Hi, currenty (the last few days) there has been a spam attack on freenode,
#Kamailio is currently full of spam messages, I was wondering if who has
operator rights could set the channel to +r (only registered users can send
messages) as suggested by freeenode admins
The channel usually has only few messages and with all this spam it becomes
impossible at all to use it.
Greetings,
Enrico.
Hey all,
I was wondering if the kamctl stats output could be updated to provide a bit more parseable JSON? For instance:
# kamctl stats shmem | jq .
{
"jsonrpc": "2.0",
"result": [
"shmem:fragments = 18",
"shmem:free_size = 467187808",
"shmem:max_used_size = 69694104",
"shmem:real_used_size = 69683104",
"shmem:total_size = 536870912",
"shmem:used_size = 41048984"
],
"id": 4300
}
I would hope would be more like this:
{
"jsonrpc":"2.0",
"result":[
{
"shmem":[
{
"fragments":18,
"free_size":467187808,
"max_used_size":69694104,
"real_used_size":69683104,
"total_size":536870912,
"used_size":41048984
}
]
}
],
"id":4300
}
I apologize in advanced because I don’t have the skillset to contribute such a feature.
Thanks!
~Noah
Hello All,
There appears to be issues with running "kamdbctl create" when using MySQL 8. When this is ran there are syntax SQL errors. One such error is when doing grants using "IDENTIFIED BY 'password'"; This throws a sequel error for version 8 of MySQL.
Thank you,
Hi,
I've set up a dmq server for other kamailio nodes with this parameters:
```
modparam("dmq", "server_address","sip:10.0.0.101:5060")
modparam("dmq", "notification_address", "sip:127.0.0.1:5060")
modparam("dmq", "multi_notify", 1)
modparam("dmq", "num_workers", 4)
modparam("dmq", "ping_interval", 15)
```
On the kamailio nodes the config is the following:
```
modparam("dmq", "server_address", "sip:10.0.0.x:5060")
modparam("dmq", "notification_address", "sip:10.0.0.101:5060")
modparam("dmq", "multi_notify", 1)
modparam("dmq", "num_workers", 4)
modparam("dmq", "ping_interval", 15)
```
On the kamailio dmq server I've got this in the logs:
```
25(41) ERROR: dmq [notification_peer.c:596]:
notification_resp_callback_f(): deleting server sip:127.0.0.1:5060
because of failed request
25(41) ERROR: dmq [notification_peer.c:599]:
notification_resp_callback_f(): not deleting notification_peer
```
On the kamailio nodes the same thing with the ip of the dmq server:
```
25(112) ERROR: dmq [notification_peer.c:596]:
notification_resp_callback_f(): deleting server sip:10.0.0.101:5060
because of failed request
25(112) ERROR: dmq [notification_peer.c:599]:
notification_resp_callback_f(): not deleting notification_peer
```
The request route on the dmq server is simple as this:
```
request_route {
if(is_method("KDMQ")){
dmq_handle_message();
}
}#end request_route
```
I've tried with some xlog-s inside the if(is_method("KDMQ")) but they
don't show up so the dmq_handle_message() is not even executed.
I've also tried to bind the dmq server to a different port but with no
success on making it work.
The dmq.list_nodes shows only the dmq server IP and the current node
IP, the IPs of other nodes are not shown:
```
root@proxy-94b6ccf46-t8fx2:/# kamcmd dmq.list_nodes
{
host: 10.0.0.101
port: 5060
resolved_ip: 10.0.0.101
status: active
last_notification: 0
local: 0
}
{
host: 10.0.0.45
port: 5060
resolved_ip: 10.0.0.45
status: active
last_notification: 0
local: 1
}
```
And it's the same on all other kamailio nodes: dmq server ip and local ip.
The kamailio version on all the nodes is:
5.2.0~dev6+0~20180616010152.1138+xenial
Thanks,
--
Aleksandar Sosic
mail: alex.sosic(a)evosip.cloud
Hello,
I want to highlight that the last stable versions (for the two maintained
series: 5.0 and 5.1) include fixes for an security issues that can crash a
running instance of Kamailio, therefore it is strongly recommended to upgrade.
Details:
There exists a security vulnerability in the Kamailio SIP server related to
"To" header processing. A specially crafted SIP message with double "To"
header and an empty "To" tag causes a segmentation fault and crashes Kamailio.
The reason is missing input validation in the "build_res_buf_from_sip_req"
core function.
If an attacker sends many of this messages this would lead to a Denial of
Service of the attacked infrastructure. This is especially critical as no
authentication for the remote source is needed.
You find all the details including a proof of concept code in the published
security announcement in my blog:
https://skalatan.de/blog/advisory-hw-2018-05
A CVE report for this issue is going to be created as well in the near future.
The issues were found some months ago and were fixed quickly. The code related
to the reported issues is rather old and there are no known incidents of
exploiting these issues so far. However, once the CVE report becomes public,
there could be a higher risk of exploitation.
Please address any detailed technical questions related to this to the
developer list at sr-dev(a)lists.kamailio.org .
In case of confidential remarks related to this or other security issues,
please address them to the Kamailio Management.
Best regards,
Henning Westerholt
--
Henning Westerholt
https://skalatan.de/blog/
Hello,
The nathelper module does not obey the advertise IP. Is there any work around for this? When kamailio is running behind a NAT with advertised IP set the nathelper module doesn't use that IP when sending SIP OPTIONS keepalives.
Here is a picture of the packet coming from Kamailio. https://i.imgur.com/9vcpOoo.png
Thanks,
Hello,
we have a problem of final reply code in case of 302 and then 486 busy.
This is our scenario:
A, B and C are subscribers.
A ----------> Kamailio ----------> B
Kamailio <---302---- B
Kamailio -----------------------> C
Kamailio <---486----------------- C
A <---302---- Kamailio
Expected behavior: Kamailio should reply to A with 486, as C was busy,
and not 302.
We have kamailio v5.1.4
In the call to B we set both failure and branch_failure:
t_on_failure("failure_route");
t_on_branch_failure("failure_redirect");
in order to handle the 302 redirect per branch with:
event_route[tm:branch-failure:failure_redirect]
{
if($T_reply_code == 301 || $T_reply_code == 302)
{
do redirect ...
}
}
and the final failure with:
failure_route[FAILURE_ROUTE_LOCAL]
{
do something ...
}
Since we have 'modparam("tm", "failure_reply_mode", 3)' my expectation
is to get the winning reply from the branch of last step.
Is there any configuration I'm missing?
Since we manage the redirect with a branch-failure, is the winning reply
calculated in a different way?
Thanks
Marco
Good Morning all,
When I do get Kamailio to compile with MySQL 8, I encounter the following issue when running "kamdbctl create"
ERROR 1449 (HY000) at line 1: The user specified as a definer ('mysql.infoschema'@'localhost') does not exist
WARNING: Your current default mysql characters set cannot be used to create DB. Please choice another one from the following list:
Any ideas?
Thank you.
Hello all,
I started getting the following error while trying to compile Kamailio 5.1+ on Centos 7
CC (gcc) [M db_mysql.so] my_fld.o
In file included from my_fld.c:22:0:
my_fld.h:37:2: error: unknown type name 'my_bool'
my_bool is_null;
Has anyone seen this before.
Thank you
Hi All,
I've come across and oddity whereby my is_method("KDMQ") checks are not
matching.
I'm testing with kamailio master:
version: kamailio 5.2.0-dev6 (x86_64/linux) a16272
flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, DISABLE_NAGLE,
USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC,
F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX,
FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR,
USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144 MAX_URI_SIZE 1024,
BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: a16272
compiled on 15:27:21 Jul 31 2018 with gcc 7.3.1
Sample routing logic:
request_route {
route("InitialMessageChecks");
exit;
}
route[InitialMessageChecks] {
xlog("L_INFO", "Received message type $rm from $si:$sp on $Ri:$Rp");
if ( is_method("KDMQ") ) { xlog("L_INFO", "KDMQ check passed."); }
if ( is_method("OPTIONS") ) { xlog("L_INFO", "OPTIONS check
passed."); }
if ( is_method("SUBSCRIBE") ) { xlog("L_INFO", "SUBSCRIBE check
passed."); }
}
In the logs I am only receiving the 1st log line in the initial message
checks route for message types of KDMQ, eg:
INFO: <script>: Received message KDMQ from 1.1.1.1:5060 on 1.1.1.2:5060
INFO: <script>: Received message KDMQ from 1.1.1.3:5060 on 1.1.1.2:5060
I never seem to hit the is_method check log line when the method type is
KDMQ.
I do see the options/subscribe logs though:
INFO: <script>: OPTIONS check passed.
INFO: <script>: SUBSCRIBE check passed.
nothing for KDMQ.
Reason for asking is: this check never matches and breaks the dmq bus:
if ( is_method("KDMQ") ) {
if ( dmq_is_from_node() ) {
dmq_handle_message();
exit;
} else {
exit;
}
}
Any thoughts, or am I going crazy :)
Thanks
