Hi,
I recently updated my testing env to 5.8.1 and after that I’ve been receiving dns_cache.c warning “record not alone”.
I found out that it’s been added to quite recent commit: https://github.com/kamailio/kamailio/commit/d8a35b3b6c837b36779e232b65fce61…
And that’s probably the why I haven’t seen it before.
As far as I know, I have no other problem with dns or anything else than the warning appearing in the logs 😊
I can’t quite get what the warning is about?
Clearly refers to dns queries, and with debug I found out that maybe its somehow related to ip which has several domains to pointing it (and queried by one of those domains by this kamailio). Can it be something with the PTR-record?
And this warning comes ones every hour, so probably when some ttl expires, and meanwhile the cache is ok with the situation.
And as a background, I haven’t done any specific dns-configurations in my config, so settings should be pretty much in defaults.
Any advice what I should fix here to get the warning disappear?
-Pyry
Hello!
I need advice on how to intercept local SIP OPTIONS requests from the
nathelper module for some adjustments?
As far as I tested, it does not fall into the
*event_route[tm:local-request]*
Thanks in advance!
# kamailio -v
version: kamailio 5.7.1 (x86_64/linux) 1cf389-dirty
--
BR,
Denys Pozniak
Hello,
We are trying to integrate Kamailio as the IMS server with our 5G core
emulator by following the steps listed out at
https://open5gs.org/open5gs/docs/tutorial/02-VoLTE-setup/. In our case, we
have our own 5G core emulator instead of the Open5GS core.
We are using sipp scripts to generate the SIP calls. The PCRF component of
the 5G core is emulated by us and is capable of handling Diamater calls
from Kamailio over the Rx interface.
We have got the setup working to the point where the SIP Register calls are
landing on the PCSCF which in turn is sending out AA Requests to PCRF and
the PCRF is responding. However there is an internal error in the Kamailio
log
"4(3682133) ERROR: ims_qos [ims_qos_mod.c:1305]: w_rx_aar_register(): This
contact does not exist in PCSCF usrloc - error in cfg file"
Please help us in identifying if we are missing anything in the Kamailio
set up.
The packet capture and syslog excerpts from the VM where Kamailio is
running are attached; here we are trying to perform SIP Registration for
three SIP endpoints 001010123456791, 001010123456792 and 001010123456793.
If there is any additional information required, please let us know.
Regards,
Shantanu Kumar Roy
Hey everyone,
I have the following setup:
External User/Trunk <===> Kamailio <===> FreeSWITCH
I have configured FreeSWITCH and Kamailio to work only with phone numbers
in E.164 format. Recently, I needed to integrate a new SIP trunk that sends
phone numbers in an 11-digit US format.
My initial idea to solve this is to use Kamailio as a translator that
converts 11-digit numbers to E.164 when sending to FreeSWITCH, and back to
11-digit when sending to the trunk.
Before writing the code, I want to know if there is already a solution to
this problem in one of the modules, so that I won't reinvent the wheel.
Thanks,
Pavan Kumar
Hello all!
I am struggling on compiling StriShaken module on RHEL 9.2.
So far, the module was compiled as well as libstirshaken.
Below are the steps used to compile (as sudo) both library and module (I
hope this may help someone) and, of course, correct me if I am wrong in any
step or if there is a better way.
Also, note that the RHEL 9,2 is in a VM environment without access to the
WWW, instead it uses Red Hat Satellite to download packages (via Yum or
DNF), if available.
Lib LibKS
download libks from https://github.com/signalwire/libks
unzip
move to dir created by Unzip
run
yum groupinstall "Development Tools"
dnf install libuuid-devel libatomic openssl-devel
cmake .
make
make install
cp /usr/lib/pkgconfig/libks2.pc /usr/lib64/pkgconfig/.
For module LibStirShaken:
download https://github.com/signalwire/libstirshaken
unzip
move to dir
if using OpenSSL3.0 or + edit file configure.ac and add after line 28:
if test x$HAVE_OPENSSL = x1; then
openssl_CFLAGS="$openssl_CFLAGS -DHAVE_OPENSSL";
/* PATCH FOR OPENSSL3 */
AC_MSG_CHECKING([for OpenSSL >= 3.0.0])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_PREREQ(3,0)
#error "you_have_version_3"
#endif
]], [[]])],
[ AC_MSG_RESULT([no]) ],
[ AC_MSG_RESULT([yes]);
AC_DEFINE(OPENSSL_SUPPRESS_DEPRECATED, 1, [disable openssl
deprecated-function warnings]) ])
/* END OF PATCH */
else
AC_MSG_ERROR([OpenSSL >= 1.0.1e and associated developement headers
required])
fi
run
configure
make
sudo make install
next, move to dir /root/kamailio/kamailio-5.7.4/src/modules/stirshaken
cd /root/kamailio/kamailio-5.7.4/src/modules/stirshaken
ln -s /root/stirshakenlib/libks-master/src/include/libks libks
make
make install
All seem to compile OK , *but* when starting Kamailio I get the following
errors:
May 29 17:42:02 kamailio1 kamailio[248991]: ERROR: <core>
[core/sr_module.c:599]: ksr_load_module(): could not open module
</usr/local/lib64/kamailio/modules/stirshaken.so>: libstirshaken.so.1:
cannot open shared object file: No such file or directory
May 29 17:42:02 kamailio1 kamailio[248991]: CRITICAL: <core>
[core/cfg.y:3915]: yyerror_at(): parse error in config file
/usr/local/etc/kamailio/kamailio_stir_shaken_mod.cfg, line 106, column
12-26: failed to load module
I haven't found a solution for this.
Can anyone help?
Thanks in advance!
*Sérgio Charrua*
Hi
To determine, if rtpengine was engaged during an invite or not, I make
use of rr params for all messages in following transactions and I set
an avp for all messages in the current transaction.
When the call is canceled, I would need to call rtpengine_delete to
make sure rtpengine stops listening for rtp packets.
Unfortunately, the avp I set during the INVITE, does not seem to be
present while the CANCEL message is processed, despite to my
understanding being in the same transaction.
How can I pass some information from an INVITE to the corresponding
CANCEL?
Mit freundlichen Grüssen
-Benoît Panizzon-
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
trying to use
msg_apply_changes();
subst_hf("Via","/TCP/TLS/","f");
But as i don't seem to have access the top-most via, i can'it doesn't
work... i cam change the incoming Via, but not the outgoing...
I need this urgently.. any help anyone?
> Sergey,
>
> Thanks for pointing me to the PR but that's not exactly what i need, let
> me explain:
>
> We have an AWS an NLB on which our clients connect to and terminate TLS
> connections and from then on into our proxies it is TCP. Now when clients
> send invites (with TLS in their VIA as protocol) and we reply to them
> (because the socket is TCP) I need to set the protocol on the Via to be
> TLS. Otherwise, the client would not understand. This message or will
> believe that it's not. about the same connection
>
> I haven't figured out a way of doing this since it can't get the actual
> VIA that will be sent out. I've tried on the onsend_route (enabling
> onsend_route_reply)
>
> Help is greatly appreciated!
>
>
> Regards,
>
> David Villasmil
> email: david.villasmil.work(a)gmail.com
> phone: +34669448337
>
>
> On Thu, May 30, 2024 at 11:44 PM David Villasmil <
> david.villasmil.work(a)gmail.com> wrote:
>
>> HEllo Sergey,
>>
>> i can send one. yes.
>>
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.work(a)gmail.com
>> phone: +34669448337
>>
>>
>> On Thu, May 23, 2024 at 5:14 PM Sergey Safarov <s.safarov(a)gmail.com>
>> wrote:
>>
>>> Hi David
>>> Could you send PCAP for an inbound call via TCP connection?
>>>
>>> Sergey
>>>
>>> On Thu, May 23, 2024 at 5:53 PM David Villasmil <
>>> david.villasmil.work(a)gmail.com> wrote:
>>>
>>>> it's still in progress though.
>>>> Regards,
>>>>
>>>> David Villasmil
>>>> email: david.villasmil.work(a)gmail.com
>>>> phone: +34669448337
>>>>
>>>>
>>>> On Thu, May 23, 2024 at 4:51 PM David Villasmil <
>>>> david.villasmil.work(a)gmail.com> wrote:
>>>>
>>>>> Thanks, I'll check it out!
>>>>> Regards,
>>>>>
>>>>> David Villasmil
>>>>> email: david.villasmil.work(a)gmail.com
>>>>> phone: +34669448337
>>>>>
>>>>>
>>>>> On Thu, May 23, 2024 at 4:16 PM Sergey Safarov <s.safarov(a)gmail.com>
>>>>> wrote:
>>>>>
>>>>>> We have tested this PR using the Linphone app.
>>>>>> So your case will be resolved using this PR.
>>>>>> Need to enable HAproxy protocol headers.
>>>>>>
>>>>>> On Wed, May 22, 2024 at 4:36 PM Sergey Safarov <s.safarov(a)gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Please try Kamailio PR
>>>>>>> https://github.com/kamailio/kamailio/pull/3731
>>>>>>>
>>>>>>> We have developed this PR for use case you have described.
>>>>>>> We have tested Route and Record-Route headers not Via.
>>>>>>> So will provide some review for this PR then will be fine.
>>>>>>>
>>>>>>> On Wed, May 22, 2024 at 2:22 PM David Villasmil <
>>>>>>> david.villasmil.work(a)gmail.com> wrote:
>>>>>>>
>>>>>>>> Hello Sergey,
>>>>>>>>
>>>>>>>> Thanks for the suggestion. Not sure if his is what i'm looking for,
>>>>>>>> allow me to explain further:
>>>>>>>> We set up an NetworkLoadBalancer on AWS to offload tls on it. This
>>>>>>>> Load balancer is a TLS listener on the outside and a TCP connection to the
>>>>>>>> proxy inside.
>>>>>>>> So when sending an INVITE to the connected client, the via has a
>>>>>>>> TCP protocol like
>>>>>>>>
>>>>>>>> Via: SIP/2.0/TCP
>>>>>>>> mydomain:port;branch=z9hG4bKf176.53ac8af0d7090a31e44548f15ea420ff.0
>>>>>>>>
>>>>>>>> and the client (linphone) disconnects and tries to contact the
>>>>>>>> proxy on that address on a TCP socket, which doesn't exist. I tried many
>>>>>>>> solutions none of which actually work... last one setting $du =$du +
>>>>>>>> ";transport=tls" and forcing the socket to the TCP socket to the load
>>>>>>>> balancer, but of course i'm getting warnings about this.
>>>>>>>>
>>>>>>>> is this something that PR (not merged) would be addressing, i
>>>>>>>> didn't see that.
>>>>>>>> If not, is there a way of doing this without any trickery?
>>>>>>>>
>>>>>>>> Thanks!
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> David Villasmil
>>>>>>>> email: david.villasmil.work(a)gmail.com
>>>>>>>> phone: +34669448337
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, May 22, 2024 at 12:16 PM Sergey Safarov <
>>>>>>>> s.safarov(a)gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Probable you need this PR
>>>>>>>>> https://github.com/kamailio/kamailio/pull/3810
>>>>>>>>>
>>>>>>>>> Or you can try
>>>>>>>>> https://github.com/kamailio/kamailio/pull/3731
>>>>>>>>> In this PR we faced the same issue and solved this.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Wed, May 22, 2024 at 3:43 AM David Villasmil via sr-users <
>>>>>>>>> sr-users(a)lists.kamailio.org> wrote:
>>>>>>>>>
>>>>>>>>>> Hello Anthony, did you solve this problem? I'm facing the same
>>>>>>>>>> problem
>>>>>>>>>>
>>>>>>>>>> Thanks!
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> David Villasmil
>>>>>>>>>> email: david.villasmil.work(a)gmail.com
>>>>>>>>>> phone: +34669448337
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, Feb 5, 2018 at 5:57 AM Anthony Alba <
>>>>>>>>>> ascanio.alba7(a)gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> I have kamailio behind a TLS termination proxy so the sockets
>>>>>>>>>>> are correctly deduced to be TCP. However the clients only talk TLS to the
>>>>>>>>>>> proxy and are confused when the top Via header added by Kamailio is TCP. Is
>>>>>>>>>>> there a way for Kamailio to forcibly pretend its protocol is TLS? Like
>>>>>>>>>>> advertised_address but "advertised_protocol" instead.
>>>>>>>>>>>
>>>>>>>>>>> (With pjsip testing: it has a flag use_tls which ignores TCP
>>>>>>>>>>> from Kamailio and continues to use the persistent TLS transport to proxy.
>>>>>>>>>>> Linphone fails because it tries to honor TCP in Via and is unable to
>>>>>>>>>>> establish TCP transport).
>>>>>>>>>>>
>>>>>>>>>>> BTW I am using t_relay_to_tcp so Kamailio will return traffic to
>>>>>>>>>>> the proxy as TCP even though the contact addresses specify transport=TLS.
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> Kamailio (SER) - Users Mailing List
>>>>>>>>>>> sr-users(a)lists.kamailio.org
>>>>>>>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>>>>>>>
>>>>>>>>>> __________________________________________________________
>>>>>>>>>> Kamailio - Users Mailing List - Non Commercial Discussions
>>>>>>>>>> To unsubscribe send an email to sr-users-leave(a)lists.kamailio.org
>>>>>>>>>> Important: keep the mailing list in the recipients, do not reply
>>>>>>>>>> only to the sender!
>>>>>>>>>> Edit mailing list options or unsubscribe:
>>>>>>>>>>
>>>>>>>>>
Hi All,
I have a quick question regarding verification on incoming calls regarding the stir/shaken policy. I'm using the secsipid library to check the identity header, but the problem I'm running into is that there is no identity header in the invite from the incoming call (It's showing up as null). Have most carriers enabled passing along an identity header, or is this something that is still in the works for some of them.
Would I need to request and get the certificate from the terminating carrier? I've tried using the auth_identity module to see if i need to use the verification functions to get/request the certificate, but I have had no luck so far.
Would anyone be able to provide direction on how to request/get/pass along the identity header from an incoming call with stir/shaken.
(I am using kamailio v5.6 and debian 12)
Thanks in advance,
Temi