sr-users March 2024

sr-users@lists.kamailio.org

44 participants
42 discussions

Branch Route trigger for Withindialog calls?

by Benoit Panizzon

Hi List I am just wondering... When I am sending the initial INVITE to a customer CPE, this goes throug the whole location lookup and through a branch route in which I make some last adjustments to the headers, like removing header the customer shall not get (like P-Asserted-Identity which would reveal the caller identity on a callerid restricted call). On a Re-Invite (session timer refresh) the call is being routed by loose_route() and immediately sent to RELAY. uac_replace and uac_restore seem to work fine for stuff like To and From Header. But how do I prevent unwanted header to disclose information to the customer which should ne be disclosed? Do I need to re-arm the branch trigger also for within dialog calls? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 month, 2 weeks

loose_route false when using topos? At which point in the call flow, does topos restore the Route header?

by Benoit Panizzon

Hi https://lists.kamailio.org/pipermail/sr-users/2020-July/109801.html I have the exact same issue. When the B side is starting a new transaction (UPDATE to refresh the session in my case) without topos enabled, that transaction contains one or multiple route header and a to_tag. Therefore loose_route() is true and the call is more or less sent to route(RELAY) immediately without further checks. If topos is enabled, all record-route header are removed and only one Via sent to the CPE. So when the CPE replies, there is no Route header. Therefore loose_route returns false. This makes me wonder, at which stage is topos restoring the route headers? Shouldn't that happen before loose_route is evaluated? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 month, 2 weeks

No 408 generated by tm module on fr_timer when redis crashes

by Patrick Karton

1 month, 2 weeks

Wrong documentation for module 'Userblacklist'

by Björn Klasen

Hi everybody, I'm a little bit confused about the documentation of the Userblacklist module as I think it has to be Userblocklist since version 5.x. Also some of the commands and some column names in the database have changed. I can remember that the documentation was right at some point, but the it has been changed back to Userblacklist. I wonder if nobody noticed that because the old commands do not work. BR, Björn -- Björn Klasen, Senior Specialist (VoIP) TNG Stadtnetz GmbH, TNG-Technik Gerhard-Fröhler-Straße 12 24106 Kiel・Deutschland T +49 431 7097-10 F +49 431 7097-555 bklasen(a)tng.de https://www.tng.de Executive board (Geschäftsführer): Dr. Sven Willert (CEO/Vorsitz), Gunnar Peter, Sven Schade, Carsten Tolkmit, Bernd Sontheimer Amtsgericht Kiel HRB 6002 KI USt-ID: DE225201428 Die Information über die Verarbeitung Ihrer Daten gemäß Artikel 12 DSGVO können Sie unter https://www.tng.de/datenschutz/ abrufen. ______________________________________________________________________

1 month, 2 weeks

http_async_query on carrierfailureroute changes rd back to carrieroute primary

by Maharaja Azhagiah

Hi I am running kamailio 5.4 on debian I have carrierfailureroute configured incase of primary service provider fails. I also have Stirshaken configured to add Identity header on outbound calls. Issue is when call fail overs to carrierfailureroute, http_async_query changes $ru to the primary carrier From the debug logs, when primary carrier sends a 488 (primary carrier expects SIP TLS but my call is UDP - to test the failover scenario) 39(285) DEBUG: {1 18398 INVITE 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn} tmx [t_var.c:561]: pv_get_tm_reply_code(): reply code is <488> 39(285) DEBUG: {1 18398 INVITE 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn} carrierroute [cr_func.c:178]: set_next_domain_on_rule(): searching for matching routing rules39(285) INFO: {1 18398 INVITE 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn} carrierroute [cr_func.c:197]: set_next_domain_on_rule(): next_domain is 47987 Carrier route rewrites the failover carrier 39(285) INFO: {1 18398 INVITE 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn} carrierroute [cr_func.c:706]: cr_do_route(): uri 14371234567 was rewritten to sip:14371234567@sip.primaryprovider.com, carrier 1, domain 47987 Before http_async_query rd and ru are still the failover carrier 39(285) INFO: {1 18398 INVITE 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn} <script>: [callid: 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn] - [cfg:2976] - Debug testing ----- rd is sip.primaryprovider.com ----- ru is sip:14371234567@sip.primaryprovider.com 39(285) DEBUG: {1 18398 INVITE 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn} http_async_client [async_http.c:469]: async_send_query(): transaction suspended [5261:1830449764] 39(285) DEBUG: {1 18398 INVITE 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn} http_async_client [async_http.c:625]: async_push_query(): query sent [ https://authn-uat.ccid.neustar.biz/ccid/authn/v2/identity?apiKey=randomkey] (0x7fdcad097e60) to worker 1 However, when the route is being called after the http_async_query it changes to the primary one: 26(272) DEBUG: tm [t_lookup.c:1612]: t_lookup_ident_filter(): transaction found 26(272) DEBUG: http_async_client [async_http.c:235]: async_http_cb(): resuming transaction (5261:1830449764) 26(272) DEBUG: tm [t_lookup.c:1612]: t_lookup_ident_filter(): transaction found 26(272) INFO: <script>: [callid: 8EmmsLqNuMRYBduMqFgX3w4JHAn4C2xn] - [cfg:2995] - Debug testing ----- rd is 1.2.3.4 ----- ru is sip:14371234567@1.2.3.4:5061;transport=TLS Due to this, call keeps going to the primary and it fails if ( http_async_query(STIRSHAKEN_AS_URL, "AS_RESPONSE") == -1 ) { xlog("L_ERR ", "[cfg:$cfg(line)] Failed to connect AS service for token $fu -> $tu \n"); return; } route[AS_RESPONSE] { xlog("L_INFO", "[callid: $ci] - [cfg:$cfg(line)] - Debug testing ----- rd is $rd ----- ru is $ru\n"); if ($http_ok) { xlog("L_INFO", "[cfg:$cfg(line)] Resuming outbound call transaction for $fu -> $tu Received - $http_rb \n"); # Add identity and Date headers if (jansson_get("identity", $http_rb, "$var(identity)")) { insert_hf("Identity: $var(identity)\n", "Content-Length"); } if (jansson_get("date", $http_rb, "$var(date)")) { if ($hdr(Date) != $null){ remove_hf("Date"); } insert_hf("Date: $var(date)\n", "Identity"); } } else { xlog("L_ERR", "[cfg:$cfg(line)] Resuming outbound call transaction. Error - $http_err)\n"); } route(RELAY); exit; } Please help to understand why rd / ru changes to primary carrier. Regards, Maharaja Azhagiah

1 month, 2 weeks

Bug in htable in 5.8.0

by Brooks Bridges

We have some scripts that are setting values in an htable for various things, one of which is to disable options replies to take a system “out of service”. We discovered today upon deploying 5.8.0 that the “htable.seti” command appears to be broken. [root@ip-10-52-42-102 ~]# kamcmd htable.seti system_settings option_pings_off 1 error: 500 - Not enough parameters (htable name, key name and value) however if we do htable.sets it works fine (although not an integer so it’s breaking our shutdown scripts). [root@ip-10-52-42-102 ~]# kamcmd htable.sets system_settings option_pings_off 1 Ok. Key set to new value. [root@ip-10-52-42-102 ~]# I’ve looked through the commit history for htable and haven’t found anything that really stands out as a possible issue, so can the gurus please take a look? Thanks! Brooks Bridges Sr. Developer [https://files.skyetel.com/logo.png] Direct: (888) 444‑1111 Office: (561) 453‑4085 Email: bbridges(a)skyetel.com 902 Clint Moore Road Suite 206 Boca Raton, FL 33487 www.skyetel.com Confidentiality Notice: This e-mail, and any attachment to it, contains privileged and confidential information intended only for the use of the individual(s) or entity named on the e-mail. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, you are hereby notified that reading this e-mail is strictly prohibited. If you have received this e-mail in error, please immediately return it to the sender and delete it from your system.

1 month, 3 weeks

Need guidance on Teams interop with Kamailio

by Shah Hussain Khattak

Hello Experts, I'm not an expert in Kamailio, but thanks to some excellent online resources, I managed to set up a basic interconnection between Teams and Kamailio. So far, outbound calls, as well as blind and attended call transfers, are working smoothly. However, I'm facing a challenge with call disconnection for outbound calls. Specifically, when an outbound call is made and the called party hangs up, the BYE message isn't being relayed properly towards the Teams side. In my routing configurations, I remove the Record-Route header received from Teams and add a new Record-Route header with Kamailio's IP before forwarding it to my IP PBX (FreeSwitch). For the BYE message to be processed correctly, Microsoft Teams requires the original contact in the Request URI (RURI) and the Route header to match the initial Record-Route included in the INVITE. Currently, my BYE message appears as follows: BYE sip:api-du-a-auea.pstnhub.microsoft.com:443;x-i=5e96d703-b1e7-449c-aebf-a87bfa628176;x-c=f61b674bc597513ab8d888dbe7c560fb/d/8/9a6c508a9cbd44ebb892b62c33ba9b67 SIP/2.0 Via: SIP/2.0/UDP x.x.x.x:5060;branch=z9hG4bKeab5.b657e3455b6d11ed6975c69882632a27.0 Via: SIP/2.0/UDP x.x.x.x;received=x.x.x.x;rport=5060;branch=z9hG4bKK3HKQBUvX42ya Max-Forwards: 69 From: <sip:+61403225xxx@kamsbc.xyzdomain.com:5061;user=phone>;tag=j5gptBSXXrXDc To: "XYZ Pty Ltd" <sip:+61291455xxx@sip.pstnhub.microsoft.com:5061;user=phone>;tag=3a5f0c9e32bc4eb1bffed29dc954118f Call-ID: f61b674bc597513ab8d888dbe7c560fb CSeq: 80555743 BYE User-Agent: Unknown/v1.0 Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY Supported: timer, path, replaces Reason: MVTSLocal;cause=10;text="BYE received" Content-Length: 0 Kamailio conducts a lookup for api-du-a-auea.pstnhub.microsoft.com but ends up sending the BYE message to an incorrect IP. Below is a snippet of my routing block configurations: ####### Routing Logic ######## /* Main SIP request routing logic * - processing of any incoming SIP request starts with this route * - note: this is the same as route { ... } */ request_route { # per request initial checks route(REQINIT); #check who is the sender route(INITCHECK); # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) { route(RELAY); } exit; } # handle retransmissions if (!is_method("ACK")) { if(t_precheck_trans()) { t_check_trans(); exit; } t_check_trans(); } # handle requests within SIP dialogs route(WITHINDLG); ### only initial requests (no To tag) # record routing for dialog forming requests (in case they are routed) # - remove preloaded route headers remove_hf("Route"); if (is_method("INVITE|SUBSCRIBE")) { record_route(); } # account only INVITEs if (is_method("INVITE")) { setflag(FLT_ACC); # do accounting } if ($rU==$null) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # update $du to set the destination address for proxying #$du = "sip:" + $rd + ":9"; route(RELAY); exit; } route[INITCHECK] { if(from_uri =~ ".*microsoft.com") { setflag(FROM_TEAMS); $du = "sip:" + "MY_PBX_IP" + ":" + "5060"; //added by SHK remove_hf("Record-Route"); // Remove existing Record-Route header append_hf("Record-Route: <sip:KAM_IP:5060;transport=udp>\r\n"); route(HANDLE_RTP_FROM_TEAMS); } if(from_uri =~ ".*" + "MY_PBX_IP") { setflag(FROM_PBX); $du="sip:sip.pstnhub.microsoft.com;transport=tls"; route(HANDLE_RTP_FROM_PBX); } } #Manage RTP & transcoding comming from Teams to PBX route[HANDLE_RTP_FROM_TEAMS] { t_on_reply("PBX_REPLY_TO_TEAMS"); if (has_body("application/sdp")) { rtpengine_manage("RTP codec-mask=all codec-transcode=PCMA replace-origin replace-session-connection ICE=remove media-address=HOST_IP"); // record_route(); t_relay_to_udp("MY_PBX_IP","5060"); } else { rtpengine_manage(); } } #Manage RTP & transcoding comming from PBX to Teams route[HANDLE_RTP_FROM_PBX] { t_on_reply("TEAMS_REPLY_TO_PBX"); if (has_body("application/sdp")) { rtpengine_manage("SRTP codec-mask=all ICE=force codec-transcode=PCMA replace-origin replace-session-connection media-address=ADVERTISE_IP"); $rd = "sip.pstnhub.microsoft.com"; $td = "kamsbc.xyzdomain.com"; $fd = "kamsbc.xyzdomain.com"; // record_route(); #Set TLS SNI (server name & server id) $xavp(tls=>server_name) = "kamsbc.xyzdomain.com"; $xavp(tls=>server_id) = "kamsbc.xyzdomain.com"; t_relay(); } else { rtpengine_manage(); } } # Wrapper for relaying requests route[RELAY] { # enable additional event routes for forwarded requests # - serial forking, RTP relaying handling, a.s.o. if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH"); } if (is_method("INVITE|SUBSCRIBE|UPDATE")) { if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY"); } if (is_method("INVITE")) { if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE"); } if (!t_relay()) { sl_reply_error(); } exit; } # Per SIP request initial checks route[REQINIT] { if($ua =~ "friendly-scanner|sipcli|VaxSIPUserAgent") { # silent drop for scanners - uncomment next line if want to reply # sl_send_reply("200", "OK"); exit; } if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } if(is_method("OPTIONS")) { sl_send_reply("200","Keepalive"); exit; } if(!sanity_check("1511", "7")) { xlog("Malformed SIP message from $si:$sp\n"); exit; } } # Handle requests within SIP dialogs route[WITHINDLG] { if (!has_totag()) return; #Teams reINVITEs if(isflagset(FROM_TEAMS)) { loose_route(); t_relay(); exit; } if(isflagset(FROM_PBX)) { #Set TLS SNI (server name & server id) $xavp(tls=>server_name) = "kamsbc.xyzdomain.com"; $xavp(tls=>server_id) = "kamsbc.xyzdomain.com"; loose_route(); t_relay(); exit; } # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(FLT_ACC); # do accounting ... setflag(FLT_ACCFAILED); # ... even if the transaction fails #set coresponding cert on transactions if($fd == "kamsbc.xyzdomain.com") { $xavp(tls=>server_name) = "kamsbc.xyzdomain.com"; $xavp(tls=>server_id) = "kamsbc.xyzdomain.com"; } } else if ( is_method("NOTIFY") ) { # Add Record-Route for in-dialog NOTIFY as per RFC 6665. record_route(); } route(RELAY); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # no loose-route, but stateful ACK; # must be an ACK after a 487 # or e.g. 404 from upstream server route(RELAY); exit; } else { # ACK without matching transaction ... ignore and discard exit; } } sl_send_reply("404","Not here"); exit; } # Manage outgoing branches branch_route[MANAGE_BRANCH] { xdbg("new branch [$T_branch_idx] to $ru\n"); } # Manage incoming replies onreply_route[MANAGE_REPLY] { xdbg("incoming reply\n"); } #PBX On Reply onreply_route[PBX_REPLY_TO_TEAMS] { if (has_body("application/sdp")) { rtpengine_manage("SRTP codec-mask=all codec-transcode=PCMA replace-origin replace-session-connection media-address=ADVERTISE_IP"); } else { rtpengine_manage(); } //added by SHK if (status == "200" && method == "INVITE") { remove_hf("Contact"); # Remove existing Contact header append_hf("Contact: <sip:kamsbc.xyzdomain.com:5061;transport=tls>\r\n"); } if (status=="200") { remove_hf("ALLOW:"); append_hf("ALLOW: INVITE,ACK,OPTIONS,CANCEL,BYE,NOTIFY \r\n","CONTENT-TYPE"); } } #From Teams On Reply onreply_route[TEAMS_REPLY_TO_PBX] { if (has_body("application/sdp")) { rtpengine_manage("RTP codec-mask=all codec-transcode=PCMA replace-origin replace-session-connection media-address=HOST_IP"); } else { rtpengine_manage(); } } # Manage failure routing cases failure_route[MANAGE_FAILURE] { if (t_is_canceled()) exit; } event_route[tm:local-request] { if(is_method("OPTIONS") && $ru =~ "pstnhub.microsoft.com") { append_hf("Contact: <sip:kamsbc.xyzdomain.com:SBC_PORT;transport=tls>\r\n"); } xlog("L_INFO", "Sent out tm request: $mb\n"); } ####### Routing Logic End ######## Given these details, I suspect the issue might be related to how I'm handling the Record-Route headers or potentially a misconfiguration in directing the BYE message. I would greatly appreciate any insights, suggestions, or guidance on how to correctly relay the BYE message back to Teams, or further refine my existing configuration. Thank you in advance for your help and support! Regards, Shah Hussain

1 month, 3 weeks

topology hiding with active dispatcher ip

by marek

hi, i have kamailio acting as SBC i need hide topology like this ds_select_dst(DSP_GRP_TRUNK, "6"); $tu = $(tu{re.subst,/PRIVATE_IP/IP_OF_CURRENT_SELECTED_DISPATCHER/g}); what is best way for IP extraction from $du? thanks Marek

1 month, 3 weeks

SCSF always challenge

by Anthony Blandin

Hello, I have an issue with SCSF which challenge again after a successful first registration. I have an error after the second register saying that no matching auth vector found. I attach the logs and pcap file. I don't see where is the issue. Could you help me? Thanks a lot. Anthony

1 month, 3 weeks

append_hf not working

by Calvin E.

I'm trying to add something simple like the following: append_hf("X-testheader: True\r\n", "From"); However, I don't see my X-testheader in a packet capture. Are there any common pitfalls that would prevent append_hf from working as expected?

1 month, 3 weeks

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users March 2024