from and/to gw 66.166.166.66
> >only?
> >
> >My ser.cfg is as follows:
> >
> >
> ># $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei
> >Exp $
> >#
> ># simple quick-start config script
> >#
> >
> ># ----------- global configuration parameters
> >------------------------
> >
> >#debug=3 # debug level (cmd line: -dddddddddd)
> >#fork=yes
> >#log_stderror=no # (cmd line: -E)
> >
> >/* Uncomment these lines to enter debugging mode
> >debug=7
> >fork=no
> >log_stderror=yes
> >*/
> >
> >check_via=no # (cmd. line: -v)
> >dns=no # (cmd. line: -r)
> >rev_dns=no # (cmd. line: -R)
> >#port=5060
> >#children=4
> >fifo="/tmp/ser_fifo"
> >#fifo_mode=0666
> >
> >
> ># ------------------ module loading
> >----------------------------------
> >
> ># Uncomment this if you want to use SQL database
> >loadmodule "/usr/local/lib/ser/modules/mysql.so"
> >
> >loadmodule "/usr/local/lib/ser/modules/sl.so"
> >loadmodule "/usr/local/lib/ser/modules/tm.so"
> >loadmodule "/usr/local/lib/ser/modules/rr.so"
> >loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> >loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> >loadmodule "/usr/local/lib/ser/modules/registrar.so"
> >loadmodule "/usr/local/lib/ser/modules/acc.so"
> >#loadmodule "/usr/local/lib/ser/modules/group.so"
> >
> >
> ># Uncomment this if you want digest authentication
> ># mysql.so must be loaded !
> >loadmodule "/usr/local/lib/ser/modules/auth.so"
> >loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> >
> ># ----------------- setting module-specific parameters
> >---------------
> >
> ># -- usrloc params --
> >
> >#modparam("usrloc", "db_mode", 0)
> >
> ># Uncomment this if you want to use SQL database
> ># for persistent storage and comment the previous line
> >modparam("usrloc", "db_mode", 2)
> >
> ># -- auth params --
> ># Uncomment if you are using auth module
> >#
> >modparam("auth_db", "calculate_ha1", yes)
> >#
> ># If you set "calculate_ha1" parameter to yes (which
> >true in this config),
> ># uncomment also the following parameter)
> >#
> >modparam("auth_db", "password_column", "password")
> >
> ># -- rr params --
> ># add value to ;lr param to make some broken UAs happy
> >modparam("rr", "enable_full_lr", 1)
> >
> >
> ># -- acc params --
> >
> >modparam("acc", "db_url",
> >"mysql://ser:heslo@localhost/ser")
> >#modparam("acc", "log_level", 1)
> >#modparam("acc", "log_flag", 1)
> >modparam("acc", "db_flag", 1)
> >
> >
> >
> ># ------------------------- request routing logic
> >-------------------
> >
> ># main routing logic
> >
> >route{
> >
> > # initial sanity checks -- messages with
> > # max_forwards==0, or excessively long
> >requests
> > if (!mf_process_maxfwd_header("10")) {
> > sl_send_reply("483","Too Many Hops");
> > break;
> > };
> > if ( msg:len > max_len ) {
> > sl_send_reply("513", "Message too
> >big");
> > break;
> > };
> >
> > # we record-route all messages -- to make sure
> >that
> > # subsequent messages will go through our
> >proxy; that's
> > # particularly good if upstream and downstream
> >entities
> > # use different transport protocol
> > record_route();
> > # loose-route processing
> > if (loose_route()) {
> > t_relay();
> > break;
> > };
> >
> > # if the request is for other domain use
> >UsrLoc
> > # (in case, it does not work, use the
> >following command
> > # with proper names and addresses in it)
> > if (uri=~"justser.com") {
> >
> > if (src_ip==66.166.166.66 and
> >method=="INVITE") { ## Llamadas desde PSTN
> > forward(uri:host, uri:port);
> > ##
> > break;
> > ##
> > };
> > ##
> >
> >
> > if (method=="REGISTER") {
> >
> ># Uncomment this if you want to use digest
> >authentication
> > if
> >(!www_authorize("justser.com", "subscriber")) {
> >
> >www_challenge("justser.com", "0");
> > break;
> > };
> >
> > save("location");
> > break;
> > };
> >
> >
> >
> > if
> >(uri=~"^sip:1305[0-9]*@justser.com") { ##
> > prefix("3000#");
> > ##
> >
> >rewritehostport("66.166.166.66:5060"); ##
> >TERMINATION
> > forward(uri:host, uri:port);
> > ## AREA CODE 305
> > #setflag(1); ##
> > break;
> > ##
> > };
> > ##
> >
> >
> > if
> >(uri=~"^sip:1786[0-9]*@justser.com") { ##
> > prefix("3000#");
> > ##
> >
> >rewritehostport("66.166.166.66:5060"); ##
> >TERMINATION
> > forward(uri:host, uri:port);
> > ## AREA CODE 786
> > break;
> > ##
> > };
> > ##
> >
> >
> >
> >
> > # native SIP destinations are handled
> >using our USRLOC DB
> > if (!lookup("location")) {
> > sl_send_reply("404", "Not
> >Found");
> > break;
> > };
> > };
> > # forward to current uri now; use stateful
> >forwarding; that
> > # works reliably even if we forward from TCP
> >to UDP
> >
> > setflag(1);
> >
> > if (!t_relay()) {
> > sl_reply_error();
> > };
> >
> >}
> >
> >
> >
> >
> >Yahoo! Mail
> >Stay connected, organized, and protected. Take the tour:
> >http://tour.mail.yahoo.com/mailtour.html
> >
> >_______________________________________________
> >Serusers mailing list
> >serusers at lists.iptel.org
> >http://lists.iptel.org/mailman/listinfo/serusers
>
>_______________________________________________
>Serusers mailing list
>serusers at lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list