Heya
I try to use mutli tree mtree to define multiple 'named' prefixes.
id(int,auto) tname(string) tprefix(string) tvalue(string)
0:tech:+1:1
0:tech:+9:1
0:cust:+1:1
0:cust:+9:0
Kamailio is not complaining while loading this file, but mtree.summary
shows no entries.
Any hint on what I may be do wrong?
--
Mit freundlichen Grüssen
-Benoît Panizzon- @ HomeOffice und normal erreichbar
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
Hi All,
Really sorry to bother everyone, but if possible, can I ask for a little
help? I've been attempting to get Kamailio configured and working for some
considerable time now (read: Years of occasional tinkering, and weeks of
recent dedicated evening work) -- all without success.
I have a sip trunk from sipgate, with two PSTN numbers assigned. My local
network has a static external IP, with an internal private network.
Currently I have Kamailio running within the intenal network along with
two physical sip telephones (gigaset and an old grandstream), although I do
have the option to put kamailio within a DMZ if necessary.
Would anyone have a working config file that they could share please,
permitting incoming and outgoing calls?
With grateful thanks,
Phil
Hello, we use DMQ module and we need to handle some events:
1) when peer joins cluster
2) when peer leaves cluster
It will be helpful to know which content will be in KDMQ message in
different cases.
Tried to find any specification of KDMQ protocol, but didn't find it. Can
you, please, help me with this?
hello is there a way to change reply code reason other than using () function.
because the first parameterc of change_reply_status needs to be a constant so i can not use pseudo var for first argument of that function.
so i use change_reply_status_code to change to code with a pseudo. but i would also to change the code reason.
Hi,
I tried to remove a Via header line with:
remove_hf("Via");
Original I have this 2 lines:
Via: SIP/2.0/TCP
xxx.xxx.xxx.xxx;branch=z9hG4bK370b.21720bb33c4f8264fde4e7994d288a57.0;i
Via: SIP/2.0/TCP
yyy.yyy.yyy.yyy:53967;received=yyy.yyy.yyy.yyy;rport=53967;branch=z9hG4bKPjxb0bdb2c9624076815f12937cc9e51d;alias
If I insert remove_hf("Via"); in the cfg, I get:
Via: SIP/2.0/TCP
xxx.xxx.xxx.xxx;branch=z9hG4bK370b.21720bb33c4f8264fde4e7994d288a57.0;i
;received=yyy.yyy.yyy.yyy;rport=53967;branch=z9hG4bKPjxb0bdb2c9624076815f12937cc9e51d;alias
Doesn't mattter if the command make sense or not, the result, in my
opinion, is wrong.
The INVITE packet has now an invalid header line.
Any ideas?
version: kamailio 5.6.1 (x86_64/linux)
Best regards,
Bernd
Hi,
Problem Description:
Customer security scan returned unconfined services on Kamailio.
Unconfined processes run in unconfined domains Rationale:
For unconfined processes, SELinux policy rules are applied, but policy
rules exist that allow processes running
in unconfined domains almost all access. Processes running in unconfined
domains fall back to using DAC
rules exclusively. If an unconfined process is compromised, SELinux does
not prevent an attacker from
gaining access to system resources and data, but of course, DAC rules are
still used. SELinux is a security
enhancement on top of DAC rules - it does not replace them
Solution
Investigate any unconfined processes found during the audit action. They
may need to have an existing security
context assigned to them or a policy built for them.
Notes:
Occasionally certain daemons such as backup or centralized management
software may require running
unconfined. Any such software should be carefully analyzed and documented
before such an exception is made.
See Also
https://workbench.cisecurity.org/files/2485
For Kamailio
======
The command returned :
00 kamailio
00 kamailio
00 kamailio
00 kamailio
00 kamailio
10 kamailio
10 kamailio
10 kamailio
10 kamailio
00 kamailio
00 kamailio
00 kamailio
00 kamailio
33 kamailio
33 kamailio
33 kamailio
32 kamailio
17 kamailio
16 kamailio
33 kamailio
00 kamailio
00 kamailio
03 kamailio
05 kamailio
18 kamailio
17 kamailio
18 kamailio
18 kamailio
07 kamailio
00 sleep
is any security context available to assign kamailio processes ?
theses services can be run as confined services ?
Please suggest us with resolution, thanks in advance.
Thanks & Regards,
Hima Bindu.
For the 3rd year, we are planning an online version of Kamailio World
Conference!
At the beginning of 2022, the situation was not clear in terms of
whether pandemic would decrease enough in intensity and we would be
allowed to organize an on-site event late spring/beginner of summer,
when the usual Kamailio Conference took place in Berlin, therefore we
chose the safety path. But we hope that next year we will return
in-person to the beautiful Berlin city center!
The event this year, to happen in 4 weeks from now (Sep 7-8, 2022),
follows the structure from previous edition, being two afternoons with
presentations about Kamailio, sharing technical solutions and open
discussions, allowing the community to interact and reconnect.
The website of the event:
- https://kamailioworld.com/k10-online/
There is no registration required, the event will happen on live video
conferencing, also streamed to youtube. A text chatting channel will be
made available as well.
If you want to present, just send me the title and a short description
-- we encourage community members to step forward and share their
knowledge. It has to be related to Kamailio and fit within a 30min slot
(including the questions). The agenda will be released in the near future.
The event will be used also to celebrate 21 years of Kamailio project
development, first commit being done on Sep 3, 2001.
Two other major celebrations for 2022 to make the party bigger:
- 20 years of open source for the project -- after one year of
internal development, GPL was added on Sep 19, 2002 and source code was
released to public
- the 10th edition of Kamailio World Conference
Book the dates in your agenda! I am looking forward to a very
interesting event and (re-)connecting with many of you!
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
Hello
I want to set the correct source port in an outgoing message over TCP. Is it possible? I can't find a pseudo-variable for this.
Currently we have no port number in the contact header, and the other party is sending their BYE to port 5060 instead of to the source port from which the outgoing TCP connection was made.
Regards
Maarten
Hi Experts,
We have been using Kamailio in an Active/Standby Pair(with Keepalived under
the rugs moving the single Virtual IP to access the Active Kamailio) for
sometime now. *Kamailio also acts as a Registrar for our webrtc endpoints. *
It has been serving the purpose pretty well and now we have a requirement
where we need to be syncing the Registration DB between Two Pairs of
Kamailios.
Kamailio-Active(*Pair 1*) -------- Kamailio-Standby(*Pair 1*)
||
Kamailio-Active(*Pair 2*) -------- Kamailio-Standby(*Pair 2*)
We generally keep the counterpart in the same Pair as a notifier(
*modparam("dmq",
"notification_address", "sip:PEER1_IP:5060")* ) so as to sync the dialogs
and the userloc data too( *modparam("dmq_usrloc", "enable", 1) * ).
In order to achieve the said requirement with the other Pair, we added
another "*notification_address*" in the kamailio cfg. At this point, we ran
into weird issues.
*1. *With Kamailio ver *5.3.2, *the subsequent *notification_address *line
in the cfg file, seemed to be overriding the previous one. Hence we see
only the latter peer in the dmq list nodes.
Example:
modparam("dmq", "notification_address", "sip:*172.27.45.77*
:5090")
modparam("dmq", "notification_address", "sip:*172.27.45.200*
:5090")
In this case, the "*kamcmd dmq.list_nodes*" would show the local
Machine and 172.27.45.200 as the only nodes in the output, ie *172.27.45.77
is not showing up at all,* which is problematic, since the local
machine(172.27.45.243 in our case) would not been able to send any dmq sync
info to its peer(172.27.45.77) in the same Pair.
To see if the above issue might have been addressed in later release, we
upgraded to the latest Kamailio ver *5.6.0*
*To our respite, the above issue no longer exists in the new version*(though
not sure which immediate release after v 5.3.2 it would have been initially
fixed.)
This is where we have a new issue explained below:
*2. *The registration data does get synced to the peer Kamailio in the same
Pair, and also to the Kamailio instances in the other Pair. However, the
*Socket* Parameter in "*kamctl ul show*" output shows *[not set] *even on
the side where the websocket connection actually exists.
[root@localhost ~]# *kamctl ul show *
{
"jsonrpc": "2.0",
"result": {
"Domains": [{
"Domain": {
"Domain": "location",
"Size": 1024,
"AoRs": [{
"Info": {
"AoR": "9008077221",
"HashID": 1952082106,
"Contacts": [{
"Contact": {
"Address": "sip:Harneet_qifir@172.24.58.210",
"Expires": 159,
"Q": -1,
"Call-ID": "vfli2uv8du3ppda73q5ppe",
"CSeq": 106,
"User-Agent": "EngageDigital",
"Received": "sip:172.27.44.252:60070;transport=ws",
"Path": "[not set]",
"State": "CS_NEW",
"Flags": 0,
"CFlags": 0,
* "Socket": "[not set]", <<<<<<<<<<<<<<<<<<<<<<*
"Methods": 7071,
"Ruid": "uloc-62f26e3b-2677-1",
"Instance":
"<urn:uuid:4fbd3e96-b4de-497b-886d-1ca8ffa016a4>",
"Reg-Id": 1,
"Server-Id": 0,
"Tcpconn-Id": -1,
"Keepalive": 0,
"Last-Keepalive": 1660063892,
"KA-Roundtrip": 0,
"Last-Modified": 1660063892
}
}]
}
}
],
In order to confirm that the socket actually exists on this Kamailio
instance, I am pasting the below outputs from the same machine, where ws
dump and even the native netstat confirms that.
[root@localhost ~]# *netstat -tunelap | grep 60070*
tcp 0 0 172.27.45.199:8080 172.27.44.252:*60070*
*ESTABLISHED* 994 17322355 16230/kamailio
[root@localhost ~]# *kamcmd ws.dump*
{
connections: {
1: ws:172.27.44.252:*60070* -> ws:172.27.45.199:8080 (state: *OPEN*, last
used 24s ago, sub-protocol: sip)
}
info: {
wscounter: 1
truncated: no
}
}
We do need to distinguish the actual Kamailio instance where the websocket
connection actually exists, so as to route the call ahead from the same
instance, or if it does not exist(and it's merely a sync'ed registration
data received over DMQ Channel), then the Kamailio should route the call
ahead to the Kamailio instance in the other Pair, which can then route it
ahead to the Registered webrtc endpoint. We were hoping to use the Socket
Parameter output, but for the said problem, unable to use the same as an
indicator.
*So what would be the best way to identify which Kamailio has the websocket
connection with the Actual endpoint*? Should we rely on the output of
netstat or ws.dump to infer that? I mean this needs to be done in
kamailio.cfg for each call, so want to know the best way, or if there is
completely different approach that can be suggested?
Apologies for the long email, but any pointers will be much helpful.
Thanks & Regards,
Harneet Singh
--
"Once you eliminate the impossible, whatever remains, no matter how
improbable, must be the truth" - Sir Arthur Conan Doyle
Hello guys,
Is it possible to have dispatcher recompute the distribution list? i.e.
one server goes down, all traffic for that server goes to the next one,
doubling traffic on that one. Is there a way of, when a host becomes
unreachable, recompute the whole list?
Regards,
David Villasmil
email: david.villasmil.work(a)gmail.com
phone: +34669448337
Hello Team,
I am in need to modify the contact header in Kamailio before sending an
INVITE request to the SIP trunk provider. Basically the IP address I need
to modify in the contact header. Please suggest a better way to do this.
Below is an example.
*OLD (Existing):*
Contact: <sip:009169240xxx@*45.118.162.x:5080*;alias=10.52.26.102~5080~1>
*NEW (Needed):*
Contact: <sip:00912269240xxx@*10.52.26.98:5060 <http://10.52.26.98:5060>*>
I tried various functions from the textops module but no hope.
I am looking for a function that can replace the contact header's value.
Please help me with this.
--
Thanks & Regards,
*Ankit Jayswal* | Specialist - Software Development
Hello.
I have a question about support of ECDHE cipher suites in kamailio-5.6.0 in
centos7 with installed OpenSSL 1.0.2k-fips. We received kamailio with its
modules from https://rpm.kamailio.org/.
Our client can use only cipher suites:
TLS_AES_256_GCM_SHA384 (0x1302)
TLS_CHACHA20_POLY1305_SHA256 (0x1303)
TLS_AES_128_GCM_SHA256 (0x1301)
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
And some of them are supported by our openssl:
$ openssl cipher -V
...
0xC0,0x14 - ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256)
Mac=SHA1
0xC0,0x0A - ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256)
Mac=SHA1
...
0xC0,0x13 - ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128)
Mac=SHA1
0xC0,0x09 - ECDHE-ECDSA-AES128-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(128)
Mac=SHA1
...
But when trying to connect with, for example, cipher suite
ECDHE-RSA-AES256-SHA (the same with other 3 cipher suites), we receive,
that it is not allowed:
$ openssl s_client -connect ${kamailio-serper-ip}:${kamailio-server-port}
-cipher ECDHE-RSA-AES256-SHA
...
SSL handshake has read 7 bytes and written 121 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
...
To exclude the influence of other factors, I installed nginx on the same
machine with usage of the same tls certificate and it can use cipher suites
ECDHE-RSA-AES256-SHA and ECDHE-RSA-AES128-SHA.
$ openssl s_client -connect ${nginx-serper-ip}:${nginx-server-port} -cipher
ECDHE-RSA-AES256-SHA
...
SSL handshake has read 3271 bytes and written 406 bytes
Verification: OK
---
New, TLSv1.0, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA
...
So, the reason of failed handshake is, probably, kamailio.
Tried to add cipher_list modparam:
modparam("tls", "cipher_list", "ECDHE-RSA-AES256-SHA")
but result is the same:
$ openssl s_client -connect ${kamailio-serper-ip}:${kamailio-server-port}
-cipher ECDHE-RSA-AES256-SHA
...
SSL handshake has read 7 bytes and written 121 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
...
Can you, please, help me to add support of cipher suites
ECDHE-RSA-AES256-SHA and ECDHE-RSA-AES128-SHA to kamailio?
I suspect this must have been addressed before but I couldn't find a way of
searching Archives.
I'm using Alpine Linux.
Used "apk add kamailio" to install Kamailio 5.5.4-r1
Following the Instructions on
https://kamailio.org/docs/tutorials/5.5.x/kamailio-install-guide-git/
At the section for "Creating MySQL database" I modify the file and then run
kamdbctl create
ERROR: could not load the script in /usr/lib/kamailio//kamctl/kamdbctl.mysql
for database engine MYSQL
ERROR: database engine not loaded - tried 'MYSQL'
I checked the /usr/lib/kamailio//kamctl/ directory and the file wasn't
there
I suspect I'm missing a module but there aren't any other packages listed
for Kamailio at pkgs.alpinelinux.org
Thanks for your help
P Crossley
Hi
I'm thinking on having a cps preference for each pstn gw that I can check.
I've started thinking in the pike module but it won't allow me to set custom
cps per peer. seems that the threshold is global.
Ratelimit module needs the queues to be set as modparam, not dynamic AFAICS.
Any hints?
cheers,
Jon
--
PekePBX, the multitenant PBX solution
https://pekepbx.com
I have three Kamailios in three different servers which are dispatching
calls to 9 asterisks in three different servers using load balancing. All
these Kamailios are using databases installed on that servers. As the
entries of the dispatcher table are the same for all the Kamailio, so I
want that these Kamailio use a single database installed on one of the
servers. All these Kamailios instances should use the same database which
is common between them. And also I want these Kamailios to write into the
database by creating a table that stores all the active calls in three
Kamailios. Is it possible? How can I do it? Please guide me with
somewhat explanation as I am not this much expert in Kamailio.
Waiting for a quick response.
Regards
VoIP Engineer Vicky
Hello,
I have kamailio in local network behind NAT. Kamailio have one interface
eth1 with ip 10.130.0.23
UserAgent - (internet) - (178.0.0.169)router_with_NAT - (LAN) -
kamailio+rtpproxy - pbx
I made two listeners:
listen=udp:10.130.0.23:5070 #to pbx in lan (I don`t want to put via header
with 178.0.0.169)
listen=udp:10.130.0.23:5060 advertise 178.0.0.169:5060 #to internet
(UserAgent need to get via header with 178.0.0.169 )
mhomed = 1 # I think It not useful for my case
UserAgent send Register and Invite to 178.0.0.169:5060, Kamailio get it on
udp:10.130.0.23:5060
Kamailio Relay it to udp:10.130.0.23:5070
My pbx get requests from udp:10.130.0.23:5070 with via header 10.130.0.23
Responses to UserAgent go from udp:10.130.0.23:5060 with via 178.0.0.169
In RELAY block:
if ($Ru == «udp:10.130.0.23:5070») {
#set_send_socket(«udp:10.130.0.23:5060»);
$fs = «udp:10.130.0.23:5060»;
#force_send_socket(«udp:10.130.0.23:5060»);
} else {
#set_send_socket(«udp:10.130.0.23:5070»);
$fs = «udp:10.130.0.23:5070»;
}
#$fs = «udp:10.130.0.23:5070»;
if (!t_relay()) {
sl_reply_error();
}
route[REGISTRAR] {
if ($rd == "mydomain.ru" || $rd == "mydomain2.ru") {
set_send_socket("udp:10.130.0.23:5070");
}
}
It works for requests from UserAgent to PBX. But INVITE from my pbx to
UserAgent goes only through udp:10.130.0.23:5070 , Kamailio realy it to
internet from udp:10.130.0.23:5070
I get error in syslog: (pv [pv_branch.c:62]: pv_get_branchx_helper():
error accessing branch [0])
I tried set_send_socket(«udp:10.130.0.23:5070»); and $fs =
«udp:10.130.0.23:5070»;
Why I can`t relay outgoing requests to internet through another socket?
--
Best regards,
Alex
Hey Kamailio Users,
So the scenario is we get the registers. Load them, slightly oddly as
we also fill in the received section, not something I usually do.
Then when they send an invite, the To and From headers are real phone
numbers and for some reason the contact header isn't their username.
So to compensate for that I'm trying to match their connection ($sut)
using registered, but after a couple of hours I haven't been able to
get it to match up. Not sure what I'm missing.
ul.dump gets me
Received: sip:sipclientpublicip:2353;transport=udp
so we know that part is loading $sut correctly into the user location data.
modparam("usrloc", "matching_mode", 2)
modparam("registrar", "xavp_rcd", "ulrcd")
modparam("registrar", "received_avp", "$avp(i:42)")
$xavp(regcfg=>match_received) = $sut;
if (registered("location","$sut", 2, 1)) {
After that block of code $sut is sip:
sipclientpublicip:2353;transport=udp which is what's in usrloc for
received, but it's not match.
There's probably a much smarter way of doing this that I've completely
missed, if so then that'd be excellent. But if I'm on the right path
somewhat then it would be great to get this working.
Hello!
I have several Kamailio sharing a common uacreg table and use the RPC
interface to enable and disable outgoing registration on nodes depending on
the cluster status:
*kamcmd uac.reg_active 0kamcmd uac.reg_active 1*
https://kamailio.org/docs/modules/stable/modules/uac.html#uac.r.uac.reg_act…
How can I get the current status of uac outbound registration (to get 0 or
1)?
--
BR,
Denys Pozniak
Hi,
You are currently using TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384 256
Teams stopped TLSv1/ TLSv1.1 and only allowing TLS1.2+
So change your TLS settings to enforce it only
method = TLSv1.2+
after restarting kamailio your teams connections should be good.
HI
I’m trying to get CDR function. I would like to have one CDR for whole call at the syslog.
I use:
……
loadmodule "db_text.so"
loadmodule "dialog.so"
loadmodule "acc.so"
……..
# -----Dialog module -----
modparam("dialog", "db_mode", 0)
# -----ACCounting module -----
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 1)
modparam("acc", "log_facility", "LOG_LOCAL1")
modparam("acc", "detect_direction", 0)
modparam("acc", "log_level", ACC_LOG_LEVEL)
modparam("acc", "log_flag", FLAG_ACC_LOG)
modparam("acc", "log_missed_flag", FLAG_ACC_LOG_MISSED)
modparam("acc", "failed_transaction_flag", FLAG_ACC_LOG_FAILED)
modparam("acc", "log_extra", "ip_src=$si;ip_dst=$avp(ip_dst);sip_from=$fU;sip_to=$tU;ruri_user=$rU;spx_rs=$avp(spx_http_rs)") ## TODO
modparam("acc", "cdr_enable", 1)
modparam("acc", "cdr_enable_log", 1)
modparam("acc", "cdr_facility", "LOG_LOCAL1")
request_route {
if (is_method("INVITE")) {
setflag(FLAG_ACC_LOG);
setflag(FLAG_ACC_LOG_MISSED);
setflag(FLAG_ACC_LOG_FAILED);
}
At the kamailio.log I see only transaction for INVITE, but I wait for some CDR for all dialog. Whats wrong in my config?
--
--
Олег Подгуйко
Hello, We are seeking Engineers with some experience in open source VoIP
solutions like Kamilio, Asterisk, etc. The opportunity is remote in Latin
america. We are a Chilean company dedicated to giving different solutions
for customer service on cloud.
is you are interested please send us an email to alejandro(a)elipse.ai
Thank you!!
Hello,
pbx -> kamailio -> provider
kamailio registers (uacreg) on provider.
When I call through my provider I need to change headers To From and PAI. I
tried with uac_replace_from and uac_replace_to.
$tU for example 0987656789
if($fU=~"1234567") {
uac_replace_from("sip:provider_login@provider.com");
uac_replace_to("sip:$tU@provider.com");
}
My provider answers on Invite with 183 progress, so pbx answers with PRACK.
Kamailio change To and from like this:
To: <sip:0987656789@provider.comsip:0987656789@provider.com>;tag=.....
To: <sip:0987656789@provider.comsip:0987656789@provider.com>
From: <sip:provider_login@provider.comsip:provider_login@provider.com
>;tag=.....
From: <sip:provider_login@provider.comsip:provider_login@provider.com>
Is it a bug?
I tried to disable this modification for PRACK u REQINIT ($csb != "2
PRACK") It haven't worked for me.
I solved this issue with this code.
remove_hf("From");
if ($ft == $null) {
insert_hf("From: <sip:provider_login@provider.com>\r\n", "To");
} else {
insert_hf("From: <sip:provider_login@provider.com>;tag=$ft\r\n",
"To");
}
version: kamailio 5.7.0-dev0 (x86_64/linux)
Ubuntu 18
--
Regards,
Alex
the counting and values provided by $hfl and $hflc are wrong and incomplete from my understanding. looking at the source code these pseudo vars count the body values of Via, Record-Route and Route headers.
in kamalio 5.6.1
with
Record-Route: <sip:1.1.1.1;lr=on;nat=yes>
Record-Route: <sip:2.2.2.2:5060;lr;transport=udp>,<sip:3.3.3.3:22506;lr;transport=udp>
i get $hflc(Record-Route) == 2 instead of 3
and $(hfl(Record-Route)[0]) == 1.1.1.1
$(hfl(Record-Route)[1]) == 2.2.2.2
$(hfl(Record-Route)[3]) does not exists.
Hi, I'm using kamailio with Teams like SBC and asterisk.
Works perfectly less one thing. When I make a call asterisk to Teams, in my Teams app I see 3 popup notifications, and 3 calls in my history. If I call Teams to Asterisk, perfect..
When I make an asterisk to Teams call, I get the trace from Asterisk and I can see three 180, I don't know if this is the problem, but are there any way to fix it? Limit to 1 notification?
Thanks
Hello All,
i would to iterate through all ips in Record-Route through @hf_value.Record_Route.
if i put static index like @hf_value.Record_Route[0] it works.
but $var(i) = 0; @hf_value.Record_Route[$var(i)] does not work.
is there a way to get the count of all headers values through @hf_value.Record_Route
For example i would like to iterate through all Record-Route Values if i receive it like this
Record-Route: <sip:1.1.1.1;lr=on;nat=yes>
Record-Route: <sip:2.2.2.2:5060;lr>,<sip:3.3.3.3:22506;lr>
hello,
My name is Fernando Piana from Colombia.
I am writing to you because I am testing Kamailio together with the Siremis
graphical environment.
I was visiting the siremis.org website and also the siremis wiki, but I
couldn't find the administration manual.
>From this medium I want to ask you if you can send me a copy of the Siremis
administration manual.
I await a response.
Thank you very much.
--
Fernando Piana
Ing. Comunicaciones y Bases de Datos
Cel: +57 311 641 7558
Hi,
I was wondering if it is safe from a cache consistency pow to enable usrloc
db_insert_update in a dmq replicated environment, where all registrars
share the same db.
I'm already using the filter option to avoid loading/deletion by server id,
but there's no similar option for writing.
I know that it is possible to use db mode 4 on all registrars (which get
synced by dmq) except one, which will be responsible for writing, but this
creates a little unbalanced setup in addition to performing writes only
from one proxy.
Any hint? Maybe is time to check how to filter writes, too :) ?
Thanks,
Matteo
Hi List
We cache stuff like call forwarding information in a htable cache to
minimizie SQL lookups and have it available via DMQ on all instances.
But of course, if the call forwarding information for a destination
changes in the database, we would like to flush either the whole cache,
or even better, that single entry.
What is the best way to do this?
Mit freundlichen Grüssen
-Benoît Panizzon-
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
Hi,
I discovered recently that, on Kamailio 5.5.4 at least, the dialog ’timeout_avp’ no longer appears to have effect.
Here are my (seemingly relevant) dialog parameters:
modparam("dialog", "enable_stats", 0)
modparam("dialog", "hash_size", 4096)
modparam("dialog", "rr_param", "dlgcor") # DLG "correlator"
modparam("dialog", "dlg_flag", 2)
modparam("dialog", "default_timeout", 28800) # 8 hours
modparam("dialog", "dlg_match_mode", 1)
modparam("dialog", "table_name", "dialog")
modparam("dialog", "send_bye", 1)
modparam("dialog", "wait_ack", 0)
modparam(“dialog”, “timeout_avp”, “$avp(dlg_timeout)”)
The flow is roughly like this:
request_route {
...
t_check_trans();
if(is_method(“INVITE”)) {
...
dlg_manage();
$avp(dlg_timeout) = 10;
...
if(!t_relay())
sl_reply_error();
return;
}
I was able to resolve the problem by switching to dlg_set_timeout() instead, but I wonder if there has been a regression. Last version I have on which this positively works is 4.4.7, though, so not sure when it might have broken.
One nuance: $avp(dlg_timeout) is not initialised prior to calling dlg_manage(), and the value is only set if certain conditions are true. Not sure if some stricter check appeared in later releases which could cause this to be a problem.
Thank you!
— Alex
--
Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Hello,
I'm trying to setup the following scenario with sip ping:
UAC -> Kamailio Edge -> Kamailio Registrar
Edge proxy is a multihomed proxy with public/private ips and the registrar
is a kamailio on a private network. The edge acts as a nat proxy and
loadbalancer.
Edge proxy inserts a Path header (and contact alias) which get correctly
saved on registrar usrloc. Registration works as expected.
Now, since I need to keep nat open towards the uacs and expire them when
they're not reachable anymore, I'm trying to send sip pings from the
registrar via the edge proxy. I'm using nathelper sipping in the registrar.
What I see is that the registrar sends out a sip options putting in the
Route header the Path as expected, but the sip packet gets sent directly to
the UAC contact and not via the edge, as the Route header specifies.
After looking into the nathelper code, it seems that the sip packet is sent
via udp directly without any specific routing. So the question: it should
work what I'm trying to achieve? Maybe not?
Probably I can work around it setting the ;received in the contact on
registrar (it will set to the edge proxy) and since the contact is aliased
on the edge when the edge receives an option from the registrar it can
process the alias and send it to the correct endpoint, but seems a
workaround?
Or using the keepalive module maybe, even if that means setting specific
timers and manually do what the nathelper module already does?
Any hint?
Thanks,
Matteo
Hi sr-users,
Does pure RFC5626 outbound work without an edge proxy->internal proxy
design? By "pure" I mean no nathelper to rewrite addresses.
I tried setting up the following:
Configuration: use standard kamailio configuration without WITH_NAT
(Ignore RTP-rtpengine/rtpproxy for the moment as I am just testing the
control plane)
1. UA1 UA2 each behind NAT, with bogus Contact: headers
2. kamailio loaded with rr/tm (no outbound/path because I am using single
proxy/registrar — without edge proxies)
3. no nathelper: no Contact rewriting, set_contact_alias etc
4. Both UA1 and UA2 establish persistent TLS to kamailio
5. INVITE/200 OK/ACK does work.
6. Contact headers show the NAT bogus addresses (as expected). UA1/UA2 are
configured to be "dumb"(i.e. don't self-rewrite Contact:/SDP based on
rport/received).
Problem:
7. In-dialog requests don't work as kamailio tries to route to the bogus
addresses per the Contact header. I.e. kamailio doesn't seem to resolve the
UAs(bogus Contact addresses) to the persistent TLS connections.
Now in the Route header I don't see any flow-token so probably kamailio is
doing "normal" routing instead of RFC5626 routing (i.e. because it has no
flow-token to match with an existing flow).
This leads me to ask: for pure RFC5626 to work (no nathelper stuff at all)
is it a must that there is a "edge-proxy--[1]-->internal-proxy" layout?
...and...the flow-tokens in [1] are what make it possible to skip bogus
Contact: header and route to an existing flow?
Regards
Shih-Ping Chan
```
def ksr_route_relay(self, msg):
if KSR.is_method_in("IBSU"):
if KSR.tm.t_is_set("branch_route") < 0:
KSR.tm.t_on_branch("ksr_branch_manage")
if KSR.is_method_in("ISU"):
if KSR.tm.t_is_set("onreply_route") < 0:
KSR.tm.t_on_reply("ksr_onreply_manage")
if KSR.is_INVITE():
KSR.info("try and relay the traffic\n")
if KSR.tm.t_is_set("ksr_failure_route") < 0:
KSR.tm.t_on_failure("ksr_failure_manage")
t_relay_result = KSR.tm.t_relay(["10.0.0.6", "5060"])
KSR.info(f't_relay: {t_relay_result}\n')
KSR.info(f'MSG: {msg}')
if KSR.tm.t_is_set("ksr_failure_route_one"):
KSR.tm.t_on_reply("ksr_on_reply_route_one")
```
ERROR: app_python3 [python_exec.c:91]: apy_exec(): ksr_request_route not
found or is not callable
Again this only happens after t_replay is called. Any help understanding
why this happens would be appreciated.
--
- Nigel
Hi List
Service Numbers, like to activate CFW probably often start with * and
end with a #
# is a special character that needs to be urlencoded in an SIP URI. So
best would be to use a generic kamailio urldecode transormation. I guess
{s.urldecode.param} is what I was looking for.
So when I get a call to the 'enable CFW' service I get
$rU => "*21+419999999%23"
So I want to extract the destination number and remove the urlencoded # sign.
So I do $var(cfw-dest) =
$var(cfw-dest) = $rU;
$var(cfw-dest) = $(var(cfw-dest){s.substr,3,0}); # "+419999999%23"
$var(cfw-dest) = $(var(cfw-dest){s.urldecode.param});
But now I end up with 419999999# the + sigh disappeared.
Is this expected behavior? How would this be done the correct way?
Mit freundlichen Grüssen
-Benoît Panizzon-
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
Please Read the Scenario in full and then guide me.
In my scenario, I have three Kamailio (KamA, KamB, KamC) running in
production. They do load balancing for the asterisks which are about 9.
Kamailios randomly receive calls from the SIP trunk. I have set the limit
of 750 calls on each kamailios. I want to provide only 1000 Calls to my
client but they are enjoying calls more than this since each kamailio can
receive 750 calls (I have set this limit for redundancy purpose). And I
cannot set the limit like 750 on KamA and the rest on KamB and KamC for
redundancy purposes. If one kamailio goes down then they send calls on the
other kamailios so that no call drops. So, I want to know if there is a
module or a way that my redundancy is not affected and I limit total calls
on the three kamailios to not exceed 1000. Waiting for a prompt response.
Let me know if you need any further information.
Regards,
Vicky
(Off-topic)
Hello,
In about two weeks I will be a few days in Vienna (12h - 14th July).
If you want to meet for a drink to chat about Kamailio and other topics, just contact me off-list.
Thanks, and regards,
Henning
Hello,
I hope somebody could help me.
This is my scheme.
User-agent is behind NAT1. Kamailio and pbx are behind NAT2
[Client ip-phone 192.168.89.213 without stun] - LAN1 - NAT1(46.0.0.30) -
(internet) - (51.0.0.60)NAT2 - Local2 - (10.130.0.23:5060)kamailio(
10.130.0.23:5070) - pbx
*Questions*:
*1*. The VIA header (with 10.130.0.23 and 51.0.0.60) wasn't included in SIP
packets. Why? For example 200OK reply. It came from pbx through kamailio.
Which setting could break it?
Session Initiation Protocol (200)
Status-Line: SIP/2.0 200 OK
Message Header
Via: SIP/2.0/UDP 192.168.89.213:5060
;rport=9570;received=46.0.0.30;branch=z9hG4bK2480172053
Record-Route: <sip:c172.19.19.111.8348.call.cgatepro;lr>
Record-Route: <sip:172.19.19.111:5060;lr>
Record-Route: <sip:10.130.0.23:5070
;r2=on;lr;ftag=4268683942;nat=yes>,<sip:51.0.0.60;r2=on;lr;ftag=4268683942;nat=yes>
From: "Aleksey" <sip:a.yakimkin@mail.domain.ru:5060>;tag=4268683942
To: <sip:2961@mail.domain.ru:5060
>;tag=A03E2397-404246-FA7543E4_jizmelr-582D
Call-ID: 6_1903330087(a)192.168.89.213
[Generated Call-ID: 6_1903330087(a)192.168.89.213]
CSeq: 2 INVITE
Contact: <sip:signode-404246-FA7543E4_jizmelr-582D@172.19.19.111
;alias=51.0.0.60~5060~1>
Supported: 100rel,timer,replaces,histinfo,precondition
Allow: INVITE,BYE,CANCEL,ACK,OPTIONS,INFO,MESSAGE,PRACK,UPDATE,REFER
Session-Expires: 1800;refresher=uas
Content-Type: application/sdp
Content-Length: 1170
Message Body
*2*. About Registrar, Path and $du.
Phone set Register with headers:
Via: SIP/2.0/UDP 192.168.89.213:5060;branch=z9hG4bK2691182696
From: "Aleksey" <sip:a.yakimkin@mail.domain.ru:5060>;tag=3926879477
To: "Aleksey" <sip:a.yakimkin@mail.domain.ru:5060>
Contact: <sip:a.yakimkin@192.168.89.213:5060>
Kamailio respond
Via: SIP/2.0/UDP 192.168.89.213:5060
;rport=9570;received=46.0.0.30;branch=z9hG4bK617463686
Path: <sip:10.130.0.23:5070
;lr;received=46.0.0.30~9570~1;r2=on>,<sip:51.0.0.60;lr;received=46.0.0.30~9570~1;r2=on>
From: "Aleksey" <sip:a.yakimkin@mail.domain.ru:5060>;tag=3926879477
To: "Aleksey" <sip:a.yakimkin@mail.domain.ru:5060>;tag=194ED16D
Contact: <sip:a.yakimkin@192.168.89.213:5060>;expires=360
Contact: <sip:2447@192.168.89.221:5060>;expires=247
Contact: <sip:2447@192.168.9.16:5060>;expires=2116
I try to make a call from pbx to ip phone.
pbx inserts in Invite header Route: <sip:10.130.0.23:5070
;lr;received=46.0.0.30~9570~1;r2=on>
But kamailio relayed Invite direct to 192.168.89.213. (There is network
connectivity between ip-phone and kamailio through vpn). The code below
helps me to solve my issue. I saw mail-list with similar trouble. But no
setting could get kamailio to relay Invite to "Route-received" ip.
$var(the_route) = $hdr(Route);
$var(route0) = $(var(the_route){s.select,0,,});
$var(new_host) = $(var(route0){param.value,received}{s.select,0,~});
$var(new_port) = $(var(route0){param.value,received}{s.select,1,~});
if (!strempty($var(new_host)) && !strempty($var(new_port)) ) {
$du = "sip:" + $var(new_host) + ":" + $var(new_port);
}
*Kamailio settings:*
I have such listeners
listen=udp:10.130.0.23:5070 # to local network
listen=udp:10.130.0.23:5060 advertise 51.0.0.60:5060 # to internet
#MODULE SETTING
#---
# ----- jsonrpcs params -----
modparam("jsonrpcs", "pretty_format", 1)
/* set the path to RPC fifo control file */
# modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamailio_rpc.fifo")
/* set the path to RPC unix socket control file */
# modparam("jsonrpcs", "dgram_socket",
"/var/run/kamailio/kamailio_rpc.sock")
modparam("path", "use_received", 1)
modparam("path", "enable_r2", 1)
modparam("path", "received_format", 1)
# ----- ctl params -----
/* set the path to RPC unix socket control file */
# modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")
# ----- tm params -----
# auto-discard branches from previous serial forking leg
modparam("tm", "failure_reply_mode", 3)
# default retransmission timeout: 30sec
modparam("tm", "fr_timer", 30000)
# default invite retransmission timeout after 1xx: 120sec
modparam("tm", "fr_inv_timer", 120000)
modparam("tm", "auto_inv_100_reason", "Trying")
# ----- rr params -----
# set next param to 1 to add value to ;lr param (helps with some UAs)
modparam("rr", "enable_full_lr", 0)
# do not append from tag to the RR (no need for this script)
modparam("rr", "append_fromtag", 1)
modparam("rr", "enable_double_rr", 2)
modparam("rr", "force_send_socket", 1)
# ----- registrar params -----
modparam("registrar", "method_filtering", 1)
/* uncomment the next line to disable parallel forking via location */
# modparam("registrar", "append_branches", 0)
/* uncomment the next line not to allow more than 10 contacts per AOR */
# modparam("registrar", "max_contacts", 10)
/* max value for expires of registrations */
modparam("registrar", "max_expires", 3600)
/* set it to 1 to enable GRUU */
modparam("registrar", "gruu_enabled", 0)
modparam("registrar", "use_path", 1)
modparam("registrar", "path_use_received", 1)
modparam("registrar", "path_mode", 0)
#---
For register I use this code
route[REGISTRAR] {
...
add_path_received();
set_send_socket("udp:10.130.0.23:5070");
route(DISPATCH);
...
}
route[RELAY] {
...
if ($Ru eq "sip:10.130.0.23:5070") {
$fs = "udp:10.130.0.23:5060";
} else {
$fs = "udp:10.130.0.23:5070";
}
...
}
route[NATMANAGE] {
#!ifdef WITH_NAT
if (is_request()) {
if(has_totag()) {
if(check_route_param("nat=yes")) {
setbflag(FLB_NATB);
}
}
}
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return;
#send INVITE to IP:PROT from Route:...;received=
$var(the_route) = $hdr(Route);
$var(route0) = $(var(the_route){s.select,0,,});
$var(new_host) = $(var(route0){param.value,received}{s.select,0,~});
$var(new_port) = $(var(route0){param.value,received}{s.select,1,~});
if (!strempty($var(new_host)) && !strempty($var(new_port)) ) {
$du = "sip:" + $var(new_host) + ":" + $var(new_port);
}
if (client_nat_test("3")) {
if(nat_uac_test("18")) {
if ($Ru == "sip:10.130.0.23:5070") {
rtpproxy_manage("co", "51.0.0.60"); #
fix_nated_sdp
} else {
rtpproxy_manage("co");
}
if (is_method("REGISTER")) {
#if ($Ru == "sip:10.130.0.23:5070") {
# fix_nated_contact();
#} else {
# set_contact_alias();
#}
set_contact_alias();
} else {
if(is_first_hop()) {
set_contact_alias();
} else {
add_contact_alias("51.0.0.60",
"5060", "udp");
#fix_nated_contact();
}
}
} else {
if ($Ru == "sip:10.130.0.23:5070") {
rtpproxy_manage("cor", "51.0.0.60"); #
fix_nated_sdp
} else {
rtpproxy_manage("cor");
}
}
} else {
rtpproxy_manage("co");
}
if (is_request()) {
if (!has_totag()) {
if(t_is_branch_route()) {
add_rr_param(";nat=yes");
#fix_contact();
}
}
}
if (is_reply()) {
if(isbflagset(FLB_NATB)) {
if(is_first_hop())
set_contact_alias();
#} else {
#fix_contact();
#}
}
}
#!endif
return;
}
Thank you.
--
Best regards,
Alex
Hello,
We are looking to implement a system with one Kamailio server and multiple
rtpengine servers. I see that the rtpengine module allows the server
configuration to be stored in a database table with multiple entries, which
is perfect.
My question is - how does Kamailio distribute load between multiple
rtpengine servers in the same set?
If one of the rtpengine servers goes offline then will Kamailio note this
and not send calls to that server until it comes back online? If not then
presumably calls could be delayed by whatever the timeout for accessing a
server is?
Thank you very much,
--
David Cunningham, Voisonics Limited
http://voisonics.com/
USA: +1 213 221 1092
New Zealand: +64 (0)28 2558 3782
Hello,
Kamailio SIP Server v5.6.1 stable release is out.
This is a maintenance release of the latest stable branch, 5.6, that
includes fixes since the release of v5.6.0. There is no change to
database schema or configuration language structure that you have to do
on previous installations of v5.6.x. Deployments running previous v5.6.x
versions are strongly recommended to be upgraded to v5.6.1.
For more details about version 5.6.1 (including links and guidelines to
download the tarball or from GIT repository), visit:
* https://www.kamailio.org/w/2022/07/kamailio-v5-6-1-released/
RPM, Debian/Ubuntu packages will be available soon as well.
Adding a short note that the dates of next Kamailio World Conference -
Online have been set for September 7-8, 2022. Event website and more
details will be published soon!
Many thanks to all contributing and using Kamailio!
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
im using dns failover with tm module.
i set parameter reparse_on_dns_failover to 0 so that branch_route is called .
but when trying next peer of dns failover initial transaction branch_route is not called.
do i missing something ?
for the first peer branch_route is called and the peer timeout
so kamailio tries next peer but branch_route is not called !.
do i need again to set branch_route in failure_route ?
Thanks for help.
Hey All,
I'm just trying to change the From user before I do a 301 Redirect within a
Failure Route. Here's the code snippet:
$fu = "+15555555555";
append_to_reply("Contact: sip:+1$var(redirect_did)@$si:$sp\r\n");
t_reply("302", "Redirect");
The From user is not changed and msg_apply_changes() isn't allowed. What
am I doing wrong?
Thanks
Hi,
I am trying STIR/SHAKEN using libstirshaken in Kamailio 5.5.
I used a self signed certificate as this is just a test in the local docker
environment. However, when I try to add identity with private key
(stirshaken_add_identity_with_key), I get "[error_code: 447] Buffer for key
from file /tmp/cert/private.pem too short (2000 <= 3247)"
I have tried using 2048 and 4096 size
root@5907e44bd056:/tmp/cert# openssl rsa -in private.pem -text -noout |
grep "Private-Key"
RSA Private-Key: (4096 bit, 2 primes)
Could you tell me what is wrong with the certificate?
Kamailio version:
root@5907e44bd056:/usr/local/kamailio/etc/kamailio# kamailio -v
version: kamailio 5.5.4 (x86_64/linux) 469465
Error:
0(404) ERROR: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken
[stirshaken_mod.c:761]: ki_stirshaken_add_identity_with_key(): Failed to
load private key
0(404) DEBUG: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken
[stirshaken_mod.c:117]: stirshaken_print_error_details(): failure details:
0(404) DEBUG: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken
[stirshaken_mod.c:118]: stirshaken_print_error_details(): failure reason
is: src/stir_shaken_ssl.c:2112: [error_code: 447] Buffer for key from file
/tmp/cert/private.pem too short (2000 <= 3247)
0(404) DEBUG: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken
[stirshaken_mod.c:119]: stirshaken_print_error_details(): failure error
code is: 447
0(404) ERROR: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} <script>:
Failed
Regards
*Maharaja Azhagiah*