<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'>
<font class="Apple-style-span" face="Tahoma" size="4"><span class="Apple-style-span" style="font-size: 10pt;">Hi,</span></font><div style="font-family: Tahoma; font-size: 10pt; "><br></div><div style="font-family: Tahoma; font-size: 10pt; ">This is part of my mod_rad_auth.conf.xml.</div><div style="font-family: Tahoma; font-size: 10pt; "><br></div><div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"><!-- </span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> name: just a description</span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> value: direct input or variable </span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> pec: vendor ID (0 for default, 9 for cisco...)</span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> expr: 0 - direct input (string), 1 - channel variable</span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> direction: in for radius-request, out for radius-response</span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> --></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"><br></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!-- mappings for radius request message; input attributes --></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="h323-conf-id" id="24" value="CALLID" pec="0" expr="1" direction="in"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!--param name="h323-prompt-id" id="104" value="SERVICENUM" pec="9" expr="1" direction="in"/--></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!--param name="Cisco-AVPair" id="1" value="TRANSACTIONID" pec="9" expr="1" direction="in"/--></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="Calling-Station-Id" id="31" value="CALLINGNUMBER" pec="0" expr="1" direction="in"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!--param name="Called-Station-Id" id="31" value="${destination_number}" pec="0" expr="1" direction="in"/>--></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="NAS-Port-Type" id="61" value="0" pec="0" expr="0" direction="in"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!--param name="NAS-Port-Id" id="87" value="ISDN 3/0:D:14" pec="0" expr="0" direction="in"/--></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!--param name="Login-User" id="1" value="1000" pec="0" expr="0" direction="in"/--></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"><br></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!-- mappings for radius-response message; output values from returning outributes --></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="BILING_MODEL" id="109" value="biling_model" pec="9" expr="0" direction="out"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="CREDIT_AMOUNT" id="101" value="credit_amount" pec="9" expr="0" direction="out"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="CURRENCY" id="110" value="currency" pec="9" expr="0" direction="out"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="PREFFERED_LANG" id="107" value="preffered_lang" pec="9" expr="0" direction="out"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="CREDIT_TIME" id="102" value="credit_time" pec="9" expr="0" direction="out"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="H323-IVR-IN:DIRATION" id="1" value="h323_ivr_duration" pec="9" expr="0" direction="out"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <param name="RADIUS_RETURN_CODE" id="103" value="return_code" pec="9" expr="0" direction="out"/></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> <!-- expr param is to be ignored here--></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"><br></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> </vsas></span></font></div><div><font class="Apple-style-span" face="Tahoma" size="3"><span class="Apple-style-span" style="font-size: 13px;"> </configuration></span></font></div><br><div id="SkyDrivePlaceholder" style="font-family: Tahoma; font-size: 10pt; "></div><hr id="stopSpelling" style="font-family: Tahoma; font-size: 10pt; "><font class="Apple-style-span" face="Tahoma" size="4"><span class="Apple-style-span" style="font-size: 10pt;">Date: Mon, 8 Nov 2010 11:15:19 +0100</span></font><br><font class="Apple-style-span" face="Tahoma" size="4"><span class="Apple-style-span" style="font-size: 10pt;">From: tculjaga@gmail.com</span></font><br><font class="Apple-style-span" face="Tahoma" size="4"><span class="Apple-style-span" style="font-size: 10pt;">To: freeswitch-users@lists.freeswitch.org</span></font><br><font class="Apple-style-span" face="Tahoma" size="4"><span class="Apple-style-span" style="font-size: 10pt;">Subject: Re: [Freeswitch-users] Radius AAA</span></font><br><br><font class="Apple-style-span" face="Tahoma" size="4"><span class="Apple-style-span" style="font-size: 10pt;">please paste your rad_auth.conf.xml</span></font><br><br><br><br><br><div class="ecxgmail_quote" style="font-family: Tahoma; font-size: 10pt; ">On Mon, Nov 8, 2010 at 10:41 AM, Abid Saleem <span dir="ltr"><<a href="mailto:abid_freeswitch@live.com">abid_freeswitch@live.com</a>></span> wrote:<br>
<blockquote class="ecxgmail_quote" style="padding-left:1ex">
<div>
Hi,<div><br></div><div>Please find the ethereal capture attached. Please let me know should you need additional information. Thanks.</div><div><br></div><div>Regards</div><div>------------</div><div>Abid Saleem<br><br><hr>
Date: Mon, 8 Nov 2010 09:37:01 +0100<div><div></div><div class="h5"><br>From: <a href="mailto:tculjaga@gmail.com">tculjaga@gmail.com</a><br>To: <a href="mailto:freeswitch-users@lists.freeswitch.org">freeswitch-users@lists.freeswitch.org</a><br>
Subject: Re: [Freeswitch-users] Radius AAA<br><br>can you provide a wireshark sniff ?<br><br><div>On Fri, Nov 5, 2010 at 5:57 AM, Abid Saleem <span dir="ltr"><<a href="mailto:abid_freeswitch@live.com">abid_freeswitch@live.com</a>></span> wrote:<br>
<blockquote style="padding-left:1ex">
<div>
This is what I am saying that these variables do exist in returning radius messages. My Radius response is as below for reference<div><br></div><div><div>Sending Access-Accept of id 224 to 119.158.138.83 port 1027</div><div>
h323-credit-amount := "h323-credit-amount=5"</div><div> h323-return-code := "h323-return-code=0"</div><div> h323-credit-time := "h323-credit-time=120"</div><div>Finished request 0.</div>
<div><br></div><div>Please help me with this. Thanks.</div><div><br></div><div>Regards</div><div>------------</div><div>Abid Saleem</div><br><hr>Date: Thu, 4 Nov 2010 15:14:57 +0100<div><div></div><div><br>From: <a href="mailto:tculjaga@gmail.com">tculjaga@gmail.com</a><br>
To: <a href="mailto:freeswitch-users@lists.freeswitch.org">freeswitch-users@lists.freeswitch.org</a><br>Subject: Re: [Freeswitch-users] Radius AAA<br><br>as i said you need to evaluate the returning value from app_function and act accordingly...if the result is "OK" it measn authorizes if its "NOK" it means its failed. Im not going into your application and how you are doing it... you have an example on how to do it in my prev e-mail.<br>
<br>you cannot populate variables that doesn't exist in the returning radius messages:<br><br><br>No found out attribute id: 109, pec:9<br>No found out attribute id: 101, pec:9<br>No found out attribute id: 110, pec:9<br>
<br>and so on ... simply, Access Accept messages doesn't have these attributes that you are trying to map into channel variables.<br><br><br><br><br><div>On Thu, Nov 4, 2010 at 2:35 PM, Abid Saleem <span dir="ltr"><<a href="mailto:abid_freeswitch@live.com">abid_freeswitch@live.com</a>></span> wrote:<br>
<blockquote style="padding-left:1ex">
<div>
Hi,<div><br></div><div>Thanks. This is good for Calling Card type IVR application but I am using it for my SIP UA for authorization only where authorization is required when I make a call from extension 1000. 1000 is a registered user in billing. Can you please provide a simple example with this ANI Authorization scenerio. Also I am getting the following in debug which means radius response values are not being populated in credit_amount, credit_time and return_code attributes. Please help me. </div>
<div><br></div><div><div>2010-11-04 18:09:53.396212 [DEBUG] mod_rad_auth.c:491 sending radius packet ...</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:497 RADIUS Authentication OK</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:519 Handle attribute: BILING_MODEL</div>
<div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:529 No found out attribute id: 109, pec:9, (BILING_MODEL)</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:519 Handle attribute: CREDIT_AMOUNT</div><div>
2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:529 No found out attribute id: 101, pec:9, (CREDIT_AMOUNT)</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:519 Handle attribute: CURRENCY</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:529 No found out attribute id: 110, pec:9, (CURRENCY)</div>
<div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:519 Handle attribute: PREFFERED_LANG</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:529 No found out attribute id: 107, pec:9, (PREFFERED_LANG)</div><div>
2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:519 Handle attribute: CREDIT_TIME</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:529 No found out attribute id: 102, pec:9, (CREDIT_TIME)</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:519 Handle attribute: H323-IVR-IN:DIRATION</div>
<div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:529 No found out attribute id: 1, pec:9, (H323-IVR-IN:DIRATION)</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:519 Handle attribute: RADIUS_RETURN_CODE</div>
<div>2010-11-04 18:09:54.571999 [DEBUG] mod_rad_auth.c:529 No found out attribute id: 103, pec:9, (RADIUS_RETURN_CODE)</div><div><div>EXECUTE sofia/internal/<a href="mailto:1000@192.168.0.100">1000@192.168.0.100</a> set(execute_on_answer=sched_hangup + /> <action application=)</div>
</div><div>2010-11-04 18:09:54.571999 [DEBUG] mod_dptools.c:816 sofia/internal/<a href="mailto:1000@192.168.0.100">1000@192.168.0.100</a> SET [execute_on_answer]=[sched_hangup + /> <action application=]</div>
<div>EXECUTE sofia/internal/<a href="mailto:1000@192.168.0.100">1000@192.168.0.100</a> log(INFO biling_model=)</div><div>2010-11-04 18:09:54.571999 [INFO] mod_dptools.c:946 biling_model=</div><div>
<div>EXECUTE sofia/internal/<a href="mailto:1000@192.168.0.100">1000@192.168.0.100</a> log(INFO credit_amount=)</div></div><div>2010-11-04 18:09:54.571999 [INFO] mod_dptools.c:946 credit_amount=</div><div>
<div>EXECUTE sofia/internal/<a href="mailto:1000@192.168.0.100">1000@192.168.0.100</a> log(INFO currency=)</div></div><div>2010-11-04 18:09:54.571999 [INFO] mod_dptools.c:946 currency=</div><div>
<div>EXECUTE sofia/internal/<a href="mailto:1000@192.168.0.100">1000@192.168.0.100</a> log(INFO preffered_lang=)</div></div><div>2010-11-04 18:09:54.571999 [INFO] mod_dptools.c:946 preffered_lang=</div>
<div>
<div>EXECUTE sofia/internal/<a href="mailto:1000@192.168.0.100">1000@192.168.0.100</a> log(INFO credit_time=)</div></div><div>2010-11-04 18:09:54.571999 [INFO] mod_dptools.c:946 credit_time=</div><div><br>
</div><br><hr>Date: Thu, 4 Nov 2010 00:10:28 +0100<div><br>From: <a href="mailto:tculjaga@gmail.com">tculjaga@gmail.com</a><br>To: <a href="mailto:freeswitch-users@lists.freeswitch.org">freeswitch-users@lists.freeswitch.org</a><br>
Subject: Re: [Freeswitch-users] Radius AAA<br><br></div><div><div></div><div>hello, <br><br>auth_function application returns a "OK" or "NOK" result in a channel variable (in this example ANI_AUTH_RESULT). You need to evaluate the result and act accordingly.<br>
<br>here is some example (part of my IVR) that checks the user's ANI id if its known to the billing just prompts for destination number if not, prompts for PIN.<br>
<br><br> <extension name="ANIorPIN"><br> <condition field="destination_number" expression="^ANIorPIN$"><br> <action application="set" data="CALLINGNUMBER=${caller_id_number}"/><br>
<action application="auth_function" data="in ${DIALED_NUMBER}, in ${caller_id_number}, in 1234, out ANI_AUTH_RESULT"/><br> <action application="execute_extension" data="CheckANI XML NXIVR"/><br>
</condition><br> </extension><br><br><br> <extension name="CheckANI"><br> <condition field="destination_number" expression="^CheckANI$"/><br> <condition field="${ANI_AUTH_RESULT}" expression="^NOK$"><br>
<action application="log" data="INFO ################# UNKNOWN ANI, go to ENTER PIN ################\n"/><br> <action application="execute_extension" data="EnterPIN XML NXIVR"/><br>
<br> <action application="log" data="INFO ################# I KNOW WHO YOU ARE go to get destination number ################\n"/><br> <anti-action inline="true" application="export" data="UNAME=${caller_id_number}"/><br>
<anti-action inline="true" application="export" data="PASSWD=1234"/><br> <anti-action application="execute_extension" data="GetDstNum XML NXIVR"/><br>
</condition><br> </extension><br><br><br> <extension name="EnterPIN"><br> <condition field="destination_number" expression="^EnterPIN$"><br> <action application="set" data="playback_delimiter=!"/><br>
<action application="set" data="playback_terminators=#*0123456789"/><br> <action application="read" data="${PIN_MIN_DIG} ${PIN_MAX_DIG} ${PIN_ERR_PR}!${CARD_NUMBER_PR} PIN ${PIN_TIMEOUT} *"/><br>
<action application="set" data="credit_amount=h323-credit-amount=0"/><br> <action inline="true" application="set" data="PIN_RETRIES=${expr(${PIN_RETRIES}+1)}"/><br>
<action application="execute_extension" data="ParsePIN XML NXIVR"/><br><br> <action application="log" data="INFO PIN=${PIN}"/><br> <action application="log" data="INFO UNAME=${UNAME}"/><br>
<action application="log" data="INFO PASSWD=${PASSWD}"/><br><br> <action inline="true" application="export" data="DIALED_NUMBER="""/><br>
<br> <action application="auth_function" data="in ${DIALED_NUMBER}, in ${UNAME}, in ${PASSWD}, out AUTH_RESULT"/><br> <action application="set" data="auto_hunt=true"/><br>
<action application="execute_extension" data="PARSE_RET_CODE XML NXIVR"/><br> <action application="execute_extension" data="CheckPIN XML NXIVR"/><br> </condition><br>
</extension><br><br><br> <extension name="GetDstNum"><br> <condition field="destination_number" expression="^GetDstNum$"><br> <action application="set" data="bind_meta_key=#"/><br>
<action application="bind_meta_app" data="0 a a transfer::LongDTMF XML NXIVR"/><br><br> <action application="set" data="playback_delimiter=!"/><br> <action application="set" data="playback_terminators=#*0123456789"/><br>
<action application="read" data="${DST_MIN_DIG} ${DST_MAX_DIG} ${DST_ERR_PR}!${ENTER_DEST_PR} DN ${DST_TIMEOUT} *"/><br> <action application="execute_extension" data="TranslateLocal XML NXIVR"/><br>
<action inline="true" application="set" data="DST_RETRIES=${expr(${DST_RETRIES}+1)}"/><br> <action application="execute_extension" data="ParseDN XML NXIVR"/><br>
<action application="auth_function" data="in ${DIALED_NUMBER}, in ${UNAME}, in ${PASSWD}, out AUTH_RESULT"/><br> <action application="set" data="CALLINGNUMBER=${caller_id_number}"/><br>
<action application="execute_extension" data="PARSE_RET_CODE XML NXIVR"/><br> <action application="execute_extension" data="CheckDstNum XML NXIVR"/><br> </condition><br>
</extension><br><br><br><br><br><br><br><br><br><br><br><br>
<br></div></div><div>_______________________________________________
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a></div></div>                                            </div>
<br>_______________________________________________<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br>
<br>_______________________________________________
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a></div></div></div>                                            </div>
<br>_______________________________________________<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br>
<br>_______________________________________________
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a></div></div></div>                                            </div>
<br>_______________________________________________<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br>
<br><font class="Apple-style-span" face="Tahoma" size="4"><span class="Apple-style-span" style="font-size: 10pt;">_______________________________________________
FreeSWITCH-users mailing list
FreeSWITCH-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org</span></font></div>                                            </body>
</html>