[OpenSIPS-Users] Where to place acc_aaa_request ?
Bogdan-Andrei Iancu
bogdan at opensips.org
Thu May 16 16:13:53 CEST 2013
Well, do you want to do accouting via RADIUS (aaa) or via DB (in acc
table) ???
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 05/16/2013 01:18 PM, Michele Pinassi wrote:
> Thanks Bodgan for your kindly reply but now accounting don't work:
> nothing will be added to acc table !
>
> Here's the full routing logic. Maybe there's something wrong:
>
> modparam("aaa_radius", "radius_config",
> "/etc/radiusclient-ng/radiusclient.conf")
>
>
> modparam("acc", "early_media", 0)
> modparam("acc", "report_cancels", 0)
> modparam("acc", "detect_direction", 0)
> modparam("acc", "log_level", 1)
> modparam("acc", "aaa_url", "radius:/etc/radiusclient-ng/radiusclient.conf")
> modparam("acc", "aaa_flag", 1)
> modparam("acc", "aaa_extra", "via=$hdr(Via[*]); \
> Digest-User-Name=$Au; \
> Calling-Station-Id=$from; \
> Called-Station-Id=$to; \
> Sip-Translated-Request-URI=$ru; \
> Sip-RPid=$avp(s:rpid); \
> Source-IP=$avp(s:source_ip); \
> Source-Port=$avp(s:source_port); \
> SIP-Proxy-IP=$avp(s:sip_proxy_ip); \
> Canonical-URI=$avp(s:can_uri); \
>
> Divert-Reason=$avp(s:divert_reason); \
> User-Agent=$hdr(user-agent); \
> Contact=$hdr(contact); \
> Event=$hdr(event) ;\
> ENUM-TLD=$avp(s:enum_tld)")
>
>
> ####### Routing Logic ########
>
> route{
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> exit;
> }
>
> if (msg:len >= 2048 ) {
> sl_send_reply("513", "Message too big");
> exit;
> };
>
> if (check_address("4","$si","$sp","$proto")) {
> # xlog("L_INFO","IP $si Allowed");
> } else {
> xlog("L_INFO","IP $si Forbidden");
> sl_send_reply("403", "Forbidden");
> }
>
>
> if (has_totag()) {
> if (loose_route()) {
> if (is_method("BYE")) {
> setflag(1);
> } else if (is_method("INVITE")) {
> record_route();
> }
> route(1);
> } else {
> /* uncomment the following lines if you want to enable presence */
> if (is_method("SUBSCRIBE") && $rd == "voip.unisi.it") {
> route(2);
> exit;
> }
> if ( is_method("ACK") ) {
> if ( t_check_trans() ) {
> t_relay();
> exit;
> } else {
> exit;
> }
> }
> sl_send_reply("404","Not here");
> }
> exit;
> }
>
> if (is_method("CANCEL"))
> {
> if (t_check_trans())
> t_relay();
> exit;
> }
>
> if (is_method("INVITE")) {
> setflag(1);
> }
>
> t_check_trans();
>
> if (!(method=="REGISTER") && is_from_local())
> {
> if(!check_source_address("0")){
> if (!proxy_authorize("", "subscriber")) {
> proxy_challenge("", "0");
> exit;
> }
> if (!db_check_from()) {
> sl_send_reply("403","Forbidden auth ID");
> exit;
> }
>
> consume_credentials();
> # caller authenticated
> }
> }
>
> # preloaded route checking
> if (loose_route()) {
> xlog("L_ERR", "Attempt to route with preloaded Route's
> [$fu/$tu/$ru/$ci]");
> if (!is_method("ACK"))
> sl_send_reply("403","Preload Route denied");
> exit;
> }
>
> # record routing
> if (!is_method("REGISTER|MESSAGE"))
> record_route();
>
> if (!uri==myself) {
> append_hf("P-hint: outbound\r\n");
> route(1);
> }
>
> if( is_method("PUBLISH|SUBSCRIBE")) {
> route(2);
> }
>
>
> if (is_method("REGISTER")) {
> # authenticate the REGISTER requests (uncomment to enable auth)
> if (!www_authorize("", "subscriber"))
> {
> www_challenge("", "0");
> exit;
> }
>
> if (!db_check_to())
> {
> sl_send_reply("403","Forbidden auth ID");
> exit;
> }
>
> if (!save("location"))
> sl_reply_error();
>
> exit;
> }
>
> if ($rU==NULL) {
> # request with no Username in RURI
> sl_send_reply("484","Address Incomplete");
> exit;
> }
>
> # media service number? (digits starting with *)
> if($rU=~"^\*") {
> route(4);
> }
>
> # apply DB based aliases (uncomment to enable)
> alias_db_lookup("dbaliases");
>
> # do lookup with method filtering
> if (!lookup("location","m")) {
> switch ($retcode) {
> case -1: # Note here: check for blacklist numbers
> if (!check_blacklist("globalblacklist")) {
> sl_send_reply("403", "Forbidden");
> exit;
> }
> # Then route it !
> cr_user_carrier("$fU", "$fd", "$avp(carrier)");
> if($avp(carrier)==0) {
> xlog("L_INFO","Not here: default route [$fd/$fu/$rd/$ru/$si]\n");
>
> if($(rU{s.len}) < 4) {
> xlog("L_ERR", "Number incomplete/failure for $rU\n");
> prefix("FAIL_");
> route(4);
> }
>
> if(!cr_route("default", "$fd", "$rU", "$rU", "call_id",
> "$avp(host)")) {
> xlog("L_ERR", "Number not found for $rU\n");
> prefix("FAIL_");
> route(4);
> }
> } else {
> xlog("L_INFO","Not here: user route
> [$fd/$fu/$rd/$ru/$si/$avp(carrier)]\n");
> $avp(domain)="voip.unisi.it";
> if (!cr_route("$avp(carrier)", "$avp(domain)", "$rU",
> "$rU","call_id", "$avp(host)")) {
> sl_send_reply("404", "Not found");
> xlog("L_ERR", "cr_route failed\n");
> exit;
> }
> }
> t_on_failure("1");
> if (!t_relay()) {
> sl_reply_error();
> };
> exit;
> case -3: # internal error
> t_newtran();
> t_reply("404", "Not Found");
> exit;
> case -2: # method not supported
> sl_send_reply("405", "Method Not Allowed");
> exit;
> }
> }
>
> # when routing via usrloc, log the missed calls also
> # setflag(2);
>
> route(1);
> }
>
> route[1] {
> xlog("L_INFO","Route1 [$fd/$fu/$rd/$ru/$si/]\n");
>
>
> # for INVITEs enable some additional helper routes
> if (is_method("INVITE")) {
> t_on_branch("2");
> t_on_reply("2");
> t_on_failure("1");
> }
>
> if (!t_relay()) {
> sl_reply_error();
> };
> exit;
> }
>
>
> # Presence route
> route[2] {
> xlog("L_INFO","Route2 [$fd/$fu/$rd/$ru/$si/]\n");
>
> if (!t_newtran()) {
> sl_reply_error();
> exit;
> };
>
> if(is_method("PUBLISH")) {
> handle_publish();
> } else if( is_method("SUBSCRIBE")) {
> handle_subscribe();
> }
>
> exit;
> }
>
> route[4] {
> xlog("L_INFO","Route4 [$fd/$fu/$rd/$ru/$si/]\n");
>
> rewritehostport("172.20.1.5:5060");
> route(1);
> }
>
> branch_route[2] {
> xlog("L_INFO","Branch Route2 [$fd/$fu/$rd/$ru/$si/]\n");
> }
>
> onreply_route[1] {
> xlog("L_INFO","OnReply Route1 [$fd/$fu/$rd/$ru/$si/]\n");
>
> }
>
> onreply_route[2] {
> xlog("L_INFO","OnReply Route2 [$fd/$fu/$rd/$ru/$si/]\n");
>
> }
>
> failure_route[1] {
> xlog("L_INFO","Failure Route1 [$fd/$fu/$rd/$ru/$si/]\n");
>
> if (t_was_cancelled()) {
> exit;
> }
>
> if (t_check_status("408|5[0-9][0-9]")) {
> if(!cr_route("default", "$fd", "$rU", "$rU", "call_id",
> "$avp(host)")){
> t_reply("403", "Not allowed");
> } else {
> t_on_failure("2");
> t_relay();
> }
> }
> }
>
> failure_route[2] {
> xlog("L_INFO","Failure Route2 [$fd/$fu/$rd/$ru/$si/]\n");
>
> if (t_was_cancelled()) {
> exit;
> }
>
> revert_uri();
> prefix("FAILURE_");
> rewritehostport("172.20.1.5:5060");
> t_relay();
> }
>
>
> Thanks.
>
> Michele
>
>
> On 16/05/2013 10:35, Bogdan-Andrei Iancu wrote:
>> Hi Michele,
>>
>> The acc_aaa_request() function will generate a RADIUS acc request on the
>> spot, so it will happen for all your INVITEs disregarding if the calls
>> will establish or not in the future.
>>
>> If you want to account only established calls, do not use the
>> acc_aaa_request() function, but trigger the accounting via flags only.
>> Use the aaa_flag only (do not set aa_missed_flag) and it should do the
>> trick.
>>
>> Regards,
>>
>> Bogdan-Andrei Iancu
>> OpenSIPS Founder and Developer
>> http://www.opensips-solutions.com
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20130516/4e226f65/attachment-0001.htm>
More information about the Users
mailing list