Hi,
# *** To run in debug mode:# - define WITH_DEBUG## *** To enable mysql:# - define WITH_MYSQL## *** To enable authentication execute:# - enable mysql# - define WITH_AUTH# - add users using 'kamctl'## *** To enable IP authentication execute:# - enable mysql# - enable authentication# - define WITH_IPAUTH# - add IP addresses with group id '1' to 'address' table## *** To enable persistent user location execute:# - enable mysql# - define WITH_USRLOCDB## *** To enable presence server execute:# - enable mysql# - define WITH_PRESENCE## *** To enable nat traversal execute:# - define WITH_NAT# - install RTPProxy: http://www.rtpproxy.org# - start RTPProxy:# rtpproxy -l _your_public_ip_ -s udp:localhost:7722## *** To enable PSTN gateway routing execute:# - define WITH_PSTN# - set the value of pstn.gw_ip# - check route[PSTN] for regexp routing condition## *** To enable database aliases lookup execute:# - enable mysql# - define WITH_ALIASDB## *** To enable speed dial lookup execute:# - enable mysql# - define WITH_SPEEDDIAL## *** To enable multi-domain support execute:# - enable mysql# - define WITH_MULTIDOMAIN## *** To enable TLS support execute:# - adjust CFGDIR/tls.cfg as needed# - define WITH_TLS## *** To enable XMLRPC support execute:# - define WITH_XMLRPC# - adjust route[XMLRPC] for access policy#
Hi Veneet,Yeah its seems so that is why it is registering the users without any authorization, but I am new to Kamailio so will you please tell me how can I set that WITH_AUTH environment variable?Regards,Faisal Rehman
From: Vineet Menon <mvineetmenon@gmail.com>
To: Faisal Rehman <faisal.rehman22@yahoo.com>; SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) - Users Mailing List <sr-users@lists.sip-router.org>
Sent: Monday, March 19, 2012 9:46 AM
Subject: Re: [SR-Users] Users being registered without any Authentication
Hi,have you set the WITH_AUTH environment variable? A quick glance over your config fie says the negative.... Just have a look...
Regards,
Vineet Menon
On 17 March 2012 03:03, Faisal Rehman <faisal.rehman22@yahoo.com> wrote:...Hi Sir,
Sending the email again.Regards,
Faisal Rehman
----- Forwarded Message -----
From: Faisal Rehman <faisal.rehman22@yahoo.com>
To: SIP Router - Kamailio ( Open SER) and SIP Express Router ( SER) - Users Mailing List <sr-users@lists.sip-router.org>
Sent: Saturday, March 17, 2012 2:31 AM
Subject: Users being registered without any Authentication
Hi,
I have the below configuration file kamailio.cfg but all the users are not being registered with authentication, so am I doing some mistake in it?#!KAMAILIO## Kamailio (OpenSER) SIP Server v3.2 - default configuration script# - web: http://www.kamailio.org# - git: http://sip-router.org## Direct your questions about this file to: <sr-users@lists.sip-router.org>## Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php# for an explanation of possible statements, functions and parameters.## Several features can be enabled using '#!define WITH_FEATURE' directives:## *** To run in debug mode:# - define WITH_DEBUG## *** To enable mysql:# - define WITH_MYSQL## *** To enable authentication execute:# - enable mysql# - define WITH_AUTH# - add users using 'kamctl'## *** To enable IP authentication execute:# - enable mysql# - enable authentication# - define WITH_IPAUTH# - add IP addresses with group id '1' to 'address' table## *** To enable persistent user location execute:# - enable mysql# - define WITH_USRLOCDB## *** To enable presence server execute:# - enable mysql# - define WITH_PRESENCE## *** To enable nat traversal execute:# - define WITH_NAT# - install RTPProxy: http://www.rtpproxy.org# - start RTPProxy:# rtpproxy -l _your_public_ip_ -s udp:localhost:7722## *** To enable PSTN gateway routing execute:# - define WITH_PSTN# - set the value of pstn.gw_ip# - check route[PSTN] for regexp routing condition## *** To enable database aliases lookup execute:# - enable mysql# - define WITH_ALIASDB## *** To enable speed dial lookup execute:# - enable mysql# - define WITH_SPEEDDIAL## *** To enable multi-domain support execute:# - enable mysql# - define WITH_MULTIDOMAIN## *** To enable TLS support execute:# - adjust CFGDIR/tls.cfg as needed# - define WITH_TLS## *** To enable XMLRPC support execute:# - define WITH_XMLRPC# - adjust route[XMLRPC] for access policy## *** To enable anti-flood detection execute:# - adjust pike and htable=>ipban settings as needed (default is# block if more than 16 requests in 2 seconds and ban for 300 seconds)# - define WITH_ANTIFLOOD## *** To block 3XX redirect replies execute:# - define WITH_BLOCK3XX## *** To enable VoiceMail routing execute:# - define WITH_VOICEMAIL# - set the value of voicemail.srv_ip# - adjust the value of voicemail.srv_port## *** To enhance accounting execute:# - enable mysql# - define WITH_ACCDB# - add following columns to database#!ifdef ACCDB_COMMENTALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';#!endif
####### Defined Values ########## *** Value defines - IDs used later in config#!ifdef WITH_MYSQL# - database URL - used to connect to database server by modules such# as: auth_db, acc, usrloc, a.s.o.#!define DBURL "mysql://faisal:faisal123@localhost/kamailio"#!endif#!ifdef WITH_MULTIDOMAIN# - the value for 'use_domain' parameters#!define MULTIDOMAIN 1#!else#!define MULTIDOMAIN 0#!endif# - flags# FLT_ - per transaction (message) flags# FLB_ - per branch flags#!define FLT_ACC 1#!define FLT_ACCMISSED 2#!define FLT_ACCFAILED 3#!define FLT_NATS 5#!define FLB_NATB 6#!define FLB_NATSIPPING 7####### Global Parameters ##########!ifdef WITH_DEBUGdebug=4log_stderror=yes#!elsedebug=2log_stderror=no#!endifmemdbg=5memlog=5log_facility=LOG_LOCAL0fork=yeschildren=4/* uncomment the next line to disable TCP (default on) */#disable_tcp=yes/* uncomment the next line to disable the auto discovery of local aliasesbased on reverse DNS on IPs (default on) */#auto_aliases=no/* add local domain aliases */
/* uncomment and configure the following line if you want Kamailio tobind on a specific interface/port/proto (default bind on all available) */listen=udp:192.162.15.23:5161listen=tcp:129.162.15.23:5161alias="xmpp.kamailio.org"
/* port to listen to* - can be specified more than once if needed to listen on many ports */port=5161#!ifdef WITH_TLSenable_tls=yes#!endif
# life time of TCP connection when there is no traffic# - a bit higher than registration expires to cope with UA behind NATtcp_connection_lifetime=3605####### Custom Parameters ########## These parameters can be modified runtime via RPC interface# - see the documentation of 'cfg_rpc' module.## Format: group.id = value 'desc' description# Access: $sel(cfg_get.group.id) or @cfg_get.group.id##!ifdef WITH_PSTN# PSTN GW Routing## - pstn.gw_ip: valid IP or hostname as string value, example:# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"## - by default is empty to avoid misroutingpstn.gw_ip = "" desc "PSTN GW Address"#!endif#!ifdef WITH_VOICEMAIL# VoiceMail Routing on offline, busy or no answer## - by default Voicemail server IP is empty to avoid misroutingvoicemail.srv_ip = "" desc "VoiceMail IP Address"voicemail.srv_port = "5060" desc "VoiceMail Port"#!endif####### Modules Section ######### set paths to location of modules (to sources or installation folders)#!ifdef WITH_SRCPATHmpath="modules_k:modules"#!elsempath="/usr/local/lib/kamailio/modules_k/:/usr/local/lib/kamailio/modules/"#!endif#!ifdef WITH_MYSQLloadmodule "db_mysql.so"#!endifloadmodule "mi_fifo.so"loadmodule "kex.so"loadmodule "tm.so"loadmodule "tmx.so"loadmodule "sl.so"loadmodule "rr.so"loadmodule "pv.so"loadmodule "maxfwd.so"loadmodule "usrloc.so"loadmodule "registrar.so"loadmodule "textops.so"loadmodule "siputils.so"loadmodule "xlog.so"loadmodule "sanity.so"loadmodule "ctl.so"loadmodule "cfg_rpc.so"loadmodule "mi_rpc.so"loadmodule "acc.so"loadmodule "xmpp.so"#!ifdef WITH_AUTHloadmodule "auth.so"loadmodule "auth_db.so"#!ifdef WITH_IPAUTHloadmodule "permissions.so"#!endif#!endif
#!ifdef WITH_ALIASDBloadmodule "alias_db.so"#!endif#!ifdef WITH_SPEEDDIALloadmodule "speeddial.so"#!endif#!ifdef WITH_MULTIDOMAINloadmodule "domain.so"#!endif#!ifdef WITH_PRESENCEloadmodule "presence.so"loadmodule "presence_xml.so"#!endif#!ifdef WITH_NATloadmodule "nathelper.so"loadmodule "rtpproxy.so"#!endif#!ifdef WITH_TLSloadmodule "tls.so"#!endif#!ifdef WITH_ANTIFLOODloadmodule "htable.so"loadmodule "pike.so"#!endif#!ifdef WITH_XMLRPCloadmodule "xmlrpc.so"#!endif#!ifdef WITH_DEBUGloadmodule "debugger.so"#!endif# ----------------- setting module-specific parameters ---------------# ----- mi_fifo params -----modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")# ----- tm params -----# auto-discard branches from previous serial forking legmodparam("tm", "failure_reply_mode", 3)# default retransmission timeout: 30secmodparam("tm", "fr_timer", 30000)# default invite retransmission timeout after 1xx: 120secmodparam("tm", "fr_inv_timer", 120000)#--------XMPP Module Params---------------modparam("xmpp", "domain_separator", "%")modparam("xmpp", "xmpp_domain", "192.168.15.23")modparam("xmpp", "xmpp_host", "192.168.15.23")modparam("xmpp", "gateway_domain", "192.168.15.23")modparam("xmpp", "backend", "server")modparam("xmpp", "xmpp_port", 5299)modparam("xmpp", "xmpp_password", "casilla233")# ----- rr params -----# add value to ;lr param to cope with most of the UAsmodparam("rr", "enable_full_lr", 1)# do not append from tag to the RR (no need for this script)modparam("rr", "append_fromtag", 0)# ----- registrar params -----modparam("registrar", "method_filtering", 1)/* uncomment the next line to disable parallel forking via location */# modparam("registrar", "append_branches", 0)/* uncomment the next line not to allow more than 10 contacts per AOR */#modparam("registrar", "max_contacts", 10)# max value for expires of registrationsmodparam("registrar", "max_expires", 3600)
# ----- acc params -----/* what special events should be accounted ? */modparam("acc", "early_media", 0)modparam("acc", "report_ack", 0)modparam("acc", "report_cancels", 0)/* by default ww do not adjust the direct of the sequential requests.if you enable this parameter, be sure the enable "append_fromtag"in "rr" module */modparam("acc", "detect_direction", 0)/* account triggers (flags) */modparam("acc", "log_flag", FLT_ACC)modparam("acc", "log_missed_flag", FLT_ACCMISSED)modparam("acc", "log_extra","src_user=$fU;src_domain=$fd;src_ip=$si;""dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)/* enhanced DB accounting */#!ifdef WITH_ACCDBmodparam("acc", "db_flag", FLT_ACC)modparam("acc", "db_missed_flag", FLT_ACCMISSED)modparam("acc", "db_url", DBURL)modparam("acc", "db_extra","src_user=$fU;src_domain=$fd;src_ip=$si;""dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")#!endif# ----- usrloc params -----/* enable DB persistency for location entries */#!ifdef WITH_USRLOCDBmodparam("usrloc", "db_url", DBURL)modparam("usrloc", "db_mode", 2)modparam("usrloc", "use_domain", MULTIDOMAIN)#!endif
# ----- auth_db params -----#!ifdef WITH_AUTHmodparam("auth_db", "db_url", DBURL)modparam("auth_db", "calculate_ha1", yes)modparam("auth_db", "password_column", "password")modparam("auth_db", "load_credentials", "")modparam("auth_db", "use_domain", MULTIDOMAIN)# ----- permissions params -----#!ifdef WITH_IPAUTHmodparam("permissions", "db_url", DBURL)modparam("permissions", "db_mode", 1)#!endif#!endif# ----- alias_db params -----#!ifdef WITH_ALIASDBmodparam("alias_db", "db_url", DBURL)modparam("alias_db", "use_domain", MULTIDOMAIN)#!endif# ----- speedial params -----#!ifdef WITH_SPEEDDIALmodparam("speeddial", "db_url", DBURL)modparam("speeddial", "use_domain", MULTIDOMAIN)#!endif# ----- domain params -----#!ifdef WITH_MULTIDOMAINmodparam("domain", "db_url", DBURL)# use cachingmodparam("domain", "db_mode", 1)# register callback to match myself condition with domains listmodparam("domain", "register_myself", 1)#!endif
#!ifdef WITH_PRESENCE# ----- presence params -----modparam("presence", "db_url", DBURL)
# ----- presence_xml params -----modparam("presence_xml", "db_url", DBURL)modparam("presence_xml", "force_active", 1)#!endif#!ifdef WITH_NAT# ----- rtpproxy params -----modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")# ----- nathelper params -----modparam("nathelper", "natping_interval", 30)modparam("nathelper", "ping_nated_only", 1)modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")# params needed for NAT traversal in other modulesmodparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")modparam("usrloc", "nat_bflag", FLB_NATB)#!endif
#!ifdef WITH_TLS# ----- tls params -----modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")#!endif#!ifdef WITH_ANTIFLOOD# ----- pike params -----modparam("pike", "sampling_time_unit", 2)modparam("pike", "reqs_density_per_unit", 16)modparam("pike", "remove_latency", 4)
# ----- htable params -----# ip ban htable with autoexpire after 5 minutesmodparam("htable", "htable", "ipban=>size=8;autoexpire=300;")#!endif#!ifdef WITH_XMLRPC# ----- xmlrpc params -----modparam("xmlrpc", "route", "XMLRPC");modparam("xmlrpc", "url_match", "^/RPC")#!endif#!ifdef WITH_DEBUG# ----- debugger params -----modparam("debugger", "cfgtrace", 1)#!endif####### Routing Logic ########
# Main SIP request routing logic# - processing of any incoming SIP request starts with this route# - note: this is the same as route { ... }request_route {# per request initial checksroute(REQINIT);
# NAT detectionroute(NATDETECT);# handle requests within SIP dialogsroute(WITHINDLG);
### only initial requests (no To tag)
# CANCEL processingif (is_method("CANCEL")){if (t_check_trans())t_relay();exit;}t_check_trans();#authenticationroute(AUTH);###############-----------------------------------XMPP Server Configuration----------------------------------------#################if (uri =~ "sip:.+@sip-xmpp\.kamailio\.org") {#absorb transmissionif (!t_newtran()){sl_reply_error();exit;}#Handling Instant Messagingif (is_method("MESSAGE")){xlog("message to XMPP: from <$fu> ru>\n");if (xmpp_send_message()){sl_send_reply("202", "Accepted");} else {sl_send_reply("404", "Not found");}exit;}#Un-supported Type of SIP Messagexlog("message to XMPP: method [$rm] not supported yet\n");sl_send_reply("503", "Service unavailable");exit;}##################--------------------------------XMPP Server Configuration-----------------------------------------------################ record routing for dialog forming requests (in case they are routed)# - remove preloaded route headersremove_hf("Route");if (is_method("INVITE|SUBSCRIBE"))record_route();# account only INVITEsif (is_method("INVITE")){setflag(FLT_ACC); # do accounting}
# dispatch requests to foreign domainsroute(SIPOUT);### requests for my local domains# handle presence related requestsroute(PRESENCE);
# handle registrationsroute(REGISTRAR);if ($rU==$null){# request with no Username in RURIsl_send_reply("484","Address Incomplete");exit;}# dispatch destinations to PSTNroute(PSTN);
# user location serviceroute(LOCATION);route(RELAY);}
route[RELAY] {# enable additional event routes for forwarded requests# - serial forking, RTP relaying handling, a.s.o.if (is_method("INVITE|SUBSCRIBE")) {t_on_branch("MANAGE_BRANCH");t_on_reply("MANAGE_REPLY");}if (is_method("INVITE")) {t_on_failure("MANAGE_FAILURE");}
if (!t_relay()) {sl_reply_error();}exit;}# Per SIP request initial checksroute[REQINIT] {#!ifdef WITH_ANTIFLOOD# flood dection from same IP and traffic ban for a while# be sure you exclude checking trusted peers, such as pstn gateways# - local host excluded (e.g., loop to self)if(src_ip!=myself){if($sht(ipban=>$si)!=$null){# ip is already blockedxdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");exit;}if (!pike_check_req()){xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");$sht(ipban=>$si) = 1;exit;}}#!endifif (!mf_process_maxfwd_header("10")) {sl_send_reply("483","Too Many Hops");exit;}if(!sanity_check("1511", "7")){xlog("Malformed SIP message from $si:$sp\n");exit;}}# Handle requests within SIP dialogsroute[WITHINDLG] {if (has_totag()) {# sequential request withing a dialog should# take the path determined by record-routingif (loose_route()) {if (is_method("BYE")) {setflag(FLT_ACC); # do accounting ...setflag(FLT_ACCFAILED); # ... even if the transaction fails}if ( is_method("ACK") ) {# ACK is forwarded statelessyroute(NATMANAGE);}route(RELAY);} else {if (is_method("SUBSCRIBE") && uri == myself) {# in-dialog subscribe requestsroute(PRESENCE);exit;}if ( is_method("ACK") ) {if ( t_check_trans() ) {# no loose-route, but stateful ACK;# must be an ACK after a 487# or e.g. 404 from upstream servert_relay();exit;} else {# ACK without matching transaction ... ignore and discardexit;}}sl_send_reply("404","Not here");}exit;}}# Handle SIP registrationsroute[REGISTRAR] {if (is_method("REGISTER")){if(isflagset(FLT_NATS)){setbflag(FLB_NATB);# uncomment next line to do SIP NAT pinging## setbflag(FLB_NATSIPPING);}if (!save("location"))sl_reply_error();
exit;}}# USER location serviceroute[LOCATION] {#!ifdef WITH_SPEEDIAL# search for short dialing - 2-digit extensionif($rU=~"^[0-9][0-9]$")if(sd_lookup("speed_dial"))route(SIPOUT);#!endif#!ifdef WITH_ALIASDB# search in DB-based aliasesif(alias_db_lookup("dbaliases"))route(SIPOUT);#!endif$avp(oexten) = $rU;if (!lookup("location")) {$var(rc) = $rc;route(TOVOICEMAIL);t_newtran();switch ($var(rc)) {case -1:case -3:send_reply("404", "Not Found");exit;case -2:send_reply("405", "Method Not Allowed");exit;}}# when routing via usrloc, log the missed calls alsoif (is_method("INVITE")){setflag(FLT_ACCMISSED);}}# Presence server routeroute[PRESENCE] {if(!is_method("PUBLISH|SUBSCRIBE"))return;#!ifdef WITH_PRESENCEif (!t_newtran()){sl_reply_error();exit;};if(is_method("PUBLISH")){handle_publish();t_release();}elseif( is_method("SUBSCRIBE")){handle_subscribe();
[Message clipped]
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users