[Serusers] avp_radius - ser2.1 - Access Request Contents

Greger Viken Teigre greger at teigre.com
Thu Jun 7 11:18:45 CEST 2007


Yes, and the best way to do that is to register it ;-)

------- Original message -------
From: samuel <samu60 at gmail.com>
Cc: serusers at lists.iptel.org
Sent: 7.6.'07,  11:02

> I'm not sure whether this functionality has been done in purpouse. I would
> like the coder who made it to explain the reason why it is different and
> only in the case there's no special reason, track it.
> 
> Samuel.
> 
> 2007/6/7, Greger V. Teigre <greger at teigre.com>:
> >
> >  Please register as 2.0 issue on http://tracker.iptel.org/
> > g-)
> >
> > samuel wrote:
> >
> > Hi all,
> >
> > Sorry for stepping so late in this post but I am facing exactly the same
> > "issue" and would like to call for attention from other SER 2.0 rc2
> > users/developers.
> >
> > Whenever you try to load from RADIUS user class attributes, for example
> > with
> >                                  radius_load_attr("$tu","@to.uri")
> > you get in radius only
> > User-Name = "sip:sam at test.voip.com"
> > SER-Service-Type=Get-User-Attrs.
> >
> > In case you want to load uri class attributes, for example with
> >                                 radius_load_attr("$tr","@to.uri")
> >  the Radius Request paquet has completely different contents, namely the
> > URI splited into 3 parameters SER-URI-Scheme = "sip"
> > User-Name = "sam"
> > SER-DID = "test.voip.com"
> >
> > This double format complicates unnecessarily, at least for me, radius
> > configuration or forces you to do some "dirty", at least for me, tricks in
> > order to get in the User-Name paramenter the same value so you onlyhave ONE
> > USER DEFINITION in radius config and not all the possible combinations it
> > may appear...Remember you can call load_user_attr with different arguments
> > (@ruri, at to,@ to.uri, at to.uri,username,....) and it will end up being a
> > complete mess.
> >
> > I would therefore like to standardize both methods so the same data is
> > expected in radius or that someone explain why this different methods are
> > required.
> >
> > Thanks to all!!!
> >
> > Samuel.
> >
> >
> > P.D. I'm a radius newbie, using FreeRadius, and may be there are clean
> > ways to configure RADIUS so both Access-Requests are handled in a ellegant
> > way requiring you to have only one user definition.
> >
> >
> > 2007/3/12, tzieleniewski <tzieleniewski at o2.pl>:
> > >
> > > Hi
> > >
> > > Is this correct that when I send the Get-URI-Attrs request type to
> > > radius it has the following contents:
> > >         SER-Uri-Scheme = "sip"
> > >         User-Name = "hellboy"
> > >         SER-DID = " voip.rd.touk.pl"
> > >         SER-Service-Type = Get-URI-Attrs
> > >         NAS-Port = 0
> > >         NAS-IP-Address = 127.0.0.1
> > > and when I send the Get-User_Attrs the contents are the following:
> > >         User-Name = "sip:hellboy at voip.rd.touk.pl"
> > >         SER-Service-Type = Get-User-Attrs
> > >         NAS-Port = 0
> > >         NAS-IP-Address = 127.0.0.1
> > >
> > > shouldn't here be the same split into the User-Name and SER-DID?
> > > Such form implies to have double records in radius for sip:hellboy and
> > > hellboy.
> > >
> > > Bests
> > > Tomasz
> > >
> > >
> > > > >
> > > > > tzieleniewski wrote:
> > > > > > hi!
> > > > > >
> > > > > > When I invoke the radius_load_attrs() the message send to radius
> > > has the following shape:
> > > > > > Thu Mar  8 10:50:46 2007
> > > > > >         Packet-Type = Access-Request
> > > > > >         User-Name = "sip:hellboy at voip.rd.touk.pl"
> > > > > >         SER-Service-Type = Get-User-Attrs
> > > > > >         NAS-Port = 0
> > > > > >         NAS-IP-Address = 127.0.0.1
> > > > > >
> > > > > > the message doesn't contain any authentication data like password.
> > > > > > so do I understand right that radius in such case should be
> > > configured in such a way to accept any message of the SER-Service-Type =
> > > Get-User-Attrs?
> > > > > >
> > > > > That's correct.
> > > > > > Are still the avp loaded from radius prefixed or they are just put
> > > into the particular track and class?
> > > > > >
> > > > > No prefixes.
> > > > > > Could You please give me one example of the radius one avp record
> > > and the shape in which it will appear in ser after loading.
> > > > > >
> > > > > SER-Attr -> avp[:=]value
> > > > Hi,
> > > >
> > > > I did it and connection with radius works fine - I see the
> > > Access-Request from ser being analyzed and answered by radius but I can see
> > > an avp value to appear in ser.
> > > > I did such a check:
> > > >
> > > > dump_attrs();
> > > > radius_load_attrs("$tr","@ruri");
> > > > dump_attrs();
> > > >
> > > > the following message arived at radius:
> > > >         SER-Uri-Scheme = "sip"
> > > >         User-Name = "tomix"
> > > >         SER-DID = "tezet.no-ip.org"
> > > >         SER-Service-Type = Get-URI-Attrs
> > > >         NAS-Port = 0
> > > >         NAS-IP-Address = 127.0.0.1
> > > >
> > > > and following one was answered:
> > > > Sending Access-Accept of id 85 to 127.0.0.1 port 32997
> > > >         SER-To-DID = "domain.any"
> > > >
> > > > the ser debug output haven't show any change related to did avp in to
> > > track, why is that, what do I missed?
> > > >
> > > > debug output:
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:540: class=GLOBAL
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["lang"]="en"
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:550: track=FROM
> > > class=DOMAIN
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]="tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]=" tezet.no-ip.org
> > > "
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:560: track=TO
> > > class=DOMAIN
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]=" tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]="tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:570: track=FROM
> > > class=USER
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:580: track=TO class=USER
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["uid"]=" tomix at tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:590: track=FROM class=URI
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c :600: track=TO class=URI
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["fforward_failure"]="
> > > sip:misia at tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]:  route[INBOUND]:
> > > radius_load_attrs($tr, at ruri) <ACK> < sip:tomix at tezet.no-ip.org>
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:540: class=GLOBAL
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["lang"]="en"
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:550: track=FROM
> > > class=DOMAIN
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]="tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]=" tezet.no-ip.org
> > > "
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:560: track=TO
> > > class=DOMAIN
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["did"]=" tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["digest_realm"]="tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:570: track=FROM
> > > class=USER
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:580: track=TO class=USER
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["uid"]=" tomix at tezet.no-ip.org"
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c:590: track=FROM class=URI
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: No AVP present
> > > > Mar  9 10:47:50 tomix ser[3721]: INFO: avp.c :600: track=TO class=URI
> > > > Mar  9 10:47:50 tomix ser[3721]: AVP["fforward_failure"]="
> > > sip:misia at tezet.no-ip.org"
> > > >
> > > > Bests
> > > > Tomasz
> > > >
> > > >
> > > > >
> > > > > Integer values are automatically converted from string into integer
> > > avp.
> > > > > It is the responsibility of the RADIUS server to return the correct
> > > set
> > > > > of AVP dependent on SER-Service-Type (see etc/dictionary.ser).
> > > > > g-)
> > > > > > Thank you in advance
> > > > > > Best
> > > > > > Tomasz
> > > > > > _______________________________________________
> > > > > > Serusers mailing list
> > > > > > Serusers at lists.iptel.org
> > > > > > http://lists.iptel.org/mailman/listinfo/serusers
> > > > > >
> > > > > >
> > > > > >
> > > >
> > > > _______________________________________________
> > > > Serusers mailing list
> > > > Serusers at lists.iptel.org
> > > > http://lists.iptel.org/mailman/listinfo/serusers
> > >
> > > _______________________________________________
> > > Serusers mailing list
> > > Serusers at lists.iptel.org
> > > http://lists.iptel.org/mailman/listinfo/serusers
> > >
> >
> > ------------------------------
> >
> > _______________________________________________
> > Serusers mailing list
> > Serusers at lists.iptel.orghttp://lists.iptel.org/mailman/listinfo/serusers
> >
> >
> 
> 
> ----------------
> This is partially downloaded message.
> Choose 'Download' from menu to download entire message.




More information about the sr-users mailing list