subject:"\[FYI\] RADIOUS accounting proxy commited"

Re: [FYI] RADIOUS accounting proxy commited. UPDATE for Cisco NAS!

2003-06-23 Thread David Chkhartishvili

Hi Stipe, List,

As you all know I had problem with MSISDN <-> Framed-IP-Address mapping 
with cisco NAS.
Finally I found problem resolution.
Those two command are necessary for cisco NAS to transmit 
Framed-IP-Adress after IP address is assingned to client:

radius-server attribute 8 include-in-access-req
aaa accounting delay-start
Both command issued in general configuration section.

--
David Chkhartishvili
Tel: 995 99 182418

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

Hi David,

David Chkhartishvili schrieb:
> 
> wapbox.log:
> 
> 2003-06-20 18:11:51 [1] DEBUG: Octet string at 0x81616c8:
> 2003-06-20 18:11:51 [1] DEBUG:   len:  98
> 2003-06-20 18:11:51 [1] DEBUG:   size: 99
> 2003-06-20 18:11:51 [1] DEBUG:   immutable: 0
> 2003-06-20 18:11:51 [1] DEBUG:   data: 04 9c 00 62 52 15 df 60   ...bR..`
> 2003-06-20 18:11:51 [1] DEBUG:   data: 4a 0f 19 68 95 f6 9b 47   J..h...G
> 2003-06-20 18:11:51 [1] DEBUG:   data: c8 b5 81 fe 04 06 d5 3d   ...=
> 2003-06-20 18:11:51 [1] DEBUG:   data: 3a 8c 05 06 00 00 00 08   :...
> 2003-06-20 18:11:51 [1] DEBUG:   data: 3d 06 00 00 00 04 01 05   =...
> 2003-06-20 18:11:51 [1] DEBUG:   data: 77 61 70 1e 05 35 32 31   wap..521
> 2003-06-20 18:11:51 [1] DEBUG:   data: 1f 0a 39 39 31 38 32 34   ..991824
> 2003-06-20 18:11:51 [1] DEBUG:   data: 31 38 28 06 00 00 00 01   18(.
> 2003-06-20 18:11:51 [1] DEBUG:   data: 2d 06 00 00 00 01 06 06   -...
> 2003-06-20 18:11:51 [1] DEBUG:   data: 00 00 00 02 2c 0a 30 30   ,.00
> 2003-06-20 18:11:51 [1] DEBUG:   data: 30 30 32 43 45 42 07 06   002CEB..
> 2003-06-20 18:11:51 [1] DEBUG:   data: 00 00 00 01 29 06 00 00   )...
> 2003-06-20 18:11:51 [1] DEBUG:   data: 00 00 ..
> 2003-06-20 18:11:51 [1] DEBUG: Octet string dump ends.
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attributes len is 79
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Authenticator (md5) is::
> 2003-06-20 18:11:51 [1] DEBUG:  Octet string at 0x8149670:
> 2003-06-20 18:11:51 [1] DEBUG:len:  16
> 2003-06-20 18:11:51 [1] DEBUG:size: 17
> 2003-06-20 18:11:51 [1] DEBUG:immutable: 0
> 2003-06-20 18:11:51 [1] DEBUG:data: 52 15 df 60 4a 0f 19 68   R..`J..h
> 2003-06-20 18:11:51 [1] DEBUG:data: 95 f6 9b 47 c8 b5 81 fe   ...G
> 2003-06-20 18:11:51 [1] DEBUG:  Octet string dump ends.
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (4) `NAS-IP-Address',
> len 4: "213.61.58.140"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (5) `NAS-Port', len 4: "8"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (61) `NAS-Port-Type',
> len 4: "4"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (1) `User-Name', len 3:
> "wap"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (30)
> `Called-Station-Id', len 3: "521"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (31)
> `Calling-Station-Id', len 8: "99182418"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (40)
> `Acct-Status-Type', len 4: "1"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (45) `Acct-Authentic',
> len 4: "1"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (6) `Service-Type', len
> 4: "2"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (44) `Acct-Session-Id',
> len 8: "2CEB"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (7) `Framed-Protocol',
> len 4: "1"
> 2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (41) `Acct-Delay-Time',
> len 4: "0"
> 2003-06-20 18:11:51 [1] INFO: RADIUS PDU type: Accounting_Request
> 2003-06-20 18:11:51 [1] WARNING: RADIUS: NAS did either not send
> 'Framed-IP-Address' or/and 'Calling-Station-Id', dropping mapping but
> will forward.
> 2003-06-20 18:11:54 [6] DEBUG: datagram received

nop, see the raw PDU bytes. I just analyzed them by hand. Kannel does
decode correctly and there is *no* attribute 08 'Framed-IP-Address'
within the acct request. 

You may see it in the auth PDU packet that your NAS is sending to the
Cistron RADIUS, but it does not provide that information yet to the
acct RADIUS (Kannel).

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread David Chkhartishvili

I forgot to mention that I'm using Cistron Radius  ;-) ,  please let me 
know if it might be issue.

Paul Keogh wrote:

hmmm, ok, that would be an issue.

But in the log David provided there was no client IP, even not under
different attribute name.
   

Then you must ask the NAS administrator to turn it on. You won't necessarily
get it by default, and without it the WAP box cannot do anything as its the
only piece of information that can correlate the (WAP) client UDP packet and
the RADIUS
packet.
Another piece of hard earned experience - the client IP address that the NAS
sees is
not necessarily the one ultimately presented to the WAP gateway. There are
all
sorts of funny NAT style tricks that can happen between the NAS server and
the
WAP gateway, especially in operator GPRS environments. Prepare yourself for
lots of telephone conferences, explainations, tears and tatrums to sort it
out :-).


 



--
David Chkhartishvili
Tel: 995 99 182418

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread David Chkhartishvili

wapbox.log:

2003-06-20 18:11:51 [1] DEBUG: Octet string at 0x81616c8:
2003-06-20 18:11:51 [1] DEBUG:   len:  98
2003-06-20 18:11:51 [1] DEBUG:   size: 99
2003-06-20 18:11:51 [1] DEBUG:   immutable: 0
2003-06-20 18:11:51 [1] DEBUG:   data: 04 9c 00 62 52 15 df 60   ...bR..`
2003-06-20 18:11:51 [1] DEBUG:   data: 4a 0f 19 68 95 f6 9b 47   J..h...G
2003-06-20 18:11:51 [1] DEBUG:   data: c8 b5 81 fe 04 06 d5 3d   ...=
2003-06-20 18:11:51 [1] DEBUG:   data: 3a 8c 05 06 00 00 00 08   :...
2003-06-20 18:11:51 [1] DEBUG:   data: 3d 06 00 00 00 04 01 05   =...
2003-06-20 18:11:51 [1] DEBUG:   data: 77 61 70 1e 05 35 32 31   wap..521
2003-06-20 18:11:51 [1] DEBUG:   data: 1f 0a 39 39 31 38 32 34   ..991824
2003-06-20 18:11:51 [1] DEBUG:   data: 31 38 28 06 00 00 00 01   18(.
2003-06-20 18:11:51 [1] DEBUG:   data: 2d 06 00 00 00 01 06 06   -...
2003-06-20 18:11:51 [1] DEBUG:   data: 00 00 00 02 2c 0a 30 30   ,.00
2003-06-20 18:11:51 [1] DEBUG:   data: 30 30 32 43 45 42 07 06   002CEB..
2003-06-20 18:11:51 [1] DEBUG:   data: 00 00 00 01 29 06 00 00   )...
2003-06-20 18:11:51 [1] DEBUG:   data: 00 00 ..
2003-06-20 18:11:51 [1] DEBUG: Octet string dump ends.
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attributes len is 79
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Authenticator (md5) is::
2003-06-20 18:11:51 [1] DEBUG:  Octet string at 0x8149670:
2003-06-20 18:11:51 [1] DEBUG:len:  16
2003-06-20 18:11:51 [1] DEBUG:size: 17
2003-06-20 18:11:51 [1] DEBUG:immutable: 0
2003-06-20 18:11:51 [1] DEBUG:data: 52 15 df 60 4a 0f 19 68   R..`J..h
2003-06-20 18:11:51 [1] DEBUG:data: 95 f6 9b 47 c8 b5 81 fe   ...G
2003-06-20 18:11:51 [1] DEBUG:  Octet string dump ends.
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (4) `NAS-IP-Address', 
len 4: "213.61.58.140"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (5) `NAS-Port', len 4: "8"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (61) `NAS-Port-Type', 
len 4: "4"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (1) `User-Name', len 3: 
"wap"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (30) 
`Called-Station-Id', len 3: "521"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (31) 
`Calling-Station-Id', len 8: "99182418"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (40) 
`Acct-Status-Type', len 4: "1"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (45) `Acct-Authentic', 
len 4: "1"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (6) `Service-Type', len 
4: "2"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (44) `Acct-Session-Id', 
len 8: "2CEB"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (7) `Framed-Protocol', 
len 4: "1"
2003-06-20 18:11:51 [1] DEBUG: RADIUS: Attribute (41) `Acct-Delay-Time', 
len 4: "0"
2003-06-20 18:11:51 [1] INFO: RADIUS PDU type: Accounting_Request
2003-06-20 18:11:51 [1] WARNING: RADIUS: NAS did either not send 
'Framed-IP-Address' or/and 'Calling-Station-Id', dropping mapping but 
will forward.
2003-06-20 18:11:54 [6] DEBUG: datagram received

Stipe Tolj wrote:

David Chkhartishvili schrieb:
 

Stipe,

Here is debug log from cisco:

16w0d: Attribute 4 6 D53D3A8C
16w0d: Attribute 5 6 0017
16w0d: Attribute 61 6 0004
16w0d: Attribute 1 5 7761701E
16w0d: Attribute 30 5 3532311F
16w0d: Attribute 31 10 39393138
16w0d: Attribute 2 18 23CD7701
16w0d: Attribute 6 6 0002
16w0d: Attribute 7 6 0001
16w0d: Attribute 8 6 515FA0BF
You can see that attribute 8 (Framed-IP-Address) is transmitted to
kannel, but it doesn't makes sense for kannel, and I cannot get mapping.
In answer kannel sends following packet:

16w0d: Attribute 6 6 0002
16w0d: Attribute 7 6 0001
16w0d: Attribute 8 6 FFFE
16w0d: Attribute 9 6 
16w0d: Attribute 12 6 05DC
16w0d: Attribute 13 6 0001
   

can you provide me the wapbox.log with the packets included, so I can
analyze the packet itself!?
Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG
Vogelsanger Weg 80
40470 Düsseldorf
Tel: +49-211-74845-0
Fax: +49-211-74845-299
E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are
 



--
David Chkhartishvili
Tel: 995 99 182418

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

Paul Keogh wrote:
> 
> Another piece of hard earned experience - the client IP address that the NAS
> sees is
> not necessarily the one ultimately presented to the WAP gateway. There are
> all
> sorts of funny NAT style tricks that can happen between the NAS server and
> the
> WAP gateway, especially in operator GPRS environments. Prepare yourself for
> lots of telephone conferences, explainations, tears and tatrums to sort it
> out :-).

hip hip hurray ;) that's more time to charge as consultant! ;))

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

RE: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Paul Keogh

>
> hmmm, ok, that would be an issue.
>
> But in the log David provided there was no client IP, even not under
> different attribute name.
>

Then you must ask the NAS administrator to turn it on. You won't necessarily
get it by default, and without it the WAP box cannot do anything as its the
only piece of information that can correlate the (WAP) client UDP packet and
the RADIUS
packet.

Another piece of hard earned experience - the client IP address that the NAS
sees is
not necessarily the one ultimately presented to the WAP gateway. There are
all
sorts of funny NAT style tricks that can happen between the NAS server and
the
WAP gateway, especially in operator GPRS environments. Prepare yourself for
lots of telephone conferences, explainations, tears and tatrums to sort it
out :-).

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

Paul Keogh wrote:
> 
> >
> > the problem is that your NAS does not deliver an 'Framed-IP-Address'
> > attribute within the acct packet, hence the folllowing inside
> > radius/radius_acct.c:update_tables():
> >
> 
> My experience is that the RADIUS attribute that contains the information
> that the WAP gateway needs (ie. MSISDN) varies considerably, both from an
> implementation
> and deployment point of view.
> 
> I would therefore recommend that the target RADIUS attribute be made
> configurable at the WAP box, defaulting to 'Framed-IP-Address'.

hmmm, ok, that would be an issue.

But in the log David provided there was no client IP, even not under
different attribute name.

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

RE: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Paul Keogh

>
> the problem is that your NAS does not deliver an 'Framed-IP-Address'
> attribute within the acct packet, hence the folllowing inside
> radius/radius_acct.c:update_tables():
>

My experience is that the RADIUS attribute that contains the information
that the WAP gateway needs (ie. MSISDN) varies considerably, both from an
implementation
and deployment point of view.

I would therefore recommend that the target RADIUS attribute be made
configurable at the WAP box, defaulting to 'Framed-IP-Address'.

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

David Chkhartishvili schrieb:
> 
> Stipe,
> 
> Here is debug log from cisco:
> 
> 16w0d: Attribute 4 6 D53D3A8C
> 16w0d: Attribute 5 6 0017
> 16w0d: Attribute 61 6 0004
> 16w0d: Attribute 1 5 7761701E
> 16w0d: Attribute 30 5 3532311F
> 16w0d: Attribute 31 10 39393138
> 16w0d: Attribute 2 18 23CD7701
> 16w0d: Attribute 6 6 0002
> 16w0d: Attribute 7 6 0001
> 16w0d: Attribute 8 6 515FA0BF
> 
> You can see that attribute 8 (Framed-IP-Address) is transmitted to
> kannel, but it doesn't makes sense for kannel, and I cannot get mapping.
> 
> In answer kannel sends following packet:
> 
> 16w0d: Attribute 6 6 0002
> 16w0d: Attribute 7 6 0001
> 16w0d: Attribute 8 6 FFFE
> 16w0d: Attribute 9 6 
> 16w0d: Attribute 12 6 05DC
> 16w0d: Attribute 13 6 0001

can you provide me the wapbox.log with the packets included, so I can
analyze the packet itself!?

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread David Chkhartishvili

Stipe,

Here is debug log from cisco:

16w0d: Attribute 4 6 D53D3A8C
16w0d: Attribute 5 6 0017
16w0d: Attribute 61 6 0004
16w0d: Attribute 1 5 7761701E
16w0d: Attribute 30 5 3532311F
16w0d: Attribute 31 10 39393138
16w0d: Attribute 2 18 23CD7701
16w0d: Attribute 6 6 0002
16w0d: Attribute 7 6 0001
16w0d: Attribute 8 6 515FA0BF
You can see that attribute 8 (Framed-IP-Address) is transmitted to 
kannel, but it doesn't makes sense for kannel, and I cannot get mapping.

In answer kannel sends following packet:

16w0d: Attribute 6 6 0002
16w0d: Attribute 7 6 0001
16w0d: Attribute 8 6 FFFE
16w0d: Attribute 9 6 
16w0d: Attribute 12 6 05DC
16w0d: Attribute 13 6 0001
Stipe Tolj wrote:

Hi David,

ok, know I know why:

the problem is that your NAS does not deliver an 'Framed-IP-Address'
attribute within the acct packet, hence the folllowing inside
radius/radius_acct.c:update_tables():
...
client_ip = dict_get(pdu->attr, octstr_imm("Framed-IP-Address"));
...
will be of course NULLed and hence there is no mapping.

I wasn't aware that the Framed-IP-Address is an optional field. Is it?
Seems it's not mandatory inside the acct packets.
Hmmm, how can we register the mapping inside the "client IP <->
MSISDN" mapping without the client IP?
Can you check your NAS if this is configurable?
What NAS device is it?
Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG
Vogelsanger Weg 80
40470 Düsseldorf
Tel: +49-211-74845-0
Fax: +49-211-74845-299
E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are
 



--
David Chkhartishvili
Tel: 995 99 182418

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

Steve Kennedy wrote:
> 
> On Fri, Jun 20, 2003 at 01:56:53PM +0200, Stipe Tolj wrote:
> 
> > ok, know I know why:
> > the problem is that your NAS does not deliver an 'Framed-IP-Address'
> > attribute within the acct packet, hence the folllowing inside
> > radius/radius_acct.c:update_tables():
> 
> Isn't framed IP used for routing ? (or is that framed route) ?

Framed-IP-Address usually tells acct RADIUS which assigned IP the
client has received by NAS for the PPP session.

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Steve Kennedy

On Fri, Jun 20, 2003 at 01:56:53PM +0200, Stipe Tolj wrote:

> ok, know I know why:
> the problem is that your NAS does not deliver an 'Framed-IP-Address'
> attribute within the acct packet, hence the folllowing inside
> radius/radius_acct.c:update_tables():

Isn't framed IP used for routing ? (or is that framed route) ?

Steve

-- 
NetTek Ltd Phone/Fax +44-(0)20 7483 2455
SMS steve-pager (at) gbnet.net [body] gpg 1024D/468952DB 2001-09-19

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread David Chkhartishvili

OK, I see. I will try to send framed IP from my cisco.

Stipe Tolj wrote:

Hi David,

ok, know I know why:

the problem is that your NAS does not deliver an 'Framed-IP-Address'
attribute within the acct packet, hence the folllowing inside
radius/radius_acct.c:update_tables():
...
client_ip = dict_get(pdu->attr, octstr_imm("Framed-IP-Address"));
...
will be of course NULLed and hence there is no mapping.

I wasn't aware that the Framed-IP-Address is an optional field. Is it?
Seems it's not mandatory inside the acct packets.
Hmmm, how can we register the mapping inside the "client IP <->
MSISDN" mapping without the client IP?
Can you check your NAS if this is configurable?
What NAS device is it?
Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG
Vogelsanger Weg 80
40470 Düsseldorf
Tel: +49-211-74845-0
Fax: +49-211-74845-299
E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are
 



--
David Chkhartishvili
Tel: 995 99 182418

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

Hi David,

ok, know I know why:

the problem is that your NAS does not deliver an 'Framed-IP-Address'
attribute within the acct packet, hence the folllowing inside
radius/radius_acct.c:update_tables():

...
 client_ip = dict_get(pdu->attr, octstr_imm("Framed-IP-Address"));
...

will be of course NULLed and hence there is no mapping.

I wasn't aware that the Framed-IP-Address is an optional field. Is it?
Seems it's not mandatory inside the acct packets.

Hmmm, how can we register the mapping inside the "client IP <->
MSISDN" mapping without the client IP?

Can you check your NAS if this is configurable?
What NAS device is it?

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

David Chkhartishvili schrieb:
> 
> Stipe,
> 
> Could you please look at my debug output?
> Radius proxy gets msisdn fro nas correctly, but doesn't include MSISDN
> header.

yes, I'll check. Stay tuned...

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread David Chkhartishvili

Stipe,

Could you please look at my debug output?
Radius proxy gets msisdn fro nas correctly, but doesn't include MSISDN 
header.

David Chkhartishvili wrote:

Hi List,

I've just tried to use MSISDN feature of kannel. Seems like it doesn't 
provide X-WAP-Network-Client-MSISDN header to http server/MMSC. 
Instead I see that it transfers X-WAP-Network-Client-IP.
Here is debug log:

2003-06-20 11:47:37 [1] INFO: RADIUS: Got data from NAS 
2003-06-20 11:47:37 [1] DEBUG: Octet string at 0x8168e30:
2003-06-20 11:47:37 [1] DEBUG:   len:  98
2003-06-20 11:47:37 [1] DEBUG:   size: 99
2003-06-20 11:47:37 [1] DEBUG:   immutable: 0
2003-06-20 11:47:37 [1] DEBUG:   data: 04 04 00 62 6b b5 ca 85   ...bk...
2003-06-20 11:47:37 [1] DEBUG:   data: d1 ba e8 e5 8e 02 b3 ca   
2003-06-20 11:47:37 [1] DEBUG:   data: 62 16 6d 5a 04 06 d5 3d   b.mZ...=
2003-06-20 11:47:37 [1] DEBUG:   data: 3a 8c 05 06 00 00 00 10   :...
2003-06-20 11:47:37 [1] DEBUG:   data: 3d 06 00 00 00 04 01 05   =...
2003-06-20 11:47:37 [1] DEBUG:   data: 77 61 70 1e 05 35 32 31   wap..521
2003-06-20 11:47:37 [1] DEBUG:   data: 1f 0a 39 39 31 38 32 34   ..991824
2003-06-20 11:47:37 [1] DEBUG:   data: 31 38 28 06 00 00 00 01   18(.
2003-06-20 11:47:37 [1] DEBUG:   data: 2d 06 00 00 00 01 06 06   -...
2003-06-20 11:47:37 [1] DEBUG:   data: 00 00 00 02 2c 0a 30 30   ,.00
2003-06-20 11:47:37 [1] DEBUG:   data: 30 30 32 43 42 44 07 06   002CBD..
2003-06-20 11:47:37 [1] DEBUG:   data: 00 00 00 01 29 06 00 00   )...
2003-06-20 11:47:37 [1] DEBUG:   data: 00 00 ..
2003-06-20 11:47:37 [1] DEBUG: Octet string dump ends.
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attributes len is 79
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Authenticator (md5) is::
2003-06-20 11:47:37 [1] DEBUG:  Octet string at 0x8150d08:
2003-06-20 11:47:37 [1] DEBUG:len:  16
2003-06-20 11:47:37 [1] DEBUG:size: 17
2003-06-20 11:47:37 [1] DEBUG:immutable: 0
2003-06-20 11:47:37 [1] DEBUG:data: 6b b5 ca 85 d1 ba e8 e5   
k...
2003-06-20 11:47:37 [1] DEBUG:data: 8e 02 b3 ca 62 16 6d 5a   
b.mZ
2003-06-20 11:47:37 [1] DEBUG:  Octet string dump ends.
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (4) `NAS-IP-Address', 
len 4: "edited"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (5) `NAS-Port', len 
4: "16"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (61) `NAS-Port-Type', 
len 4: "4"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (1) `User-Name', len 
3: "wap"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (30) 
`Called-Station-Id', len 3: "edited"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (31) 
`Calling-Station-Id', len 8: "99182418"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (40) 
`Acct-Status-Type', len 4: "1"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (45) 
`Acct-Authentic', len 4: "1"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (6) `Service-Type', 
len 4: "2"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (44) 
`Acct-Session-Id', len 8: "2CBD"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (7) 
`Framed-Protocol', len 4: "1"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (41) 
`Acct-Delay-Time', len 4: "0"
2003-06-20 11:47:37 [1] INFO: RADIUS PDU type: Accounting_Request
2003-06-20 11:47:37 [1] INFO: RADIUS: Mapping `(null) <-> 99182418' 
for session id <2CBD> added.
2003-06-20 11:47:40 [6] DEBUG: datagram received
2003-06-20 11:47:40 [8] DEBUG: Did not find previous routing info for 
WDP, generating new
2003-06-20 11:47:40 [12] DEBUG: send_msg: sending msg to boxc: <(null)>
2003-06-20 11:47:40 [12] DEBUG: boxc_sender: sent message to <127.0.0.1>
2003-06-20 11:47:40 [6] DEBUG: WTP: Created WTPRespMachine 0x8151e10 (0)
2003-06-20 11:47:40 [6] DEBUG: WTP: resp_machine 0, state LISTEN, 
event RcvInvoke.
2003-06-20 11:47:40 [6] DEBUG: WTP 0: New state INVOKE_RESP_WAIT
2003-06-20 11:47:40 [2] DEBUG: WSP: Created WSPMachine 0x8152138
2003-06-20 11:47:40 [2] DEBUG: WSP: machine 0x8152138, state 
NULL_SESSION, event TR-Invoke.ind
2003-06-20 11:47:40 [2] DEBUG: WSP: decoding headers:
2003-06-20 11:47:40 [2] DEBUG: Octet string at 0x81522b8:
2003-06-20 11:47:40 [2] DEBUG:   len:  150
2003-06-20 11:47:40 [2] DEBUG:   size: 151
2003-06-20 11:47:40 [2] DEBUG:   immutable: 0
2003-06-20 11:47:40 [2] DEBUG:   data: 80 80 a1 09 80 77 61 70   .wap
2003-06-20 11:47:40 [2] DEBUG:   data: 00 77 61 70 00 83 99 81   .wap
2003-06-20 11:47:40 [2] DEBUG:   data: 83 81 84 81 ea 81 03 02   
2003-06-20 11:47:40 [2] DEBUG:   data: 03 e8 b5 68 74 74 70 3a   ...http:
2003-06-20 11:47:40 [2] DEBUG:   data: 2f 2f 77 61 70 2e 73 6f   //wap.so
2003-06-20 11:47:40 [2] DEBUG:   data: 6e 79 65 72 69 63 73 73   nyericss
2003-06-20 11:47:40 [2] DEBUG:   data: 6f 6e 6d 6f 62 69 6c 65   onmobile
2003-06-20 11:47:40 [2] DEBUG:   data: 2e 63 6f 6d 2f 55 41 70   .com/UAp
2003-06-20 11:47:40 [2] DEBUG:   data: 72 6f 66 2f 54 36 38 52   rof/T68R
2003-06-20 11:47:40 [2] DEBUG:   data: 32 30 31 2e 78 6d 6c 0

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread Stipe Tolj

huangcy wrote:
> 
> hi,list:
> when will kannel support wap2.0?

now that's a good question ;)

I guess this depends on how many people there are outside using Kannel
and want to contribute as module maintainer. Which means people that
pick up a certain issue (like Aarno does for PPG) and provide their
code to the group.

Currently we are to few people in having the WAP 2.0 stack implemented
in a short time frame. 

Please don't forget that we have a more huge architecture to maintain
(with the SMS gateway part, and now even MMSC), so it's not only the
WAP gw we have to deal with.

And again: contributors are *highly* welcome! This is an open source
project, which means *anyone* can contribute as long as their
contributions show up the required quality.

Ok, quality is somethign subjective, but now, that's like. There is
always someone who has to pick the thumb up or down ;)) (mainly we do
with votes)

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

Re: [FYI] RADIOUS accounting proxy commited

2003-06-20 Thread huangcy

hi,list:
when will kannel support wap2.0?

Re: [FYI] RADIOUS accounting proxy commited

2003-06-19 Thread David Chkhartishvili

Hi List,

I've just tried to use MSISDN feature of kannel. Seems like it doesn't 
provide X-WAP-Network-Client-MSISDN header to http server/MMSC. Instead 
I see that it transfers X-WAP-Network-Client-IP.
Here is debug log:

2003-06-20 11:47:37 [1] INFO: RADIUS: Got data from NAS 
2003-06-20 11:47:37 [1] DEBUG: Octet string at 0x8168e30:
2003-06-20 11:47:37 [1] DEBUG:   len:  98
2003-06-20 11:47:37 [1] DEBUG:   size: 99
2003-06-20 11:47:37 [1] DEBUG:   immutable: 0
2003-06-20 11:47:37 [1] DEBUG:   data: 04 04 00 62 6b b5 ca 85   ...bk...
2003-06-20 11:47:37 [1] DEBUG:   data: d1 ba e8 e5 8e 02 b3 ca   
2003-06-20 11:47:37 [1] DEBUG:   data: 62 16 6d 5a 04 06 d5 3d   b.mZ...=
2003-06-20 11:47:37 [1] DEBUG:   data: 3a 8c 05 06 00 00 00 10   :...
2003-06-20 11:47:37 [1] DEBUG:   data: 3d 06 00 00 00 04 01 05   =...
2003-06-20 11:47:37 [1] DEBUG:   data: 77 61 70 1e 05 35 32 31   wap..521
2003-06-20 11:47:37 [1] DEBUG:   data: 1f 0a 39 39 31 38 32 34   ..991824
2003-06-20 11:47:37 [1] DEBUG:   data: 31 38 28 06 00 00 00 01   18(.
2003-06-20 11:47:37 [1] DEBUG:   data: 2d 06 00 00 00 01 06 06   -...
2003-06-20 11:47:37 [1] DEBUG:   data: 00 00 00 02 2c 0a 30 30   ,.00
2003-06-20 11:47:37 [1] DEBUG:   data: 30 30 32 43 42 44 07 06   002CBD..
2003-06-20 11:47:37 [1] DEBUG:   data: 00 00 00 01 29 06 00 00   )...
2003-06-20 11:47:37 [1] DEBUG:   data: 00 00 ..
2003-06-20 11:47:37 [1] DEBUG: Octet string dump ends.
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attributes len is 79
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Authenticator (md5) is::
2003-06-20 11:47:37 [1] DEBUG:  Octet string at 0x8150d08:
2003-06-20 11:47:37 [1] DEBUG:len:  16
2003-06-20 11:47:37 [1] DEBUG:size: 17
2003-06-20 11:47:37 [1] DEBUG:immutable: 0
2003-06-20 11:47:37 [1] DEBUG:data: 6b b5 ca 85 d1 ba e8 e5   k...
2003-06-20 11:47:37 [1] DEBUG:data: 8e 02 b3 ca 62 16 6d 5a   b.mZ
2003-06-20 11:47:37 [1] DEBUG:  Octet string dump ends.
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (4) `NAS-IP-Address', 
len 4: "edited"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (5) `NAS-Port', len 4: "16"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (61) `NAS-Port-Type', 
len 4: "4"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (1) `User-Name', len 3: 
"wap"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (30) 
`Called-Station-Id', len 3: "edited"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (31) 
`Calling-Station-Id', len 8: "99182418"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (40) 
`Acct-Status-Type', len 4: "1"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (45) `Acct-Authentic', 
len 4: "1"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (6) `Service-Type', len 
4: "2"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (44) `Acct-Session-Id', 
len 8: "2CBD"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (7) `Framed-Protocol', 
len 4: "1"
2003-06-20 11:47:37 [1] DEBUG: RADIUS: Attribute (41) `Acct-Delay-Time', 
len 4: "0"
2003-06-20 11:47:37 [1] INFO: RADIUS PDU type: Accounting_Request
2003-06-20 11:47:37 [1] INFO: RADIUS: Mapping `(null) <-> 99182418' for 
session id <2CBD> added.
2003-06-20 11:47:40 [6] DEBUG: datagram received
2003-06-20 11:47:40 [8] DEBUG: Did not find previous routing info for 
WDP, generating new
2003-06-20 11:47:40 [12] DEBUG: send_msg: sending msg to boxc: <(null)>
2003-06-20 11:47:40 [12] DEBUG: boxc_sender: sent message to <127.0.0.1>
2003-06-20 11:47:40 [6] DEBUG: WTP: Created WTPRespMachine 0x8151e10 (0)
2003-06-20 11:47:40 [6] DEBUG: WTP: resp_machine 0, state LISTEN, event 
RcvInvoke.
2003-06-20 11:47:40 [6] DEBUG: WTP 0: New state INVOKE_RESP_WAIT
2003-06-20 11:47:40 [2] DEBUG: WSP: Created WSPMachine 0x8152138
2003-06-20 11:47:40 [2] DEBUG: WSP: machine 0x8152138, state 
NULL_SESSION, event TR-Invoke.ind
2003-06-20 11:47:40 [2] DEBUG: WSP: decoding headers:
2003-06-20 11:47:40 [2] DEBUG: Octet string at 0x81522b8:
2003-06-20 11:47:40 [2] DEBUG:   len:  150
2003-06-20 11:47:40 [2] DEBUG:   size: 151
2003-06-20 11:47:40 [2] DEBUG:   immutable: 0
2003-06-20 11:47:40 [2] DEBUG:   data: 80 80 a1 09 80 77 61 70   .wap
2003-06-20 11:47:40 [2] DEBUG:   data: 00 77 61 70 00 83 99 81   .wap
2003-06-20 11:47:40 [2] DEBUG:   data: 83 81 84 81 ea 81 03 02   
2003-06-20 11:47:40 [2] DEBUG:   data: 03 e8 b5 68 74 74 70 3a   ...http:
2003-06-20 11:47:40 [2] DEBUG:   data: 2f 2f 77 61 70 2e 73 6f   //wap.so
2003-06-20 11:47:40 [2] DEBUG:   data: 6e 79 65 72 69 63 73 73   nyericss
2003-06-20 11:47:40 [2] DEBUG:   data: 6f 6e 6d 6f 62 69 6c 65   onmobile
2003-06-20 11:47:40 [2] DEBUG:   data: 2e 63 6f 6d 2f 55 41 70   .com/UAp
2003-06-20 11:47:40 [2] DEBUG:   data: 72 6f 66 2f 54 36 38 52   rof/T68R
2003-06-20 11:47:40 [2] DEBUG:   data: 32 30 31 2e 78 6d 6c 00   201.xml.
2003-06-20 11:47:40 [2] DEBUG:   data: a9 53 6f 6e 79 45 72 69   .SonyEri
2003-06-20 11:47:40 [2] DEBUG:   data: 63 73 73 6f 6e 54 36 38   cssonT68
20

[FYI] RADIOUS accounting proxy commited

2003-06-19 Thread Stipe Tolj

Hi list,

I just commited this to cvs:

2003-06-20  Stipe Tolj  <[EMAIL PROTECTED]>
* Makefile.in: added compilation of RADIUS related files inside
radius/.
* doc/userguide/userguide.xml: new MSISDN provisioning section
describing
  the use of the RADIUS accounting proxy thread.
* gwlib/cfg.def: removed properietary groups that are *not* used
inside
  Kannel's tree and added 'radius-acct' group configuration
directives.
* gw/wap-appl.c, gw/wapbox.c: added RADIUS accounting proxy
related calls.
* radius/*: added RADIUS accounting proxy implemenation.
* test/test_radius_*.c: added some testing applications for the
RADIUS
  routines.

which means we have now a real MSISDN provisioning boarded inside
Kannel using a RADIUS accounting proxy thread inside wapbox.

See user's guide for guidance.

It works here at Wapme for some time inside our MMSC implementation,
because we pick the 'From' MMS header using the MSISDN provsioning
value provided by the WAP gateway (wapbox) directly.

The only thing that needs work on is the MD5 shared secret
re-computation to ensure NAS and we are having the same shared secret.
Usually I'm aware on how this is done, but it seems I can get this
right with our Ascend MAX2000 we have here arround.

BTW, we used GNU-radius as the RADIUS server back-end for
authentication and account packet forwarding.

Any help in getting the damn shared secret re-computation done right
is highly welcome.

Stipe

[EMAIL PROTECTED]
---
Wapme Systems AG

Vogelsanger Weg 80
40470 Düsseldorf

Tel: +49-211-74845-0
Fax: +49-211-74845-299

E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are

Re: [FYI] RADIOUS accounting proxy commited. UPDATE for Cisco NAS!

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

RE: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

RE: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

Re: [FYI] RADIOUS accounting proxy commited

[FYI] RADIOUS accounting proxy commited

20 matches

Site Navigation

Mail list logo

Footer information