<br><br><div class="gmail_quote">On Mon, Jun 15, 2009 at 10:19 AM, ASHWINI NAIDU <span dir="ltr">&lt;<a href="mailto:ashwini.naidu@gmail.com">ashwini.naidu@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
hi leon,<br><br>But i do not see your openser communicating with radiusclient.<br><br>modparam(&quot;auth_radius&quot;, &quot;radius_config&quot;,  &quot;/etc/radiusclient-ng/radiusclient.conf&quot;)<br><br>mention the path of radiusclient.conf properly. </blockquote>
<div><br><br>Your mysql support is also commented. <br><br><b>loadmodule &quot;mysql.so&quot;</b> <br><br><br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br><div><div></div><div class="h5"><br>
<br><br><br><br>  <br><br><div class="gmail_quote">On Mon, Jun 15, 2009 at 5:13 AM, Leon Li <span dir="ltr">&lt;<a href="mailto:Leon.Li@aarnet.edu.au" target="_blank">Leon.Li@aarnet.edu.au</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">

Here it is.<br>
<br>
####### Global Parameters #########<br>
<br>
debug=3<br>
log_stderror=no<br>
log_facility=LOG_LOCAL0<br>
<br>
fork=yes<br>
children=4<br>
<br>
/* uncomment the following lines to enable debugging */<br>
debug=6<br>
fork=no<br>
log_stderror=yes<br>
<br>
/* uncomment the next line to disable TCP (default on) */<br>
#disable_tcp=yes<br>
<br>
/* uncomment the next line to enable the auto temporary blacklisting of<br>
   not available destinations (default disabled) */<br>
#disable_dns_blacklist=no<br>
<br>
/* uncomment the next line to enable IPv6 lookup after IPv4 dns<br>
   lookup failures (default disabled) */ #dns_try_ipv6=yes<br>
<br>
/* uncomment the next line to disable the auto discovery of local<br>
aliases<br>
   based on revers DNS on IPs (default on) */ #auto_aliases=no<br>
<br>
/* uncomment the following lines to enable TLS support  (default off) */<br>
#disable_tls = no #listen = tls:your_IP:5061 #tls_verify_server = 1<br>
#tls_verify_client = 1 #tls_require_client_certificate = 0 #tls_method =<br>
TLSv1 #tls_certificate = &quot;/usr/local/etc/openser/tls/user/user-cert.pem&quot;<br>
#tls_private_key = &quot;/usr/local/etc/openser/tls/user/user-privkey.pem&quot;<br>
#tls_ca_list = &quot;/usr/local/etc/openser/tls/user/user-calist.pem&quot;<br>
<br>
listen=202.158.197.134<br>
port=5060<br>
<br>
/* uncomment and configure the following line if you want openser to<br>
   bind on a specific interface/port/proto (default bind on all<br>
available) */ #listen=udp:<a href="http://192.168.1.2:5060" target="_blank">192.168.1.2:5060</a><br>
<br>
<br>
####### Modules Section ########<br>
<br>
#set module path<br>
mpath=&quot;/usr/local/lib/openser/modules/&quot;<br>
<br>
/* uncomment next line for MySQL DB support */ #loadmodule &quot;mysql.so&quot;<br>
loadmodule &quot;sl.so&quot;<br>
loadmodule &quot;tm.so&quot;<br>
loadmodule &quot;rr.so&quot;<br>
loadmodule &quot;maxfwd.so&quot;<br>
loadmodule &quot;usrloc.so&quot;<br>
loadmodule &quot;registrar.so&quot;<br>
loadmodule &quot;textops.so&quot;<br>
loadmodule &quot;mi_fifo.so&quot;<br>
loadmodule &quot;uri_db.so&quot;<br>
loadmodule &quot;uri.so&quot;<br>
loadmodule &quot;xlog.so&quot;<br>
loadmodule &quot;acc.so&quot;<br>
/* uncomment next lines for MySQL based authentication support<br>
   NOTE: a DB (like mysql) module must be also loaded */ loadmodule<br>
&quot;auth.so&quot;<br>
loadmodule &quot;auth_radius.so&quot;<br>
#loadmodule &quot;auth_db.so&quot;<br>
/* uncomment next line for aliases support<br>
   NOTE: a DB (like mysql) module must be also loaded */ #loadmodule<br>
&quot;alias_db.so&quot;<br>
/* uncomment next line for multi-domain support<br>
   NOTE: a DB (like mysql) module must be also loaded<br>
   NOTE: be sure and enable multi-domain support in all used modules<br>
         (see &quot;multi-module params&quot; section ) */ #loadmodule &quot;domain.so&quot;<br>
/* uncomment the next two lines for presence server support<br>
   NOTE: a DB (like mysql) module must be also loaded */ #loadmodule<br>
&quot;presence.so&quot;<br>
#loadmodule &quot;presence_xml.so&quot;<br>
<br>
<br>
# ----------------- setting module-specific parameters ---------------<br>
<br>
<br>
# ----- mi_fifo params -----<br>
modparam(&quot;mi_fifo&quot;, &quot;fifo_name&quot;, &quot;/tmp/openser_fifo&quot;)<br>
<br>
<br>
# ----- rr params -----<br>
# add value to ;lr param to cope with most of the UAs modparam(&quot;rr&quot;,<br>
&quot;enable_full_lr&quot;, 1) # do not append from tag to the RR (no need for<br>
this script) modparam(&quot;rr&quot;, &quot;append_fromtag&quot;, 0)<br>
<br>
<br>
# ----- rr params -----<br>
modparam(&quot;registrar&quot;, &quot;method_filtering&quot;, 1)<br>
/* uncomment the next line to disable parallel forking via location */ #<br>
modparam(&quot;registrar&quot;, &quot;append_branches&quot;, 0)<br>
/* uncomment the next line not to allow more than 10 contacts per AOR */<br>
#modparam(&quot;registrar&quot;, &quot;max_contacts&quot;, 10)<br>
<br>
<br>
# ----- uri_db params -----<br>
/* by default we disable the DB support in the module as we do not need<br>
it<br>
   in this configuration */<br>
modparam(&quot;uri_db&quot;, &quot;use_uri_table&quot;, 0)<br>
modparam(&quot;uri_db&quot;, &quot;db_url&quot;, &quot;&quot;)<br>
<br>
<br>
# ----- acc params -----<br>
/* what sepcial events should be accounted ? */ modparam(&quot;acc&quot;,<br>
&quot;early_media&quot;, 1) modparam(&quot;acc&quot;, &quot;report_ack&quot;, 1) modparam(&quot;acc&quot;,<br>
&quot;report_cancels&quot;, 1)<br>
/* by default ww do not adjust the direct of the sequential requests.<br>
   if you enable this parameter, be sure the enable &quot;append_fromtag&quot;<br>
   in &quot;rr&quot; module */<br>
modparam(&quot;acc&quot;, &quot;detect_direction&quot;, 0)<br>
/* account triggers (flags) */<br>
modparam(&quot;acc&quot;, &quot;failed_transaction_flag&quot;, 3) modparam(&quot;acc&quot;,<br>
&quot;log_flag&quot;, 1) modparam(&quot;acc&quot;, &quot;log_missed_flag&quot;, 2)<br>
/* uncomment the following lines to enable DB accounting also */<br>
modparam(&quot;acc&quot;, &quot;db_flag&quot;, 1) modparam(&quot;acc&quot;, &quot;db_missed_flag&quot;, 2)<br>
<br>
# ----- multi-module params -----<br>
/* uncomment the following line if you want to enable multi-domain<br>
support<br>
   in the modules (dafault off) */<br>
#modparam(&quot;alias_db|auth_db|usrloc|uri_db&quot;, &quot;use_domain&quot;, 1)<br>
<br>
####### Routing Logic ########<br>
<br>
<br>
# main request routing logic<br>
<br>
route{<br>
<br>
        if (!mf_process_maxfwd_header(&quot;10&quot;)) {<br>
                sl_send_reply(&quot;483&quot;,&quot;Too Many Hops&quot;);<br>
                exit;<br>
        }<br>
<br>
        if (has_totag()) {<br>
                # sequential request withing a dialog should<br>
                # take the path determined by record-routing<br>
                if (loose_route()) {<br>
                        if (is_method(&quot;BYE&quot;)) {<br>
                                setflag(1); # do accouting ...<br>
                                setflag(3); # ... even if the<br>
transaction fails<br>
                        }<br>
                        route(1);<br>
                } else {<br>
                        /* uncomment the following lines if you want to<br>
enable presence */<br>
                        ##if (is_method(&quot;SUBSCRIBE&quot;) &amp;&amp; $rd ==<br>
&quot;your.server.ip.address&quot;) {<br>
                        ##      # in-dialog subscribe requests<br>
                        ##      route(2);<br>
                        ##      exit;<br>
                        ##}<br>
                        if ( is_method(&quot;ACK&quot;) ) {<br>
                                if ( t_check_trans() ) {<br>
                                        # non loose-route, but stateful<br>
ACK; must be an ACK after a 487 or e.g. 404 from upstream server<br>
                                        t_relay();<br>
                                        exit;<br>
                                } else {<br>
                                        # ACK without matching<br>
transaction ... ignore and discard.\n&quot;);<br>
                                        exit;<br>
                                }<br>
                        }<br>
                        sl_send_reply(&quot;404&quot;,&quot;Not here&quot;);<br>
                }<br>
                exit;<br>
        }<br>
<br>
        #initial requests<br>
<br>
        # CANCEL processing<br>
        if (is_method(&quot;CANCEL&quot;))<br>
        {<br>
                if (t_check_trans())<br>
                        t_relay();<br>
                exit;<br>
        }<br>
<br>
        t_check_trans();<br>
<br>
        # authenticate if from local subscriber (uncomment to enable<br>
auth)<br>
        ##if (!(method==&quot;REGISTER&quot;) &amp;&amp; from_uri==myself)<br>
        ##{<br>
        ##      if (!proxy_authorize(&quot;&quot;, &quot;subscriber&quot;)) {<br>
        ##              proxy_challenge(&quot;&quot;, &quot;0&quot;);<br>
        ##              exit;<br>
        ##      }<br>
        ##      if (!check_from()) {<br>
        ##              sl_send_reply(&quot;403&quot;,&quot;Forbidden auth ID&quot;);<br>
        ##              exit;<br>
        ##      }<br>
        ##<br>
        ##      consume_credentials();<br>
        ##      # caller authenticated<br>
        ##}<br>
<br>
        # record routing<br>
        if (!is_method(&quot;REGISTER|MESSAGE&quot;))<br>
                record_route();<br>
<br>
        # account only INVITEs<br>
        if (is_method(&quot;INVITE&quot;)) {<br>
                setflag(1); # do accouting<br>
        }<br>
        if (!uri==myself)<br>
        /* replace with following line if multi-domain support is used<br>
*/<br>
        ##if (!is_uri_host_local())<br>
        {<br>
                append_hf(&quot;P-hint: outbound\r\n&quot;);<br>
                # if you have some interdomain connections via TLS<br>
                ##if($rd==&quot;<a href="http://tls_domain1.net" target="_blank">tls_domain1.net</a>&quot;) {<br>
                ##      t_relay(&quot;tls:<a href="http://domain1.net" target="_blank">domain1.net</a>&quot;);<br>
                ##      exit;<br>
                ##} else if($rd==&quot;<a href="http://tls_domain2.net" target="_blank">tls_domain2.net</a>&quot;) {<br>
                ##      t_relay(&quot;tls:<a href="http://domain2.net" target="_blank">domain2.net</a>&quot;);<br>
                ##      exit;<br>
                ##}<br>
                route(1);<br>
        }<br>
<br>
        # requests for my domain<br>
<br>
        /* uncomment this if you want to enable presence server<br>
           and comment the next &#39;if&#39; block<br>
           NOTE: uncomment also the definition of route[2] from  below<br>
*/<br>
        ##if( is_method(&quot;PUBLISH|SUBSCRIBE&quot;))<br>
        ##              route(2);<br>
<br>
        if (is_method(&quot;PUBLISH&quot;))<br>
        {<br>
                sl_send_reply(&quot;503&quot;, &quot;Service Unavailable&quot;);<br>
                exit;<br>
        }<br>
<br>
<br>
        if (is_method(&quot;REGISTER&quot;))<br>
        {<br>
                # authenticate the REGISTER requests (uncomment to<br>
enable auth)<br>
                ##if (!www_authorize(&quot;&quot;, &quot;subscriber&quot;))<br>
                ##{<br>
                ##      www_challenge(&quot;&quot;, &quot;0&quot;);<br>
                ##      exit;<br>
                ##}<br>
                ##<br>
                ##if (!check_to())<br>
                ##{<br>
                ##      sl_send_reply(&quot;403&quot;,&quot;Forbidden auth ID&quot;);<br>
                ##      exit;<br>
                ##}<br>
<br>
                xlog(&quot;L_INFO&quot;, &quot;REGISTER for ($fU) $ru\n&quot;);<br>
                if (!radius_www_authorize(&quot;&quot;))<br>
                {<br>
                        log(1, &quot;Proxy Authentication Required<br>
(Digest)\n&quot;);<br>
                        www_challenge(&quot;&quot;, &quot;0&quot;);<br>
                        exit;<br>
                };<br>
<br>
                if (!save(&quot;location&quot;))<br>
                        sl_reply_error();<br>
<br>
                exit;<br>
        }<br>
<br>
        if ($rU==NULL) {<br>
                # request with no Username in RURI<br>
                sl_send_reply(&quot;484&quot;,&quot;Address Incomplete&quot;);<br>
                exit;<br>
        }<br>
<br>
        # apply DB based aliases (uncomment to enable)<br>
        ##alias_db_lookup(&quot;dbaliases&quot;);<br>
<br>
        if (!lookup(&quot;location&quot;)) {<br>
                switch ($retcode) {<br>
                        case -1:<br>
                        case -3:<br>
                                t_newtran();<br>
                                t_reply(&quot;404&quot;, &quot;Not Found&quot;);<br>
                                exit;<br>
                        case -2:<br>
                                sl_send_reply(&quot;405&quot;, &quot;Method Not<br>
Allowed&quot;);<br>
                                exit;<br>
                }<br>
        }<br>
<br>
        # when routing via usrloc, log the missed calls also<br>
        setflag(2);<br>
<br>
        route(1);<br>
}<br>
<br>
<br>
route[1] {<br>
        # for INVITEs enable some additional helper routes<br>
        if (is_method(&quot;INVITE&quot;)) {<br>
                t_on_branch(&quot;2&quot;);<br>
                t_on_reply(&quot;2&quot;);<br>
                t_on_failure(&quot;1&quot;);<br>
        }<br>
<br>
        if (!t_relay()) {<br>
                sl_reply_error();<br>
        };<br>
        exit;<br>
}<br>
<br>
branch_route[2] {<br>
        xlog(&quot;new branch at $ru\n&quot;);<br>
}<br>
<br>
<br>
onreply_route[2] {<br>
        xlog(&quot;incoming reply\n&quot;);<br>
}<br>
<br>
<br>
failure_route[1] {<br>
        if (t_was_cancelled()) {<br>
                exit;<br>
        }<br>
<br>
        # uncomment the following lines if you want to block client<br>
        # redirect based on 3xx replies.<br>
        ##if (t_check_status(&quot;3[0-9][0-9]&quot;)) {<br>
        ##t_reply(&quot;404&quot;,&quot;Not found&quot;);<br>
        ##      exit;<br>
        ##}<br>
<br>
        # uncomment the following lines if you want to redirect the<br>
failed<br>
        # calls to a different new destination<br>
        ##if (t_check_status(&quot;486|408&quot;)) {<br>
        ##      sethostport(&quot;<a href="http://192.168.2.100:5060" target="_blank">192.168.2.100:5060</a>&quot;);<br>
        ##      append_branch();<br>
        ##      # do not set the missed call flag again<br>
        ##      t_relay();<br>
        ##}<br>
<div>}<br>
<br>
Regards,<br>
Leon<br>
<br>
-----Original Message-----<br>
From: Uwe Kastens [mailto:<a href="mailto:kiste@kiste.org" target="_blank">kiste@kiste.org</a>]<br>
</div><div>Sent: Friday, 12 June 2009 4:51 PM<br>
To: Leon Li<br>
Cc: <a href="mailto:users@lists.opensips.org" target="_blank">users@lists.opensips.org</a><br>
Subject: Re: [OpenSIPS-Users] No RADIUS traffic<br>
<br>
Hi,<br>
<br>
</div><div>This is strange. Could you post your opensips.cfg or send it to me<br>
directly?<br>
<br>
BR<br>
<br>
Uwe<br>
<br>
<br>
<br>
</div><div><div></div><div>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</div></div></blockquote></div><br><br clear="all"><br></div></div><div><div></div><div class="h5">-- <br>Thanking You,<br>Ashwini BR Naidu<br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Thanking You,<br>Ashwini BR Naidu<br>