Hi all

I try to configure kamailio to register sip client with freeradius via kamailio.

My configure as:

 

###################kamailio.cfg#############

#!KAMAILIO

#

# $Id$

#

# Kamailio (OpenSER) SIP Server v3.0 - basic configuration script

#     - web: http://www.kamailio.org

#     - git: http://sip-router.org

#

# Direct your questions about this file to: <users@lists.kamailio.org>

#

# Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php

# for an explanation of possible statements, functions and parameters.

#

# Several features can be enabled using '#!define WITH_FEATURE' directives:

#

# *** To run in debug mode:

#!define WITH_DEBUG

#

# *** To enable mysql:

#!define WITH_MYSQL

#

# *** To enable authentication execute:

#     - enable mysql

#!define WITH_AUTH

#     - add users using 'kamctl'

#

# *** To enable persistent user location execute:

#     - enable mysql

#     - define WITH_USRLOCDB

#

# *** To enable presence server execute:

#     - enable mysql

#     - define WITH_PRESENCE

#

# *** To enable nat traversal execute:

#     - define WITH_NAT

#     - install RTPProxy: http://www.rtpproxy.org

#     - start RTPProxy:

#        rtpproxy -l _your_public_ip_ -s udp:localhost:7722

#

# *** To enable PSTN gateway routing execute:

#     - define WITH_PSTN

#     - set the value of pstn.gw_ip

#     - check route[PSTN] for regexp routing condition

#

# *** To enhance accounting execute:

#     - enable mysql

#     - define WITH_ACCDB

#     - add following columns to database

#!ifdef ACCDB_COMMENT

  ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';

  ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';

  ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';

  ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';

  ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';

  ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';

  ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';

  ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';

  ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';

  ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';

#!endif

 

 

####### Global Parameters #########

 

#!ifdef WITH_DEBUG

debug=4

log_stderror=no

#!else

debug=2

log_stderror=no

#!endif

 

memdbg=5

memlog=5

 

log_facility=LOG_LOCAL0

 

fork=yes

children=4

 

/* uncomment the next line to disable TCP (default on) */

#disable_tcp=yes

 

/* uncomment the next line to disable the auto discovery of local aliases

   based on revers DNS on IPs (default on) */

 

#auto_aliases=no

 

port=5060

 

/* uncomment and configure the following line if you want Kamailio to

   bind on a specific interface/port/proto (default bind on all available) */

#listen=udp:10.0.0.10:5060

 

 

####### Custom Parameters #########

 

# These parameters can be modified runtime via RPC interface

# - see the documentation of 'cfg_rpc' module.

#

# Format: group.id = value 'desc' description

# Access: $sel(cfg_get.group.id) or @cfg_get.group.id

#

 

#!ifdef WITH_PSTN

# PSTN GW Routing

#

# - pstn.gw_ip: valid IP or hostname as string value, example:

# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"

#

# - by default is empty to avoid misrouting

pstn.gw_ip = "" desc "PSTN GW Address"

#!endif

 

 

####### Modules Section ########

 

#set module path

mpath="/usr/local/lib/kamailio/modules_k/:/usr/local/lib/kamailio/modules/"

 

/* uncomment next line for MySQL DB support */

#!ifdef WITH_MYSQL

loadmodule "db_mysql.so"

#!endif

loadmodule "mi_fifo.so"

loadmodule "kex.so"

loadmodule "tm.so"

loadmodule "tmx.so"

loadmodule "sl.so"

loadmodule "rr.so"

loadmodule "pv.so"

loadmodule "maxfwd.so"

loadmodule "usrloc.so"

loadmodule "registrar.so"

loadmodule "textops.so"

loadmodule "uri_db.so"

loadmodule "siputils.so"

loadmodule "xlog.so"

loadmodule "sanity.so"

loadmodule "ctl.so"

loadmodule "mi_rpc.so"

loadmodule "acc.so"

#!ifdef WITH_AUTH

loadmodule "auth.so"

loadmodule "auth_radius.so"

#!endif

/* uncomment next line for aliases support

   NOTE: a DB (like db_mysql) module must be also loaded */

#loadmodule "alias_db.so"

/* uncomment next line for multi-domain support

   NOTE: a DB (like db_mysql) module must be also loaded

   NOTE: be sure and enable multi-domain support in all used modules

         (see "multi-module params" section ) */

#loadmodule "domain.so"

#!ifdef WITH_PRESENCE

loadmodule "presence.so"

loadmodule "presence_xml.so"

#!endif

 

#!ifdef WITH_NAT

loadmodule "nathelper.so"

#!endif

 

# ----------------- setting module-specific parameters ---------------

 

 

# ----- mi_fifo params -----

modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")

 

 

# ----- rr params -----

# add value to ;lr param to cope with most of the UAs

modparam("rr", "enable_full_lr", 1)

# do not append from tag to the RR (no need for this script)

modparam("rr", "append_fromtag", 0)

 

 

# ----- rr params -----

modparam("registrar", "method_filtering", 1)

/* uncomment the next line to disable parallel forking via location */

# modparam("registrar", "append_branches", 0)

/* uncomment the next line not to allow more than 10 contacts per AOR */

#modparam("registrar", "max_contacts", 10)

 

 

# ----- uri_db params -----

/* by default we disable the DB support in the module as we do not need it

   in this configuration */

modparam("uri_db", "use_uri_table", 0)

modparam("uri_db", "db_url", "")

 

 

# ----- acc params -----

/* what sepcial events should be accounted ? */

modparam("acc", "early_media", 1)

modparam("acc", "report_ack", 1)

modparam("acc", "report_cancels", 1)

/* by default ww do not adjust the direct of the sequential requests.

   if you enable this parameter, be sure the enable "append_fromtag"

   in "rr" module */

modparam("acc", "detect_direction", 0)

/* account triggers (flags) */

modparam("acc", "failed_transaction_flag", 3)

modparam("acc", "log_flag", 1)

modparam("acc", "log_missed_flag", 2)

modparam("acc", "log_extra",

        "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")

/* enhanced DB accounting */

#!ifdef WITH_ACCDB

modparam("acc", "db_flag", 1)

modparam("acc", "db_missed_flag", 2)

modparam("acc", "db_url",

        "mysql://openser:openserrw@localhost/openser")

modparam("acc", "db_extra",

        "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")

#!endif

 

# ----- usrloc params -----

/* enable DB persistency for location entries */

#!ifdef WITH_USRLOCDB

modparam("usrloc", "db_mode",   2)

modparam("usrloc", "db_url",

        "mysql://openser:openserrw@localhost/openser")

#!endif

 

# ----- auth_db params -----

/* enable the DB based authentication */

#!ifdef WITH_AUTH

#modparam("auth_db", "calculate_ha1", yes)

#modparam("auth_db", "password_column", "password")

#modparam("auth_db", "db_url",

#       "mysql://openser:openserrw@localhost/kamailio")

#modparam("auth_db", "load_credentials", "")

modparam("auth_radius", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")

modparam("auth_radius", "service_type", 15)

modparam("auth_radius", "auth_extra", "Acct-Session-Id=$ci")

modparam("auth_radius", "use_ruri_flag", 22)

 

#!endif

 

# ----- alias_db params -----

/* uncomment the following lines if you want to enable the DB based

   aliases */

#modparam("alias_db", "db_url",

#       "mysql://openser:openserrw@localhost/openser")

 

 

# ----- domain params -----

/* uncomment the following lines to enable multi-domain detection

   support */

#modparam("domain", "db_url",

#       "mysql://openser:openserrw@localhost/openser")

#modparam("domain", "db_mode", 1)   # Use caching

 

 

# ----- multi-module params -----

/* uncomment the following line if you want to enable multi-domain support

   in the modules (dafault off) */

#modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)

 

 

# ----- presence params -----

/* enable presence server support */

#!ifdef WITH_PRESENCE

modparam("presence|presence_xml", "db_url",

        "mysql://openser:openserrw@localhost/openser")

modparam("presence_xml", "force_active", 1)

modparam("presence", "server_address", "sip:10.0.0.10:5060")

#!endif

 

# ----- nathelper -----

#!ifdef WITH_NAT

modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722")

modparam("nathelper", "natping_interval", 30)

modparam("nathelper", "ping_nated_only", 1)

modparam("nathelper", "sipping_bflag", 7)

modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")

modparam("registrar|nathelper", "received_avp", "$avp(i:80)")

modparam("usrloc", "nat_bflag", 6)

#!endif

 

####### Routing Logic ########

 

 

# main request routing logic

 

route{

 

        if (!mf_process_maxfwd_header("10")) {

                sl_send_reply("483","Too Many Hops");

                exit;

        }

 

        if(!sanity_check("1511", "7"))

        {

                xlog("Malformed SIP message from $si:$sp\n");

                exit;

        }

 

        # NAT detection

        route(NAT);

 

if (has_totag()) {

                # sequential request withing a dialog should

                # take the path determined by record-routing

                if (loose_route()) {

                        if (is_method("BYE")) {

                                setflag(1); # do accounting ...

                                setflag(3); # ... even if the transaction fails

                        }

                        route(RELAY);

                } else {

                        if (is_method("SUBSCRIBE") && uri == myself) {

                                # in-dialog subscribe requests

                                route(PRESENCE);

                                exit;

                        }

                        if ( is_method("ACK") ) {

                                if ( t_check_trans() ) {

                                        # non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server

                                        t_relay();

                                        exit;

                                } else {

                                        # ACK without matching transaction ... ignore and discard.\n");

                                        exit;

                                }

                        }

                        sl_send_reply("404","Not here");

                }

                exit;

        }

 

        #initial requests

 

        # CANCEL processing

        if (is_method("CANCEL"))

        {

                if (t_check_trans())

                        t_relay();

                exit;

        }

 

        t_check_trans();

# authentication

        route(AUTH);

 

        # record routing for dialog forming requests (in case they are routed)

        # - remove preloaded route headers

        remove_hf("Route");

        if (is_method("INVITE|SUBSCRIBE"))

                record_route();

 

        # account only INVITEs

        if (is_method("INVITE")) {

                setflag(1); # do accounting

        }

        if (!uri==myself)

        /* replace with following line if multi-domain support is used */

        ##if (!is_uri_host_local())

        {

                append_hf("P-hint: outbound\r\n");

                route(RELAY);

        }

 

        # requests for my domain

 

        if( is_method("PUBLISH|SUBSCRIBE"))

                route(PRESENCE);

 

        if (is_method("REGISTER"))

        {

                if(isflagset(5))

                {

                        setbflag("6");

                        # uncomment next line to do SIP NAT pinging

                        ## setbflag("7");

                }

                if (!save("location"))

                        sl_reply_error();

 

                exit;

        }

 

        if ($rU==$null) {

                # request with no Username in RURI

sl_send_reply("484","Address Incomplete");

                exit;

        }

 

        route(PSTN);

 

        # apply DB based aliases (uncomment to enable)

        ##alias_db_lookup("dbaliases");

 

        if (!lookup("location")) {

                switch ($rc) {

                        case -1:

                        case -3:

                                t_newtran();

                                t_reply("404", "Not Found");

                                exit;

                        case -2:

                                sl_send_reply("405", "Method Not Allowed");

                                exit;

                }

        }

 

        # when routing via usrloc, log the missed calls also

        setflag(2);

 

        route(RELAY);

}

 

 

route[RELAY] {

#!ifdef WITH_NAT

        if (check_route_param("nat=yes")) {

                setbflag("6");

        }

        if (isflagset(5) || isbflagset("6")) {

                route(RTPPROXY);

        }

#!endif

 

        /* example how to enable some additional event routes */

        if (is_method("INVITE")) {

                #t_on_branch("BRANCH_ONE");

                t_on_reply("REPLY_ONE");

t_on_reply("REPLY_ONE");

                t_on_failure("FAIL_ONE");

        }

 

        if (!t_relay()) {

                sl_reply_error();

        }

        exit;

}

 

 

# Presence server route

route[PRESENCE]

{

#!ifdef WITH_PRESENCE

        if (!t_newtran())

        {

                sl_reply_error();

                exit;

        };

 

        if(is_method("PUBLISH"))

        {

                handle_publish();

                t_release();

        }

        else

        if( is_method("SUBSCRIBE"))

        {

                handle_subscribe();

                t_release();

        }

        exit;

#!endif

 

        # if presence enabled, this part will not be executed

        if (is_method("PUBLISH") || $rU==$null)

        {

                sl_send_reply("404", "Not here");

                exit;

        }

        return;

# Authentication route

route[AUTH] {

#!ifdef WITH_AUTH

        if (is_method("REGISTER"))

        {

                # authenticate the REGISTER requests (uncomment to enable auth)

                if (!radius_www_authorize("192.168.1.70"))

                {

                        www_challenge("192.168.1.70", "0");

                        exit;

                }

 

                if ($au!=$tU)

                {

                        sl_send_reply("403","Forbidden auth ID");

                        exit;

                }

        } else {

                # authenticate if from local subscriber (uncomment to enable auth)

                if (from_uri==myself)

                {

                        if (!radius_proxy_authorize("192.168.1.70")) {

                                proxy_challenge("192.168.1.70", "0");

                                exit;

                        }

                        if (is_method("PUBLISH"))

                        {

                                if ($au!=$tU) {

                                        sl_send_reply("403","Forbidden auth ID");

                                        exit;

                                }

                        } else {

                                if ($au!=$fU) {

                                        sl_send_reply("403","Forbidden auth ID");

                                        exit;

                                }

                        }

 

                        consume_credentials();

                        # caller authenticated

                }

        }

#!endif

        return;

}

 

# Caller NAT detection route

route[NAT]{

#!ifdef WITH_NAT

        force_rport();

        if (nat_uac_test("19")) {

                if (method=="REGISTER") {

                        fix_nated_register();

                } else {

                        fix_nated_contact();

                }

                setflag(5);

        }

#!endif

        return;

}

 

# RTPProxy control

route[RTPPROXY] {

#!ifdef WITH_NAT

        if (is_method("BYE")) {

                unforce_rtp_proxy();

        } else if (is_method("INVITE")){

                force_rtp_proxy();

        }

        if (!has_totag()) add_rr_param(";nat=yes");

#!endif

        return;

}

 

# PSTN GW routing

route[PSTN] {

#!ifdef WITH_PSTN

        # check if PSTN GW IP is defined

        if (strempty($sel(cfg_get.pstn.gw_ip))) {

                xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");

                return;

        }

 

        # route to PSTN dialed numbers starting with '+' or '00'

  #     (international format)

        # - update the condition to match your dialing rules for PSTN routing

        if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))

                return;

 

        # only local users allowed to call

        if(from_uri!=myself) {

                sl_send_reply("403", "Not Allowed");

                exit;

        }

 

        $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);

 

        route(RELAY);

        exit;

#!endif

 

        return;

}

 

# Sample branch router

branch_route[BRANCH_ONE] {

        xdbg("new branch at $ru\n");

}

 

# Sample onreply route

onreply_route[REPLY_ONE] {

        xdbg("incoming reply\n");

#!ifdef WITH_NAT

        if ((isflagset(5) || isbflagset("6")) && status=~"(183)|(2[0-9][0-9])") {

                force_rtp_proxy();

        }

        if (isbflagset("6")) {

                fix_nated_contact();

        }

#!endif

}

 

# Sample failure route

failure_route[FAIL_ONE] {

#!ifdef WITH_NAT

        if (is_method("INVITE")

                        && (isbflagset("6") || isflagset(5))) {

         unforce_rtp_proxy();

        }

#!endif

 

        if (t_is_canceled()) {

                exit;

        }

 

        # uncomment the following lines if you want to block client

        # redirect based on 3xx replies.

        ##if (t_check_status("3[0-9][0-9]")) {

        ##t_reply("404","Not found");

        ##      exit;

        ##}

 

        # uncomment the following lines if you want to redirect the failed

        # calls to a different new destination

        ##if (t_check_status("486|408")) {

        ##      sethostport("192.168.2.100:5060");

        ##      append_branch();

        ##      # do not set the missed call flag again

        ##      t_relay();

        ##}

}

##############################################

I run command : kamctl start

But : ERROR: PID file /var/run/kamailio.pid does not exist -- Kamailio start failed

 

And I run : tail –f /var/log/message to show log:

The log is:

Aug  4 15:05:07 appliance kamailio: ERROR: <core> [sr_module.c:390]: ERROR: load_module: could not open module </usr/local/lib/kamailio/modules/auth_radius.so>: libradiusclient-ng.so.2: cannot open shared object file: No such file or directory

Aug  4 15:05:07 appliance kamailio: : <core> [cfg.y:3330]: parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 145, column 12-27: failed to load module

Aug  4 15:05:07 appliance kamailio: ERROR: <core> [modparam.c:154]: set_mod_param_regex: No module matching <auth_radius> found

Aug  4 15:05:07 appliance kamailio: : <core> [cfg.y:3333]: parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 234, column 92: Can't set module parameter

Aug  4 15:05:07 appliance kamailio: ERROR: <core> [modparam.c:154]: set_mod_param_regex: No module matching <auth_radius> found

Aug  4 15:05:07 appliance kamailio: : <core> [cfg.y:3333]: parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 235, column 43: Can't set module parameter

Aug  4 15:05:07 appliance kamailio: ERROR: <core> [modparam.c:154]: set_mod_param_regex: No module matching <auth_radius> found

Aug  4 15:05:07 appliance kamailio: : <core> [cfg.y:3333]: parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 236, column 60: Can't set module parameter

Aug  4 15:05:07 appliance kamailio: ERROR: <core> [modparam.c:154]: set_mod_param_regex: No module matching <auth_radius> found

Aug  4 15:05:07 appliance kamailio: : <core> [cfg.y:3333]: parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 237, column 44: Can't set module parameter

Aug  4 15:05:07 appliance kamailio: : <core> [cfg.y:3333]: parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 479, column 50: unknown command, missing loadmodule?

Aug  4 15:05:07 appliance kamailio: : <core> [cfg.y:3333]: parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 494, column 53: unknown command, missing loadmodule?

###############

I try to add : /usr/local/lib/* to /etc/ld.so.conf

And run : ldconfig –v

But the result is the same error .

 

 

Please help me if someone know what is wrong.

Any suggest is welcome.

Thanks and Regards

Thanh.Truong