Hello,

tcpdump and other network sniffers (e.g., ngrep, sngrep) capture the sip traffic before firewall, so even if you see packets with them, the application can still not get them due to firewall.

To test, you can replace kamailio with netcat listening on UDP port 5060 and see if it receives the sip traffic.

Cheers,
Daniel

On 12.10.21 19:08, dem@htsweb.com wrote:
After 4 (long) days of trying to receive any UDP SIP, I'm hoping someone can point out what I'm doing wrong. I've looked at the kamailio code. I'm beginning to think it's the 'polling' code, but it looks fine. It could be Centos or a Dell network driver, but not seeing any errors anywhere.

- stock build/compile...
  Version: kamailio 5.5.2 (x86_64/linux) 0d53d9
  Compile flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES
  MAX_RECV_BUFFER_SIZE=262144
  MAX_URI_SIZE=1024
  BUF_SIZE=65535
  DEFAULT PKG_SIZE=8MB
  DEFAULT SHM_SIZE=64MB
  ADAPTIVE_WAIT_LOOPS=1024
  TCP poll methods: poll, epoll_lt, epoll_et, sigio_rt, select
  Source code revision ID: 0d53d9
  Compiled with: gcc 4.8.5
  Compiled architecture: x86_64
  Compiled on: 08:44:19 Oct 11 2021

Running Centos 7 all updated. Dell R630.
# sestatus
SELinux status:                 disabled
# firewall-cmd --list-all
  ports: 5666/tcp 873/tcp 873/udp 80/tcp 443/tcp 5060/tcp 5060/udp 5061/tcp 5061/udp

- Just trying to send SIP INVITE from trunk provider to R630 kamailio...
(SIP trunk) UDP 172.200.200.202:5060 -> (firewall) UDP 172.250.250.162:5060 -> 1:1 NAT -> (R630) UDP 10.102.88.81:5060

- I can 'see' the packet hit the em3 network...
#  tcpdump -i em3 -e -vv -n port 5060
11:53:33.260892 99:99:ef:3e:69:c1 > 99:99:1c:48:4e:e3, ethertype IPv4 (0x0800), length 1366: (tos 0x0, ttl 54, id 20430, offset 0, flags [none], proto UDP (17), length 1352)
    172.200.200.202.sip > 10.102.88.81.sip: [udp sum ok] SIP, length: 1324
    INVITE sip:+18005551234@172.250.250.162:5060 SIP/2.0
    ...

At this point, I just need to see a SIP INVITE received. Then I can go back to working on a real config.

I've tried with TCP on/off, listening on all networks, alias on/off, strace and everything else I could think of. Truly appreciate any guidance.

Tried every sample config possible, but I just need to test receiving the SIP UDP packet, so this 'should' be minimum config...

#!KAMAILIO
debug=9
log_stderror=no
log_facility=LOG_LOCAL0
log_prefix="{$mt $hdr(CSeq) $ci} "
children=2
disable_tcp=yes
udp4_raw=on
auto_aliases=no
alias="sbc01.mysite.com"
listen=udp:10.102.88.81:5060

loadmodule "debugger.so"
loadmodule "jsonrpcs.so"
loadmodule "kex.so"
loadmodule "corex.so"
loadmodule "sl.so"
loadmodule "rr.so"
loadmodule "pv.so"
loadmodule "textops.so"
loadmodule "siputils.so"
loadmodule "xlog.so"
loadmodule "sanity.so"
loadmodule "ctl.so"
loadmodule "cfg_rpc.so"

modparam("debugger", "cfgtrace", 1)

request_route {
  xlog("SIP received xxxxxxxxxxxxxxxxxxx\n");
}

# kamcmd ps
11578    main process - attendant
11579    udp receiver child=0 sock=10.102.88.81:5060
11580    udp receiver child=1 sock=10.102.88.81:5060
11581    slow timer
11583    timer
11584    secondary timer
11585    JSONRPCS FIFO
11586    JSONRPCS DATAGRAM
11587    ctl handler

- I get plenty of logging, but the logging just waits here...
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]: INFO: ctl [io_listener.c:210]: io_listen_loop(): io_listen_loop: using epoll_lt as the io watch method (auto detected)
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]: DEBUG: <core> [core/mem/q_malloc.c:374]: qm_malloc(): qm_malloc(0x7fd2a8bae010, 4800) called from core: core/io_wait.c: init_io_wait(469)
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10059]: DEBUG: <core> [core/mem/q_malloc.c:419]: qm_malloc(): qm_malloc(0x7fd2a8bae010, 65456) returns address 0x7fd2a8c652d8 frag. 0x7fd2a8c652a0 (size=65456) on 1 -th hit
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]: DEBUG: <core> [core/mem/q_malloc.c:419]: qm_malloc(): qm_malloc(0x7fd2a8bae010, 4800) returns address 0x7fd2a8c652d8 frag. 0x7fd2a8c652a0 (size=4800) on 1 -th hit
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]: DEBUG: <core> [core/mem/q_malloc.c:374]: qm_malloc(): qm_malloc(0x7fd2a8bae010, 2400) called from core: core/io_wait.c: init_io_wait(516)
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]: DEBUG: <core> [core/mem/q_malloc.c:419]: qm_malloc(): qm_malloc(0x7fd2a8bae010, 2400) returns address 0x7fd2a8c66600 frag. 0x7fd2a8c665c8 (size=2400) on 1 -th hit
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]: DEBUG: ctl [io_listener.c:246]: io_listen_loop(): io_listen_loop: adding socket 8, type 2, transport 3 (/var/run/kamailio//kamailio_ctl)
Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]: DEBUG: ctl [../../core/io_wait.h:375]: io_watch_add(): DBG: io_watch_add(0x7fd2a70a5360, 8, 2, 0x2439960), fd_no=0

- The only other thing that I see is transport 3. Isn't that a UNIXS_SOCK?



__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - Online
Nov 08-11, 2021 (Europe Timezone) - Nov 22-25, 2021 (America Timezone)
  * https://www.asipto.com/sw/kamailio-advanced-training-online/