sr-users June 2022

sr-users@lists.kamailio.org

53 participants
54 discussions

enable topology hiding on one side or dynamic ip in topoh module Contact and Via Header

by Patrick Karton

Hello , im using kamailio with two interfaces external and internal. i need a way either to : * enable topoh hiding only when outgoing interface is external ( mask contact and Via ip only when ougoing interface is external * or if it is not possible to enable it only in one direction.i want to know how to configure dynamic(for example in xavp or avp) ip to put in Contact and Via when topoh is enabled. i see that the 'mask_ip' parameter of topoh module is a string. so we can not set a dynamic value here unfortunately. Thanks

1 month, 1 week

kamcmd autocompletion

by Antoine DEBARRE

Hi, I just installed kamailio v5.5 via deb.kamailio.org packages (debian 11). Seems that kamcmd autocompletion doesn't work at all. It is OK for v5.4 via official debian packages (packages.debian.org/bullseye/kamailio) Best regards, -- <https://app.livestorm.co/comdata-group/metaverse-what-will-cx-look-like-in-…>

4 months, 1 week

Recommended openSSL version

by Igor Olhovskiy

Hello! Due to I still experience irregular Kamailio 5.4 crashes (like 1/month) related to SSL (using websockets and SIPS) I'm wondering, could openSSL upgrade change the situation? As of now in CentOS 7 I have 1.0.2k version. Does anyone have experience to fix crash-related to TLS problems with openSSL upgrade? Or maye some tuneup of TCP parameters can help here?My current setup is quite simple: children=4 enable_tls=yes tcp_accept_no_cl=yes tcp_connection_lifetime=600 tcp_max_connections=998976 # 1000000 - 1024, so we're leaving 1k for system reserve tls_max_connections=998976 Number of clients ~ 200 constantly connected to websocket. -- Best regards, Igor

5 months, 2 weeks

Siremis JSONRPC problem on Bullseye

by Joseph Goettgens

I am not sure what I have to look for and I didn't change the initial config files (except for the 666 mode for kamailio_rpc.sock). As far as Kamailio is concerned the socket files files do exist: root@deb11srv1-kamailio:/var/www/siremis-5.3.x# ls -l /run/kamailio/ insgesamt 4 srw------- 1 kamailio kamailio 0 7. Jun 11:37 kamailio_ctl -rw-r--r-- 1 kamailio kamailio 5 7. Jun 11:37 kamailio.pid prw-rw---- 1 kamailio kamailio 0 7. Jun 11:37 kamailio_rpc.fifo srw-rw-rw- 1 kamailio kamailio 0 7. Jun 11:37 kamailio_rpc.sock When I look at siremis/log/ERR.log I repeatedly get: '06/07/2022','09:43:29','ERR','ErrorHandler','socket_bind(): unable to bind address [2]: No such file or directory','' This disappears when I put the local file socket in /tmp: <UnixSockLocal name="unixsocklocal" address="/tmp/siremis_rpc.sock" timeout="3.0"/> which was probably done this way in previous versions of Siremis (before systemd private tmp config). In this case I get no error messages, but still no answers (as expected). The next step seems to get UnixSockLocal right.

6 months, 3 weeks

Kamailio behind NAT

by Алексей Якимкин

Hello, I have kamailio in local network behind NAT. Kamailio have one interface eth1 with ip 10.130.0.23 UserAgent - (internet) - (178.0.0.169)router_with_NAT - (LAN) - kamailio+rtpproxy - pbx I made two listeners: listen=udp:10.130.0.23:5070 #to pbx in lan (I don`t want to put via header with 178.0.0.169) listen=udp:10.130.0.23:5060 advertise 178.0.0.169:5060 #to internet (UserAgent need to get via header with 178.0.0.169 ) mhomed = 1 # I think It not useful for my case UserAgent send Register and Invite to 178.0.0.169:5060, Kamailio get it on udp:10.130.0.23:5060 Kamailio Relay it to udp:10.130.0.23:5070 My pbx get requests from udp:10.130.0.23:5070 with via header 10.130.0.23 Responses to UserAgent go from udp:10.130.0.23:5060 with via 178.0.0.169 In RELAY block: if ($Ru == «udp:10.130.0.23:5070») { #set_send_socket(«udp:10.130.0.23:5060»); $fs = «udp:10.130.0.23:5060»; #force_send_socket(«udp:10.130.0.23:5060»); } else { #set_send_socket(«udp:10.130.0.23:5070»); $fs = «udp:10.130.0.23:5070»; } #$fs = «udp:10.130.0.23:5070»; if (!t_relay()) { sl_reply_error(); } route[REGISTRAR] { if ($rd == "mydomain.ru" || $rd == "mydomain2.ru") { set_send_socket("udp:10.130.0.23:5070"); } } It works for requests from UserAgent to PBX. But INVITE from my pbx to UserAgent goes only through udp:10.130.0.23:5070 , Kamailio realy it to internet from udp:10.130.0.23:5070 I get error in syslog: (pv [pv_branch.c:62]: pv_get_branchx_helper(): error accessing branch [0]) I tried set_send_socket(«udp:10.130.0.23:5070»); and $fs = «udp:10.130.0.23:5070»; Why I can`t relay outgoing requests to internet through another socket? -- Best regards, Alex

8 months

ACC CDR accounting

by Oleg Podguyko

HI I’m trying to get CDR function. I would like to have one CDR for whole call at the syslog. I use: …… loadmodule "db_text.so" loadmodule "dialog.so" loadmodule "acc.so" …….. # -----Dialog module ----- modparam("dialog", "db_mode", 0) # -----ACCounting module ----- modparam("acc", "early_media", 0) modparam("acc", "report_cancels", 1) modparam("acc", "log_facility", "LOG_LOCAL1") modparam("acc", "detect_direction", 0) modparam("acc", "log_level", ACC_LOG_LEVEL) modparam("acc", "log_flag", FLAG_ACC_LOG) modparam("acc", "log_missed_flag", FLAG_ACC_LOG_MISSED) modparam("acc", "failed_transaction_flag", FLAG_ACC_LOG_FAILED) modparam("acc", "log_extra", "ip_src=$si;ip_dst=$avp(ip_dst);sip_from=$fU;sip_to=$tU;ruri_user=$rU;spx_rs=$avp(spx_http_rs)") ## TODO modparam("acc", "cdr_enable", 1) modparam("acc", "cdr_enable_log", 1) modparam("acc", "cdr_facility", "LOG_LOCAL1") request_route { if (is_method("INVITE")) { setflag(FLAG_ACC_LOG); setflag(FLAG_ACC_LOG_MISSED); setflag(FLAG_ACC_LOG_FAILED); } At the kamailio.log I see only transaction for INVITE, but I wait for some CDR for all dialog. Whats wrong in my config? -- -- Олег Подгуйко

8 months, 1 week

Releasing v5.6.1

by Daniel-Constantin Mierla

Hello, I am considering to release Kamailio v5.6.1 (out of branch 5.6) on Wednesday, July 6, 2022 -- in about 1 week and a half from now. If anyone is aware of issues not yet on the bug tracker, report them there asap in order to have a better chance to be fixed. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - Online: June 20-23, 2022 * https://www.asipto.com/sw/kamailio-advanced-training-online/

8 months, 3 weeks

(Off-topic) Vienna, meeting

by Henning Westerholt

(Off-topic) Hello, In about two weeks I will be a few days in Vienna (12h - 14th July). If you want to meet for a drink to chat about Kamailio and other topics, just contact me off-list. Thanks, and regards, Henning

8 months, 3 weeks

Kamailio 5.5 STIR SHAKEN private key buffer size error

by Maharaja Azhagiah

Hi, I am trying STIR/SHAKEN using libstirshaken in Kamailio 5.5. I used a self signed certificate as this is just a test in the local docker environment. However, when I try to add identity with private key (stirshaken_add_identity_with_key), I get "[error_code: 447] Buffer for key from file /tmp/cert/private.pem too short (2000 <= 3247)" I have tried using 2048 and 4096 size root@5907e44bd056:/tmp/cert# openssl rsa -in private.pem -text -noout | grep "Private-Key" RSA Private-Key: (4096 bit, 2 primes) Could you tell me what is wrong with the certificate? Kamailio version: root@5907e44bd056:/usr/local/kamailio/etc/kamailio# kamailio -v version: kamailio 5.5.4 (x86_64/linux) 469465 Error: 0(404) ERROR: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken [stirshaken_mod.c:761]: ki_stirshaken_add_identity_with_key(): Failed to load private key 0(404) DEBUG: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken [stirshaken_mod.c:117]: stirshaken_print_error_details(): failure details: 0(404) DEBUG: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken [stirshaken_mod.c:118]: stirshaken_print_error_details(): failure reason is: src/stir_shaken_ssl.c:2112: [error_code: 447] Buffer for key from file /tmp/cert/private.pem too short (2000 <= 3247) 0(404) DEBUG: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} stirshaken [stirshaken_mod.c:119]: stirshaken_print_error_details(): failure error code is: 447 0(404) ERROR: {1 30587 INVITE NzIhM1-2YABveZZ1mPvs3m3tw8K7meSq} <script>: Failed Regards *Maharaja Azhagiah*

9 months

Run PCSCF without IPSec

by Weiqi Yao

Hello Community, We are running Kamailio with 3 instances as PCSCF/ICSCF/SCSCF, and we don't want IPsec to be used in between PCSCF and UE and we confirmed the initial Register UE send do not have the Security-Client header. However, seems the IPsec is enabled by default in current PCSCF cfg, we tried to comment WITH_IPSEC as well as couple ipsec_forward function out in the cfg, but when the 401 Challenging message send to PCSCF and PCSCF failed to forward it to UE due to (Create ipsec failed) reason. So I want to reach out and see if anyone have experience not using IPsec with currently Kamailio PCSCF? Any clue or comment will be appreciated! BR, Weiqi

9 months

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users June 2022