Re: [SR-Users] Unknown caller gets online user's identity
Hello, There is a message Possible Security issue with Kamailio - Asterisk Realtime integration in Asterisk users mailing list: http://lists.digium.com/pipermail/asterisk-users/2013-February/277633.html I think the problem I have is somewhat similar. Should I suppose that there is a security risk in Kamailio - Asterisk realtime integration, and if this is a case what I can do to eliminate this risk? Best, Teijo 16.7.2014 9:44, g.aloi...@gmail.com kirjoitti: Hello, Has anybody any solution or suggestion? If I for example launch MicroSIP (no doubt it could be some other SIP client), and simply call: sip:some_extens...@my.public.ip.address call is established, if there is online user/users. Naturally this incoming call should be handled by Asterisk in context where I have defined unauthorized calls are handled, but in stead, the call goes online user's context. To get this situation I don't need to define any account information in MicroSIP. I have not set passwords for users in Asterisk to avoid double authorization. May this cause the behavior? I have not set default user or from user in my peer definitions. I am not registering Kamailio to Asterisk - I mean I have no peer definition for Kamailio in sip.conf. I do not know what direction to go to. I would be happy, if I should not go to the trial and error path so any help is welcome. Thanks in advance, Teijo 14.7.2014 9:06, g.aloi...@gmail.com kirjoitti: Hello, If one places call, and tell that my from domain is your Kamailio's IP, call is established, because Asterisk accepts requests from Kamailio. One problem is that it's unpredictable in this case what is the context where thiskind of call is handled by Asterisk. This situation requires that I change something in my setup. If I decide accept calls only from my users, I suppose that it can be quite easily done by modifying if statement referred below or at least by applying instructions found here: http://www.kamailio.org/dokuwiki/doku.php/examples:restrict-calls-to-registered-users However, I'm somewhat unsure what should I do, if I decide to accept calls from any caller - not only from my users. Best, Teijo 12.7.2014 19:36, Muhammad Shahzad kirjoitti: Well, this *if (from_uri!=myself uri!=myself)* Means neither source nor destination is our user. Which implies that if our domain is A, then call from domain B to C is not possible. However, calls from B or C to A and A to B or C are possible. That is way an unauthorized user gets passed and reaches asterisk. Asterisk accepts it since call is coming from kamailio and tries to route it back to kamailio, where kamailio finds user online and thus it goes through. You should really break down this, *if (from_uri!=myself uri!=myself)* into something like this for clarity, *if (from_uri!=myself) { * * if (uri!=myself) {* * # neither source nor destination is our user* * } else {* * # source is not our user but destination is our user* * };* *} else {* * if (uri!=myself) {* * # source is our user but destination is not our user* * } else {* * # both source and destination are our users* * };* *};* Hope this helps. Thank you. On Fri, Jul 11, 2014 at 5:36 PM, g.aloi...@gmail.com wrote: Hello, I'm using Kamailio version 4.1.4+precise (amd64). I have followed Kamailio 4.0.x and Asterisk 11.3.0 Realtime Integration using Asterisk Database (http://kb.asipto.com/ asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb). One main difference in my setup compared to that one is that I continued use of Kamailio's database. The problem is as follows: I decided to put Kamailio and through it Asterisk reachable from internet. I have tried to configure Asterisk so that only calls of registered users would be possible, and they could only call to other registered users or conference rooms and echo test number. Then I took the following steps: I ensured that there was no online users with kamctl online. Then I launched MicroSIP (www.microsip.org), but I did not defined account, I simply set the protocol to tls and media encryption to mandatory, because I'm using these. I called to extension with x...@my.public.ip.address (where xxx is extension) getting unauthorized. And that was what I wanted. But if there is online users, calls go through, and incoming call is coming from Asterisk (in syslog I can find out that src_user=asterisk). Kamailio and Asterisk are listening the same IP address, but different port. I have refused connections to the Asterisk's port with iptables. I have defined my public IP address as domain in sip.conf. There is also other domain defined which corresponds to users' domain I am using in Kamailio's database. In kamailio.cfg there is if statement which prevents Kamailio not to be open relay: if (from_uri!=myself uri!=myself) ... If I change this for example: if (from_uri!=myself || uri!=myself) I get what I want this time: no calls from outside, but I
Re: [SR-Users] Unknown caller gets online user's identity
Hello, Try allow allowguest=no in sip.conf [general] context and create a peer for kamailio in sip.comf Regards Cibin On 17-Jul-2014, at 12:52 pm, g.aloi...@gmail.com wrote: Hello, There is a message Possible Security issue with Kamailio - Asterisk Realtime integration in Asterisk users mailing list: http://lists.digium.com/pipermail/asterisk-users/2013-February/277633.html I think the problem I have is somewhat similar. Should I suppose that there is a security risk in Kamailio - Asterisk realtime integration, and if this is a case what I can do to eliminate this risk? Best, Teijo 16.7.2014 9:44, g.aloi...@gmail.com kirjoitti: Hello, Has anybody any solution or suggestion? If I for example launch MicroSIP (no doubt it could be some other SIP client), and simply call: sip:some_extens...@my.public.ip.address call is established, if there is online user/users. Naturally this incoming call should be handled by Asterisk in context where I have defined unauthorized calls are handled, but in stead, the call goes online user's context. To get this situation I don't need to define any account information in MicroSIP. I have not set passwords for users in Asterisk to avoid double authorization. May this cause the behavior? I have not set default user or from user in my peer definitions. I am not registering Kamailio to Asterisk - I mean I have no peer definition for Kamailio in sip.conf. I do not know what direction to go to. I would be happy, if I should not go to the trial and error path so any help is welcome. Thanks in advance, Teijo 14.7.2014 9:06, g.aloi...@gmail.com kirjoitti: Hello, If one places call, and tell that my from domain is your Kamailio's IP, call is established, because Asterisk accepts requests from Kamailio. One problem is that it's unpredictable in this case what is the context where thiskind of call is handled by Asterisk. This situation requires that I change something in my setup. If I decide accept calls only from my users, I suppose that it can be quite easily done by modifying if statement referred below or at least by applying instructions found here: http://www.kamailio.org/dokuwiki/doku.php/examples:restrict-calls-to-registered-users However, I'm somewhat unsure what should I do, if I decide to accept calls from any caller - not only from my users. Best, Teijo 12.7.2014 19:36, Muhammad Shahzad kirjoitti: Well, this *if (from_uri!=myself uri!=myself)* Means neither source nor destination is our user. Which implies that if our domain is A, then call from domain B to C is not possible. However, calls from B or C to A and A to B or C are possible. That is way an unauthorized user gets passed and reaches asterisk. Asterisk accepts it since call is coming from kamailio and tries to route it back to kamailio, where kamailio finds user online and thus it goes through. You should really break down this, *if (from_uri!=myself uri!=myself)* into something like this for clarity, *if (from_uri!=myself) { * * if (uri!=myself) {* * # neither source nor destination is our user* * } else {* * # source is not our user but destination is our user* * };* *} else {* * if (uri!=myself) {* * # source is our user but destination is not our user* * } else {* * # both source and destination are our users* * };* *};* Hope this helps. Thank you. On Fri, Jul 11, 2014 at 5:36 PM, g.aloi...@gmail.com wrote: Hello, I'm using Kamailio version 4.1.4+precise (amd64). I have followed Kamailio 4.0.x and Asterisk 11.3.0 Realtime Integration using Asterisk Database (http://kb.asipto.com/ asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb). One main difference in my setup compared to that one is that I continued use of Kamailio's database. The problem is as follows: I decided to put Kamailio and through it Asterisk reachable from internet. I have tried to configure Asterisk so that only calls of registered users would be possible, and they could only call to other registered users or conference rooms and echo test number. Then I took the following steps: I ensured that there was no online users with kamctl online. Then I launched MicroSIP (www.microsip.org), but I did not defined account, I simply set the protocol to tls and media encryption to mandatory, because I'm using these. I called to extension with x...@my.public.ip.address (where xxx is extension) getting unauthorized. And that was what I wanted. But if there is online users, calls go through, and incoming call is coming from Asterisk (in syslog I can find out that src_user=asterisk). Kamailio and Asterisk are listening the same IP address, but different port. I have refused connections to the Asterisk's port with iptables. I have defined my public IP address as domain in sip.conf. There is also other
Re: [SR-Users] Unknown caller gets online user's identity
Hello, Try allow allowguest=no in sip.conf [general] context and create a peer for kamailio in sip.comf Regards Cibin On 17-Jul-2014, at 12:52 pm, g.aloi...@gmail.com wrote: Hello, There is a message Possible Security issue with Kamailio - Asterisk Realtime integration in Asterisk users mailing list: http://lists.digium.com/pipermail/asterisk-users/2013-February/277633.html I think the problem I have is somewhat similar. Should I suppose that there is a security risk in Kamailio - Asterisk realtime integration, and if this is a case what I can do to eliminate this risk? Best, Teijo 16.7.2014 9:44, g.aloi...@gmail.com kirjoitti: Hello, Has anybody any solution or suggestion? If I for example launch MicroSIP (no doubt it could be some other SIP client), and simply call: sip:some_extens...@my.public.ip.address call is established, if there is online user/users. Naturally this incoming call should be handled by Asterisk in context where I have defined unauthorized calls are handled, but in stead, the call goes online user's context. To get this situation I don't need to define any account information in MicroSIP. I have not set passwords for users in Asterisk to avoid double authorization. May this cause the behavior? I have not set default user or from user in my peer definitions. I am not registering Kamailio to Asterisk - I mean I have no peer definition for Kamailio in sip.conf. I do not know what direction to go to. I would be happy, if I should not go to the trial and error path so any help is welcome. Thanks in advance, Teijo 14.7.2014 9:06, g.aloi...@gmail.com kirjoitti: Hello, If one places call, and tell that my from domain is your Kamailio's IP, call is established, because Asterisk accepts requests from Kamailio. One problem is that it's unpredictable in this case what is the context where thiskind of call is handled by Asterisk. This situation requires that I change something in my setup. If I decide accept calls only from my users, I suppose that it can be quite easily done by modifying if statement referred below or at least by applying instructions found here: http://www.kamailio.org/dokuwiki/doku.php/examples:restrict-calls-to-registered-users However, I'm somewhat unsure what should I do, if I decide to accept calls from any caller - not only from my users. Best, Teijo 12.7.2014 19:36, Muhammad Shahzad kirjoitti: Well, this *if (from_uri!=myself uri!=myself)* Means neither source nor destination is our user. Which implies that if our domain is A, then call from domain B to C is not possible. However, calls from B or C to A and A to B or C are possible. That is way an unauthorized user gets passed and reaches asterisk. Asterisk accepts it since call is coming from kamailio and tries to route it back to kamailio, where kamailio finds user online and thus it goes through. You should really break down this, *if (from_uri!=myself uri!=myself)* into something like this for clarity, *if (from_uri!=myself) { * * if (uri!=myself) {* * # neither source nor destination is our user* * } else {* * # source is not our user but destination is our user* * };* *} else {* * if (uri!=myself) {* * # source is our user but destination is not our user* * } else {* * # both source and destination are our users* * };* *};* Hope this helps. Thank you. On Fri, Jul 11, 2014 at 5:36 PM, g.aloi...@gmail.com wrote: Hello, I'm using Kamailio version 4.1.4+precise (amd64). I have followed Kamailio 4.0.x and Asterisk 11.3.0 Realtime Integration using Asterisk Database (http://kb.asipto.com/ asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb). One main difference in my setup compared to that one is that I continued use of Kamailio's database. The problem is as follows: I decided to put Kamailio and through it Asterisk reachable from internet. I have tried to configure Asterisk so that only calls of registered users would be possible, and they could only call to other registered users or conference rooms and echo test number. Then I took the following steps: I ensured that there was no online users with kamctl online. Then I launched MicroSIP (www.microsip.org), but I did not defined account, I simply set the protocol to tls and media encryption to mandatory, because I'm using these. I called to extension with x...@my.public.ip.address (where xxx is extension) getting unauthorized. And that was what I wanted. But if there is online users, calls go through, and incoming call is coming from Asterisk (in syslog I can find out that src_user=asterisk). Kamailio and Asterisk are listening the same IP address, but different port. I have refused connections to the Asterisk's port with iptables. I have defined my public IP address as domain in sip.conf. There is also other
Re: [SR-Users] Unknown caller gets online user's identity
Hello, I have: allowguest=no contactpermit=kamailio.ip.addr.ess I also have tried the approach that I have peer kamailio, but then all calls seems to go to to the context defined for kamailio peer. I do not know how I could in that case handle individual calls - for example determine if given phone can call to given number or not. Best, Teijo 17.7.2014 10:48, Cibin Paul kirjoitti: Hello, Try allow* allowguest=no *in sip.conf [general] context and create a peer for kamailio in sip.comf Regards Cibin On 17-Jul-2014, at 12:52 pm, g.aloi...@gmail.com mailto:g.aloi...@gmail.com wrote: Hello, There is a message Possible Security issue with Kamailio - Asterisk Realtime integration in Asterisk users mailing list: http://lists.digium.com/pipermail/asterisk-users/2013-February/277633.html I think the problem I have is somewhat similar. Should I suppose that there is a security risk in Kamailio - Asterisk realtime integration, and if this is a case what I can do to eliminate this risk? Best, Teijo 16.7.2014 9:44, g.aloi...@gmail.com mailto:g.aloi...@gmail.com kirjoitti: Hello, Has anybody any solution or suggestion? If I for example launch MicroSIP (no doubt it could be some other SIP client), and simply call: sip:some_extens...@my.public.ip.address call is established, if there is online user/users. Naturally this incoming call should be handled by Asterisk in context where I have defined unauthorized calls are handled, but in stead, the call goes online user's context. To get this situation I don't need to define any account information in MicroSIP. I have not set passwords for users in Asterisk to avoid double authorization. May this cause the behavior? I have not set default user or from user in my peer definitions. I am not registering Kamailio to Asterisk - I mean I have no peer definition for Kamailio in sip.conf. I do not know what direction to go to. I would be happy, if I should not go to the trial and error path so any help is welcome. Thanks in advance, Teijo 14.7.2014 9:06, g.aloi...@gmail.com mailto:g.aloi...@gmail.com kirjoitti: Hello, If one places call, and tell that my from domain is your Kamailio's IP, call is established, because Asterisk accepts requests from Kamailio. One problem is that it's unpredictable in this case what is the context where thiskind of call is handled by Asterisk. This situation requires that I change something in my setup. If I decide accept calls only from my users, I suppose that it can be quite easily done by modifying if statement referred below or at least by applying instructions found here: http://www.kamailio.org/dokuwiki/doku.php/examples:restrict-calls-to-registered-users However, I'm somewhat unsure what should I do, if I decide to accept calls from any caller - not only from my users. Best, Teijo 12.7.2014 19:36, Muhammad Shahzad kirjoitti: Well, this *if (from_uri!=myself uri!=myself)* Means neither source nor destination is our user. Which implies that if our domain is A, then call from domain B to C is not possible. However, calls from B or C to A and A to B or C are possible. That is way an unauthorized user gets passed and reaches asterisk. Asterisk accepts it since call is coming from kamailio and tries to route it back to kamailio, where kamailio finds user online and thus it goes through. You should really break down this, *if (from_uri!=myself uri!=myself)* into something like this for clarity, *if (from_uri!=myself) { * * if (uri!=myself) {* * # neither source nor destination is our user* * } else {* * # source is not our user but destination is our user* * };* *} else {* * if (uri!=myself) {* * # source is our user but destination is not our user* * } else {* * # both source and destination are our users* * };* *};* Hope this helps. Thank you. On Fri, Jul 11, 2014 at 5:36 PM, g.aloi...@gmail.com wrote: Hello, I'm using Kamailio version 4.1.4+precise (amd64). I have followed Kamailio 4.0.x and Asterisk 11.3.0 Realtime Integration using Asterisk Database (http://kb.asipto.com/ asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb). One main difference in my setup compared to that one is that I continued use of Kamailio's database. The problem is as follows: I decided to put Kamailio and through it Asterisk reachable from internet. I have tried to configure Asterisk so that only calls of registered users would be possible, and they could only call to other registered users or conference rooms and echo test number. Then I took the following steps: I ensured that there was no online users with kamctl online. Then I launched MicroSIP (www.microsip.org), but I did not defined account, I simply set the protocol to tls and media encryption to mandatory, because I'm using these. I called to extension with x...@my.public.ip.address (where xxx is extension) getting unauthorized. And that was what I wanted. But if there is online users, calls go
Re: [SR-Users] Really need help on kamailio-snmpstats module
Hello, the spec was maintained by Peter (added here as explicit recipient) -- he used to build rpms, not sure about the current state. Maybe he can add some comments about. Cheers, Daniel On 16/07/14 23:13, Allen Zhang wrote: Hi, We cloned the kamailio 4.0.0 repository and the spec file was in the source directory: ~/kamailio-4.0.0/pkg/kamailio/centos/6/kamailio.spec Cheers, Allen *From:*Daniel-Constantin Mierla [mailto:mico...@gmail.com] *Sent:* Thursday, 17 July 2014 7:57 a.m. *To:* Allen Zhang; Kamailio (SER) - Users Mailing List *Cc:* Shane Harrison *Subject:* Re: [SR-Users] Really need help on kamailio-snmpstats module Hello, there are several specs in the source tree, perhaps some need to be updated or removed. Can you point the path to the one you used? Cheers, Daniel On 11/07/14 04:25, Allen Zhang wrote: Hi, There is a bug in the kamailio.spec file from kamailio-4.0.0.0’s source code directory (if it matters to anyone but me). This piece of config: %if 0%{?centos} Requires: net-snmp-agent-libs %else Requires: net-snmp-libs Should be this: %if 0%{?fedora} Requires: net-snmp-agent-libs %else Requires: net-snmp-libs The spec file from the build service is correct. So I guess it doesn’t matter to most people. Cheers, Allen *From:*sr-users-boun...@lists.sip-router.org mailto:sr-users-boun...@lists.sip-router.org [mailto:sr-users-boun...@lists.sip-router.org] *On Behalf Of *Allen Zhang *Sent:* Friday, 11 July 2014 9:04 a.m. *To:* mico...@gmail.com mailto:mico...@gmail.com; Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] Really need help on kamailio-snmpstats module Hi Daniel, I’m using the kamailio.spec in the source from kamailio-4.0.0. I’ll go through the package names again. Cheer, Allen *From:*sr-users-boun...@lists.sip-router.org mailto:sr-users-boun...@lists.sip-router.org [mailto:sr-users-boun...@lists.sip-router.org] *On Behalf Of *Daniel-Constantin Mierla *Sent:* Thursday, 10 July 2014 6:30 p.m. *To:* Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] Really need help on kamailio-snmpstats module Hello, which kamailio.spec are you using? Try to edit it to have the dependency named as the package available on your system. Cheers, Daniel On 09/07/14 07:21, Allen Zhang wrote: Hi This is a re-post. I’m desperate. What I’m trying to do: Use rpmbuild to build kamailio rpms from source code. We made a lot of changes in the kamailio code. I can’t use the rpms from the build service. The plan is to push these changes to kamailio but that’s not done, yet. The problem is when I try to install kamailio-snmpstats module from the rpm built, it reports error: Error: Package: kamailio-snmpstats-4.0.0-0.el6.x86_64 (company_name) Requires: net-snmp-agent-libs I’ve installed net-snmp on the build machine and the machine that needs to install kamailio-snmpstats. I have tried to use the kamailio.spec file from kamailio build server but it didn’t solve the problem. Can anyone help, please? Regards, Allen ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org mailto:sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla -http://www.asipto.com http://twitter.com/#!/miconda http://twitter.com/#%21/miconda -http://www.linkedin.com/in/miconda -- Daniel-Constantin Mierla -http://www.asipto.com http://twitter.com/#!/miconda http://twitter.com/#%21/miconda -http://www.linkedin.com/in/miconda -- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio RtpProxy MHomed
Hello, have you looked at sip trace and checked what are the IP addresses in the SDP? Maybe you need to swap the flags i and e. You can eventually provide here the incoming invite as well as outgoing invite, saying what you would expect to be in the outgoing one, so we can give further hints. Cheers, Daniel On 16/07/14 15:08, Pascal Fautré wrote: Hi, I tried to use Kamailio / RTPProxy in mhomed setup without any luck. I had no problem to configure it with only 1 interface, without mhomed, everything worked perfectly. The RTP streams where not established correctly even if I managed to have to proper IP in the SIP INVITE (C O). Versions: version: kamailio 4.1.4 (x86_64/linux) flags: STATS: Off, USE_TCP, USE_TLS, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 4MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled on 04:23:19 Jun 13 2014 with gcc 4.7.2 RTPProxy -v: Basic version: 20040107 Extension 20050322: Support for multiple RTP streams and MOH Extension 20060704: Support for extra parameter in the V command Extension 20071116: Support for RTP re-packetization Extension 20071218: Support for forking (copying) RTP stream Extension 20080403: Support for RTP statistics querying Extension 20081102: Support for setting codecs in the update/lookup command Extension 20081224: Support for session timeout notifications Here is my RTPProxy config (/etc/default/rtpproxy) : CONTROL_SOCK=udp:127.0.0.1:7722 EXTRA_OPTS=“-l /PU.BL.IC.IP///PRI.VA.TE.IP/ -m 11000 -M 12000 -d DBUG:LOG_LOCAL3 Here are snippets of my kamailio.cfg: port=5060 mhomed=1 # RTPProxy control route[NATMANAGE] { #!ifdef WITH_NAT if (is_request()) { if(has_totag()) { if(check_route_param(nat=yes)) { setbflag(FLB_NATB); } } } if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return; xlog(NATMANAGE M=$rm OU=$ou RURI=$ru RD=$rd F=$fu T=$tu NH=$nh(d) IP=$si ID=$ci\n); if(dst_ip == PUBLIC_IP) { if(is_ipv4($nh(d)) is_in_subnet($nh(d), PRIVATE_NET)) { xlog(NATMANAGE coei\n); rtpproxy_manage(coei, PRIVATE_IP); } else { xlog(NATMANAGE coee\n); rtpproxy_manage(coee, PUBLIC_IP); } } else { if(is_ipv4($nh(d)) is_in_subnet($nh(d), PRIVATE_NET)) { xlog(NATMANAGE coii\n); rtpproxy_manage(coii, PRIVATE_IP); } else { xlog(NATMANAGE coie\n); rtpproxy_manage(coie, PUBLIC_IP); } } if (is_request()) { if (!has_totag()) { if(t_is_branch_route()) { add_rr_param(;nat=yes); } } } if (is_reply()) { if(isbflagset(FLB_NATB)) { if(is_first_hop()) set_contact_alias(); } } #!endif return; } Calls were correctly going to the desired rtpproxy_manage options. Now I’m not quite sure I’m using the correct ones. I had to specify the PUBLIC_IP or PRIVATE_IP in the rtpproxy_manage calls in order to have the correct IP address in the C and O headers of the SIP INVITE. Without that, the public IP would be sent as C and O params to phones on the private subnet. In fact not a single call direction would give correct RTP streams. Any idea where I missed the turn? Cheers ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Some of the calls drops after 15 minutes + some seconds
On Jul 16, 2014, at 4:05 PM, Andras FOGARASI fogar...@fogarasi.com wrote: On 7/16/14, 10:00 PM, Frank Carmickle wrote: On Jul 16, 2014, at 3:54 PM, Daniel-Constantin Mierla mico...@gmail.com wrote: Hello, I expect that the signaling is ok at least for call setup. From signling point of view, I can think of following situations: - endpoints send keep alive packets (or session updates) which are no answered. You can add an xlog(...) at the top of request_route{} and reply_route{} blocks printing at least the method, call-id, cseq, from and to header, plus the response code for reply block. In this case you can see if there is some signaling before call is dropped. Is this happening just on calls between two phones in your domain, or is there a carrier/federation involved? No other parties are involved, only the two phones involved (and the proxy of course). I would expect that if it was a NAT issue you would see it much sooner than 15 minutes, 30-60 seconds. Are session timers being stripped by Kamailio? You say it's a TURN server or is it acting more like a media relay where it is signaled into the path? What TURN server are you using? How is it configured? --FC ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Msilo not delivering message (status 408)
Hi, We did have a working msilo implementation a while back, but we don’t use it any more, so I can only look back at the config files (which are a lot more complicated than yours). We added the a modparam modparam(msilo, outbound_proxy, sip:MY_REAL_IP:MY_SIP_PORT;transport=tcp) which will make it arrive on the local machine on the given socket (instead of localhost) to be processed, but that probably isn’t your problem. Is it possible that Kamailio is trying to establish a new connection, instead of reusing the existing connection to the client? That would be visible as TCP SYNs in a trace and would cause a 408 after the timeout. We are using a separate outbound enabled edge proxy so this isn’t a problem for us. Regards, Hugh From: sr-users-boun...@lists.sip-router.org [mailto:sr-users-boun...@lists.sip-router.org] On Behalf Of Peter Villeneuve Sent: 17 July 2014 13:10 To: Daniel-Constantin Mierla; Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Msilo not delivering message (status 408) I guess no one really knows why it isn't working either. The only option I have left seems to be to try and update to the 4.2 nightly and hope that whatever's wrong is a bug with 4.1.4 and not a simple mistake in my routing syntax or logic. Daniel, is 4.2 nightly debian package stable enough for a production system? Would you recommend I upgrade? Thanks On Wed, Jul 16, 2014 at 9:37 PM, Peter Villeneuve peterv...@gmail.commailto:peterv...@gmail.com wrote: Can anyone help please? I was supposed to have this server up and running hours ago and I can't think of anything to do next to help debug this. Thanks On Wed, Jul 16, 2014 at 7:01 PM, Peter Villeneuve peterv...@gmail.commailto:peterv...@gmail.com wrote: I removed the localhost listeners on TCP and UDP, and, as I suspected, Kamailio doesn't seem to like that. Why isn't kamailio sending the message back through the TLS socket? NOTICE: script: -MESSAGE PROCESSING: dumping offline messages ERROR: tm [ut.h:343]: uri2dst2(): no corresponding socket for af 2 ERROR: tm [uac.c:266]: t_uac_prepare(): t_uac: no socket found On Wed, Jul 16, 2014 at 4:44 PM, Peter Villeneuve peterv...@gmail.commailto:peterv...@gmail.com wrote: And here's the full routing block. I copied it from someone else on the list that was troubleshooting msilo a while back. Also, I can confirm the message never gets delivered because it remains in msilo DB and kamailio logs shows it trying and trying. ### Routing Logic … On Wed, Jul 16, 2014 at 4:38 PM, Peter Villeneuve peterv...@gmail.commailto:peterv...@gmail.com wrote: Thanks for your help Daniel. OK I ngrepped port 5060 and indeed the message tries to get delivered. However it never arrives at the client (1010 in this case). I have added localhost listeners for UDP and TCP, even though all clients register through TLS only (could this be the root of the problem?). I added localhost listeners because I was getting the no socket found error message. Listening on udp: 127.0.0.1:5080http://127.0.0.1:5080 tcp: 127.0.0.1:5060http://127.0.0.1:5060 tls: 79.my.server.IP1:5061 Aliases: tcp: localhost:5060 udp: localhost:5080 *: my.domain.com:* U 2014/07/16 15:29:14.904285 127.0.0.1:5080http://127.0.0.1:5080 - 79.my.server.IP1:5060 MESSAGE sip:1...@my.domain.commailto:sip%3a1...@my.domain.com SIP/2.0. Via: SIP/2.0/UDP 127.0.0.1:5080;branch=z9hG4bKcde3.542219f4.0. To: sip:1...@my.domain.commailto:sip%3a1...@my.domain.com. From: sip:1...@my.domain.commailto:sip%3a1...@my.domain.com;tag=def4124455da8a0b8e97eafabd028e26-2c30. CSeq: 10 MESSAGE. Call-ID: 16b126996f51d89c-12460@127.0.0.1mailto:16b126996f51d89c-12460@127.0.0.1. Max-Forwards: 70. Content-Length: 58. User-Agent: kamailio (4.1.4 (x86_64/linux)). Date: Wed, 16 Jul 2014 15:22:31 GMT. Content-Type: text/plain. . [Offline message - Wed Jul 16 15:22:31 2014] Test 1,2,3 On Wed, Jul 16, 2014 at 8:58 AM, Daniel-Constantin Mierla mico...@gmail.commailto:mico...@gmail.com wrote: Hello, can you watch the sip traffic on the network to see if the sip messages is sent out? You can use ngrep, like: ngrep -d any -qt -W byline sip port 5060 Cheers, Daniel On 14/07/14 19:56, Peter Villeneuve wrote: Hi, This is most likely a stupid mistake on my route config, but msilo correctly stores messages for offline users, but when they come back online, the message never arrives. Looking through the debug logs indeed there is an error, with status 408, which suggests kamaiio can't find a route to the user that just logged. Before I spend hours looking through all the routing blocks, perhaps someone more exprienced in kamailio can see the problem right away and offer a solution? Thanks DEBUG: msilo [msilo.c:1148]: m_dump(): msg [1-12] for: sip:1...@my.domain.commailto:sip%3a1...@my.domain.com DEBUG: core [io_wait.h:617]:
Re: [SR-Users] Msilo not delivering message (status 408)
Thanks for helping out Hugh (and obviously Daniel) I have made some progress by adding the modparam (msilo, outbound_proxy, sip:my.domain.com:5061;transport=tls). Now indeed the stored message gets delivered when a UAC registers. But I just noticed that it was also filling up msilo db with user xxx is offline! messages, instead of sending that msg to the initial UAC sending the msg. This likely means I'm doing something wrong with the routing, as it feels like it's in an endless loop. I think Daniel earlier suggested adding if(src_ip != myself) t_on_failure(FAIL_MESSAGE) to another poster that was having trouble with the exact same routing config, but I'm not sure exactly where to insert it. Can someone experienced with the routing syntax point out my - likely obvious - mistake? Cheers, Peter On Thu, Jul 17, 2014 at 3:11 PM, Waite, Hugh hugh.wa...@acision.com wrote: Hi, We did have a working msilo implementation a while back, but we don’t use it any more, so I can only look back at the config files (which are a lot more complicated than yours). We added the a modparam *modparam(msilo, outbound_proxy, sip:MY_REAL_IP:MY_SIP_PORT;transport=tcp)* which will make it arrive on the local machine on the given socket (instead of localhost) to be processed, but that probably isn’t your problem. Is it possible that Kamailio is trying to establish a new connection, instead of reusing the existing connection to the client? That would be visible as TCP SYNs in a trace and would cause a 408 after the timeout. We are using a separate outbound enabled edge proxy so this isn’t a problem for us. Regards, Hugh *From:* sr-users-boun...@lists.sip-router.org [mailto: sr-users-boun...@lists.sip-router.org] *On Behalf Of *Peter Villeneuve *Sent:* 17 July 2014 13:10 *To:* Daniel-Constantin Mierla; Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] Msilo not delivering message (status 408) I guess no one really knows why it isn't working either. The only option I have left seems to be to try and update to the 4.2 nightly and hope that whatever's wrong is a bug with 4.1.4 and not a simple mistake in my routing syntax or logic. Daniel, is 4.2 nightly debian package stable enough for a production system? Would you recommend I upgrade? Thanks On Wed, Jul 16, 2014 at 9:37 PM, Peter Villeneuve peterv...@gmail.com wrote: Can anyone help please? I was supposed to have this server up and running hours ago and I can't think of anything to do next to help debug this. Thanks On Wed, Jul 16, 2014 at 7:01 PM, Peter Villeneuve peterv...@gmail.com wrote: I removed the localhost listeners on TCP and UDP, and, as I suspected, Kamailio doesn't seem to like that. Why isn't kamailio sending the message back through the TLS socket? NOTICE: script: -MESSAGE PROCESSING: dumping offline messages ERROR: tm [ut.h:343]: uri2dst2(): no corresponding socket for af 2 ERROR: tm [uac.c:266]: t_uac_prepare(): t_uac: no socket found On Wed, Jul 16, 2014 at 4:44 PM, Peter Villeneuve peterv...@gmail.com wrote: And here's the full routing block. I copied it from someone else on the list that was troubleshooting msilo a while back. Also, I can confirm the message never gets delivered because it remains in msilo DB and kamailio logs shows it trying and trying. ### Routing Logic … On Wed, Jul 16, 2014 at 4:38 PM, Peter Villeneuve peterv...@gmail.com wrote: Thanks for your help Daniel. OK I ngrepped port 5060 and indeed the message tries to get delivered. However it never arrives at the client (1010 in this case). I have added localhost listeners for UDP and TCP, even though all clients register through TLS only (could this be the root of the problem?). I added localhost listeners because I was getting the no socket found error message. Listening on udp: 127.0.0.1:5080 tcp: 127.0.0.1:5060 tls: 79.my.server.IP1:5061 Aliases: tcp: localhost:5060 udp: localhost:5080 *: my.domain.com:* U 2014/07/16 15:29:14.904285 127.0.0.1:5080 - 79.my.server.IP1:5060 MESSAGE sip:1...@my.domain.com SIP/2.0. Via: SIP/2.0/UDP 127.0.0.1:5080 ;branch=z9hG4bKcde3.542219f4.0. To: sip:1...@my.domain.com. From: sip:1...@my.domain.com;tag=def4124455da8a0b8e97eafabd028e26-2c30. CSeq: 10 MESSAGE. Call-ID: 16b126996f51d89c-12460@127.0.0.1. Max-Forwards: 70. Content-Length: 58. User-Agent: kamailio (4.1.4 (x86_64/linux)). Date: Wed, 16 Jul 2014 15:22:31 GMT. Content-Type: text/plain. . [Offline message - Wed Jul 16 15:22:31 2014] Test 1,2,3 On Wed, Jul 16, 2014 at 8:58 AM, Daniel-Constantin Mierla mico...@gmail.com wrote: Hello, can you watch the sip traffic on the network to see if the sip messages is sent out? You can use ngrep, like: ngrep -d any -qt -W byline sip
Re: [SR-Users] Crash Kamailio 4.1.4
Hello, I don't understand the patch you sent me. Is it for the PAI problem? Regards, Igor 2014-07-07 12:40 GMT+02:00 Igor Potjevlesch igor.potjevle...@gmail.com: Hello, Can you explain the modification and the impact on our plateform? Is it for the pai problem? Do you have explanation for the km_val.c problem wich cause crash for Kamailio too? Regards, Igor 2014-07-01 16:40 GMT+02:00 Daniel-Constantin Mierla mico...@gmail.com: Hello, can you give it a try with the patch from next commit? - http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=da9d56be28e050dd0cb4aed50efcbda043a3e5cf If all goes fine while testing, I will backport. Cheers, Daniel On 26/06/14 12:58, Igor Potjevlesch wrote: Hello, Here the result : (gdb) frame 6 #6 0x7f127cb6dde6 in acc_onreply (t=0x7f1274c157f0, req=0x7f1274c3ac08, reply=0x7f12804a6d70, code=200) at acc_logic.c:501 501 clean_hdr_field(hdr); (gdb) print hdr $1 = (hdr_field_t *) 0x7f1274c3c238 (gdb) print *hdr $2 = {type = HDR_PAI_T, name = { s = 0x7f1274c3b6cd P-Asserted-Identity: sip:0123456789@domain;user=phone\r\nP-Sig-Options: Sending-Complete\r\n\r\nv=0\r\no=- 111851 1 IN IP4 A.B.C.D\r\ns=-\r\nt=0 0\r\nm=audio 21336 RTP/AVP 8 101 13\r\nc=IN IP4 A.B.C..., len = 19}, body = { s = 0x7f1274c3b6e2 sip:0123456789@domain;user=phone\r\nP-Sig-Options: Sending-Complete\r\n\r\nv=0\r\no=- 111851 1 IN IP4 A.B.C.D\r\ns=-\r\nt=0 0\r\nm=audio 21336 RTP/AVP 8 101 13\r\nc=IN IP4 A.B.C.D\r\na=rtpmap:101 tele..., len = 44}, len = 67, parsed = 0x0, next = 0x7f1274c3c278} (gdb) frame 4 #4 0x0056e5e6 in free_pai_ppi_body (pid_b=0x7f12803cb480) at parser/parse_ppi_pai.c:102 102 pkg_free(pid_b); (gdb) print *pid_b $3 = {id = 0x0, num_ids = 0, next = 0x1d0} This is the bt full : #0 0x003d6f6328a5 in raise () from /lib64/libc.so.6 No symbol table info available. #1 0x003d6f634085 in abort () from /lib64/libc.so.6 No symbol table info available. #2 0x00546d3c in qm_debug_frag (qm=0x7f1280275010, f=0x7f12803cb450) at mem/q_malloc.c:142 __FUNCTION__ = qm_debug_frag #3 0x00548b26 in qm_free (qm=0x7f1280275010, p=0x7f12803cb480, file=0x6276a0 core: parser/parse_ppi_pai.c, func=0x627a00 free_pai_ppi_body, line=102) at mem/q_malloc.c:464 f = 0x7f12803cb450 size = 139717434027144 next = 0xf prev = 0x7f127cd79e00 __FUNCTION__ = qm_free #4 0x0056e5e6 in free_pai_ppi_body (pid_b=0x7f12803cb480) at parser/parse_ppi_pai.c:102 __FUNCTION__ = free_pai_ppi_body #5 0x0054fee0 in clean_hdr_field (hf=0x7f1274c3c238) at parser/hf.c:126 h_parsed = 0x7f1274c3c268 __FUNCTION__ = clean_hdr_field #6 0x7f127cb6dde6 in acc_onreply (t=0x7f1274c157f0, req=0x7f1274c3ac08, reply=0x7f12804a6d70, code=200) at acc_logic.c:501 new_uri_bk = {s = 0x7f1274b53cdf sip:0987654321@GW SIP/2.0\r\nRecord-Route: sip:A.B.C.D;lr=on\r\nVia: SIP/2.0/UDP A.B.C.D;branch=z9hG4bK512b.82b19726f6b60c0c63b79801294d.0\r\nVia: SIP/2.0/UDP A.B.C.D:2057;branch=z9hG4bK-12..., len = 19} br = 0 hdr = 0x7f1274c3c238 __FUNCTION__ = acc_onreply #7 0x7f127cb6e30a in tmcb_func (t=0x7f1274c157f0, type=512, ps=0x7fff0b015580) at acc_logic.c:573 __FUNCTION__ = tmcb_func #8 0x7f127ed68478 in run_trans_callbacks_internal (cb_lst=0x7f1274c15860, type=512, trans=0x7f1274c157f0, params=0x7fff0b015580) at t_hooks.c:290 cbp = 0x7f1274ac0e90 backup_from = 0x934630 backup_to = 0x934638 backup_dom_from = 0x934640 backup_dom_to = 0x934648 backup_uri_from = 0x934620 backup_uri_to = 0x934628 backup_xavps = 0x934760 __FUNCTION__ = run_trans_callbacks_internal #9 0x7f127ed6868a in run_trans_callbacks_with_buf (type=512, rbuf=0x7f1274c158b0, req=0x7f1274c3ac08, repl=0x7f12804a6d70, flags=200) at t_hooks.c:336 params = {req = 0x7f1274c3ac08, rpl = 0x7f12804a6d70, param = 0x7f1274ac0ea0, code = 200, flags = 200, branch = 0, t_rbuf = 0x7f1274c158b0, dst = 0x7f1274c15900, send_buf = { s = 0x7f1274c27620 SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP A.B.C.D:2057;branch=z9hG4bK-129F259C;rport=2057\r\nCall-ID: cb03dc02e909d3118f86009033290024@A.B.C.D\r\nFrom: sip:0123456789@domain;user=phone;epid=00903..., len = 1021}} trans = 0x7f1274c157f0 #10 0x7f127ed9ac06 in relay_reply (t=0x7f1274c157f0, p_msg=0x7f12804a6d70, branch=0, msg_status=200, cancel_data=0x7fff0b0158e0, do_put_on_wait=1) at t_reply.c:2001 relay = 0 save_clone = 0 buf = 0x7f12804a7cc0 SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP A.B.C.D:2057;branch=z9hG4bK-129F259C;rport=2057\r\nCall-ID: cb03dc02e909d3118f86009033290024@A.B.C.D\r\nFrom: sip:0123456789@domain;user=phone;epid=00903...
Re: [SR-Users] Some of the calls drops after 15 minutes + some seconds
On 7/17/14, 3:41 PM, Frank Carmickle wrote: On Jul 16, 2014, at 4:05 PM, Andras FOGARASI fogar...@fogarasi.com wrote: On 7/16/14, 10:00 PM, Frank Carmickle wrote: On Jul 16, 2014, at 3:54 PM, Daniel-Constantin Mierla mico...@gmail.com wrote: Hello, I expect that the signaling is ok at least for call setup. From signling point of view, I can think of following situations: - endpoints send keep alive packets (or session updates) which are no answered. You can add an xlog(...) at the top of request_route{} and reply_route{} blocks printing at least the method, call-id, cseq, from and to header, plus the response code for reply block. In this case you can see if there is some signaling before call is dropped. Is this happening just on calls between two phones in your domain, or is there a carrier/federation involved? No other parties are involved, only the two phones involved (and the proxy of course). I would expect that if it was a NAT issue you would see it much sooner than 15 minutes, 30-60 seconds. Are session timers being stripped by Kamailio? You say it's a TURN server or is it acting more like a media relay where it is signaled into the path? What TURN server are you using? How is it configured? The problem occurs even without TURN, in pure peer-to-peer mode. We use TURN only in emergency case (symmetric NAT and like that...). I do nothing with session timers - i didn't think about it until now... Andras ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Some of the calls drops after 15 minutes + some seconds
On Jul 17, 2014, at 11:27 AM, Andras FOGARASI fogar...@fogarasi.com wrote: On 7/17/14, 3:41 PM, Frank Carmickle wrote: I would expect that if it was a NAT issue you would see it much sooner than 15 minutes, 30-60 seconds. Are session timers being stripped by Kamailio? You say it's a TURN server or is it acting more like a media relay where it is signaled into the path? What TURN server are you using? How is it configured? The problem occurs even without TURN, in pure peer-to-peer mode. We use TURN only in emergency case (symmetric NAT and like that...). I do nothing with session timers - i didn't think about it until now… How do you set up the TURN only in emergency case? Do the phones do it themselves? Does Kamailio control the TURN, rtpengine/mediaproxy-ng? Who sends the bye? --FC ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Some of the calls drops after 15 minutes + some seconds
On 7/17/14, 5:34 PM, Frank Carmickle wrote: On Jul 17, 2014, at 11:27 AM, Andras FOGARASI fogar...@fogarasi.com wrote: On 7/17/14, 3:41 PM, Frank Carmickle wrote: I would expect that if it was a NAT issue you would see it much sooner than 15 minutes, 30-60 seconds. Are session timers being stripped by Kamailio? You say it's a TURN server or is it acting more like a media relay where it is signaled into the path? What TURN server are you using? How is it configured? The problem occurs even without TURN, in pure peer-to-peer mode. We use TURN only in emergency case (symmetric NAT and like that...). I do nothing with session timers - i didn't think about it until now… How do you set up the TURN only in emergency case? Do the phones do it themselves? Does Kamailio control the TURN, rtpengine/mediaproxy-ng? Who sends the bye? Caller send BYE as i see. Meanwhile i made some debug: after 15 minutes an UPDATE comes. Sometimes the UPDATE is answered with 200 OK, then the call doesn't drop, continues and everything works as expected. Sometimes it's not answered at all (it seems timeout), then hangs up. Andras ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio RtpProxy MHomed
I have created an environment with the same config and I find the same problem. While still does not work for video, I have changed (flip) the public/internal IP addresses on rtpproxy and I can get half call leg working properly, includding video. However, I am testing video calls. So I got another question on top of the original post: Can we use rtpproxy also for video or it only supports voice rtp proxy? Cheers, Mo Date: Thu, 17 Jul 2014 13:56:53 +0200 From: mico...@gmail.com To: sr-users@lists.sip-router.org Subject: Re: [SR-Users] Kamailio RtpProxy MHomed Hello, have you looked at sip trace and checked what are the IP addresses in the SDP? Maybe you need to swap the flags i and e. You can eventually provide here the incoming invite as well as outgoing invite, saying what you would expect to be in the outgoing one, so we can give further hints. Cheers, Daniel On 16/07/14 15:08, Pascal Fautré wrote: Hi, I tried to use Kamailio / RTPProxy in mhomed setup without any luck. I had no problem to configure it with only 1 interface, without mhomed, everything worked perfectly. The RTP streams where not established correctly even if I managed to have to proper IP in the SIP INVITE (C O). Versions: version: kamailio 4.1.4 (x86_64/linux) flags: STATS: Off, USE_TCP, USE_TLS, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 4MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled on 04:23:19 Jun 13 2014 with gcc 4.7.2 RTPProxy -v: Basic version: 20040107 Extension 20050322: Support for multiple RTP streams and MOH Extension 20060704: Support for extra parameter in the V command Extension 20071116: Support for RTP re-packetization Extension 20071218: Support for forking (copying) RTP stream Extension 20080403: Support for RTP statistics querying Extension 20081102: Support for setting codecs in the update/lookup command Extension 20081224: Support for session timeout notifications Here is my RTPProxy config (/etc/default/rtpproxy) : CONTROL_SOCK=udp:127.0.0.1:7722 EXTRA_OPTS=“-l PU.BL.IC.IP/PRI.VA.TE.IP -m 11000 -M 12000 -d DBUG:LOG_LOCAL3 Here are snippets of my kamailio.cfg: port=5060 mhomed=1 # RTPProxy control route[NATMANAGE] { #!ifdef WITH_NAT if (is_request()) { if(has_totag()) { if(check_route_param(nat=yes)) { setbflag(FLB_NATB); } } } if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return; xlog(NATMANAGE M=$rm OU=$ou RURI=$ru RD=$rd F=$fu T=$tu NH=$nh(d) IP=$si ID=$ci\n); if(dst_ip == PUBLIC_IP) { if(is_ipv4($nh(d)) is_in_subnet($nh(d), PRIVATE_NET)) { xlog(NATMANAGE coei\n); rtpproxy_manage(coei, PRIVATE_IP); } else { xlog(NATMANAGE coee\n); rtpproxy_manage(coee, PUBLIC_IP); } } else { if(is_ipv4($nh(d)) is_in_subnet($nh(d), PRIVATE_NET)) { xlog(NATMANAGE coii\n); rtpproxy_manage(coii, PRIVATE_IP); } else { xlog(NATMANAGE coie\n);
Re: [SR-Users] Crash Kamailio 4.1.4
Hello, On 17/07/14 18:41, Igor Potjevlesch wrote: Hello, When this patch will be add in a new release? I can't try without validation of new release. when is scheduled the next release? you were the only one reporting this issue. The patch will be backported if you can test and confirm it is working. You don't need to install master for it, you can cherry-pick it on your local clone. Otherwise, it will get in 4.2 which should be out later in the autumn. Cheers, Daniel Regards, Igor. 2014-07-17 17:50 GMT+02:00 Daniel-Constantin Mierla mico...@gmail.com mailto:mico...@gmail.com: Hello, the patch is adding a lock to protect against races executing the acc callback -- acc was parsing the header pointing to private memory, but linking it in the shared memory structure. Now it is cleaned up and such cases don't overlap anymore. Hope is clear enough. That could have been the cause for the other crash, as the pointer might have been invalidated by the raced execution. Cheers, Daniel On 17/07/14 17:18, Igor Potjevlesch wrote: Hello, I don't understand the patch you sent me. Is it for the PAI problem? Regards, Igor 2014-07-07 12:40 GMT+02:00 Igor Potjevlesch igor.potjevle...@gmail.com mailto:igor.potjevle...@gmail.com: Hello, Can you explain the modification and the impact on our plateform? Is it for the pai problem? Do you have explanation for the km_val.c problem wich cause crash for Kamailio too? Regards, Igor -- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio RtpProxy MHomed
On 17/07/14 23:10, Moacir Ferreira wrote: I have created an environment with the same config and I find the same problem. While still does not work for video, I have changed (flip) the public/internal IP addresses on rtpproxy and I can get half call leg working properly, includding video. However, I am testing video calls. So I got another question on top of the original post: Can we use rtpproxy also for video or it only supports voice rtp proxy? Yes, it works for both audio and video at the same time. As an example, see my ipv4-ipv6 tutorial where I used it in bridge mode and tested with video using Jitsi: - http://kb.asipto.com/kamailio:kamailio-mixed-ipv4-ipv6 Cheers, Daniel Cheers, Mo Date: Thu, 17 Jul 2014 13:56:53 +0200 From: mico...@gmail.com To: sr-users@lists.sip-router.org Subject: Re: [SR-Users] Kamailio RtpProxy MHomed Hello, have you looked at sip trace and checked what are the IP addresses in the SDP? Maybe you need to swap the flags i and e. You can eventually provide here the incoming invite as well as outgoing invite, saying what you would expect to be in the outgoing one, so we can give further hints. Cheers, Daniel On 16/07/14 15:08, Pascal Fautré wrote: Hi, I tried to use Kamailio / RTPProxy in mhomed setup without any luck. I had no problem to configure it with only 1 interface, without mhomed, everything worked perfectly. The RTP streams where not established correctly even if I managed to have to proper IP in the SIP INVITE (C O). Versions: version: kamailio 4.1.4 (x86_64/linux) flags: STATS: Off, USE_TCP, USE_TLS, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 4MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled on 04:23:19 Jun 13 2014 with gcc 4.7.2 RTPProxy -v: Basic version: 20040107 Extension 20050322: Support for multiple RTP streams and MOH Extension 20060704: Support for extra parameter in the V command Extension 20071116: Support for RTP re-packetization Extension 20071218: Support for forking (copying) RTP stream Extension 20080403: Support for RTP statistics querying Extension 20081102: Support for setting codecs in the update/lookup command Extension 20081224: Support for session timeout notifications Here is my RTPProxy config (/etc/default/rtpproxy) : CONTROL_SOCK=udp:127.0.0.1:7722 EXTRA_OPTS=“-l /PU.BL.IC.IP///PRI.VA.TE.IP/ -m 11000 -M 12000 -d DBUG:LOG_LOCAL3 Here are snippets of my kamailio.cfg: port=5060 mhomed=1 # RTPProxy control route[NATMANAGE] { #!ifdef WITH_NAT if (is_request()) { if(has_totag()) { if(check_route_param(nat=yes)) { setbflag(FLB_NATB); } } } if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return; xlog(NATMANAGE M=$rm OU=$ou RURI=$ru RD=$rd F=$fu T=$tu NH=$nh(d) IP=$si ID=$ci\n); if(dst_ip == PUBLIC_IP) { if(is_ipv4($nh(d)) is_in_subnet($nh(d), PRIVATE_NET)) { xlog(NATMANAGE coei\n); rtpproxy_manage(coei, PRIVATE_IP); } else { xlog(NATMANAGE coee\n); rtpproxy_manage(coee, PUBLIC_IP); } } else { if(is_ipv4($nh(d)) is_in_subnet($nh(d), PRIVATE_NET)) { xlog(NATMANAGE coii\n); rtpproxy_manage(coii, PRIVATE_IP); } else { xlog(NATMANAGE coie\n); rtpproxy_manage(coie, PUBLIC_IP); } } if (is_request()) { if (!has_totag()) { if(t_is_branch_route()) { add_rr_param(;nat=yes); } } } if (is_reply()) { if(isbflagset(FLB_NATB)) { if(is_first_hop()) set_contact_alias(); } } #!endif return; } Calls were correctly going to the desired rtpproxy_manage options. Now I’m not quite sure I’m using the correct ones. I had to specify the PUBLIC_IP or PRIVATE_IP in the rtpproxy_manage calls in order to have the correct IP address in the C and O headers of the SIP INVITE. Without that, the public IP would be sent as C and O params to phones on the private subnet. In fact not a single call direction would give