sr-users February 2020

sr-users@lists.kamailio.org

57 participants
72 discussions

How to detect NAT during authenticated registration of clients which adjust the headers

by Awal Junanto

Hi, We are building a service where we need to detect NAT when the clients register to our server. We are struggling in analyzing NAT status of some clients which modify their IP addresses/ports in the headers according to the value of "received" parameter sent during "401 Unauthorized" response. Here's the flow: Client->Server REGISTER sip:... Via: SIP/2.0/TLS 192.168.0.1:41157 ;rport;branch=z9hG4bKPj30093e5d-550d-4d4c-a9a2-22c3bd1cda7e;alias Contact: <sip:user@192.168.0.1:42251;transport=TLS;ob> ... Server->Client SIP/2.0 401 Unauthorized Via: SIP/2.0/TLS 192.168.0.1:41157 ;rport;branch=z9hG4bKPj30093e5d-550d-4d4c-a9a2-22c3bd1cda7e;alias;received=1.2.3.4 WWW-Authenticate: ... ... Client->Server REGISTER sip:... Via: SIP/2.0/TLS 1.2.3.4:6201 ;rport;branch=z9hG4bKPj30093e5d-550d-4d4c-a9a2-22c3bd1cda7e;alias Contact: <sip:user@ 1.2.3.4:6201;transport=TLS;ob> Authorization: ... ... By the time the client is authenticated, there is no way to detect whether the request was coming from a natted device or not by just analysing the Via or Contact headers. Thanks in advance.

4 years, 8 months

Re: [SR-Users] dlg.end_dlg on RTP timeout

by Miteshkumar Thakkar

This is really helpful development. I am facing one issue, when I use this. RTPEngine is sending two "dlg.terminate_dlg" events for single call to kamailio with same call-id but reversed to-tag and from-tag in second event. I believe this is due to two separate RTP streams. Problem here is that - in first event kamailio terminates the call, hence when second event comes, kamailio says - call-id not found and send response back to RTPEngine. But still RTPEngine keeps sending that event message for three more times. Kamailio has to respond to it with call-id not found. Which is overhead. Not recommended for production environment. How can I avoid this? Any help is appreciated. Thank you Mitesh That's great, thank you! Cheers, Daniel On 06.09.18 11:15, Richard Fuchs wrote: >* This is now supported as per * >* https://github.com/sipwise/rtpengine/commit/89084da8d820919b44a0244e16e6701… <https://github.com/sipwise/rtpengine/commit/89084da8d820919b44a0244e16e6701…> * > >* Cheers * > >* On 2018-09-05 05:39, Daniel-Constantin Mierla wrote: * >> >>* There is the dlg.terminate_dlg rpc command that requires callid, * >>* from-tag and to-tag as parameters: * >> >>* * * >>* https://kamailio.org/docs/modules/5.1.x/modules/dialog.html#dlg.r.terminate… <https://kamailio.org/docs/modules/5.1.x/modules/dialog.html#dlg.r.terminate…> * >> >>* So it expects something like: * >> >>* <?xml version="1.0" encoding="UTF-8"?> * >>* <methodCall> * >>* <methodName>dlg.terminate_dlg</methodName> * >>* <params> * >>* <param><value><string>_CALLID_VALUE__</string></value></param> * >>* <param><value><string>_FROM_TAG_VALUE__</string></value></param> * >>* <param><value><string>_TO_TAG_VALUE__</string></value></param> * >>* </params> * >>* </methodCall> * >> >>* I planned to make the from-tag and to-tag optional for quite some * >>* time, but didn't get the time for it yet. * >> >>* Cheers, * >>* Daniel * >> >>* On 05.09.18 08:52, Richard Fuchs wrote: * >>>* Yup that's exactly right. * >>> >>>* It would be fairly simple to implement an additional XMLRPC format * >>>* if there's a particular one that's more friendly towards Kamailio. * >>> >>>* Cheers * >>> >>>* On 2018-09-05 02:42, Daniel-Constantin Mierla wrote: * >>>> >>>>* Looking quickly at the readme of rtpengine application and digging * >>>>* a bit with google, it is something like rtpengine has to be started * >>>>* with * >>>> >>>>* -b http(s)://myrpcserver.ip/path -x 1 * >>>> >>>>* and then the xmlrpc request is going to be sent to that url, having * >>>>* a format like: * >>>> >>>>* <?xml version="1.0" encoding="UTF-8"?> * >>>>* <methodCall> * >>>>* <methodName>teardown</methodName> * >>>>* <params> * >>>>* <param><value><string>_CALLID_VALUE__</string></value></param> * >>>>* </params> * >>>>* </methodCall> * >>>> >>>>* Is it right? If yes, then I can try to make a sample config that * >>>>* could handle it using xmlops, xhttp and jsonrpcs modules. * >>>> >>>>* Cheers, * >>>>* Daniel * >>>> >>>> >>>>* On 05.09.18 08:24, Richard Fuchs wrote: * >>>>>* It does an XMLRPC callback. Currently there's two formats for it, * >>>>>* one is a sems sbc teardown request (using the from-tag), the other * >>>>>* is a generic "teardown" command using the call ID. * >>>>> >>>>>* Cheers * >>>>> >>>>>* On 2018-09-04 07:52, Daniel-Constantin Mierla wrote: * >>>>>> >>>>>>* Hello, * >>>>>> >>>>>>* what do you get from rtpengine on rtp timeout? An RPC call back * >>>>>>* or an http request? * >>>>>> >>>>>>* Cheers, * >>>>>>* Daniel * >>>>>> >>>>>> >>>>>>* On 04.09.18 12:48, Igor Olhovskiy wrote: * >>>>>>>* Hi all! * >>>>>>> >>>>>>>* Is there any way to end dialog in Kamailio on RTP Timeout event * >>>>>>>* on RTPEngine? * >>>>>>> >>>>>>>* Or only look at logs/redis database with external tool? * >>>>>>> >>>>>>>* Regards, Igor * >>>>>>> >>>>>>> >>>>>>>* _______________________________________________ * >>>>>>>* Kamailio (SER) - Users Mailing List * >>>>>>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>> >>>>>>* -- * >>>>>>* Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> * >>>>>>* www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> * >>>>>>* Kamailio World Conference -- www.kamailioworld.com <http://www.kamailioworld.com> * >>>>>>* Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com <http://www.asipto.com> * >>>>>> >>>>>> >>>>>>* _______________________________________________ * >>>>>>* Kamailio (SER) - Users Mailing List * >>>>>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>> >>>>> >>>>>* _______________________________________________ * >>>>>* Kamailio (SER) - Users Mailing List * >>>>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>> >>>>* -- * >>>>* Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> * >>>>* www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> * >>>>* Kamailio World Conference -- www.kamailioworld.com <http://www.kamailioworld.com> * >>>>* Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com <http://www.asipto.com> * >>> >>> >>>* _______________________________________________ * >>>* Kamailio (SER) - Users Mailing List * >>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >> >>* -- * >>* Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> * >>* www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> * >>* Kamailio World Conference -- www.kamailioworld.com <http://www.kamailioworld.com> * >>* Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com <http://www.asipto.com> * > > >* _______________________________________________ * >* Kamailio (SER) - Users Mailing List * >* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference -- www.kamailioworld.com Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com

4 years, 9 months

Teams integration

by Bugaian A. Vitalie

Hello list, its been about one month for me playing with kamailio and I need some help to sort out a real life situation. I followed this guide https://skalatan.de/en/blog/kamailio-sbc-teams; great article, also got some inspiration from here https://blog.opensips.org/2019/09/16/opensips-as-ms-teams-sbc/..articles look very similar. I manged to get my calls out to kamailio from TEAMS it works perfectly call gets connected and codec negotiation is fine, but I am facing issue geting the call inbound to TEAMS. My invite looks like this: ======================== U 217.26.163.205:5060 -> 52.114.75.24:5061 #22 INVITE sip:+37360844269@sip.pstnhub.microsoft.com:5061 SIP/2.0. Record-Route: <sip:sbc.pride.md:5061;transport=tls;lr>. Record-Route: <sip:217.26.163.205:5061;nat=yes;lr>. Via: SIP/2.0/UDP 217.26.163.205;branch=z9hG4bK7838.7417f50ed201fcada9609f5b7c4e520f.0. Via: SIP/2.0/UDP 192.168.169.102:5060 ;received=46.214.187.67;branch=z9hG4bK80e3f7e5cc50ea11806b6eeeb899592c;rport=5060. From: "+37379844267" <sip:+37379844267@sbc.pride.md>;tag=1604785394. To: "+37360844269" <sip:+37360844269@sip.pstnhub.microsoft.com:5061 ;user=phone>. Call-ID: 80E3F7E5-CC50-EA11-8069-6EEEB899592C(a)192.168.169.102. CSeq: 227 INVITE. sip:+37379844267@192.168.169.102:5060;gr=008A94E3-CA50-EA11-805B-6EEEB899592C;alias=46.214.187.67~5060~1Content-Type: application/sdp. Allow: INVITE, ACK, BYE, CANCEL, INFO, MESSAGE, NOTIFY, OPTIONS, REFER, UPDATE, PRACK. Max-Forwards: 69. User-Agent: SIPPER for PhonerLite. Session-Expires: 1800. Supported: 100rel, replaces, from-change, gruu, timer. P-Preferred-Identity: <sip:+37379844267@sbc.pride.md>. Content-Length: 362. Contact: <sip:+37379844267@sbc.pride.md:5061;user=phone;transport=tls>. . v=0. o=- 2307737351 1 IN IP4 217.26.163.205. s=SIPPER for PhonerLite. c=IN IP4 217.26.163.205. t=0 0. m=audio 36864 RTP/SAVP 8 101. a=rtpmap:8 PCMA/8000. a=rtpmap:101 telephone-event/8000. a=fmtp:101 0-16. a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:owGy5+mMZNyO5+9lFmUUOK3WqpEsxJH0+jtWz =============================================== Anybody has a good invite exaple for Teams? Or do you see any issue with my invite? I do use : record_route_preset("sbc.pride.md:5061;transport=tls","217.26.163.205:5060 ;nat=yes"); add_rr_param(";r2=on"); before sending this out. Please let me know if you can help. Thanks. Vitalie.

4 years, 9 months

Trouble with 302 Redirect

by Jim Leahy

Hi All, I'm having some issues trying to properly send a '302 Moved Temporarily' reply to the calling UAC (UAC1) when the remote UAC (UAC2) returns a 486 status (Do Not Disturb). The goal is to redirect UAC1 to a voicemail server when UAC2 is in DND. Here are the pertinent parts of my config: route { # drop some things right away route(DROP); # perform sanity check route(SANITYCHECK); # handle registrations if(is_method("REGISTER")) { route(REGISTRATION); exit; } # handle invites if(is_method("INVITE")) { route("INVITE"); exit; } route(RELAY); } route[INVITE] { # add this proxy to the record-route so it stays in the loop record_route(); # if we can find this user in the location DB... if(lookup("location")) { # relay the invite to the new dURI t_on_failure("FOURDIGITFAIL"); t_on_reply("FOURDIGITREPLY"); route(RELAY); # go back to the main route return; } onreply_route[FOURDIGITREPLY] { if(t_check_status("4[0-9]{2}")) { t_reply("302", "Moved Temporarily"); } } I'm having issues with the t_reply in the onreply_route. It successfully sends the reply, but I can't seem to set the Contact header properly. I'm trying to set it to the location of the user's mailbox on the voicemail sever (ie sip:1000@vmpbx.domain.com), but nothing I try works. I've tried: remove_hf("Contact"); insert_hf("Contact: sip:1000@vmpbx.domain.com"); t_reply("302", "Moved Temporarily"); But as I understand it, that just changes the header in the reply from UAC2, not the reply I'm sending to UAC1 Then I tried: append_to_reply("Contact: sip:1000@vmpbx.domain.com" ); t_reply("302", "Moved Temporarily"); But I can't use append_to_reply in an onreply block. How can I change the Contact header in the reply that's sent? Am I just going about this the wrong way? Any help would be appreciated. Thanks

4 years, 9 months

Rtpproxy not work in 2 kamailio + rtpproxy setup

by Voip support

Dear Community, I have a problem with rtpproxy not changing the SDP IP in connection information in following scenario: SIP1 -> kamailio1 + rtpproxy1 -> kamailio2 + rtpproxy2 -> SIP2 The first kamailio put SDP IP correctly (from rtpproxy) then the second kamailio does not change SDP connection information. I think its related to SDP body which has: a=nortpproxy:yes line added by kamailio1. So i tried to remove the a=nortpproxy:yes line from SDP before calling rtpproxy_manage. But it looks like no difference in working - i think the SDP sent to rtpproxy is still having the line even when i removed it. The issue is not happening when i remove kamailio1 + rtpproxy1. In that case my IP is put correctly in SDP in INVITE and in 200 OK. In case of two kamailio with rtpproxy (kamailio1 and kamailio2) in signalling path i am getting: rtpproxy [rtpproxy.c:2586]: force_rtp_proxy(): incorrect port 0 in reply from rtp proxy for replies (SIP2 IP address in 200OK SDP is present instead of kamailio2 IP address). For request INVITE i am not getting the error but the IP in SDP doesn't change. kamailio2 config is now like below (but the attempt to remove a=nortpproxy:yes, did not work for me) # RTPProxy control and signaling updates for NAT traversal route[NATMANAGE] { #!ifdef WITH_NAT if (is_request()) { if(has_totag()) { if(check_route_param("nat=yes")) { setbflag(FLB_NATB); } } } # if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return; -- commented this out because sometimes rtpproxy was not used and i wanted to use it always # added below code to remove a=nortpproxy:yes from SDP before rtpproxy_manage but its still not working if( has_body("application/sdp") && (1 == sdp_get_line_startswith("$avp(nortpproxy)", "a=nortpproxy" )) ){ sdp_remove_line_by_prefix("a=nortpproxy:yes"); xlog("removed nortpproxy:yes from SDP"); } if(nat_uac_test("8")) { xlog("rtpproxy CO"); rtpproxy_manage("co","MY_PUBLIC_IP_HERE"); } else { xlog("rtpproxy COR"); rtpproxy_manage("cor"," MY_PUBLIC_IP_HERE "); } if (is_request()) { if (!has_totag()) { if(t_is_branch_route()) { add_rr_param(";nat=yes"); } } } if (is_reply()) { if(isbflagset(FLB_NATB)) { if(is_first_hop()) set_contact_alias(); } } if(isbflagset(FLB_NATB)) { # no connect message in a dialog involving NAT traversal if (is_request()) { if(has_totag()) { set_forward_no_connect(); } } } #!endif return; } Best regards, Tom PS. thanks for any hints to resolve the issue.

4 years, 9 months

record_route_advertised_address causes null send socket error

by Daniel Greenwald

I am using record_route_advertised_address to insert a record route header with an SRV record. The header is added correctly and everything appears to be working fine however I get a CRITICAL log error when calling record_route_advertised_address('INTERNAL_SRV'); 2020-02-25T20:14:57.078235+00:00,ip-10-0-16-53: CRITICAL: cbbcfe06-d181-467c-bbf4-78772aa0562f 2 16777053 INVITE:<core> [core/msg_translator.c:514]: lump_check_opt(): null send socket 2020-02-25T20:14:57.078352+00:00,ip-10-0-16-53: CRITICAL: cbbcfe06-d181-467c-bbf4-78772aa0562f 2 16777053 INVITE:<core> [core/msg_translator.c:514]: lump_check_opt(): null send socket Any ideas? I'm considering using insert_hf() to manually add it and bypass whatever check is failing. Thoughts? Thanks

4 years, 9 months

Access to CANCEL messages sent during parallel forking

by Marco Capetta

Hi All, I have a question regarding call forking and how to access failed branches: the ones for which kamailio sends out the CANCEL because on another one a 200OK was received. This is the scenario: - A calls B - 3 devices are registered on B, so a parallel forking is done to B1, B2 and B3 - B1, B2, and B3 all reply with 180 Ringing - B1 replies with 200OK - Kamailio CANCELs the branches with B2 and B3 What I need is access to each single CANCEL that Kamailio sends out to B2 and B3. In particular I need to know the branch-id and Via branch of all the cancelled branches. Additionally it would be perfect to have them inside the TM module, in order to have access also to internal AVPs. I tried with dedicated failure routes and also with per-branch failure routes, but I was never able to access to those values. I also didn't found a specific event-route that can help me solve this problem. Does anyone have an idea? Kamailio version 5.2.5 Thanks Regards Marco

4 years, 9 months

Siremis v5.3.0 Released

by Daniel-Constantin Mierla

Siremis v5.3.0 is out – the open source web management interface for Kamailio SIP Server. This version comes with major changes and many new features, among them the removal of legacy flash charts (now uses pure JS), make the code compatible with PHP 7.x and web views to manage many new modules added up to Kamailio v5.3.x, including the replacement of MI control interface with JSONRPC. This is the first full release in the 5.x series of Siremis. Step by step installation tutorial, screenshots and changelog are available on the web at: * https://kb.asipto.com/siremis:install53x:main * https://kb.asipto.com/siremis:install32x:screenshots * https://github.com/asipto/siremis/blob/v5.3.0/ChangeLog The deployment of Siremis can be also done using Docker, see the guidelines at: * https://github.com/asipto/siremis/tree/master/misc/docker Siremis project is hosted on Github at: * https://github.com/asipto/siremis/ The web site for the project is at: * https://www.siremis.org Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com

4 years, 9 months

Understanding set_rtp_engine with two sets

by Anthony Alba

There is a use case mentioned "This is useful if you have a set of RTP proxies that the caller must use, and another distinct set of RTP proxies that the callee must use. This is supported by all rtpengine commands except rtpengine_manage(). " How do you actually implement this - is it something like this? Say caller supposed to target Set 1and callee supposed to target Set 2: # offer/request route set_rtpengine_set(1, 2) rtpengine_offer() # cannot use rtpengine_manage() # callee sees set 2 in SDP, right? # reply_route set_rtpengine_set(2, 1) # reverse the order? Is this correct?? # OR set_rtpengine_set(1, 2) # keep order, module does autoreversal magic # caller sees Set 1 in SDP My question: in the reply route do you keep the same order (module is clever enough to autoreverse so caller sees Set 1) OR do you explicitly reverse the order and THAT means caller sees Set 1. Cheer Anthony

4 years, 9 months

kamcli postgres support

by Daniel-Constantin Mierla

Hello, anyone in the community with Python knowledge using Postgres that can spend a bit of time to add support in kamcli? * https://github.com/kamailio/kamcli It should be mainly about the content of the code corresponding to db subcommand: * https://github.com/kamailio/kamcli/blob/master/kamcli/commands/cmd_db.py The target for it is to replace kamdbctl and has some command line variants for couple of its functions, now being implemented for MySQL. The rest of the code relies on sqlalchemy, which should have transparent support for both mysql and postgress (even more). Testing the other commands connecting to database with postgres would be good, though. With more and more diversity in the default shell by main Linux/Unix distros, we hope to be able to replace in the near future the kamctl and kamdbctl tools, which are more like bash scripting (a few issue being reported and fixed lately). Besides that, using python allows better input/parameter checking/validation as well as more options for formatted output. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com

4 years, 9 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users February 2020