[Serusers] SER 0.9.0 on Mandrake 10.0 with 3rd Party Radius AAA
Ozan Blotter
cosmocid at ispro.net.tr
Wed May 11 12:31:55 CEST 2005
Hi List,
Is there anyone using "Advanced VoIP Billing Software", i have a few questions regarding to it :
Both Billing Software and SER installed on same machine and LAN IP is 192.168.1.11 (test system)
Linux Dist : Mandrake 10.0 (OS)
Apache : Installed (base web server)
Java : Installed (important for tomcat)
Tomcat : Installed (important for web interface)
Perl & PHP : Installed (and a few perl modules for various applications)
MySql : Installed (advanced voip needs it and creates to database like "raddb" and "voipbilling")
PostgreSql : Installed (no need for it at this time)
Radiusclient-ng : Installed (it's needed for SER itself)
I followed steps on http://www.iptel.org/ser/doc/ser_radius/ser_radius.html except freeradius server as normal.
I've installed SER from RPM's for Mandrake:
ser-0.9.0-1mdk.i586.rpm
ser-jabber-0.9.0-1mdk.i586.rpm
ser-mysql-0.9.0-1mdk.i586.rpm
ser-radius-0.9.0-1mdk.i586.rpm
<<<<< SER.CFG >>>>>
[root at localhost ser]# cat ser.cfg
#
# $Id: ser.cfg,v 1.27 2005/03/10 14:16:25 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
#memlog=5 # memory debug log level
#log_facility=LOG_LOCAL0 # sets the facility used for logging (see syslog(3))
/* Uncomment these lines to enter debugging mode
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
#user=ser
#group=ser
#fifo_user=ser # owner of the ser fifo
#fifo_group=ser
#fifo_mode=0660 # fifo's permissions
#disable_core=yes #disables core dumping
#open_fd_limit=1024 # sets the open file descriptors limit
#mhomed=yes # usefull for multihomed hosts, small performance penalty
#disable_tcp=yes
#tcp_accept_aliases=yes # accepts the tcp alias via option (see NEWS)
# ------------------ module loading ----------------------------------
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
loadmodule "/usr/lib/ser/modules/textops.so"
loadmodule "/usr/lib/ser/modules/auth.so"
loadmodule "/usr/lib/ser/modules/acc.so"
loadmodule "/usr/lib/ser/modules/auth_radius.so"
loadmodule "/usr/lib/ser/modules/xlog.so"
# ----------------- setting module-specific parameters ---------------
modparam("auth_radius", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("auth_radius", "service_type", 15)
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if (msg:len >= max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER") record_route();
# subsequent messages withing a dialog should take the
# path determined by record-routing
if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
break;
};
if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
route(1);
break;
};
# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authentication
if (!radius_www_authorize("")) {
www_challenge("","0");
break;
};
save("location");
break;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
break;
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
append_hf("P-hint: usrloc applied\r\n");
route(1);
}
route[1]
{
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
}
<<<<< SER --- When I run it >>>>>
[root at localhost root]# ser -c
0(2178) WARNING: fix_socket_list: could not rev. resolve 192.168.1.11
0(2178) WARNING: fix_socket_list: could not rev. resolve 192.168.1.11
Listening on
udp: 127.0.0.1 [127.0.0.1]:5060
udp: 192.168.1.11 [192.168.1.11]:5060
tcp: 127.0.0.1 [127.0.0.1]:5060
tcp: 192.168.1.11 [192.168.1.11]:5060
Aliases:
tcp: localhost:5060
udp: localhost:5060
config file ok, exiting...
[root at localhost root]
<<<<< RADIUS --- When I run it >>>>>
[root at localhost advradius]# ./runserver.sh
Wed, 11 May 2005 13:05:58 095: FINE:
<GlobalConf>
AuthenticationPort = 1812
AccountingPort = 1813
BindAddress = null
DictionaryFile = /billing/advradius/conf/dictionary
LogDirectory = /billing/advradius/log
LogLevel = FINE
ConsoleWrite = true
FileWrite = true
ConsiderSrcIPAsNASIP = false
</GlobalConf>
Wed, 11 May 2005 13:05:58 739: FINE:
<ThreadPoolManager>
NumThreads = 10
MaximumWorkTime = 5000
KeepAliveTime = -1
ExpiryThreadSleepInterval = 5000
</ThreadPoolManager>
Wed, 11 May 2005 13:05:58 882: FINE:
<Client DEFAULT>
NASIdentifier = default
Secret = mysecret
Realm = db
</Client>
Wed, 11 May 2005 13:05:58 917: FINE:
<Realm db>
18AuthBy = [db]
AcctPolicy = BACK-UP
Accounting = [db, file_acct]
Session = db
</Realm>
Wed, 11 May 2005 13:05:59 708: FINE:
<DBParams DEFAULT>
DriverName = org.gjt.mm.mysql.Driver
DBURL = jdbc:mysql://127.0.0.1:3306/voipbilling
UserName = root
UserPassword =
</DBParams>
Wed, 11 May 2005 13:05:59 967: FINE:
<AuthBy db>
CheckList = [(5, (260, 0)) , (6, (0, 0)) ]
ReplyList = [(1, (101, 9)) , (2, (102, 9)) , (3, (103, 9)) , (4, (6, 0)) , (7, (0, 0)) ]
BackStore = DB
PwdEncType = 0
SimultaneousLogin = 0
BackStore = DB
DBParams = null
AuthQuery = Select CallAmnt, CallTime, ReturnCode, AuthServiceType, Password, OtherCheckItems, OtherReplyItems from TblActiveSessions where AuthConfID = $cisco-h323-conf-id and AuthType = @GetRequestNumber@
AttribMapping = ColMapped
</AuthBy>
Wed, 11 May 2005 13:05:59 990: FINE:
<Session db>
BackStore = DB
InsertSession = Insert INTO TblActiveSessions ( UserName, TimeStart, AuthType, CalledNumber, AuthCallingNumber, AuthNASIPAddress, AuthNASPort, AuthNASPortType, AuthConfID, CallOrigin, CallType, AcctSessionID ) values ($User-Name, $Event-Time, 3, $Called-Station-Id, $Calling-Station-Id, $NAS-IP-Address, $NAS-Port, $NAS-Port-Type, $cisco-h323-conf-id, $cisco-h323-call-origin, $cisco-h323-call-type, $Acct-Session-Id)
DeleteSession = Delete from TblActiveSessions where AuthConfID = $cisco-h323-conf-id
CountSession = Select count(*) from TblActiveSessions where LoginName = $User-Name and AuthConfId=$cisco-h323-conf-id
BackStore = DB
</Session>
Wed, 11 May 2005 13:06:00 039: FINE:
<Accounting db>
BackStore = DB
InsertAcct = Insert INTO TblCallsRad ( TimeClose, UserName, ActualDuration, CallingNumber, CalledNumber, ConfID, CallOrigin, CallType, AcctSessionID, NASIPAddress, BytesIn, BytesOut, DelayTime, AcctStatusType, RemoteAddress, RemoteGatewayID, TerminationCause, ) values ( $Event-Time, $User-Name, $Acct-Session-Time:NUMBER, $Calling-Station-Id, $Called-Station-Id, $cisco-h323-conf-id, $cisco-h323-call-origin, $cisco-h323-call-type, $Acct-Session-Id, $NAS-IP-Address, $Acct-Input-Octets:NUMBER, $Acct-Output-Octets:NUMBER, $Acct-Delay-Time:NUMBER, $Acct-Status-Type, $cisco-h323-remote-address, $cisco-h323-gw-id, $cisco-h323-disconnect-cause, )
QueueLength = 5000
RecordAcctStart = FALSE
DBParams = null
InsertCheckpointAcct = null
</Accounting>
Wed, 11 May 2005 13:06:00 070: FINE:
<Accounting file_acct>
BackStore = FILE
InsertAcct = null
QueueLength = 5000
RecordAcctStart = TRUE
FileNameFormat = yyyy-MM-dd-HH.csv
AcctDirectory = AcctLog
</Accounting>
Your evaluation license will expire in 25 day(s).
Wed, 11 May 2005 13:06:00 137: INFO: Listener started at: 1812
Wed, 11 May 2005 13:06:00 143: INFO: Listener started at: 1813
Started Successfully <<<
Anyone have any idea how to implement this valuable software in SER because we're gonna pay for it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20050511/2815d322/attachment.htm>
More information about the sr-users
mailing list