no the problem appear to be with the advertise
this makes all listeners
listen = PRIV_SOCK advertise MY_PUB_SOCK name = "ext"
but
listen = PRIV_SOCK_TLS advertise MY_PUB_SOCK_TLS name = "ext_tls"
is failing with a look up error on MY_PUB_SOCK_TLS
if I try :
listen = PRIV_SOCK_TLS advertise "MY_PUB_SOCK_TLS" name = "ext_tls"
it fails on a lookup for what ever the def is for that variable e.g. 1.2.3.4:5061
the defs are of the correct syntax
if it replace the defs it works
e.g
listen = tls:10.10.10.10:5061 advertise 1.2.3.4:5061 name = "ext_tls"
the two defs math the text above
the problen is its working for the "global" defs without any protocl, so its making the tls listener for the wrong port as 5060
so
listen = LISTEN_EXTERNAL_SOCKET advertise ADVERTISE_NAT_ADDRESS name = "ext"
is working
with
#!substdef "!LISTEN_EXTERNAL_SOCKET!10.10.10.10:5060!g"
and
#!substdef "!ADVERTISE_NAT_ADDRESS!1.2.3.4:5060!g"
the _TLS versions are not changing the tls port
so i have tls on port 5060 when iot should be on 5061 and the name ext_tls where all other sockets are called "ext"
Regards,
Richard
On 30/11/2021 20:03, Karsten Horsmann wrote:
Hi Richard,
Hmmm for some reason I split my vars into parts.
And you prefix that with tls? Like this?
"!ADVERTISE_NAT_ADDRESS_TLS!tls:1.2.3.4:5061!g"
Best Karsten
Richard Robson richard@rikrobson.co.uk schrieb am Di., 30. Nov. 2021, 17:48:
Hi the missing = was my typo in the email and not the config. the probelm is only with the TLS advertise and not the non tls advertise these work as expected listen = LISTEN_EXTERNAL_SOCKET advertise ADVERTISE_NAT_ADDRESS name = "ext" #!substdef "!ADVERTISE_NAT_ADDRESS!1.2.3.4:5060!g" these do not works #!substdef "!ADVERTISE_NAT_ADDRESS_TLS!1.2.3.4:5061!g" does not work listen = LISTEN_EXTERNAL_SOCKET_TLS advertise ADVERTISE_NAT_ADDRESS_TL name = "ext-tls" or listen = LISTEN_EXTERNAL_SOCKET_TLS advertise ADVERTISE_NAT_ADDRESS_TLS name = "ext-tls" if its not quoted then error = cannot resolve 1.2.3.4:5061 <http://1.2.3.4:5061> of not quoted error = cannot resolve ADVERTISE_NAT_ADDRESS_TLS if i replace the def with the 1.2.3.4:5061 <http://1.2.3.4:5061> it works what is hte difference if also changed the name to ADVERTISE_NAT_ADDRESS_SEC with the same results On 30/11/2021 16:21, Karsten Horsmann wrote:Hi Richard, seems that you forgot the equal signs in the listen directive. Did kamailio -c -f /etc/kamailio/kamailio.cfg return something? http://www.kamailio.org/wiki/cookbooks/devel/core#listen I did the same with puppet. And I only manipulate my /etc/kamailio/kamailio-local.cfg with the configuration management tool. Small example from my templating. grep MY_PUB_IP /etc/kamailio/kamailio-local.cfg #!substdef "!MY_PUB_IP!1.2.3.4!g" .... egrep 'MY_HTTPS_ADDR|MY_PUB_IP|_PORT' /etc/kamailio/kamailio.cfg import_file "kamailio-local.cfg" .... #!substdef "!MY_HTTPS_ADDR!tls:MY_PUB_IP:MY_WSS_HTTPS!g" .... listen=udp:MY_PUB_IP:5060 listen=tcp:MY_PUB_IP:5060 listen=tls:MY_PUB_IP:5061 listen=MY_HTTPS_ADDR Kind regards Karsten Am Di., 30. Nov. 2021 um 16:57 Uhr schrieb Richard Robson <richard@rikrobson.co.uk>: I have a problem when trying to add an advertised address in Kamailio 5.4.2 we have a checf config that is populating various variable. some of these are for the Listeners we have this working and Im getting all protocols for the listeners based on the non _TLS Vars but the TLS config is trying to resolve ADVERTISE_NAT_ADDRESS_TLS. If I try and quote the variable "ADVERTISE_NAT_ADDRESS_TLS" id get an error saying 1.2.3.4:5061 <http://1.2.3.4:5061> is not resolvable therefroe I have udp,tcp and tls listeners all on the default ports where i need the tls on port 5061 ans not 5060 listen = LISTEN_EXTERNAL_SOCKET advertise ADVERTISE_NAT_ADDRESS name = "ext" listen = LISTEN_INTERNAL_SOCKET name = "int" listen = LISTEN_EXTERNAL_SOCKET_TLS advertise name = "ext-tls" listen = LISTEN_INTERNAL_SOCKET_TLS name = "int-tls" the Vars are defined as #!define TOPO_NAT #!substdef "!LISTEN_EXTERNAL_SOCKET!10.10.10.10:5060!g" #!substdef "!LISTEN_INTERNAL_SOCKET!10.10.10.10:5080!g" #!substdef "!ADVERTISE_NAT_ADDRESS!1.2.3.4:5060!g" #!define ENABLE_TLS #!define TLS_CONFIG_FILE "chef-managed/tls.cfg" #!substdef "!LISTEN_EXTERNAL_SOCKET_TLS!tls:10.225.73.16:5061!g" #!substdef "!LISTEN_INTERNAL_SOCKET_TLS!tls:10.225.73.16:5061!g" #!substdef "!ADVERTISE_NAT_ADDRESS_TLS!1.2.3.4:5061!g" REgards, Richard __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Mit freundlichen Grüßen *Karsten Horsmann* __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions *sr-users@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: *https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hi Richard,
i play around with your examples and this combination(s) works for me: version: kamailio 5.5.3
#!substdef "!LISTEN_EXTERNAL_SOCKET_TLS!tls:10.225.73.16:5061!g" #!substdef "!ADVERTISE_NAT_ADDRESS_TLS!1.2.3.4!g" #!substdef "!TLS_PORT!5061!g" #!substdef "!LISTEN_NAME!ext_tls!g"
*listen = LISTEN_EXTERNAL_SOCKET_TLS advertise ADVERTISE_NAT_ADDRESS_TLS:TLS_PORT name "ext_tls"* or *listen = LISTEN_EXTERNAL_SOCKET_TLS advertise ADVERTISE_NAT_ADDRESS_TLS:TLS_PORT name "LISTEN_NAME"*
"/etc/kamailio/kamailio.cfg" 1626L, 48756C geschrieben # kamailio -c -f /etc/kamailio/kamailio.cfg loading modules under config path: /usr/lib64/kamailio/modules/ 0(17553) INFO: tls [tls_init.c:503]: init_tls_compression(): disabling compression... Listening on t*ls: 10.225.73.16 [10.225.73.16]:5061 name ext_tls advertise 1.2.3.4:5061 http://1.2.3.4:5061* Aliases:
config file ok, exiting...
Hope this helps
Kind regards Karsten
-
Karsten Horsmann -
Richard Robson