- sr-users - kamailio.org

Fwd: Sensible values for pike mudule?
by Stefan 27 Apr '23

27 Apr '23

Hi Benoît We use pike in combination with fail2ban. Log a message -> create a fail2ban rule to block the ip for xxx time. example: if ($ua =~ "(friendly-scanner|sipvicious)") { sl_send_reply("488", "Go away."); xlog("L_INFO","$ci Blocking traffic from $si\n"); exit; } Cool thing is, you can write a log entry from every part in your kamailio-config, and then fail2ban does the rest. Regards Stefan Am 27.04.23 um 16:07 schrieb Benoit Panizzon: > Hi > > Before I go too deep into try and error, I guess others have been there > too. > > What are sensible value you use for the pike module to detect / > mitigate abusive behavior, especially dictionary attacks? > > Are there better solutions that the pike module? > > Mit freundlichen Grüssen > > -Benoît Panizzon-

1 0

hooking mechanism for routing blocks
by Valentin Christoph 27 Apr '23

27 Apr '23

Dear all, I am looking for some hooking mechanism for user defined routing blocks. Is something like this already available? 1) a common part of the routing configuration shall not (or only slightly) be changed, after some hooks have been implemented Something like a function "engage_hooks()" of some "hook_module"? : Routing config that should not be changed by application developers engage_hooks(HOOK_TYPE); Routing config that should not be changed by application developers : 2) one application developer may "hook" new parts of the routing configuration into this, by modparam("hook_module", "hook", "name=MY_RB;type=HOOK_TYPE;prio=50); : : Route [MY_RB] { Do something at hook HOOK_TYPE; } : : 3) another application developer might want to "hook" into the same HOOK_TYPE with a higher priority modparam("hook_module", "hook", "name=ANOTHER_RB;type=HOOK_TYPE;prio=20); : : Route [ANOTHER_RB] { Do another thing with higher priority at hook HOOK_TYPE } : : Kr, Christoph

2 2

Kamailio use case
by jdprsaga＠gmail.com 26 Apr '23

26 Apr '23

Hello All, new subscriber here. I've been reading kamailio documentation to check if kamailio has a use case on the architecture for the solution for my company's software, here an small architecture diagram of our solution. sipclient <----> [ Middleware ] <-----> SBC Our middle ware is both a sip proxy and media proxy. we have a large number of sip clients but a small calling number, our current bottleneck is that the middleware can't handle a high number of registration, i would like to deploy Kamailio as a load balancer for registrations, making sure it is statefull so registrations and calls are hashed into the same middleware server. sipclients < ----> [ kamailio ] <------> [ middleware1, middleware2,...,middleware N] <-----> SBC Any thoughts or pointers?

4 3

rtpengine module: Actions caused by rtpengine_manage() on reply-codes?
by Benoît Panizzon 26 Apr '23

26 Apr '23

Hi all I wonder, if there is a documentation on what action is performed by rtpengine_manage() on which kind reply. Am I right, that rtpengine_manage(), on any 4XX reply causes a delete? So if there is a re-invite (for example to switch to T.38) and the other party replies with 488 which in turn is passed through rtpengine_manage() the existing RTP stream is deleted from rtpengine instead of being left running with the previously agreed codec? Has anyone already figured out a list of what reply codes should be exempt from calling rtpengine_manage()? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

8 12

Configuring dynamic Destination identification for Kamailio Routing
by harneet singh 25 Apr '23

25 Apr '23

Hi Experts, We have been using Kamailio as a sip proxy for a fair bit of time now(version 5.3.2 though) and do understand the native routing mechanism that can be instrumented through the kamailio cfg scripts. We initially had only two sides, where the traffic could come from into Kamailio and it just passed through to the other side(ie Traffic from A was routed to B and that from B was routed to A). Off late, a few more sip elements have been introduced in the deployment and now there is a need for a more formal/robust mechanism to select the intended destination to forward an initial SIP INVITE to. I believe that we could still keep all the logic in the native kamailio script and do the routing(for example, an incoming call where the *From URI* contains *sip.elementA.com <http://sip.elementA.com>* should be routed to destination *sip.elementB.com <http://sip.elementB.com>*, where as if the* To URI *contains *sip.elementC.com <http://sip.elementC.com>*, the request should be routed to *sip.elementC.com <http://sip.elementC.com>)**. *Since we have many sip elements like A,B.C,D,E etc where the requests might have to be routed to, based on certain different criteria, this logic would become cumbersome. *What would be the best way to accommodate this?* *Would it be possible to rewire this routing logic at runtime(*like in some csv file that can be reloaded*) without a Kamailio restart? * Regards, Harneet Singh -- "Once you eliminate the impossible, whatever remains, no matter how improbable, must be the truth" - Sir Arthur Conan Doyle

3 5

sips to sip with TLS proxy
by Kiss Zoltán 25 Apr '23

25 Apr '23

Hi all, We have a working Kamailio setup, lets call it a transparent proxy for Asterisk boxes. Its based on domain and dispatcher modules and everything is working as expected with the test clients (more or less microsip, softphone for ios, etc). We are tried to register with a Grandstream deskphone today, and we see that the phone sending sips:xxx in the Reg Contact field for example. Because the sips schema, the register is working, but we cannot initiate calls from this phone. If we are turning SIP scheme to sip from sips in the phone, then everything is working as expected. I think we can transform those requests from sips to sip with Kamailio, but currently we dont know where can we start. Has anybody a suggestion about this issue? I know that we can transform ruri, contact, etc with textops, nathelper and a lot of other modules, but what is the best for this sips->sip translation? Thanks for your help. With kind regards, Zoltan

4 10

TCP/TLS connection (id: 0) for WebSocket could not be found
by Joey Golan 22 Apr '23

22 Apr '23

Hello, I have 2 clients. 1 using websocket and 1 mobile using TLS. Both can call each other perfectly. After 24-48 hours calls from mobile to websocket failed with an error message: TCP/TLS connection (id: 0) for WebSocket could not be found. At the same time I can make calls from the websocket client to the mobile. I know that the search of the connection is done by target address so I printed the addresses + ports and they are matched to the ones that appear on the ul.dump and ws.dump. *kamcmd ul.dump output:* Info: { AoR: usrmt63ly_1040 HashID: 1830036546 Contacts: { Contact: { Address: sip:usrmt63ly_1040@example.com;transport=ws Expires: 283 Q: -1 Call-ID: tvne1pskgkm2a01pnqm677 CSeq: 1060 User-Agent: JsSIP 3.9.0 Received: sip:*10.218.51.86:24061 <http://10.218.51.86:24061>*;transport=ws Path: <sip:10.218.154.228:50443;transport=ws;received=sip:*10.218.51.86:24061 <http://10.218.51.86:24061>*;transport=ws;lr> State: CS_NEW Flags: 0 CFlags: 64 Socket: tls:10.218.154.228:50443 Methods: 7071 Ruid: uloc-61ebba84-64242101-89ba-1 Instance: <urn:uuid:7573726d-7436-116c-915f-313034304077> Reg-Id: 1 Server-Id: 1642838660 Tcpconn-Id: 100420 Keepalive: 1 Last-Keepalive: 1680417282 KA-Roundtrip: 0 Last-Modified: 1680417282 } } } *kamcmd ws.dump* { connections: { 100420: wss:*10.218.51.86:24061 <http://10.218.51.86:24061>* -> wss: 10.218.154.228:50443 (state: OPEN, last used 14s ago, sub-protocol: sip) } info: { wscounter: 1 truncated: no } } *Call from mobile (TLS) to websocket: Failed with error message: TCP/TLS connection (id: 0) for WebSocket could not be found* 30(35263) INFO: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} <script>: request_route: method [INVITE] from [ sip:usrrcv4o4_1040@example.com] socket [sip:10.218.51.86:50909;transport=tls] to [sip:usrmt63ly_1040@example.com] 30(35263) INFO: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} <script>: [RELAY]: method [INVITE] from [sip:usrrcv4o4_1040@example.com] socket [sip:10.218.51.86:50909;transport=tls] to [ sip:usrmt63ly_1040@example.com] socket [sip:*10.218.51.86:24061 <http://10.218.51.86:24061>*;transport=ws] 30(35263) WARNING: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} <core> [core/msg_translator.c:2863]: *via_builder(): TCP/TLS connection (id: 0) for WebSocket could not be found* 30(35263) ERROR: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} <core> [core/msg_translator.c:2040]: build_req_buf_from_sip_req(): could not create Via header 30(35263) ERROR: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} tm [t_fwd.c:479]: prepare_new_uac(): could not build request 30(35263) ERROR: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} tm [t_fwd.c:1759]: t_forward_nonack(): failure to add branches 30(35263) ERROR: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} sl [sl_funcs.c:418]: sl_reply_error(): stateless error reply used: No error (2/SL) 30(35263) NOTICE: {1 2563 INVITE 4248c155-cd92-49b8-b68a-eef5f2cb3e88} acc [acc.c:287]: acc_log_request(): ACC: call missed: timestamp=1680417920;method=INVITE;from_tag=e168ffa6-e577-48ec-b9c9-a73f5be318e8;to_tag=0c3e625e9f223a7ee2b093e8e31b2526-b7165bcb;call_id=4248c155-cd92-49b8-b68a-eef5f2cb3e88;code=500;reason=Server Internal Error;src_user=usrrcv4o4_1040;src_domain=example.com ;src_ip=10.218.51.86;dst_ouser=usrmt63ly_1040;dst_user=usrmt63ly_1040;dst_domain= example.com *Call from websocket to mobile (TLS):* 38(35271) INFO: {1 7488 INVITE urcnete8r71dpkhmngd8} <script>: request_route: method [INVITE] from [sip:usrmt63ly_1040@example.com] socket [sip:*10.218.51.86:24061 <http://10.218.51.86:24061>*;transport=ws] to [ sip:usrrcv4o4_1040@example.com] 38(35271) INFO: {1 7488 INVITE urcnete8r71dpkhmngd8} <script>: [RELAY]: method [INVITE] from [sip:usrmt63ly_1040@example.com] socket [sip:*10.218.51.86:24061 <http://10.218.51.86:24061>*;transport=ws] to [ sip:usrrcv4o4_1040@example.com] socket [sip:10.218.51.86:20674 ;transport=tls] 39(35272) INFO: {2 7488 INVITE urcnete8r71dpkhmngd8} <script>: onreply_route[MANAGE_REPLY] method [INVITE] code [100] from [ sip:usrmt63ly_1040@example.com] to [sip:usrrcv4o4_1040@example.com] 39(35272) INFO: {2 7488 INVITE urcnete8r71dpkhmngd8} <script>: onreply_route[MANAGE_REPLY] method [INVITE] code [200] from [ sip:usrmt63ly_1040@example.com] to [sip:usrrcv4o4_1040@example.com] 39(35272) NOTICE: {2 7488 INVITE urcnete8r71dpkhmngd8} acc [acc.c:287]: acc_log_request(): ACC: transaction answered: timestamp=1680417926;method=INVITE;from_tag=18q0p37nfo;to_tag=a88272a0-25ca-43c2-8ce9-8615831b7e9a;call_id=urcnete8r71dpkhmngd8;code=200;reason=OK;src_user=usrmt63ly_1040;src_domain= example.com ;src_ip=10.218.51.86;dst_ouser=usrrcv4o4_1040;dst_user=usrrcv4o4_1040;dst_domain=10.218.51.86 38(35271) INFO: {1 7488 ACK urcnete8r71dpkhmngd8} <script>: request_route: method [ACK] from [sip:usrmt63ly_1040@example.com] socket [sip:*10.218.51.86:24061 <http://10.218.51.86:24061>*;transport=ws] to [ sip:usrrcv4o4_1040@example.com] 38(35271) INFO: {1 7488 ACK urcnete8r71dpkhmngd8} <script>: [RELAY]: method [ACK] from [sip:usrmt63ly_1040@example.com] socket [sip:*10.218.51.86:24061 <http://10.218.51.86:24061>*;transport=ws] to [ sip:usrrcv4o4_1040@example.com] socket [sip:10.218.51.86:20674 ;transport=tls] *Version: kamailio 5.6.2 (x86_64/linux)* What could be the reason for that? Your help would be much appreciated. Thanks, Joey.

3 4

How to log expiring dialogue?
by Benoît Panizzon 21 Apr '23

21 Apr '23

Hi alle I think I have an issue with the dialogue and session timer module with Kamailio 5.4 I sync the Session Expire Timer with the dialogue timeout via a common AVP. When I check a dialogue via kamcmd dlg.list start_ts: 1682066352 init_ts: 1682066346 end_ts: 0 timeout: 1682066952 lifetime: 600 Timeout is increased on the first session refreshing re-invite, as expected (in this case after 300 seconds). But it looks like the dialogue just disappears (from kamcmd dlg.list, not from the backing database) when the lifetime ist reached, leaving an orphan database entry. I would like to digg deeper into this. Is there a way to log more details from the dialogue module like when it triggers dialogue expiry? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

2 2

Roadmap to next major release series v5.7.x
by Daniel-Constantin Mierla 20 Apr '23

20 Apr '23

Hello, it is time to make the roadmap to the next major release series v5.7.x. In my opinion, I would try to freeze the development during the first part of April 2023, tentatively proposing April 14 as freezing date, being like 4 weeks from now. Then testing phase and first release (v5.7.0) sometime during May 2023. Alternative timelines can be proposed, of course. If anyone wants to add new features/modules, they have to be published till freezing date, either pushed in the git repository or proposed as pull request. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com

3 5

Rtpengine: no audio after kernelization.
by Michel Pelletier 17 Apr '23

17 Apr '23

Hello, I am proxying all RTP through RTPEngine. Everything works fine until about 5 seconds into the call, when rtpengine enters kernelization, after which all RTP forwarding ceases. I've checked the required iptables entries, and all looks good. Here is a description of my environment: # cat os-release PRETTY_NAME="Debian GNU/Linux 11 (bullseye)" NAME="Debian GNU/Linux" VERSION_ID="11" VERSION="11 (bullseye)" VERSION_CODENAME=bullseye ID=debian HOME_URL="https://www.debian.org/" SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/" # kamailio -v version: kamailio 5.6.2 (x86_64/linux) 54a9c1 flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: 54a9c1 compiled on 16:02:49 Dec 1 2022 with gcc 10.2.1 # rtpengine -v Version: 11.1.1.3-1~bpo11+1 Michel Pelletier

4 13

Docker repository removed
by Manel Villar 17 Apr '23

17 Apr '23

Hi, I was using the kamailio/kamailio docker repository in one of my projects, and now the image is not available as the repo has been removed. Is the "kamailio-ci" repo a replacement for it? Thanks! -- Manel Villar Steegerstr. 59 13359 Berlin Germany Tel: (+49) (0)162 6574604 skype: manel.villar manelvf(a)gmail.com *"Ars longa, vita brevis"*

4 5

Development for v5.7.x is frozen
by Daniel-Constantin Mierla 17 Apr '23

17 Apr '23

Hello, the formal notification that the development for the next major version 5.7.0 is now frozen. The focus has to be on testing the master branch. Also, the master branch should not get commits with new features till the branch 5.7 is created, expected to happen in 2-4 weeks, a matter of how testing goes on. Meanwhile, the commits with new features in the C code can be pushed to personal branches, new pull requests can still be done, but they will be merged after branching 5.7. Can still be done commits with documentation improvements, enhancements to related tools (e.g., kamctl, kamcmd), merging exiting pull requests at this moment, exporting missing KEMI functions and completing the functionality of the new modules added for 5.7. Once the branch 5.7 is created, new features can be pushed again to master branch as usual. From that moment, the v5.7.0 should be out very soon, time used for further testing but also preparing the release of packages. If someone is not sure if a commit brings a new feature, just make a pull request and it can be discussed there on github portal or via sr-dev mailing list. A summary of what is new in upcoming 5.7 is going to be built at: * https://www.kamailio.org/wikidocs/features/new-in-5.7.x/ Upgrade guidelines will be collected at: * https://www.kamailio.org/wikidocs/install/upgrade/5.6.x-to-5.7.0/ Everyone is more than welcome to contribute to the above wiki pages, especially to the upgrade guidelines, to help everyone else during the migration process from v5.6.x to 5.7.x. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda

2 2

Assigning a new RTPEngine for a call for the sake of failover
by mehdithreem+kamailio＠gmail.com 15 Apr '23

15 Apr '23

Hello, I am trying to implement RTPEngine failover, where if a selected RTPEngine node fails in the middle of the call (and not responding NG requests), I want to select an alternative node. However, when I call rtpengine_manage(), it does not seem to select an alternative node in case of a failure. To address this, I have attempted to check if $avp(RTP_INSTANCE) is null after calling rtpengine_manage(), and then use rtpengine_delete() to forget the selected RTPEngine node for the specific call, with the expectation that Kamailio would assign a new RTPEngine node for subsequent SIP message retries. However, it appears that rtpengine_delete() does not have the desired effect in this regard. Here is an excerpt of my code for reference: ``` route[RTP] { #!ifdef WITH_RTPENGINE if (has_body("application/sdp")) { if ($avp(x_source) == "INTERNAL") { rtpengine_manage("replace-session-connection replace-origin direction=internal direction=external"); } else if ($avp(x_source) == "EXTERNAL") { rtpengine_manage("replace-session-connection replace-origin direction=external direction=internal"); } if ($avp(RTP_INSTANCE) == $null) { rtpengine_delete(); drop(); } } #!endif } ``` Can you please advise on how I can achieve the desired failover behavior? Is there another function similar to `rtpengine_reset_call` that can make Kamailio forget the RTPEngine node for a specific call? Thank you!

2 1

CLI & destination based LCR
by John Cahill 14 Apr '23

14 Apr '23

Hi, I'd like to build an LCR solution that routes on both CLI & destination e.g. CLI matches ^\+49*, destinations matches ^\+44* => route to gateway 5 for a large rule set (~ tens of thousands). Any recommendations for which modules to use? Can kamailio perform this particular task well or should I look at another solution? I'd be very grateful to hear about any experience of doing this. Many Thanks. Regards, John

5 5

Kamailio + PostgreSQL
by georgy.grigoryev＠snapcom.fr 14 Apr '23

14 Apr '23

Hello everyone, I'm trying to connect Kamailio 5.5.5 to my PostgreSQL 14. They are on two different servers. I have created the Kamailio DB on the Postgre with the help of the command "kamdbctl create" I'm able to connect to the database with no problem. The problem is in the kamailio.cfg file, i have added this so far: #!define WITH_PGSQL #!ifdef WITH_PGSQL #!define DBURL "postgres://USER:PASSWORD@IP:POPT/kamailio" #!endif #!ifdef WITH_PGSQL loadmodule "db_postgres.so" #!endif modparam("db_postgres", "retries", 3) modparam("db_postgres", "timeout", 10) modparam("db_postgres", "tcp_keepalive", 600) modparam("db_postgres", "lockset", 6) modparam("db_postgres", "bytea_output_escape", 0) But my kamailio doenst like this configuration, can someone help me find the problem? Thank you in advance! Best Regards!

3 2

manipulate Authentication header
by David Villasmil 13 Apr '23

13 Apr '23

Hello guys, I can't find a simple way of changing the username and recalculate the has in a REGISTER... do i have to use textops? Regards, David Villasmil email: david.villasmil.work(a)gmail.com phone: +34669448337

2 1

How to correctly use the SST module?
by Benoît Panizzon 11 Apr '23

11 Apr '23

Hi I still have odd behaviour with the SST module: modparam("sst", "min_se", 300) if (sstCheckMin("1")) { xlog("L_ERR", "$cfg(route) Session Timer too small\n"); exit; } setflag(FLT_DLG); # set the dialog flag setflag(FLT_SST); # Set the sst flag if(is_present_hf("Session-Expires")) { $avp(dlgtimeout) = $(hdr(Session-Expires){s.int}); } On an INVITE containing those header: Session-Expires: 3600;refresher=uac Min-SE: 600 Supported: 100rel,timer Expires: 330 Now Kamailio replies: SIP/2.0 422 Session Timer Too Small Min-SE: 300 What am I doing wrong? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 0

dlg_onroute(): unable to find dialog for INVITE with route param
by Benoît Panizzon 10 Apr '23

10 Apr '23

Happy Eastern Kamailio 5.4 used. On dialogues calls, I noticed this happening on the second re-invite to refresh the session from the B side. dlg_onroute(): unable to find dialog for INVITE with route param 'df9.da75' [2557:22445] and call-id '14148a68-f1b2-485d-b5a2-f9dd7773d2c0' The did df9.da75 is identical to the one in the route-header on the first re-invite from the B side, before this one. No CDR was (yet) generated, and the dialogues is still present and on-going according to the database: CallID [14148a68-f1b2-485d-b5a2-f9dd7773d2c0] H-Entry: 2557 H-ID: 22445 But most probably not in memory as kamcmd dlg.stat_active shows zero (this is on a development node, so no other calls running). There are no sip messages that end the call in between those two re-invites. I see no session timeouts or similar in the logs. Any hint what could cause Kamailio not to find the corresponding dialogue on this re-invite? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 2

Fwd: Kamailio + PostgreSQL
by Stefan 07 Apr '23

07 Apr '23

Hi Give it a try without modparams to see if it works, I have the same config but without modparams and it runs without problems. Else have a look into the kamailio logfile for errors. Or check config with "kamailio -c"? Regards Stefan Am 06.04.23 um 15:18 schrieb georgy.grigoryev(a)snapcom.fr: > Hello everyone, > > I'm trying to connect Kamailio 5.5.5 to my PostgreSQL 14. > They are on two different servers. > I have created the Kamailio DB on the Postgre with the help of the > command "kamdbctl create" > I'm able to connect to the database with no problem. > The problem is in the kamailio.cfg file, i have added this so far: > > #!define WITH_PGSQL > > #!ifdef WITH_PGSQL > #!define DBURL "postgres://USER:PASSWORD@IP:POPT/kamailio" > #!endif > > #!ifdef WITH_PGSQL > loadmodule "db_postgres.so" > #!endif > > modparam("db_postgres", "retries", 3) > modparam("db_postgres", "timeout", 10) > modparam("db_postgres", "tcp_keepalive", 600) > modparam("db_postgres", "lockset", 6) > modparam("db_postgres", "bytea_output_escape", 0) > > But my kamailio doenst like this configuration, can someone help me > find the problem? > > Thank you in advance! > > Best Regards! > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to sr-users-leave(a)lists.kamailio.org > Important: keep the mailing list in the recipients, do not reply only > to the sender! > Edit mailing list options or unsubscribe:

2 2

Malformed To Header
by Serdar GUCLUER 06 Apr '23

06 Apr '23

Hello all, In my situation, it is possible to call forwarding to registered users multiple times on same leg. For each forward i have to update To uri and i am using uac_replace_to to do that. But on second relaying, To uri was malformed. On below, Im attaching configuration to illustrate my problem. (version-5.4.9) First relay - /To: //sip:xyz@192.168.0.51/ Second relay - /To: sip:xyz@192.168.0.51sip:abc@192.168.0.51/ Thanks in advance. Serdar /loadmodule "uac.so"// //modparam("uac","restore_mode","auto")// // // //request_route {// // ...// // $avp(x) = "abc";// // $avp(x) = "xyz";// // $avp(myip) = "192.168.0.51";// // $avp(i) = 0;// // route(SERDAR);// // ...// //}// // //route[SERDAR] {// // if ($(avp(x)[$avp(i)])!=$null) {// // $avp(destination) = $(avp(x)[$avp(i)]);// // $avp(i) = $avp(i) + 1;// // $rU=$_s($avp(destination));// //uac_replace_to("$_s(sip:$avp(destination)@$avp(myip))");// // route(LOCATION);// // } else {// // send_reply("403", "Opps!");// // exit;// // }// //}// // //route[LOCATION] {// // $avp(oexten) = $rU;// // if (!lookup("location") ) {// // t_newtran();// // switch ($var(rc)) {// // case -1:// // case -3:// // send_reply("480", "Temporarily Unavailable");// // exit;// // case -2:// // send_reply("405", "Method Not Allowed");// // exit;// // }// // }// // t_on_failure("SERDAR_FAILURE");// // if(!t_relay()) sl_reply_error();// // exit;// //}// // //failure_route[SERDAR_FAILURE] {// // route(NATMANAGE);// // if (t_is_canceled()) //exit;// // route(SERDAR);// //}/

6 11

Presence module and privacy
by Ihor Olkhovskyi 06 Apr '23

06 Apr '23

Hello! Is there any possibility to control more-or-less privacy related parameters of pua_dialoginfo module (like include_localremote) per subscription? Main idea is I want to show some users full info on the call other user is making, for a different user - just show fact of the call without any details. For now I'm only seeing some manual manipulation over XML based on user who is receiving NOTIFY, but maybe I'm trying to invent a weel here. -- Best regards, Ihor (Igor)

2 2

Re: Repository for modules
by Henning Westerholt 06 Apr '23

06 Apr '23

(please keep the list in the communication) Hello, you can find the modules for example in the Debian package service: https://packages.debian.org/bullseye/amd64/kamailio-tls-modules/filelist Crypto is in TLS module package. Cheers, Henning From: Duarte Rocha <duarterocha91(a)gmail.com> Sent: Donnerstag, 6. April 2023 15:42 To: Henning Westerholt <hw(a)gilawa.com> Subject: Re: [SR-Users] Repository for modules Thanks for the quick answer. How can I see info regarding which modules are in the combined packages? One of the modules i'm looking into is the crypto module for example. Otherwise, where can I get a list of modules not included in Debian packages? Cheers, Duarte Henning Westerholt <hw(a)gilawa.com<mailto:hw@gilawa.com>> escreveu no dia quinta, 6/04/2023 à(s) 13:17: Hello, the majority of modules should be packaged for Debian. What modules are missing for you? Keep in mind that some modules are combined in some packages. Some modules can not properly packaged due to missing dependencies, this needs to be installed from source, right. Cheers, Henning From: Duarte Rocha <duarterocha91(a)gmail.com<mailto:duarterocha91@gmail.com>> Sent: Donnerstag, 6. April 2023 13:55 To: Kamailio (SER) - Users Mailing List <sr-users(a)lists.kamailio.org<mailto:sr-users@lists.kamailio.org>> Subject: [SR-Users] Repository for modules Hello, I'm currently testing Kamailio on a Debian 11 machine. In order to install it I used apt with repositories from Kamailio (https://deb.kamailio.org/). Now I'm trying to add modules and I'm wondering the best way to do it. Using apt install i don't have access to all the modules. Is there another repository for this? Is my only solution downloading and compiling the modules? Cheers

1 0

Repository for modules
by Duarte Rocha 06 Apr '23

06 Apr '23

Hello, I'm currently testing Kamailio on a Debian 11 machine. In order to install it I used apt with repositories from Kamailio (https://deb.kamailio.org/). Now I'm trying to add modules and I'm wondering the best way to do it. Using apt install i don't have access to all the modules. Is there another repository for this? Is my only solution downloading and compiling the modules? Cheers

2 2

issue in kamailio of udp
by satyaprakash ch 06 Apr '23

06 Apr '23

Hi, I had upgraded Kamailio from 5.4.7 to 5.5.5, Then I restarted the Kamailio service. After upgradation im getting the below error, /usr/local/sbin/kamailio[21754]: ERROR: <core> [core/udp_server.c:596]: udp_send(): sendto(sock, buf: 0x7f7502289200, len: 61012, 0, dst: ( 10.122.45.189:5080), tolen: 16) - err: No buffer space available (105) /usr/local/sbin/kamailio[21754]: ERROR: tm [../../core/forward.h:231]: msg_send_buffer(): udp_send failed /usr/local/sbin/kamailio[21754]: ERROR: tm [uac.c:678]: send_prepared_request_impl(): Attempt to send to precreated request failed ERROR: tm [../../core/forward.h:231]: msg_send_buffer(): udp_send failed ERROR: tm [uac.c:678]: send_prepared_request_impl(): Attempt to send to precreated request failed Anyone have any idea on this errors.

2 3

SCSCF hangs randomly
by solomon.thoobe＠smilecoms.com 05 Apr '23

05 Apr '23

Hi All, We currently experience issues where scscf hangs randomly throughout the day. It started hanging once in a month, the issue has gotten worse over time and now it can hang more than 5 times in a day. I have no prior kamailio experience or experience debugging c applications. Kamailio version: 4.4.0 Running ps shows scscf processes are running. Service status also shows scscf is running but it does not respond to sip requests. Testing with sipsack hangs and print timeout errors. root@NGVI-PCSCF2:/var/log # service scscf status * Status of Kamailio SIP Server: * scscf is running sipsak -vv -s sip:NGVI-PCSCF2:6060 received ICMP message received ICMP message** timeout after 500 ms** Below is the extract from log files Apr 5 12:04:46 NGVI-PCSCF2 /usr/sbin/kamailio[5102]: {1 1 ACK isbc505ramjjjr3g23cs02r53cms0uxbg2es(a)10.18.5.64} WARNING: tm [t_lookup.c:1476]: t_unref(): WARNING: script writer didn't release transaction Apr 5 12:04:46 NGVI-PCSCF2 /usr/sbin/kamailio[5104]: {1 3 REGISTER _A9LGREyW2miE7LhPJzv7g..} ERROR: ims_registrar_scscf [save.c:1034]: update_contacts(): Unable to remove contact <sip:+2347020246874@154.66.2.182:5060;rinstance=28bf37d2cce6e4a1;transport=udp> Apr 5 12:04:47 NGVI-PCSCF2 /usr/sbin/kamailio[5131]: ERROR: rr [rr_mod.c:300]: w_record_route(): Double attempt to record-route Apr 5 12:04:47 NGVI-PCSCF2 /usr/sbin/kamailio[5144]: ERROR: rr [rr_mod.c:300]: w_record_route(): Double attempt to record-route Apr 5 12:04:47 NGVI-PCSCF2 /usr/sbin/kamailio[5108]: {1 1 ACK r8ug398d118i8iaaunrouggisntkigkn(a)10.18.5.64} WARNING: tm [t_lookup.c:1476]: t_unref(): WARNING: script writer didn't release transaction Apr 5 12:04:48 NGVI-PCSCF2 /usr/sbin/kamailio[5190]: CRITICAL: <core> [pass_fd.c:275]: receive_fd(): EOF on 23 Apr 5 12:04:48 NGVI-PCSCF2 /usr/sbin/kamailio[5062]: ALERT: <core> [main.c:741]: handle_sigs(): child process 5103 exited by a signal 11 Apr 5 12:04:48 NGVI-PCSCF2 /usr/sbin/kamailio[5062]: ALERT: <core> [main.c:744]: handle_sigs(): core was generated Apr 5 12:06:12 NGVI-PCSCF2 kamailio: WARNING: <core> [daemonize.c:348]: daemonize(): pid file contains old pid, replacing pid Apr 5 12:06:13 NGVI-PCSCF2 /usr/sbin/kamailio[15060]: WARNING: interconnectroute [ported_cache.c:113]: initPortedNumberCount(): Requested records[726049]: Total allocated[871258]: Fat 20% :Total MemUsed [26 MB divided between primary[0x7f22b8667d60] and secondary[0x7f22b93b3390]] pr 5 04:38:24 NGVI-PCSCF2 /usr/sbin/kamailio[14018]: message repeated 107 times: [ ERROR: ims_usrloc_scscf [subscribe.c:430]: free_subscriber(): record not found in hash table] Apr 5 12:50:38 NGVI-PCSCF2 /usr/sbin/kamailio[2604]: WARNING: interconnectroute [icncache_eventprocessor.c:76]: icnRefreshProcess(): total size 2147483648 qm_real_used 700707576 qm_used 387064680 1st_frag 0x7fd5f6d6a690 last_frag 0x7fd676d30fd0 Apr 5 13:00:25 NGVI-PCSCF2 /usr/sbin/kamailio[2437]: ERROR: ims_usrloc_scscf [subscribe.c:430]: free_subscriber(): record not found in hash table Apr 5 13:00:26 NGVI-PCSCF2 /usr/sbin/kamailio[2437]: message repeated 125 times: [ ERROR: ims_usrloc_scscf [subscribe.c:430]: free_subscriber(): record not found in hash table] Apr 5 13:01:25 NGVI-PCSCF2 /usr/sbin/kamailio[2437]: CRITICAL: <core> [main.c:650]: sig_alarm_abort(): shutdown timeout triggered, dying... Apr 5 13:02:30 NGVI-PCSCF2 kamailio: WARNING: <core> [daemonize.c:348]: daemonize(): pid file contains old pid, replacing pid Apr 5 13:02:30 NGVI-PCSCF2 /usr/sbin/kamailio[27629]: WARNING: interconnectroute [ported_cache.c:113]: initPortedNumberCount(): Requested records[726049]: Total allocated[871258]: Fat 20% :Total MemUsed [26 MB divided between primary[0x7f3093a3fd60] and secondary[0x7f309478b390]] Thank you in advance. Regards, Solly Thoobe

3 2

urn:emergency:service:sos as RURI
by a.izquierdo＠zaleos.net 05 Apr '23

05 Apr '23

Hello, I'm running a Kamailio instance with some routing logic in it. When a UA sends an INVITE with urn:emergency:service:sos as RURI, Kamailio responds with a 400 Bad Request URI. I have set debug log level and it looks like the problem is in the parse_uri.c when sanity_check("1511", "7") is called: parse_uri(): bad char ':' in state 3 parsed: <urn:emergency:service> (21) / <urn:emergency:service:sos> (25) According to RFC8141 (https://www.rfc-editor.org/rfc/rfc8141), this is a correct URN, but maybe I'm missing something. Is there a way to make Kamailio parse this RURI? Kamailio version used: 5.6.4 Thank you!

3 2

segfault during Identity verification (stirshaken)
by Yuriy Nasida 04 Apr '23

04 Apr '23

Hello, It's kamailio 5.6.4. I can say that there is no segfault in case Identity is OK but bad attempts sometimes are the reason for segfault. Not sure I can duplicate but it happens several times per day. Please look at logs. in messages: Apr 3 09:40:02 kam1 kernel: [6381565.762987] kamailio[9141]: segfault at 746c75616665 ip 00007f20c4cab6df sp 00007ffe7ec51470 error 4 in libcrypto.so.1.1[7f20c4c3b000+19e000] kamailio.log: Apr 3 09:40:02 kam1 kamailio[9141]: NOTICE: <script>: it is INVITE with Identity. Lets check Identity Apr 3 09:40:02 kam1 kamailio[9141]: CRITICAL: <core> [core/mem/q_malloc.c:501]: qm_free(): BUG: bad pointer 0x645f6d6574737973 (out of memory block!) called from tls: tls_init.c: ser_free(323) - ignoring Apr 3 09:40:02 kam1 kamailio[9182]: CRITICAL: <core> [core/pass_fd.c:277]: receive_fd(): EOF on 53 Apr 3 09:40:02 kam1 kamailio[9100]: ALERT: <core> [main.c:774]: handle_sigs(): child process 9141 exited by a signal 11 Apr 3 09:40:02 kam1 kamailio[9100]: ALERT: <core> [main.c:777]: handle_sigs(): core was not generated Apr 3 09:40:02 kam1 kamailio[9100]: CRITICAL: <core> [core/mem/q_malloc.c:501]: qm_free(): BUG: bad pointer 0x645f6d6574737973 (out of memory block!) called from tls: tls_init.c: ser_free(323) - ignoring loadmodule "stirshaken.so" ####### STIRSHAKEN ###### modparam("stirshaken", "vs_verify_x509_cert_path", 1) modparam("stirshaken", "vs_ca_dir", "/etc/kamailio/stir_CA") #modparam("stirshaken", "vs_crl_dir", "/etc/kamailio/CRL") modparam("stirshaken", "as_default_key", "/etc/kamailio/key/private_key.pem") modparam("stirshaken", "vs_cache_certificates", 1) modparam("stirshaken", "vs_cache_dir", "/tmp/cert_cache") modparam("stirshaken", "vs_cache_expire_s", 100) if (is_method("INVITE") && is_present_hf("Identity")) { xlog("L_NOTICE", "it is INVITE with Identity. Lets check Identity\n"); if (1 == stirshaken_check_identity()) { xlog("L_NOTICE", "Shaken Identity is OK\n"); } else { xlog("L_NOTICE", "Shaken Identity is invalid\n"); } } Please give me some advice.

2 2

Handling stateless replies with kemi
by Ovidiu Sas 03 Apr '23

03 Apr '23

Hello all, How can we handle stateless replies with kemi? tm has the following param: modparam("tm", "on_sl_reply", "stateless_replies") What's the proper way to map the "stateless_reply" onreply_route to a kemi function. I'm playing with the app_jsdt module. Thanks, Ovidiu

5 7

How to check, if call is already handled by rtpengine module?
by Benoît Panizzon 02 Apr '23

02 Apr '23

Hi Running Kamailio Registrar Node + rtpengine without dialog module, only TRX module. Situation: Some customer are in ranges to which RTP can directly be routed, some are not. So rtpengine shall be engaged only when backhauling of the rtp stream is required. On a message from a CPE, this is done by checking $si and on a message to the CPE by checking $(ulc(aor=>addr)[$T_branch_idx]{uri.host}); On a BYE, rtpengine_delete() is called no matter if RTP was backhauled or not. If rtpengine does not find the call to delete, no harm happens. But now I struggle with Session Refresh Re-Invites TO the CPE as they are routed very early on and do not pass the whole location lookup stuff, therefore I have no access to the aor=>addr to determine if the destination needs backhauling or not. So the obvious solution which came to my mind is to call rtpengine_query() and see if it is finding the call and if so, call rtpengine_manage() to keep backhauling traffic on the Re-Invites refrreshing the session. Unfortunately, I found no way to check if rtpengine_query finds the call. Did I miss something? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

2 1

Germany unsure about whether Kamailio will survive next winter
by Alex Balashov 01 Apr '23

01 Apr '23

For immediate release: ATLANTA, GA (1 April 2023)--The Federal Ministry for Economic Affairs and Energy of Germany was forced to disclose today that it has been tasked with assessing whether Germany will be able to operate its Kamailio through the next winter. This initiative comes amidst considerable uncertainty, shared in some other EU member states, about whether the enormous fossil fuel energy footprint of Kamailio is sustainable after the Russian invasion of Ukraine in early 2022. Pioneering Atlanta energy market analysts Evariste Systems were tapped to assist with forecasting whether German strategic natural gas reserves and liquefied natural gas (LNG) imports could keep Kamailio's enormous turbines spinning under a variety of stress-test scenarios outlined by regulators, including SIPP and SIPVicious. Alex Balashov, Evariste's principal, said in a news conference earlier this week: "Simply put, the political leadership wanted a dispassionate, technocratic kind of analysis, data-driven and the rest, free of the inflection of ideological bias and tendentious policy angles in charged German domestic politics. Whether it's the centre-right or the Greens, there are strong ideas about what to do with energy-greedy megaprojects like Kamailio." Florida-based energy turnaround vet Fred Posner, parachuted in to assist with the fast-tracked study, agreed: "It's well-understood that the German GDP is almost a perfectly linear function of gross annual SIP packets routed. The Nord Stream 1 shut-off situation in September only exposed Germany to further Kamailio-related energy vulnerabilities." At issue are the basic physics of SIP message routing in Kamailio. Due to a fixed-size worker process pool, Kamailio routing consumes about 1500 BTUs per packet-kilometre travelled. While 1500 BTUs/packet-kilometre is efficient in distance terms as compared to a typical automobile, which consumes roughly 3800 BTUs of fossil fuel energy per passenger-kilometre travelled (at typical load factors), the dizzying number of SIP packets routed through German territory in a typical business day greatly outstrips passenger-kilometres travelled. Balashov noted that sometimes, the activation energy requirement can be higher than 1500 BTUs when INVITEs with large SDPs are launched toward the next hop, though this varies with the altitude of the destination above mean sea level, wind direction, weather and other factors involved in ballistics. "It's a bit of a fool's errand to play these guessing games with averages. The energy budget can vary enormously depending on whether there is DTLS, video codecs, PASSporTs and other stuff. I find it helpful to think in kilowatt-hour terms: sometimes it's less than half a kWh, so like US $0.20 if you're counting the beans, and sometimes it's more like $0.38, we just don't know. The Bundestag always wants these big, round numbers, but if you've ever looked at the TM module, you know that's not how this works." A milder-than-expected winter, a 9% year-over-year increase in US LNG exports (to about 300 million cubic metres per day) in 2022, dependable imports from Norway and the Netherlands, and other favourable factors gave German SIP regulators a reprieve. Despite energy market volatility, premium LNG spot prices, and occasional 408 Request Timed Out scenarios, the country dodged a widely-feared Kamailio energy crisis. However, it is difficult to say whether energy market conditions will be as propitious next year. "Then there's the whole climate change goals thing. Nobody even wants to talk about that, especially for the WebRTC gateway side," says Posner. "There's a persistent fantasy that we can just power Kamailio with solar or wind if we just had enough generating capacity. I think that's really missing the forest for the trees. The worker processes stay running whether you need them or not, it all depends on how many listeners you have set and what the children config value is. Either way, I've got two words for you: base load. Even if we completely ignore that the energy density is just not there per hectare of solar or wind installation, how do you provide the constant power to the child processes?" Past feasibility studies published jointly by Balashov and Posner support this assessment. One such study, initiated in 2018 and concluded during the COVID-19 global pandemic, found that an area equivalent to the size of the entire state of North Rhine-Westphalia would need to be devoted to batteries, even using the latest lithium ferrous phosphate (LFP) technology. "But wait, there's more!" says Posner: "Show me the amperage." "The packet forwarding mechanism is similar to a railgun, at least if you're doing stateful. Where are you going to get the millions of amps? It's either setting up huge banks of capacitors god-knows-where, or the pulsed power system that's undergirded by the original OpenSER turbines. I think we already know the answer to that." Balashov noted that, even beyond the political and economic challenges that Kamailio downtime would introduce, there are other tightropes to walk. As the most economically dynamic, export-oriented EU member state, Germany is prone to flirt with SIP proxy privatisation schemes in its national discourse, all while messaging a stronger Euro to the ECB. "There is a vocal minority," says Balashov, "who push for research into more modular, regionally sited SIP gateways. They're always talking about sclerotic, unresponsive federal regulations and listless, bumbling Brussels bureaucrats and making it all smaller and leaner. Listen, I'm all for the Invisible Hand, but setting the Request URI and adding custom headers requires a truly integrated, national-scale infrastructure. It's the stuff of public-private partnerships and megaprojects. Even if you're a market zealot who is not sold on basic INVITEs as a public good, think about Presence or IMS. You really need the full capacity of a nation-state on deck for that." If devolution to smaller, more numerous SIP routing sites is not feasible--at least, at the unit cost and reliability level demanded by advanced economies--then excessive complexity offers a cautionary tale from the opposite extreme. In a particularly notorious example of technical and policy failure, the Electric Reliability Council of Texas (ERCOT), following the guidance of northern Californian advisors Unicorn & Moonshot, attempted to scale down traditional Kamailio turbine blades into newer, so-called Kubernetes "Pod" chasses to increase exhaust recapture. This made for a much more intricate installation with an exponential growth of moving parts, telemetry and site support skill requirements. This proved unmanageable, and the now-famous explosion that followed the deterioration of the site led to unprecedented casualties in US history. Furthermore, it also resulted in the long-term humidification of large expanses of East Texas, Louisiana, Mississippi and southern Alabama, rendering most of these areas uninhabitable. These events discredited the Unicorn & Moonshot approach in the eyes of most industry analysts. While it will take some months for Evariste to reach a conclusion regarding the resilience of the German Kamailio through the winter and beyond, and it will take still longer to issue policy recommendations, one factor is universally agreed upon already: this prolonged test of Germany's resilience is part of a Russian strategic calculation. A conservative MP from the CDU/CSU faction of the Bundestag, speaking on condition of anonomity, offered this summary: "The Russians think they can wait this out. They are waiting for us to fold and switch to an OpenSIPS reactor, knowing full well this will keep us busy with troubleshooting and diminish our ability to support Ukraine militarily." -- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800

2 1

How to get top-most outbound via branch attribute from branched call?
by Benoît Panizzon 31 Mar '23

31 Mar '23

Hi all For rtpengine to correctly distinguish branched calls, the top-most via branch= parameter should be passed to it. I have attempted to use $via0 but that does not yet exist in Kamailio 5.4 So I did try to read $hdr(Via) which I guess returns an array and then access: but this returns the inbound via, not the one generated on the branched call. How can this be accomplished with kamailio 5.4? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 1

CANCEL timeout in branch route does not trigger any failure routes
by Richard Chan 31 Mar '23

31 Mar '23

Hi Kamailio users How can I get a failure route to trigger in timeout-to-CANCEL in a parallel forking scenario? Parallel forking test scenario 1. one(the main - 0) branch picks up the call 2. 2nd branch sends CANCEL (expecting 487 etc) - but the callee does not send any replies Result: No failure route handlers are called on timeout of this CANCEL - that is kamailio attempts the CANCEL 4 times but neither tm.t_on_failure_route, tm.t_on_branch_failure handlers are called. Any suggestions on how to resolve this? Regards Shih-Ping

3 2

Rancher, AWS, and Elastic IP
by Calvin E. 30 Mar '23

30 Mar '23

I'm looking for documentation//howto/advice/best practices for running Kamailio under Kubernetes on AWS via Rancher. Specifically, how to manage the public/Elastic IP. This is a load balancer (dispatcher) scenario with rtpengine for receiving inbound calls from a DID provider, but a similar configuration might be used for clients. I'm open to using an AWS load balancer, and would like to scale with multiple Kamailio pods behind a single public IP. I'd rather use Rancher-managed EC2 than pay extra for EKS, unless EKS can cancel out its own cost. This sounds like it should be a solved problem, just complex. I see blogs and videos out there, but it's not always obvious if their content is current. Anyone want to help me peel this onion? -Calvin

4 6

MongoDB query from Kamailio help needed
by Edo 28 Mar '23

28 Mar '23

Help is needed. I know I have seen a similar problem either via email or google search but for the life of me I cannot find it now. I am using: Ubuntu: 5.4.0-144-generic #161-Ubuntu SMP Fri Feb 3 14:49:04 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux Kamailio: version: kamailio 5.3.9 (x86_64/linux) -- This is a dev platform and I can update kamailio if needed. I am trying to query a mongodb collection for the phone number stored under “did” as an integer and make a decision based on the returned result (boolean is sufficient for this decision). I don’t know what I am doing wrong here. Any help will be well appreciated ##### This is the insert statement into the telephone db from a linux script db.c$coll.insertOne({"did":parseInt($(cut -d_ -f 1 <<< $1)), "callDesc":$(cut -d_ -f 1 <<< $1)}))" >> $(cut -d_ -f 1 <<< $1).js did is stored as an integer and the callDesc is stored as presented by $rU { "_id" : ObjectId("641580b4863678d0ba38d69a"), "did" : 1XXXXXXXXXX, "callDesc" : 1XXXXXXXXXXXX } > db.c234.find() { "_id" : ObjectId("641580b4863678d0ba38d69a"), "did" : 2XXXXXXXXXXXX, "callDesc" : 2XXXXXXXXXXXX } > db.c234.find() { "_id" : ObjectId("641580b4863678d0ba38d69a"), "did" : 3XXXXXXXXXXXX, "callDesc" : 3XXXXXXXXXXXX } > Kamailio config: ..... ..... # --- mongodb module loaded 202201082322 loadmodule "ndb_mongodb.so" if (uri==myself) { sl_send_reply("100", "Trying to check if uri is myself $rU $ru"); #return; #Adding this to test connection to mongodb…. This worked and the reply was sent to the endpoint if(*mongodb_cmd_simple*("mongodbsrv1", "telephone", "cXXX”, "{ \"collStats\": \"cXXX\” }", "mgr1")) { sl_send_reply("183", "I got inside this message loop $rU found in mongodb"); xlog("response from mongodb is [[$mongodb(mgr1=>value)]]\n"); } # End of the test #This is to run the actual db query to test if the phone number is in the mongodb…. I am not successful at this query even when the number is known to be in the database if(*mongodb_find_one*("mongodbsrv1", "telephone", "cXXX”, "{\"did\" : \"$rU\" }", "mongoResponse1")) { # Route to confirmed route here -- 202302212032 sl_send_reply("183", "I got inside this mongodb message loop"); route(CONFIRMED_ROUTE); xlog("response from mongodb is [[$mongodb(mongoResponse1=>value)]]\n"); } else { route(UNCONFIRMED_ROUTE); } } #append_hf("P-hint: outbound\r\n"); route(RELAY); #exit; } Please help. -- ----- Ekunwe Tel: 601.497.3932

2 2

Three year old issue with a new CVE vulnerability report being reported
by Olle E. Johansson 28 Mar '23

28 Mar '23

Hi Kamailians! A new CVE with a critical severity level was published recently for an almost three year old bug, which was also fixed and released three years ago (CVE-2020-27507). The issue was fixed in Kamailio 5.4.2 and is not present in newer releases. The Kamailio project has unfortunately not been involved in the CVE process or been informed about this old issue being published at this time. We take vulnerability handling seriously and our process is documented at: https://www.kamailio.org/wikidocs/security/policy/ The latest stable branch is 5.6, with v5.6.4 released out of it. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-27507 Best regards and thanks for flying Kamailio! The Kamailio dev team through /Olle

4 3

json RPC syntax
by Volker Denneberg 28 Mar '23

28 Mar '23

Hello, I am trying to get json RPCs running. simpleequests seem to work, but I can't figure out how to pass parameters. For example curl --header 'Content-Type: application/json' --data-binary '{"id": 1,"jsonrpc": "2.0", "method": "ul.db_users" }' http://localhost:8081/RPC/ { "jsonrpc": "2.0", "error": { "code": 500, "message": "Not enough parameters (table to lookup)" }, "id": 1 } According to http://www.kamailio.org/docs/docbooks/3.2.x/rpc_api/rpc_api.html#rpc.gettin… parameters dont have names and according to http://www.kamailio.org/docs/modules/devel/modules/usrloc.html#usrloc.r.db_… 1 parameter is required. I guessed adding "params":"location" => no error anymore, but still no result: curl --header 'Content-Type: application/json' --data-binary '{"id": 1,"jsonrpc": "2.0", "method": "ul.db_users", "params":"location"}' http://localhost:8081/RPC/ { "jsonrpc": "2.0", "result": { }, "id": 1 } Same result (no error) if I pass "params":"nonsense", so "params" seems to be kind of ignored ... What's the correct json syntax here or in general? Best regards, Volker

5 6

KEMI: app_jsdt_run_ex(): js loading state not initialized (call: ksr_htable_event)
by Ovidiu Sas 27 Mar '23

27 Mar '23

Hello all, While using KEMI with app_jsdt I noticed the following possible regression between 5.5 and 5.6. The following config is working ok on 5.5 but throws an error on 5.6: ERROR: app_jsdt [app_jsdt_api.c:555]: app_jsdt_run_ex(): js loading state not initialized (call: ksr_htable_event) kamailio.cfg: debug=2 children=1 log_facility=LOG_LOCAL0 log_name="k" mpath="/home/osas/src/kamailio/src/modules" loadmodule "htable/htable.so" modparam("htable", "event_callback", "ksr_htable_event") modparam("htable", "event_callback_mode", 1) loadmodule "kemix/kemix.so" loadmodule "app_jsdt/app_jsdt.so" modparam("app_jsdt", "load", "/usr/local/etc/kamailio/kamailio.js") cfgengine "jsdt" kamailio.js: function ksr_htable_event(evname) { KSR.info("ksr_htable_event(" + evname + ")\n"); } function ksr_request_route() { KSR.x.exit(); } If we load the htable module after app_jsdt, then the error is gone. Is there something new during init in 5.6 that requires specific module loading order? -ovidiu

2 2

Handling branch-level append_hf()
by Alex Balashov 27 Mar '23

27 Mar '23

Hi, I’ve got a situation where I catch a 302 redirect in a failure_route (branch #1), and use the Contact to set a custom header (append_hf()). This custom header is utilised on the subsequent branch (branch #2), but if that branch fails (e.g. due to 4xx-5xx response), the custom header is not preserved on subsequent branches (branch #3+). What’s the best way to preserve it across subsequent branches? The documentation for msg_apply_changes() says it cannot be used once the transaction is already created, and in any case, I have other branch-level changes in branch #2 that I _would_ like to revert on subsequent branch attempts (i.e. branch #3). I can certainly devise a transaction-persistent vehicle for this value which can be checked on every branch, but I wondered if there’s an easier and more best-practical way. Thanks! — Alex -- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800

2 1

No voice for webrtc call
by Arun K R 25 Mar '23

25 Mar '23

Hello, I am using kamailio to register the webrtc client and routes the calls to asterisk using pjsip. I am having no voice on both ends. Logs are attached witht this email. Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Received command 'offer' from 10.13.1.127:59841 Mar 24 13:06:58 debian rtpengine[7345]: NOTICE: [8asmubtpv46ac7nrfk57]: [core] Creating new call Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Replying to 'offer' from 10.13.1.127:59841 (elapsed time 0.016067 sec) Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Received command 'answer' from 10.13.1.127:52045 Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Replying to 'answer' from 10.13.1.127:52045 (elapsed time 0.000997 sec) Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [ice] ICE negotiated: peer for component 1 is 10.13.1.170:15634 Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [ice] ICE negotiated: local interface 10.13.1.127 Mar 24 13:06:58 debian rtpengine[7345]: ERR: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] SRTP output wanted, but no crypto suite was negotiated Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Received command 'answer' from 10.13.1.127:52045 Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Replying to 'answer' from 10.13.1.127:52045 (elapsed time 0.000786 sec) Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [crypto] DTLS: Peer certificate accepted Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [crypto] DTLS-SRTP successfully negotiated using AES_CM_128_HMAC_SHA1_80 Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [crypto] DTLS-SRTP successfully negotiated using AES_CM_128_HMAC_SHA1_80 Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [ice] ICE negotiated: peer for component 1 is 10.13.1.170:15634 Mar 24 13:06:58 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [ice] ICE negotiated: local interface 10.13.1.127 Mar 24 13:07:02 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] Confirmed peer address as 10.13.1.170:15634 Mar 24 13:07:02 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] Kernelizing media stream: 10.13.1.170:15634 -> 10.13.1.127:10940 | 10.13.1.127:10960 -> 192.168.30.200:53489 Mar 24 13:07:02 debian rtpengine[7345]: WARNING: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] No support for kernel packet forwarding available (encryption cipher or HMAC not supported by kernel module) Mar 24 13:07:02 debian rtpengine[7345]: NOTICE: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] Setting 'non-forwarding' flag for kernel stream due to lack of sinks Mar 24 13:07:03 debian rtpengine[7345]: ERR: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [rtcp] SRTCP output wanted, but no crypto suite was negotiated Mar 24 13:07:03 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] Removing media stream from kernel: local 10.13.1.127:10940 Mar 24 13:07:03 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] Kernelizing media stream: 10.13.1.170:15634 -> 10.13.1.127:10940 | 10.13.1.127:10960 -> 192.168.30.200:53489 Mar 24 13:07:03 debian rtpengine[7345]: WARNING: [8asmubtpv46ac7nrfk57/223df8fa-8106-48af-844f-33f97530a0d8/1 port 10940]: [core] No support for kernel packet forwarding available (encryption cipher or HMAC not supported by kernel module) Mar 24 13:07:04 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Received command 'delete' from 10.13.1.127:52045 Mar 24 13:07:04 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] Scheduling deletion of call branch '9693uq66f0' (via-branch '') in 30 seconds Mar 24 13:07:04 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] Scheduling deletion of call branch '223df8fa-8106-48af-844f-33f97530a0d8' (via-branch '') in 30 seconds Mar 24 13:07:04 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] Scheduling deletion of entire call in 30 seconds Mar 24 13:07:04 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [control] Replying to 'delete' from 10.13.1.127:52045 (elapsed time 0.001463 sec) Mar 24 13:07:17 debian /usr/local/sbin/kamailio[13362]: INFO: <script>: 10.13.1.170 authentication bypassed for sip:developer@10.13.1.127 Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] Final packet stats: Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --- Tag '9693uq66f0', created 0:36 ago for branch '' Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --- subscribed to '223df8fa-8106-48af-844f-33f97530a0d8' Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --- subscription for '223df8fa-8106-48af-844f-33f97530a0d8' Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] ------ Media #1 (audio over UDP/TLS/RTP/SAVPF) using unknown codec Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --------- Port 10.13.1.127:10960 <> 192.168.30.200:53489, SSRC 0, in 0 p, 0 b, 292 e, 36 ts, out 0 p, 0 b, 0 e Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --- Tag '223df8fa-8106-48af-844f-33f97530a0d8', created 0:36 ago for branch '' Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --- subscribed to '9693uq66f0' Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --- subscription for '9693uq66f0' Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] ------ Media #1 (audio over UDP/TLS/RTP/SAVPF) using opus/48000/2 Mar 24 13:07:34 debian rtpengine[7345]: INFO: [8asmubtpv46ac7nrfk57]: [core] --------- Port 10.13.1.127:10940 <> 10.13.1.170:15634, SSRC 1ada0b2b, in 292 p, 40137 b, 1 e, 30 ts, out 2 p, 1449 b, 0 e

2 3

different sip response on database (mysql) timeout
by Leon de Rooij 24 Mar '23

24 Mar '23

Hi, I need to use a database that may sometimes timeout and I'd like to give a conditional sip response based on whether there was a timeout or not. I'm using sqlops with mysql modules. Does anyone know if that's possible ? Thanks, Leon

3 3

Route: comma separated HOP list
by Benoît Panizzon 24 Mar '23

24 Mar '23

Hi List Cisco-SPA112 does reply to an invite containing Record-Route header with one Route: Header containing a comma separated list of those hops. It looks like kamailio fails to parse them and correctly route for example an ACK to a 200 OK. Is this a known issue? Is there a solution? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

2 2

WebRTC "client did not present a certificate" error
by David Cunningham 23 Mar '23

23 Mar '23

Hello, We have a Kamailio 5.2.7 server with WebRTC enabled. However, a WebRTC client at https://tryit.jssip.net/ is unable to connect on either Chrome or Firefox. In the Kamailio log we see the lines below. In tls.cfg we have "verify_certificate = no" and "require_certificate = no" for both [server:default] and [client:default]. Would anyone be able to help us with this? Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:1159]: tls_lookup_private_key(): Private key lookup for SSL_CTX-0x14baf1cbb090: (nil) Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:741]: sr_ssl_ctx_info_callback(): SSL renegotiation initiated by client Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:737]: sr_ssl_ctx_info_callback(): SSL handshake started Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:741]: sr_ssl_ctx_info_callback(): SSL renegotiation initiated by client Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_domain.c:749]: sr_ssl_ctx_info_callback(): SSL handshake done Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:424]: tls_accept(): TLS accept successful Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:431]: tls_accept(): tls_accept: new connection from xx.xx.xx.xx:39816 using TLSv1.3 TLS_AES_256_GCM_SHA384 256 Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:434]: tls_accept(): tls_accept: local socket: yy.yy.yy.yy:8443 Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:445]: tls_accept(): tls_accept: client did not present a certificate Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: tls [tls_server.c:1189]: tls_read_f(): Reading on a renegotiation of connection (n:532) (0) Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/tcp_read.c:1527]: tcp_read_req(): EOF Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/io_wait.h:602]: io_watch_del(): DBG: io_watch_del (0x562ffde66d00, 17, -1, 0x10) fd_no=4 called Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x14baf4cc1ec8, state -1, fd=17, id=665 ([xx.xx.xx.xx]:39816 -> [xx.xx.xx.xx]:8443) Mar 22 01:25:28 br /sbin/kamailio[25259]: DEBUG: <core> [core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x14baf289ea30 Mar 22 01:25:28 br /sbin/kamailio[25291]: DEBUG: <core> [core/tcp_main.c:3320]: handle_tcp_child(): reader response= 14baf4cc1ec8, -1 from 1 Mar 22 01:25:28 br /sbin/kamailio[25291]: DEBUG: tls [tls_server.c:683]: tls_h_close(): Closing SSL connection 0x14baf289ea30 Thanks very much, -- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782

4 7

How to require session timer and set a max session timer value?
by Benoit Panizzon 23 Mar '23

23 Mar '23

Hi All I would like to avoid having run away calls as good as possible. For this, I would like to require timers and set the maximum expires timer to say 1800 I had a look at the sst module, but I see no way to require timers or to set a max timers value. Do my intentions make sense? How did others accomplish this task? Thanks for any hints! Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 0

With TOPOH module enabled, transferred call hangup from callee side does not hang up the call
by Arsenijs Kabihno 22 Mar '23

22 Mar '23

Hello, we have faced an issue which appears when TOPOH module is enabled, call is made from WebRTC client, then transferred by callee. We have WebRTC client behind load balancer. We make call to softphone from WebRTC, call from softphone is transferred to external number using Asterisk. When call is hanged up on external number side, it doesn't hangs up on WebRTC client side. If TOPOH is not enabled, this issue doesn't occur. We have the following TOPOH-related sections of kamailio.cfg: <...> #!ifdef WITH_TOPOH loadmodule "topoh.so" #!endif <...> <...> #!ifdef WITH_TOPOH modparam("topoh", "mask_key", "xxxxxxxxxxxxxxxx") modparam("topoh", "mask_ip", "10.0.0.1") modparam("topoh", "mask_callid", 0) modparam("topoh", "sanity_checks", 1) modparam("topoh", "uparam_prefix", "") modparam("topoh", "vparam_prefix", "") modparam("topoh", "callid_prefix", "1337") #!endif <...> <...> #!ifdef WITH_DIALOG modparam("dialog", "db_url", DBURL) modparam("dialog", "db_mode", 1) modparam("dialog", "db_fetch_rows", 800) modparam("dialog", "track_cseq_updates", 1) modparam("dialog", "ka_interval", 30) modparam("dialog", "ka_timer", 30) modparam("dialog", "send_bye", 0) modparam("dialog", "dlg_filter_mode", 1) #!ifdef WITH_TOPOH modparam("dialog", "lreq_callee_headers", "TH: dlh\r\n") #!endif #!endif <...> <...> #!ifdef WITH_DISPATCHER event_route[dispatcher:dst-up] { sql_query("ds_dburl", "select description from dispatcher where destination='$ru'", "ds_dbresult"); xlog("L_WARN", "Destination up: $ru, found name: $dbr(ds_dbresult=>[0,0])\n"); prom_gauge_set("trunk_reachability", "1", "$ru", "$dbr(ds_dbresult=>[0,0])"); } event_route[dispatcher:dst-down] { sql_query("ds_dburl", "select description from dispatcher where destination='$ru'", "ds_dbresult"); xlog("L_WARN", "Destination down: $ru, found name: $dbr(ds_dbresult=>[0,0])\n"); prom_gauge_set("trunk_reachability", "0", "$ru", "$dbr(ds_dbresult=>[0,0])"); } #!endif #!ifdef WITH_TOPOH event_route[topoh:msg-sending] { if(is_reply() and $rs=="302") { drop; } } #!endif (can provide the full config, if needed) We are receiving the following errors: On transfer: https://pastebin.com/H3FQ4Kpj On hangup from external number side: https://pastebin.com/wgfRzGbd On hangup from WebRTC client side: https://pastebin.com/sE0yhBae There are also differences in SIP traffic when TOPOH is disabled and when it is enabled. With TOPOH enabled, apparently, ACK from Asterisk is not reaching kamailio: asterisk INVITE -> kamailio -> WebRTC WebRTC 200 -> kamailio -> asterisk asterisk ACK -> kamailio -> -> -> (SIP flows attached - topoh_on.csv, topoh_off.csv) kamailio -v version: kamailio 5.6.1 (x86_64/linux) flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled on 09:11:15 Nov 15 2022 with gcc 9.3.0 We have dockerized kamailio running on Ubuntu 16.04.3 LTS Docker version 18.03.1-ce, build 9ee9f40 Please advise where to start looking.

1 0

OT: path support fix for asterisk
by Henning Westerholt 21 Mar '23

21 Mar '23

Hello, It's off-topic, but it was several times discussed here on the list. It seems that the upcoming 18.17 and 20.2 asterisk version seems to properly support path headers. From the announcement: * [ASTERISK-30100<https://issues.asterisk.org/jira/browse/ASTERISK-30100>] - res_pjsip: Path is ignored on INVITE to endpoint (Reported by Yury Kirsanov) This bug has been many years open. have not tried it yet, but it looks promising. Cheers, Henning -- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://gilawa.com<https://gilawa.com/>

7 8

Follow-up: Printing Global Parameter Values & Logging JSONRPC Requests over UDP
by sadik.oualla.mohamed＠gmail.com 18 Mar '23

18 Mar '23

Hello everyone, I am following up on my previous email regarding printing Global Parameter values and logging JSONRPC requests over UDP in Kamailio. I understand that everyone might be busy, but I would greatly appreciate any guidance or suggestions you can provide on these topics. To recap my questions: 1)Is there a way to print the Global Parameter values, such as debug, children, flags, etc., within the Kamailio configuration file, to ensure they have been changed? 2°How can I log in Kamailio that it has received a JSONRPC request over UDP? I have been successful in logging this information when using HTTP and JSONRPC but am unsure how to do it with UDP. Any input or advice would be truly valuable. Thank you in advance for your time and assistance. Best.

1 0

Issues/Vulnerabilities in OpenSipS that may affect Kamailio
by Dovid Bender 17 Mar '23

17 Mar '23

Hi All, OpenSipS just released an update to the audit that was done to OpenSips [1]. From my basic coding skills it seems like the changes that were done by the OpenSipS project were not implemented in Kamailio which means that Kamailio is potentially vulnerable? For example you can compare the changes made by OpenSips project here [2] and the Kamailio code here [3] I am not active much on the list so please don't roast me if I am completely wrong here. Regards, Dovid [1] http://lists.opensips.org/pipermail/users/2023-March/046849.html [2] https://github.com/OpenSIPS/opensips/commit/dd9141b6f67d7df4072f3430f628d4b… [3] https://github.com/kamailio/kamailio/blob/master/src/core/parser/digest/par…

4 4

RPC error: 500 - Failed to use table
by Volker Denneberg 17 Mar '23

17 Mar '23

Hi, what can be the reason why usrloc module sometimes can read from database, sometimes not? Normal operation looks ok, the location table is kept up to date. The problem seems to be related with RPC (kamcmd or jsonrpc). For example, kamcmd ul.dump # ok kamcmd ul.lookup location 6351*1 # ok kamcmd ul.db_users location # error: 500 - Failed to use table Error 500 correlates with syslog entry: ERROR: <core> [db.c:481]: db_use_table(): invalid connection parameter Who connects where? In my understanding usrloc via core to mysql. I suppose RPC calls do not fail if usrloc can operate on kamailio memory, does that make sense? If so, what usrloc parameter can I tweak to fix error 500 ? I don't find any usrloc parameter regarding db connection. (Opening another mysql session as user kamailio is no problem, so we re not running out of connections.) Thanks in advance! Volker [cid:fb71bb9b-ad4f-4110-824b-d6805406bf6a] Volker Denneberg Development Telefon: +49 241 980 986 41 Web: www.m3connect.de<https://mx.scientific.de/owa/redir.aspx?C=RW1TSCipXQC6K0Yw1m69CGqyTwJHXjiiN…> E-Mail: v.denneberg(a)m3connect.de<https://mx.scientific.de/owa/redir.aspx?C=BjBXIUrD2WCryLRZ2IrAAwEu0b0W0ciUY…> m3connect GmbH | Pascalstr.18 | 52076 Aachen | DE/Germany | Amtsgericht Aachen | HRB 8773 | USt.- ID: DE219 664 658 | Geschäftsführer/CEO: Emilio Dragas

2 1

Sync NONCE between registrars?
by Benoit Panizzon 16 Mar '23

16 Mar '23

Hi We have two registrars. Today I observed a CPE doing this: CPE REGISTER (no auth) => Registrar 1 => 407 Challenge NONCE A CPE REGISTER (auth to NONCE A => Registrar 2 => 407 Challenge NONCE B CPE REGISTER (auth to NONCE B => Registrar 1 => 407 Challenge NONCE A and so on. Time on both registrars is in sync (I tought NONCE was based on time) Is there a way to sync the NONCE so that both would accept authentication based on the same NONCE? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

2 1

How to Print Global Parameter Values and Log JSONRPC Requests Received over UDP in Kamailio
by sadik.oualla.mohamed＠gmail.com 16 Mar '23

16 Mar '23

Dear everyone, I am wondering if there is a way to print the Global Parameter values such as debug, children, flags, etc. just to make sure that they have been changed. I am aware that I can use the `kamcmd cfg.get core debug` command to check the value of the debug parameter for example, but I am wondering if there is a way to do this in the configuration file of Kamailio. Additionally, I would like to know if there is a way to print in the log of Kamailio that it received a JSONRPC request over UDP. I have been able to print some logs when using HTTP and JSONRPC to know that the server has received a JSONRPC request, but I am unsure how to do this when using UDP. I would greatly appreciate it if someone could provide some guidance. Thank you in advance for your time and assistance. Best regards.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users