hi leon,<br><br>But i do not see your opensips communicating with radiusclient.<br><br>modparam("auth_radius", "radius_config", "/etc/radiusclient-ng/radiusclient.conf")<br><br>mention the path of radiusclient.conf properly.<br>
<br><br><br><br> <br><br><div class="gmail_quote">On Mon, Jun 15, 2009 at 5:13 AM, Leon Li <span dir="ltr"><<a href="mailto:Leon.Li@aarnet.edu.au">Leon.Li@aarnet.edu.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Here it is.<br>
<br>
####### Global Parameters #########<br>
<br>
debug=3<br>
log_stderror=no<br>
log_facility=LOG_LOCAL0<br>
<br>
fork=yes<br>
children=4<br>
<br>
/* uncomment the following lines to enable debugging */<br>
debug=6<br>
fork=no<br>
log_stderror=yes<br>
<br>
/* uncomment the next line to disable TCP (default on) */<br>
#disable_tcp=yes<br>
<br>
/* uncomment the next line to enable the auto temporary blacklisting of<br>
not available destinations (default disabled) */<br>
#disable_dns_blacklist=no<br>
<br>
/* uncomment the next line to enable IPv6 lookup after IPv4 dns<br>
lookup failures (default disabled) */ #dns_try_ipv6=yes<br>
<br>
/* uncomment the next line to disable the auto discovery of local<br>
aliases<br>
based on revers DNS on IPs (default on) */ #auto_aliases=no<br>
<br>
/* uncomment the following lines to enable TLS support (default off) */<br>
#disable_tls = no #listen = tls:your_IP:5061 #tls_verify_server = 1<br>
#tls_verify_client = 1 #tls_require_client_certificate = 0 #tls_method =<br>
TLSv1 #tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"<br>
#tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"<br>
#tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"<br>
<br>
listen=202.158.197.134<br>
port=5060<br>
<br>
/* uncomment and configure the following line if you want openser to<br>
bind on a specific interface/port/proto (default bind on all<br>
available) */ #listen=udp:<a href="http://192.168.1.2:5060" target="_blank">192.168.1.2:5060</a><br>
<br>
<br>
####### Modules Section ########<br>
<br>
#set module path<br>
mpath="/usr/local/lib/openser/modules/"<br>
<br>
/* uncomment next line for MySQL DB support */ #loadmodule "mysql.so"<br>
loadmodule "sl.so"<br>
loadmodule "tm.so"<br>
loadmodule "rr.so"<br>
loadmodule "maxfwd.so"<br>
loadmodule "usrloc.so"<br>
loadmodule "registrar.so"<br>
loadmodule "textops.so"<br>
loadmodule "mi_fifo.so"<br>
loadmodule "uri_db.so"<br>
loadmodule "uri.so"<br>
loadmodule "xlog.so"<br>
loadmodule "acc.so"<br>
/* uncomment next lines for MySQL based authentication support<br>
NOTE: a DB (like mysql) module must be also loaded */ loadmodule<br>
"auth.so"<br>
loadmodule "auth_radius.so"<br>
#loadmodule "auth_db.so"<br>
/* uncomment next line for aliases support<br>
NOTE: a DB (like mysql) module must be also loaded */ #loadmodule<br>
"alias_db.so"<br>
/* uncomment next line for multi-domain support<br>
NOTE: a DB (like mysql) module must be also loaded<br>
NOTE: be sure and enable multi-domain support in all used modules<br>
(see "multi-module params" section ) */ #loadmodule "domain.so"<br>
/* uncomment the next two lines for presence server support<br>
NOTE: a DB (like mysql) module must be also loaded */ #loadmodule<br>
"presence.so"<br>
#loadmodule "presence_xml.so"<br>
<br>
<br>
# ----------------- setting module-specific parameters ---------------<br>
<br>
<br>
# ----- mi_fifo params -----<br>
modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")<br>
<br>
<br>
# ----- rr params -----<br>
# add value to ;lr param to cope with most of the UAs modparam("rr",<br>
"enable_full_lr", 1) # do not append from tag to the RR (no need for<br>
this script) modparam("rr", "append_fromtag", 0)<br>
<br>
<br>
# ----- rr params -----<br>
modparam("registrar", "method_filtering", 1)<br>
/* uncomment the next line to disable parallel forking via location */ #<br>
modparam("registrar", "append_branches", 0)<br>
/* uncomment the next line not to allow more than 10 contacts per AOR */<br>
#modparam("registrar", "max_contacts", 10)<br>
<br>
<br>
# ----- uri_db params -----<br>
/* by default we disable the DB support in the module as we do not need<br>
it<br>
in this configuration */<br>
modparam("uri_db", "use_uri_table", 0)<br>
modparam("uri_db", "db_url", "")<br>
<br>
<br>
# ----- acc params -----<br>
/* what sepcial events should be accounted ? */ modparam("acc",<br>
"early_media", 1) modparam("acc", "report_ack", 1) modparam("acc",<br>
"report_cancels", 1)<br>
/* by default ww do not adjust the direct of the sequential requests.<br>
if you enable this parameter, be sure the enable "append_fromtag"<br>
in "rr" module */<br>
modparam("acc", "detect_direction", 0)<br>
/* account triggers (flags) */<br>
modparam("acc", "failed_transaction_flag", 3) modparam("acc",<br>
"log_flag", 1) modparam("acc", "log_missed_flag", 2)<br>
/* uncomment the following lines to enable DB accounting also */<br>
modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2)<br>
<br>
# ----- multi-module params -----<br>
/* uncomment the following line if you want to enable multi-domain<br>
support<br>
in the modules (dafault off) */<br>
#modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)<br>
<br>
####### Routing Logic ########<br>
<br>
<br>
# main request routing logic<br>
<br>
route{<br>
<br>
if (!mf_process_maxfwd_header("10")) {<br>
sl_send_reply("483","Too Many Hops");<br>
exit;<br>
}<br>
<br>
if (has_totag()) {<br>
# sequential request withing a dialog should<br>
# take the path determined by record-routing<br>
if (loose_route()) {<br>
if (is_method("BYE")) {<br>
setflag(1); # do accouting ...<br>
setflag(3); # ... even if the<br>
transaction fails<br>
}<br>
route(1);<br>
} else {<br>
/* uncomment the following lines if you want to<br>
enable presence */<br>
##if (is_method("SUBSCRIBE") && $rd ==<br>
"your.server.ip.address") {<br>
## # in-dialog subscribe requests<br>
## route(2);<br>
## exit;<br>
##}<br>
if ( is_method("ACK") ) {<br>
if ( t_check_trans() ) {<br>
# non loose-route, but stateful<br>
ACK; must be an ACK after a 487 or e.g. 404 from upstream server<br>
t_relay();<br>
exit;<br>
} else {<br>
# ACK without matching<br>
transaction ... ignore and discard.\n");<br>
exit;<br>
}<br>
}<br>
sl_send_reply("404","Not here");<br>
}<br>
exit;<br>
}<br>
<br>
#initial requests<br>
<br>
# CANCEL processing<br>
if (is_method("CANCEL"))<br>
{<br>
if (t_check_trans())<br>
t_relay();<br>
exit;<br>
}<br>
<br>
t_check_trans();<br>
<br>
# authenticate if from local subscriber (uncomment to enable<br>
auth)<br>
##if (!(method=="REGISTER") && from_uri==myself)<br>
##{<br>
## if (!proxy_authorize("", "subscriber")) {<br>
## proxy_challenge("", "0");<br>
## exit;<br>
## }<br>
## if (!check_from()) {<br>
## sl_send_reply("403","Forbidden auth ID");<br>
## exit;<br>
## }<br>
##<br>
## consume_credentials();<br>
## # caller authenticated<br>
##}<br>
<br>
# record routing<br>
if (!is_method("REGISTER|MESSAGE"))<br>
record_route();<br>
<br>
# account only INVITEs<br>
if (is_method("INVITE")) {<br>
setflag(1); # do accouting<br>
}<br>
if (!uri==myself)<br>
/* replace with following line if multi-domain support is used<br>
*/<br>
##if (!is_uri_host_local())<br>
{<br>
append_hf("P-hint: outbound\r\n");<br>
# if you have some interdomain connections via TLS<br>
##if($rd=="<a href="http://tls_domain1.net" target="_blank">tls_domain1.net</a>") {<br>
## t_relay("tls:<a href="http://domain1.net" target="_blank">domain1.net</a>");<br>
## exit;<br>
##} else if($rd=="<a href="http://tls_domain2.net" target="_blank">tls_domain2.net</a>") {<br>
## t_relay("tls:<a href="http://domain2.net" target="_blank">domain2.net</a>");<br>
## exit;<br>
##}<br>
route(1);<br>
}<br>
<br>
# requests for my domain<br>
<br>
/* uncomment this if you want to enable presence server<br>
and comment the next 'if' block<br>
NOTE: uncomment also the definition of route[2] from below<br>
*/<br>
##if( is_method("PUBLISH|SUBSCRIBE"))<br>
## route(2);<br>
<br>
if (is_method("PUBLISH"))<br>
{<br>
sl_send_reply("503", "Service Unavailable");<br>
exit;<br>
}<br>
<br>
<br>
if (is_method("REGISTER"))<br>
{<br>
# authenticate the REGISTER requests (uncomment to<br>
enable auth)<br>
##if (!www_authorize("", "subscriber"))<br>
##{<br>
## www_challenge("", "0");<br>
## exit;<br>
##}<br>
##<br>
##if (!check_to())<br>
##{<br>
## sl_send_reply("403","Forbidden auth ID");<br>
## exit;<br>
##}<br>
<br>
xlog("L_INFO", "REGISTER for ($fU) $ru\n");<br>
if (!radius_www_authorize(""))<br>
{<br>
log(1, "Proxy Authentication Required<br>
(Digest)\n");<br>
www_challenge("", "0");<br>
exit;<br>
};<br>
<br>
if (!save("location"))<br>
sl_reply_error();<br>
<br>
exit;<br>
}<br>
<br>
if ($rU==NULL) {<br>
# request with no Username in RURI<br>
sl_send_reply("484","Address Incomplete");<br>
exit;<br>
}<br>
<br>
# apply DB based aliases (uncomment to enable)<br>
##alias_db_lookup("dbaliases");<br>
<br>
if (!lookup("location")) {<br>
switch ($retcode) {<br>
case -1:<br>
case -3:<br>
t_newtran();<br>
t_reply("404", "Not Found");<br>
exit;<br>
case -2:<br>
sl_send_reply("405", "Method Not<br>
Allowed");<br>
exit;<br>
}<br>
}<br>
<br>
# when routing via usrloc, log the missed calls also<br>
setflag(2);<br>
<br>
route(1);<br>
}<br>
<br>
<br>
route[1] {<br>
# for INVITEs enable some additional helper routes<br>
if (is_method("INVITE")) {<br>
t_on_branch("2");<br>
t_on_reply("2");<br>
t_on_failure("1");<br>
}<br>
<br>
if (!t_relay()) {<br>
sl_reply_error();<br>
};<br>
exit;<br>
}<br>
<br>
branch_route[2] {<br>
xlog("new branch at $ru\n");<br>
}<br>
<br>
<br>
onreply_route[2] {<br>
xlog("incoming reply\n");<br>
}<br>
<br>
<br>
failure_route[1] {<br>
if (t_was_cancelled()) {<br>
exit;<br>
}<br>
<br>
# uncomment the following lines if you want to block client<br>
# redirect based on 3xx replies.<br>
##if (t_check_status("3[0-9][0-9]")) {<br>
##t_reply("404","Not found");<br>
## exit;<br>
##}<br>
<br>
# uncomment the following lines if you want to redirect the<br>
failed<br>
# calls to a different new destination<br>
##if (t_check_status("486|408")) {<br>
## sethostport("<a href="http://192.168.2.100:5060" target="_blank">192.168.2.100:5060</a>");<br>
## append_branch();<br>
## # do not set the missed call flag again<br>
## t_relay();<br>
##}<br>
<div class="im">}<br>
<br>
Regards,<br>
Leon<br>
<br>
-----Original Message-----<br>
From: Uwe Kastens [mailto:<a href="mailto:kiste@kiste.org">kiste@kiste.org</a>]<br>
</div><div class="im">Sent: Friday, 12 June 2009 4:51 PM<br>
To: Leon Li<br>
Cc: <a href="mailto:users@lists.opensips.org">users@lists.opensips.org</a><br>
Subject: Re: [OpenSIPS-Users] No RADIUS traffic<br>
<br>
Hi,<br>
<br>
</div><div class="im">This is strange. Could you post your opensips.cfg or send it to me<br>
directly?<br>
<br>
BR<br>
<br>
Uwe<br>
<br>
<br>
<br>
</div><div><div></div><div class="h5">_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Thanking You,<br>Ashwini BR Naidu<br>