<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hello,<br>
<br>
The tcpdump (below) shows packet reaching em3 interface. The
firewalld command (below) shows UDP port 5060 open.<br>
<br>
netcat doesn't do specific interfaces. Can't do ALL interfaces,
since em4 is a pcap of hundreds of thousands of live UDP 5060.<br>
<br>
I'll have to write a standalone to prove that the firewall allows
UDP 5060 through the em3 interface, post firewall... (betting it
does). Should have test prog tomorrow.<br>
<br>
Thanks,<br>
Dan<font size="-1"><br>
</font><br>
<div class="moz-cite-prefix">Daniel-Constantin Mierla wrote on
10/12/21 4:27 PM:<br>
</div>
<blockquote type="cite"
cite="mid:e377df90-197a-ab0f-e25e-67b7dadb7342@gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<p>Hello,</p>
<p>tcpdump and other network sniffers (e.g., ngrep, sngrep)
capture the sip traffic before firewall, so even if you see
packets with them, the application can still not get them due to
firewall.</p>
<p>To test, you can replace kamailio with netcat listening on UDP
port 5060 and see if it receives the sip traffic.</p>
<p>Cheers,<br>
Daniel<br>
</p>
<div class="moz-cite-prefix">On 12.10.21 19:08, <a
class="moz-txt-link-abbreviated" href="mailto:dem@htsweb.com"
moz-do-not-send="true">dem@htsweb.com</a> wrote:<br>
</div>
<blockquote type="cite"
cite="mid:8c35c2f1-3744-b30f-c96b-d2a22a598e37@htsweb.com">
<meta http-equiv="content-type" content="text/html;
charset=UTF-8">
<tt>After 4 (long) days of trying to receive any UDP SIP, I'm
hoping someone can point out what I'm doing wrong. I've looked
at the kamailio code. I'm beginning to think it's the
'polling' code, but it looks fine. It could be Centos or a
Dell network driver, but not seeing any errors anywhere.</tt><tt><br>
</tt><tt><br>
</tt><tt>- stock build/compile...</tt><tt><br>
</tt><tt> Version: kamailio 5.5.2 (x86_64/linux) 0d53d9</tt><tt><br>
</tt><tt> Compile flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS,
USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK,
SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC,
DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT,
USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST,
HAVE_RESOLV_RES</tt><tt><br>
</tt><tt> MAX_RECV_BUFFER_SIZE=262144</tt><tt><br>
</tt><tt> MAX_URI_SIZE=1024</tt><tt><br>
</tt><tt> BUF_SIZE=65535</tt><tt><br>
</tt><tt> DEFAULT PKG_SIZE=8MB</tt><tt><br>
</tt><tt> DEFAULT SHM_SIZE=64MB</tt><tt><br>
</tt><tt> ADAPTIVE_WAIT_LOOPS=1024</tt><tt><br>
</tt><tt> TCP poll methods: poll, epoll_lt, epoll_et, sigio_rt,
select</tt><tt><br>
</tt><tt> Source code revision ID: 0d53d9</tt><tt><br>
</tt><tt> Compiled with: gcc 4.8.5</tt><tt><br>
</tt><tt> Compiled architecture: x86_64</tt><tt><br>
</tt><tt> Compiled on: 08:44:19 Oct 11 2021</tt><tt><br>
</tt><tt><br>
</tt><tt>Running Centos 7 all updated. Dell R630.</tt><tt><br>
</tt><tt># sestatus</tt><tt><br>
</tt><tt>SELinux status: disabled</tt><tt><br>
</tt><tt># firewall-cmd --list-all</tt><tt><br>
</tt><tt> ports: 5666/tcp 873/tcp 873/udp 80/tcp 443/tcp
5060/tcp 5060/udp 5061/tcp 5061/udp</tt><tt><br>
</tt><tt><br>
</tt><tt>- Just trying to send SIP INVITE from trunk provider to
R630 kamailio.</tt><tt>..<br>
</tt><tt>(SIP trunk) UDP 172.200.200.202:5060 -> (firewall)
UDP 172.250.250.162:5060 -> 1:1 NAT -> (R630) UDP
10.102.88.81:5060</tt><tt><br>
</tt><tt><br>
</tt><tt>- I can 'see' the packet hit the em3 network...</tt><tt><br>
</tt><tt># tcpdump -i em3 -e -vv -n port 5060</tt><tt><br>
</tt><tt>11:53:33.260892 99:99:ef:3e:69:c1 >
99:99:1c:48:4e:e3, ethertype IPv4 (0x0800), length 1366: (tos
0x0, ttl 54, id 20430, offset 0, flags [none], proto UDP (17),
length 1352)</tt><tt><br>
</tt><tt> 172.200.200.202.sip > 10.102.88.81.sip: [udp sum
ok] SIP, length: 1324</tt><tt><br>
</tt><tt> INVITE <a class="moz-txt-link-abbreviated"
href="mailto:sip:+18005551234@172.250.250.162:5060"
moz-do-not-send="true">sip:+18005551234@172.250.250.162:5060</a>
SIP/2.0</tt><tt><br>
...<br>
</tt><tt><br>
</tt><tt>At this point, I just need to see a SIP INVITE
received. Then I can go back to working on a real config.</tt><tt><br>
</tt><tt><br>
</tt><tt>I've tried with TCP on/off, listening on all networks,
alias on/off, strace and everything else I could think of.</tt><tt>
Truly appreciate any guidance.<br>
</tt><tt><br>
</tt><tt>Tried every sample config possible, but I just need to
test receiving the SIP UDP packet, so this 'should' be minimum
config...</tt><tt><br>
</tt><tt><br>
</tt><tt>#!KAMAILIO</tt><tt><br>
</tt><tt>debug=9</tt><tt><br>
</tt><tt>log_stderror=no</tt><tt><br>
</tt><tt>log_facility=LOG_LOCAL0</tt><tt><br>
</tt><tt>log_prefix="{$mt $hdr(CSeq) $ci} "</tt><tt><br>
</tt><tt>children=2</tt><tt><br>
</tt><tt>disable_tcp=yes</tt><tt><br>
</tt><tt>udp4_raw=on</tt><tt><br>
</tt><tt>auto_aliases=no</tt><tt><br>
</tt><tt>alias="sbc01.mysite.com"</tt><tt><br>
</tt><tt>listen=<a class="moz-txt-link-freetext"
href="udp:10.102.88.81:5060" moz-do-not-send="true">udp:10.102.88.81:5060</a></tt><tt><br>
</tt><tt><br>
</tt><tt>loadmodule "debugger.so"</tt><tt><br>
</tt><tt>loadmodule "jsonrpcs.so"</tt><tt><br>
</tt><tt>loadmodule "kex.so"</tt><tt><br>
</tt><tt>loadmodule "corex.so"</tt><tt><br>
</tt><tt>loadmodule "sl.so"</tt><tt><br>
</tt><tt>loadmodule "rr.so"</tt><tt><br>
</tt><tt>loadmodule "pv.so"</tt><tt><br>
</tt><tt>loadmodule "textops.so"</tt><tt><br>
</tt><tt>loadmodule "siputils.so"</tt><tt><br>
</tt><tt>loadmodule "xlog.so"</tt><tt><br>
</tt><tt>loadmodule "sanity.so"</tt><tt><br>
</tt><tt>loadmodule "ctl.so"</tt><tt><br>
</tt><tt>loadmodule "cfg_rpc.so"</tt><tt><br>
</tt><tt><br>
</tt><tt>modparam("debugger", "cfgtrace", 1)</tt><tt><br>
</tt><tt><br>
</tt><tt>request_route {</tt><tt><br>
</tt><tt> xlog("SIP received xxxxxxxxxxxxxxxxxxx\n");</tt><tt><br>
</tt><tt>}</tt><tt><br>
<br>
# kamcmd ps<br>
11578 main process - attendant<br>
11579 udp receiver child=0 sock=10.102.88.81:5060<br>
11580 udp receiver child=1 sock=10.102.88.81:5060<br>
11581 slow timer<br>
11583 timer<br>
11584 secondary timer<br>
11585 JSONRPCS FIFO<br>
11586 JSONRPCS DATAGRAM<br>
11587 ctl handler<br>
</tt><tt><br>
</tt><tt>- I get plenty of logging, but the logging just waits
here...</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]:
INFO: ctl [io_listener.c:210]: io_listen_loop():
io_listen_loop: using epoll_lt as the io watch method (auto
detected)</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]:
DEBUG: <core> [core/mem/q_malloc.c:374]: qm_malloc():
qm_malloc(0x7fd2a8bae010, 4800) called from core:
core/io_wait.c: init_io_wait(469)</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10059]:
DEBUG: <core> [core/mem/q_malloc.c:419]: qm_malloc():
qm_malloc(0x7fd2a8bae010, 65456) returns address
0x7fd2a8c652d8 frag. 0x7fd2a8c652a0 (size=65456) on 1 -th hit</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]:
DEBUG: <core> [core/mem/q_malloc.c:419]: qm_malloc():
qm_malloc(0x7fd2a8bae010, 4800) returns address 0x7fd2a8c652d8
frag. 0x7fd2a8c652a0 (size=4800) on 1 -th hit</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]:
DEBUG: <core> [core/mem/q_malloc.c:374]: qm_malloc():
qm_malloc(0x7fd2a8bae010, 2400) called from core:
core/io_wait.c: init_io_wait(516)</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]:
DEBUG: <core> [core/mem/q_malloc.c:419]: qm_malloc():
qm_malloc(0x7fd2a8bae010, 2400) returns address 0x7fd2a8c66600
frag. 0x7fd2a8c665c8 (size=2400) on 1 -th hit</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]:
DEBUG: ctl [io_listener.c:246]: io_listen_loop():
io_listen_loop: adding socket 8, type 2, transport 3
(/var/run/kamailio//kamailio_ctl)</tt><tt><br>
</tt><tt>Oct 12 11:38:04 sbc01 /usr/local/sbin/kamailio[10060]:
DEBUG: ctl [../../core/io_wait.h:375]: io_watch_add(): DBG:
io_watch_add(0x7fd2a70a5360, 8, 2, 0x2439960), fd_no=0</tt><tt><br>
<br>
- The only other thing that I see is transport 3. Isn't that a
</tt><tt>UNIXS_SOCK?<br>
<br>
</tt><br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
* <a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.kamailio.org" moz-do-not-send="true">sr-users@lists.kamailio.org</a>
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
* <a class="moz-txt-link-freetext" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" moz-do-not-send="true">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla -- <a class="moz-txt-link-abbreviated" href="http://www.asipto.com" moz-do-not-send="true">www.asipto.com</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/miconda" moz-do-not-send="true">www.twitter.com/miconda</a> -- <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda" moz-do-not-send="true">www.linkedin.com/in/miconda</a>
Kamailio Advanced Training - Online
Nov 08-11, 2021 (Europe Timezone) - Nov 22-25, 2021 (America Timezone)
* <a class="moz-txt-link-freetext" href="https://www.asipto.com/sw/kamailio-advanced-training-online/" moz-do-not-send="true">https://www.asipto.com/sw/kamailio-advanced-training-online/</a></pre>
</blockquote>
<br>
</body>
</html>