[Freeswitch-users] Dialplan authentication
Густаво Силва
gfs at etherway.ru
Thu Apr 16 11:29:16 MSD 2015
I have turned xml_radius_debug on to check what is happening. I got this:
Dialplan: sofia/internal/1003 at 192.168.56.101 Action radius_auth() INLINE
EXECUTE sofia/internal/1003 at 192.168.56.101 radius_auth()
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:988 mod_xml_radius:
starting app authentication
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:77 Attempting to add
param 'authserver' with value '192.168.56.103:1812:testing123'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:77 Attempting to add
param 'radius_timeout' with value '10'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:77 Attempting to add
param 'radius_retries' with value '2'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:77 Attempting to add
param 'radius_deadtime' with value '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:77 Attempting to add
param 'dictionary' with value
'/usr/local/src/freeswitch/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:77 Attempting to add
param 'seqfile' with value '/var/run/radius.seq'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'h323-conf-id' value '589848' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:356 mod_xml_radius:
dict vend name 'Cisco' vendorpec '9'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: 9aeb0262-e409-11e4-a468-d1036799cb44
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'Cisco-AVPair' value '589825' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:356 mod_xml_radius:
dict vend name 'Cisco' vendorpec '9'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: h323-call-id=9aeb0262-e409-11e4-a468-d1036799cb44
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'Cisco-AVPair' value '589825' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:356 mod_xml_radius:
dict vend name 'Cisco' vendorpec '9'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: src-gw-ip=192.168.56.1
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'Cisco-AVPair' value '589825' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:356 mod_xml_radius:
dict vend name 'Cisco' vendorpec '9'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: src-gw-name=1003
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'Cisco-AVPair' value '589825' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:356 mod_xml_radius:
dict vend name 'Cisco' vendorpec '9'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: src-number-in=1003
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'Cisco-AVPair' value '589825' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:356 mod_xml_radius:
dict vend name 'Cisco' vendorpec '9'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: dst-number-in=1000
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'Called-Station-Id' value '30' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: 1000
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'Calling-Station-Id' value '31' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: 1003
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:340 mod_xml_radius:
dict attr 'User-Name' value '1' type '0'
2015-04-16 03:24:23.358128 [ERR] mod_xml_radius.c:476 mod_xml_radius:
value: 1003
2015-04-16 03:24:24.358161 [ERR] mod_xml_radius.c:1015 mod_xml_radius:
result(RC=2)
2015-04-16 03:24:24.358161 [ERR] mod_xml_radius.c:1023 mod_xml_radius:
Failed to authenticate
My xml_radius conf, in the auth_app section is set as:
<auth_app>
<connection name="testing">
<param name="authserver" value="192.168.56.103:1812:testing123"/>
<param name="radius_timeout" value="10"/>
<param name="radius_retries" value="2"/>
<param name="radius_deadtime" value="0"/>
<param name="dictionary"
value="/usr/local/src/freeswitch/src/mod/xml_int/mod_xml_radius/dictionaries/dictionary"/>
<param name="seqfile" value="/var/run/radius.seq"/>
</connection>
<fields>
<param vendor="Cisco" name="h323-conf-id"
variable_secondary="uuid" variable="originating_leg_uuid" format="%s"/>
<param vendor="Cisco" name="Cisco-AVPair" variable="uuid"
format="h323-call-id=%s"/>
<param vendor="Cisco" name="Cisco-AVPair"
variable="sip_network_ip" format="src-gw-ip=%s"/>
<param vendor="Cisco" name="Cisco-AVPair"
variable="sip_from_user" format="src-gw-name=%s"/>
<param vendor="Cisco" name="Cisco-AVPair"
variable="sip_from_user" format="src-number-in=%s" />
<param vendor="Cisco" name="Cisco-AVPair" variable="sip_to_user"
format="dst-number-in=%s" />
<param name="Called-Station-Id" variable="sip_to_user" format="%s"/>
<param name="Calling-Station-Id" variable="sip_from_user"
format="%s"/>
<param name="User-Name" variable="sip_from_user" format="%s"/>
</fields>
</auth_app>
Regards,
Gustavo
On 16.04.2015 09:47, Gustavo Silva wrote:
> These errors have shown up in radius.log:
>
>
> Tue Apr 14 17:24:11 2015 : Auth: Login OK: [1008/<via Auth-Type =
> DIGEST>] (from client localhost port 0 cli 1008)
> Tue Apr 14 17:24:11 2015 : Info: rlm_radutmp: Login entry for NAS
> localhost port 0 duplicate
> Tue Apr 14 17:24:11 2015 : Auth: Login incorrect: [<no User-Name
> attribute>/<no User-Password attribute>] (from client localhost port 0
> cli 1008)
> Tue Apr 14 17:24:14 2015 : Error: rlm_radutmp: Logout for NAS localhost
> port 0, but no Login record
>
>
>
> Sent from my BlackBerry 10 smartphone.
> *From: *Sergey Safarov
> *Sent: *четверг, 16 апреля 2015 г., 9:43
> *To: *FreeSWITCH Users Help
> *Reply To: *FreeSWITCH Users Help
> *Subject: *Re: [Freeswitch-users] Dialplan authentication
>
>
> Are you see auth requests on RADIUS server side?
> Are there errors in RADIUS server log?
>
> On Thu, Apr 16, 2015 at 7:52 AM, Gustavo Silva <silvagustavo at yandex.ru
> <mailto:silvagustavo at yandex.ru>> wrote:
>
> So we back to the beginning.
>
> How can I use mod_xml_radius in dialplan?
>
> I have set up something like this:
>
>>>>
>>>> <extension name="auth" continue="true">
>>>> <condition field="${radius_auth_result}"
>>>> expression="^0$">
>>>> <action application="radius_auth"
>>>> inline="true"/>
>>>> </condition>
>>>> </extension>
>>>>
>
> But I got authentication failed.
>
>
>
>
> Sent from my BlackBerry 10 smartphone.
> *From: *Sergey Safarov
> *Sent: *четверг, 16 апреля 2015 г., 7:04
> *To: *FreeSWITCH Users Help
> *Reply To: *FreeSWITCH Users Help
> *Subject: *Re: [Freeswitch-users] Dialplan authentication
>
>
> I recommend return all required data in response and not use
> mod_rad_auth module.
>
>
> On Wed, Apr 15, 2015, 18:12 Sergey Safarov <s.safarov at gmail.com
> <mailto:s.safarov at gmail.com>> wrote:
>
> If you see mod_xml_radius.c string 667, then you can find that
> FS create variables from RADIUS server responce.
> Try return from RADIUS server vendor spectific attribute (VSA)
> with password value.
> Then call "info" application from dialplan and locate password
> value in variables.
>
> Sergey
>
> On Wed, Apr 15, 2015 at 3:17 PM, Густаво Силва
> <gfs at etherway.ru <mailto:gfs at etherway.ru>> wrote:
>
> I would like to use this approach:
> <action inline="false" application="set"
> data="PASSWD=${user_data(${caller_id_number}@${sip_from_host}
> param password)}"/>
>
> I dont know how I could access the password of the
> registered user who is making a call, to authenticate (or
> check billing) with the rad_auth module if I am using
> xml_radius module.
>
> First I had tested only the mod rad_auth as Sergey had
> mentioned. It had worked. Know I am working together with
> the xml_radius module.
>
> On 15.04.2015 14:55, Gustavo Silva wrote:
>> So, in dialplan I could access this parameter by ${vm_pass}?
>>
>> Sent from my BlackBerry 10 smartphone.
>> *From: *Борисов, Дмитрий / Dmitriy Borisov
>> *Sent: *среда, 15 апреля 2015 г., 14:51
>> *To: *FreeSWITCH Users Help
>> *Reply To: *FreeSWITCH Users Help
>> *Subject: *Re: [Freeswitch-users] Dialplan authentication
>>
>>
>> Hi!
>>
>> If you use rad_auth dialplan command, then after using it
>> you will have Freeswitch-AVPair channel variable with
>> value vm_pass=1234
>> If you use auth_invite or auth_reg, than mod_xml_radius
>> will create user param with name Freeswitch-AVPair and
>> value vm_pass=1234 in result directory
>>
>> 2015-04-15 13:56 GMT+03:00 Густаво Силва <gfs at etherway.ru
>> <mailto:gfs at etherway.ru>>:
>>
>> It works.
>>
>> Man, just more one question, how can I get the value
>> of this variable in my diaplan? I am using
>> mod_xml_radius.
>>
>> Freeswitch-AVPair = "vm_pass=1234"
>>
>>
>>
>>
>>
>>
>> On 15.04.2015 12:08, Sergey Safarov wrote:
>>> Add strings to dialplan like
>>> <action inline="true" application="set"
>>> data="GWID=${h323-gw-id}"/>
>>> <action inline="true" application="set"
>>> data="TRANSACTIONID=h323-ivr-out=transactionID:1234"/>
>>> <action inline="true" application="set"
>>> data="CALLEDNUMBER=${destination_number}"/>
>>> <action inline="true" application="set"
>>> data="CALLINGNUMBER=${caller_id_number}"/>
>>>
>>> You can try comment this attributs in rad_auth.conf.xml
>>>
>>>
>>>
>>> On Wed, Apr 15, 2015 at 11:26 AM, Густаво Силва
>>> <gfs at etherway.ru <mailto:gfs at etherway.ru>> wrote:
>>>
>>> Sergey, do you know why I am getting these
>>> variables undefined?
>>>
>>> [ERR] mod_rad_auth.c:178 Undefined channel
>>> variable: GWID.
>>> [ERR] mod_rad_auth.c:178 Undefined channel
>>> variable: TRANSACTIONID.
>>> [ERR] mod_rad_auth.c:178 Undefined channel
>>> variable: CALLEDNUMBER.
>>> [ERR] mod_rad_auth.c:178 Undefined channel
>>> variable: CALLINGNUMBER.
>>>
>>>
>>>
>>>
>>> On 14.04.2015 22:34, Sergey Safarov wrote:
>>>> In provided example password stored in directory.
>>>> Directory can be in mod_xml_radius
>>>> (https://freeswitch.org/confluence/display/FREESWITCH/mod_xml_radius)
>>>> or other dynamically generated directory.
>>>>
>>>>
>>>> On Tue, Apr 14, 2015 at 9:56 PM, Gustavo Silva
>>>> <silvagustavo at yandex.ru
>>>> <mailto:silvagustavo at yandex.ru>> wrote:
>>>>
>>>> Hi Sergey,
>>>>
>>>> Tks for the help but there is a catch in
>>>> this solution. I will be still having the
>>>> password and user name in freeswitch server.
>>>>
>>>> I would like that the radius server handles
>>>> it.
>>>>
>>>> Is there a way with the rad_auth module
>>>> where I wouldn't need to set up password in
>>>> diaplan file? All the authentication should
>>>> be done with the radius server.
>>>>
>>>> I say that because, for example: I have 200
>>>> users, with diferentes passwords configured
>>>> in the radius server. So, by this solution
>>>> with rad_auth module, I should also have
>>>> 200 different password in the diaplan
>>>> configuration, right?
>>>>
>>>> Regards,
>>>> Gustavo
>>>>
>>>> Sent from my BlackBerry 10 smartphone.
>>>> *From: *Sergey Safarov
>>>> *Sent: *вторник, 14 апреля 2015 г., 21:16
>>>> *To: *FreeSWITCH Users Help
>>>> *Reply To: *FreeSWITCH Users Help
>>>> *Subject: *Re: [Freeswitch-users] Dialplan
>>>> authentication
>>>>
>>>>
>>>> This can help you
>>>>
>>>> [root at fs1 autoload_configs]# cat
>>>> rad_auth.conf.xml
>>>> <configuration name="rad_auth.conf"
>>>> description="radius authentification module">
>>>> <settings>
>>>> <!-- backward compatibility to allow
>>>> radiusclient config file instead of an
>>>> embedded config -->
>>>> <!-- <param name="radius_config"
>>>> value="/usr/local/etc/radiusclient/radiusclient.conf"/>
>>>> -->
>>>> </settings>
>>>>
>>>> <client>
>>>> <param name="authserver"
>>>> value="10.40.0.5:1814:x7h6t4g"/>
>>>> <param name="dictionary"
>>>> value="/etc/radiusclient/dictionary.all"/>
>>>> <param name="seqfile"
>>>> value="/var/run/radius.seq"/>
>>>> <param name="mapfile"
>>>> value="/etc/radiusclient/port-id-map"/>
>>>> <param name="default_realm" value=""/>
>>>> <param name="radius_timeout" value="1"/>
>>>> <param name="radius_retries" value="0"/>
>>>> <param name="radius_deadtime" value="0"/>
>>>> <param name="bindaddr" value="*"/>
>>>> </client>
>>>>
>>>> <vsas>
>>>> <!--
>>>> name: just a description
>>>> value: direct input or variable
>>>> pec: vendor ID (0 for default, 9 for cisco...)
>>>> expr: 0 - direct input (string), 1 -
>>>> channel variable
>>>> direction: in for radius-request, out for
>>>> radius-response
>>>> -->
>>>>
>>>> <!-- mappings for radius request message;
>>>> input attributes -->
>>>> <param name="h323-conf-id" id="24"
>>>> value="CALLID" pec="9" expr="1"
>>>> direction="in"/>
>>>> <param name="h323-gw-id" id="33"
>>>> value="GWID" pec="9" expr="1" direction="in"/>
>>>> <param name="Cisco-AVPair" id="1"
>>>> value="TRANSACTIONID" pec="9" expr="1"
>>>> direction="in"/>
>>>> <param name="Called-Station-Id" id="30"
>>>> value="CALLEDNUMBER" pec="0" expr="1"
>>>> direction="in"/>
>>>> <param name="Calling-Station-Id" id="31"
>>>> value="CALLINGNUMBER" pec="0" expr="1"
>>>> direction="in"/>-->
>>>> <param name="NAS-Port-Type" id="61"
>>>> value="0" pec="0" expr="0" direction="in"/>
>>>> <param name="Login-User" id="1" value="1"
>>>> pec="0" expr="0" direction="in"/> -->
>>>>
>>>> <!-- mappings for radius-response message;
>>>> output values from returning outributes -->
>>>> <param name="CREDIT_AMOUNT" id="101"
>>>> value="credit_amount" pec="9" expr="0"
>>>> direction="out"/>
>>>> <param name="CURRENCY" id="110"
>>>> value="currency" pec="9" expr="0"
>>>> direction="out"/>
>>>> <param name="CREDIT_TIME" id="102"
>>>> value="h323-credit_time" pec="9" expr="0"
>>>> direction="out"/>
>>>> <param name="PER_MINUTE_PRICE" id="251"
>>>> value="Cisco-Servicce-Info" pec="9"
>>>> expr="0" direction="out"/>
>>>> <param name="PREFFERED_LANG" id="107"
>>>> value="preffered_lang" pec="9" expr="0"
>>>> direction="out"/>
>>>> <param name="H323-IVR-IN:DIRATION" id="1"
>>>> value="h323_ivr_duration" pec="9" expr="0"
>>>> direction="out"/> -->
>>>> <param name="RADIUS_RETURN_CODE" id="103"
>>>> value="return_code" pec="9" expr="0"
>>>> direction="out"/>
>>>> <!-- expr param is to be ignored here-->
>>>> </vsas>
>>>> </configuration>
>>>> [root at fs1 autoload_configs]#
>>>>
>>>> Dialplan fragment
>>>> <extension name="operator-rad-auth"
>>>> continue="true">
>>>> <condition regex="any">
>>>> <regex field="${accountcode}"
>>>> expression="^8$"/>
>>>> </condition>
>>>> <condition field="${destination_number}"
>>>> expression="^\+(\d+)$">
>>>> <action application="export"
>>>> data="h323-gw-id=${accountcode_bleg}"/>
>>>> <action application="unset"
>>>> data="disable_radius_start"/>
>>>> <action application="unset"
>>>> data="disable_radius_stop"/>
>>>> <action inline="true" application="set"
>>>> data="CALLID=h323-conf-id=${uuid}"/>
>>>> <action inline="true" application="set"
>>>> data="GWID=${accountcode_bleg}"/>
>>>> <action inline="true" application="set"
>>>> data="USERNAME=login at operator.ru
>>>> <mailto:login at operator.ru>"/>
>>>> <action inline="true" application="set"
>>>> data="PASSWD=xxxxxxxx"/>
>>>> <action inline="true" application="set"
>>>> data="DIALED_NUMBER=$1"/>
>>>> <action application="auth_function"
>>>> data="in ${DIALED_NUMBER}, in ${USERNAME},
>>>> in ${PASSWD}, out AUTH_RESULT"/>
>>>> </condition>
>>>> </extension>
>>>>
>>>> Log fragment
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> parsing
>>>> [mr24.gateways.rcsnet.ru->operator-rad-auth] continue=true
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Regex
>>>> (PASS) [operator-rad-auth]
>>>> ${accountcode}(8) =~ /^8$/ match=any
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Regex
>>>> (PASS) [operator-rad-auth]
>>>> ${destination_number}(+749593377xx) =~
>>>> /^\+(\d+)$/ break=on-false
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> export(h323-gw-id=${accountcode_bleg})
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> unset(disable_radius_start)
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> unset(disable_radius_stop)
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> set(CALLID=h323-conf-id=${uuid}) INLINE
>>>> EXECUTE
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> set(CALLID=h323-conf-id=bd091212-e2b0-11e4-98e2-d102deb9a97d)
>>>> 2015-04-14 14:15:43.446357 [DEBUG]
>>>> mod_dptools.c:1435
>>>> sofia/mr24/00000796396528xx at gateways.operator.ru
>>>> <mailto:00000796396528xx at gateways.operator.ru>
>>>> SET
>>>> [CALLID]=[h323-conf-id=bd091212-e2b0-11e4-98e2-d102deb9a97d]
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> set(GWID=${accountcode_bleg}) INLINE
>>>> EXECUTE
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> set(GWID=1460)
>>>> 2015-04-14 14:15:43.446357 [DEBUG]
>>>> mod_dptools.c:1435
>>>> sofia/mr24/00000796396528xx at gateways.rcsnet.ru
>>>> <mailto:00000796396528xx at gateways.rcsnet.ru> SET
>>>> [GWID]=[1460]
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> set(USERNAME=login at operator.ru
>>>> <mailto:login at operator.ru>) INLINE
>>>> EXECUTE
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> set(USERNAME=login at operator.ru
>>>> <mailto:login at operator.ru>)
>>>> 2015-04-14 14:15:43.446357 [DEBUG]
>>>> mod_dptools.c:1435
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> SET
>>>> [USERNAME]=[login at operator.ru
>>>> <mailto:login at operator.ru>]
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> set(PASSWD=xxxxxxxx) INLINE
>>>> EXECUTE
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> set(PASSWD=xxxxxxxx)
>>>> 2015-04-14 14:15:43.446357 [DEBUG]
>>>> mod_dptools.c:1435
>>>> sofia/mr24/00000796396528xx at gateways.operator.ru
>>>> <mailto:00000796396528xx at gateways.operator.ru>
>>>> SET [PASSWD]=[xxxxxxxxxxx]
>>>> Dialplan:
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> set(DIALED_NUMBER=749593377xx) INLINE
>>>> EXECUTE
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> set(DIALED_NUMBER=749593377xx)
>>>> 2015-04-14 14:15:43.446357 [DEBUG]
>>>> mod_dptools.c:1435
>>>> sofia/mr24/00000796396528xx at gateways.rcsnet.ru
>>>> <mailto:00000796396528xx at gateways.rcsnet.ru> SET
>>>> [DIALED_NUMBER]=[749593377xx]
>>>> sofia/mr24/0000079639652834 at gateways.rcsnet.ru
>>>> <mailto:0000079639652834 at gateways.rcsnet.ru> Action
>>>> auth_function(in ${DIALED_NUMBER}, in
>>>> ${USERNAME}, in ${PASSWD}, out AUTH_RESULT)
>>>> ..........
>>>>
>>>> bd091212-e2b0-11e4-98e2-d102deb9a97d
>>>> EXECUTE
>>>> sofia/mr24/00000796396528xx at gateways.operator.ru
>>>> <mailto:00000796396528xx at gateways.operator.ru>
>>>> auth_function(in 74959337786, in
>>>> login at operator.ru
>>>> <mailto:login at operator.ru>, in
>>>> xxxxxxxxxxxx, out AUTH_RESULT)
>>>> [DEBUG] mod_rad_auth.c:301 allocate initial
>>>> structure.
>>>> [DEBUG] mod_rad_auth.c:313 initialzed
>>>> configuration.
>>>> [DEBUG] mod_rad_auth.c:318 set authserver
>>>> := 10.40.0.5:1814:xxxxxxxx.
>>>> [DEBUG] mod_rad_auth.c:318 set dictionary
>>>> := /etc/radiusclient/dictionary.all.
>>>> [DEBUG] mod_rad_auth.c:318 set seqfile :=
>>>> /var/run/radius.seq.
>>>> [DEBUG] mod_rad_auth.c:318 set mapfile :=
>>>> /etc/radiusclient/port-id-map.
>>>> [DEBUG] mod_rad_auth.c:318 set
>>>> default_realm := .
>>>> [DEBUG] mod_rad_auth.c:318 set
>>>> radius_timeout := 1.
>>>> [DEBUG] mod_rad_auth.c:318 set
>>>> radius_retries := 0.
>>>> [DEBUG] mod_rad_auth.c:318 set
>>>> radius_deadtime := 0.
>>>> [DEBUG] mod_rad_auth.c:318 set bindaddr := *.
>>>> [DEBUG] mod_rad_auth.c:371 ... radius:
>>>> User-Name: login at operator.ru
>>>> <mailto:login at operator.ru>
>>>> [DEBUG] mod_rad_auth.c:380 ... radius:
>>>> User-Password: xxxxxxxxxxxxxxxxxx
>>>> DEBUG] mod_rad_auth.c:396 ... radius:
>>>> Called-station-Id: 74959337786
>>>> [DEBUG] mod_rad_auth.c:413 Handle
>>>> attribute: h323-conf-id
>>>> [DEBUG] mod_rad_auth.c:439 ... dictionary
>>>> data: id:24, vendor id:9, attr type:0, attr
>>>> name:h323-conf-id (589848)
>>>> [DEBUG] mod_rad_auth.c:444 ... radius:
>>>> key:h323-conf-id, value:CALLID
>>>> (h323-conf-id=bd091212-e2b0-11e4-98e2-d102deb9a97d)
>>>> as string
>>>> [DEBUG] mod_rad_auth.c:413 Handle
>>>> attribute: h323-gw-id
>>>> [DEBUG] mod_rad_auth.c:439 ... dictionary
>>>> data: id:33, vendor id:9, attr type:0, attr
>>>> name:h323-gw-id (589857)
>>>> [DEBUG] mod_rad_auth.c:444 ... radius:
>>>> key:h323-gw-id, value:GWID (1460) as string
>>>> [DEBUG] mod_rad_auth.c:413 Handle
>>>> attribute: NAS-Port-Type
>>>> [DEBUG] mod_rad_auth.c:439 ... dictionary
>>>> data: id:61, vendor id:0, attr type:1, attr
>>>> name:NAS-Port-Type (61)
>>>> [DEBUG] mod_rad_auth.c:456 ... radius:
>>>> key:NAS-Port-Type, value:0 (0) as integer
>>>> [DEBUG] mod_rad_auth.c:491 sending radius
>>>> packet ...
>>>> [DEBUG] mod_rad_auth.c:497 RADIUS
>>>> Authentication OK
>>>> [DEBUG] mod_rad_auth.c:519 Handle
>>>> attribute: CREDIT_AMOUNT
>>>> [DEBUG] mod_rad_auth.c:522 attribute
>>>> (CREDIT_AMOUNT) found in radius packet
>>>> [DEBUG] mod_rad_auth.c:523 set variable
>>>> credit_amount := h323-credit-amount=-600913.47
>>>> [DEBUG] mod_rad_auth.c:519 Handle
>>>> attribute: CURRENCY
>>>> [DEBUG] mod_rad_auth.c:522 attribute
>>>> (CURRENCY) found in radius packet
>>>> [DEBUG] mod_rad_auth.c:523 set variable
>>>> currency := h323-currency=RUR
>>>> [DEBUG] mod_rad_auth.c:519 Handle
>>>> attribute: CREDIT_TIME
>>>> [DEBUG] mod_rad_auth.c:522 attribute
>>>> (CREDIT_TIME) found in radius packet
>>>> [DEBUG] mod_rad_auth.c:523 set variable
>>>> h323-credit_time := h323-credit-time=86400
>>>> [DEBUG] mod_rad_auth.c:519 Handle
>>>> attribute: PER_MINUTE_PRICE
>>>> [DEBUG] mod_rad_auth.c:522 attribute
>>>> (PER_MINUTE_PRICE) found in radius packet
>>>> [DEBUG] mod_rad_auth.c:523 set variable
>>>> Cisco-Servicce-Info := 0.000000
>>>> [DEBUG] mod_rad_auth.c:519 Handle
>>>> attribute: RADIUS_RETURN_CODE
>>>> [DEBUG] mod_rad_auth.c:522 attribute
>>>> (RADIUS_RETURN_CODE) found in radius packet
>>>> [DEBUG] mod_rad_auth.c:523 set variable
>>>> return_code := h323-return-code=0
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Apr 14, 2015 at 5:28 PM, Gustavo
>>>> Silva <silvagustavo at yandex.ru
>>>> <mailto:silvagustavo at yandex.ru>> wrote:
>>>>
>>>>
>>>> First it says that the the login is OK
>>>> and after it says that the login is
>>>> incorrect.
>>>>
>>>> Tue Apr 14 17:24:11 2015 : Auth: Login
>>>> OK: [1008/<via Auth-Type =
>>>> DIGEST>] (from client localhost port 0
>>>> cli 1008)
>>>> Tue Apr 14 17:24:11 2015 : Info:
>>>> rlm_radutmp: Login entry for NAS
>>>> localhost port 0 duplicate
>>>> Tue Apr 14 17:24:11 2015 : Auth: Login
>>>> incorrect: [<no User-Name
>>>> attribute>/<no User-Password
>>>> attribute>] (from client localhost port 0
>>>> cli 1008)
>>>> Tue Apr 14 17:24:14 2015 : Error:
>>>> rlm_radutmp: Logout for NAS localhost
>>>> port 0, but no Login record
>>>>
>>>>
>>>>
>>>> Sent from my BlackBerry 10 smartphone.
>>>>
>>>> Original Message
>>>>
>>>> *From: *Борисов, Дмитрий / Dmitriy Borisov
>>>> *Sent: *вторник, 14 апреля 2015 г., 17:22
>>>> *To: *FreeSWITCH Users Help
>>>> *Reply To: *FreeSWITCH Users Help
>>>> *Subject: *Re: [Freeswitch-users]
>>>> Dialplan authentication
>>>>
>>>>
>>>> Hi!
>>>>
>>>> Configuration looks good there, and
>>>> what in radius.log on RADIUS server?
>>>>
>>>> 2015-04-14 14:01 GMT+03:00 Густаво
>>>> Силва <gfs at etherway.ru
>>>> <mailto:gfs at etherway.ru>>:
>>>>
>>>> I have set up the following in my
>>>> dialplan:
>>>>
>>>> <extension name="auth" continue="true">
>>>> <condition
>>>> field="${radius_auth_result}"
>>>> expression="^0$">
>>>> <action application="radius_auth"
>>>> inline="true"/>
>>>> </condition>
>>>> </extension>
>>>>
>>>> I am facing the following error:
>>>>
>>>> Dialplan:
>>>> sofia/internal/1008 at ipaddress Regex
>>>> (PASS) [auth]
>>>> ${radius_auth_result}(0) =~ /^0$/
>>>> break=on-false
>>>> Dialplan:
>>>> sofia/internal/1008 at ipaddress
>>>> Action radius_auth() INLINE
>>>> EXECUTE
>>>> sofia/internal/1008 at ipaddress
>>>> radius_auth()
>>>> 2015-04-14 13:53:42.734956 [ERR]
>>>> mod_xml_radius.c:1090 mod_xml_radius:
>>>> Failed to authenticate
>>>>
>>>> What should I do to the call
>>>> authentication work?
>>>>
>>>> Regards,
>>>> Gustavo
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting
>>>> Services:
>>>> consulting at freeswitch.org
>>>> <mailto:consulting at freeswitch.org>
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> with best regards,
>>>> Dmitriy Borisov
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting
>>>> Services:
>>>> consulting at freeswitch.org
>>>> <mailto:consulting at freeswitch.org>
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> <mailto:consulting at freeswitch.org>
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> <mailto:consulting at freeswitch.org>
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>>
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> <mailto:consulting at freeswitch.org>
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>>
>>
>> --
>> with best regards,
>> Dmitriy Borisov
>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> <mailto:FreeSWITCH-users at lists.freeswitch.org>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> <mailto:FreeSWITCH-users at lists.freeswitch.org>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150416/3b33a3b2/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list