[SR-Users] Integrating Kamailio 4.x with Freeswitch using Postgresql

Errol Samuels ewsamuels at gmail.com
Tue Aug 20 17:12:20 CEST 2013 

Hello All,

I have been following bits of this guide
http://kb.asipto.com/freeswitch:kamailio-3.3.x-freeswitch-1.2.x-sbc and
bits from other posts to get Kamailio 4.0 integrated with FusionPBX &
Freeswitch 1.2.12 using Postgres instead of MySQL.

My reason for using Postgres is simply because Freeswitch now supports
Postgres natively and FusionPBX also uses Postgres for its backend DB.  So
it made sense to keep things consistent.

The main functions of Kamailio in this scenario are as follows:

- NAT Traversal
- Security, Anti-flood, some DDOS attack protection
- Load-balancing in future

So far I have the registrations working somewhat and the registrations are
visible in the Kamailio locations table but I also Freeswitch also needs to
have access to these registrations as well so that we have access to the
functionality within FusionPBX.

Here are the relevant bits of my script with the real public IPs
substituted:

#######

# *** Value defines - IDs used later in config
#!ifdef WITH_PGSQL
#!define DBURL "postgres://kamailio:kamailiorw@localhost/kamailio"
#!endif
.
.
#!ifdef WITH_FREESWITCH
#!define DBFSURL "postgres://fusionpbx:fusionpbx@1.2.3.4:5432/fusionpbx"
#!endif
.
.
#!ifdef WITH_FREESWITCH
freeswitch.bindip = "1.2.3.4" desc "FreeSWITCH IP Address"
freeswitch.bindport = "5060" desc "FreeSWITCH Port"
#
kamailio.bindip = "2.2.2.2" desc "Kamailio IP Address"
kamailio.bindport = "5065" desc "Kamailio Port"
#!endif
.
.
#!ifdef WITH_POSTGRES
loadmodule "db_postgres.so"
#!endif
.
.
.
# ----- usrloc params -----
/* enable DB persistency for location entries */
#!ifdef WITH_USRLOCDB
modparam("usrloc", "db_url", "postgres://kamailio:kamailiorw@localhost
/kamailio")
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "use_domain", MULTIDOMAIN)
#!endif


# ----- auth_db params -----
#!ifdef WITH_AUTH
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "load_credentials", "")

#!ifdef WITH_FREESWITCH
modparam("auth_db", "user_column", "extension")
modparam("auth_db", "password_column", "password")
modparam("auth_db", "domain_column", "user_context")
modparam("auth_db", "db_url", DBFSURL)
modparam("auth_db", "version_table", 0)
modparam("auth_db", "use_domain", MULTIDOMAIN)
#!else
modparam("auth_db", "db_url", DBURL)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "use_domain", MULTIDOMAIN)
#!endif
.
.
# authentication
        route(AUTH);

        # record routing for dialog forming requests (in case they are
routed)
        # - remove preloaded route headers
        remove_hf("Route");
        if (is_method("INVITE|SUBSCRIBE"))
                record_route_preset("2.2.2.2");

        # account only INVITEs
        if (is_method("INVITE"))
        {
                setflag(FLT_ACC); # do accounting
        }

        # dispatch requests to foreign domains
        route(SIPOUT);

        # handle presence related requests
        route(PRESENCE);

        # handle registrations
        route(REGISTRAR);

        if ($rU==$null)
        {
                # request with no Username in RURI
                sl_send_reply("484","Address Incomplete");
                exit;
        }
.
.
.
# Authentication route
route[AUTH] {
#!ifdef WITH_AUTH

#!ifdef WITH_FREESWITCH
        # do not auth traffic from FreeSWITCH - trusted!
        if(route(FROMFREESWITCH))
                return;
#!endif

#!ifdef WITH_IPAUTH
        if((!is_method("REGISTER")) && allow_source_address())
        {
                # source IP allowed
                return;
        }
#!endif

        if (is_method("REGISTER") || from_uri==myself)
        {
                # authenticate requests
#!ifdef WITH_FREESWITCH
                if (!auth_check("$fd", "v_extensions", "1")) {
#!else
                if (!auth_check("$fd", "subscriber", "1")) {
#!endif
                        auth_challenge("$fd", "0");
                        exit;
                }
                # user authenticated - remove auth header
                if(!is_method("REGISTER|PUBLISH"))
                        consume_credentials();
        }
        # if caller is not local subscriber, then check if it calls
        # a local destination, otherwise deny, not an open relay here
        if (from_uri!=myself && uri!=myself)
        {
                sl_send_reply("403","Not relaying");
                exit;
        }

#!endif
        return;
}
.
.
.
# Routing to foreign domains
route[SIPOUT] {
        if (!uri==myself)
        {
                append_hf("P-hint: outbound\r\n");
                route(RELAY);
        }
}
.
.
.
# Handle SIP registrations
route[REGISTRAR] {
        if (is_method("REGISTER"))
        {
                if(isflagset(FLT_NATS))
                {
                        setbflag(FLB_NATB);
                        # uncomment next line to do SIP NAT pinging
                        setbflag(FLB_NATSIPPING);
                }
                # without param, here would allows multiple contacts, with
0x04 param, last register wins (fifo)
                #if (!save("location"))
                if (!save("location", "0x04"))
                        sl_reply_error();

#!ifdef WITH_FREESWITCH
                route(REGFWD);
#!endif

                exit;
        }
}
.
.
.
#######

I hope I haven't missed anything important.

With my current config I am able to dial feature code in FusionPBX and also
make outbound calls but not able to dial between extensions because as far
as Freeswitch is concerned the extensions are not registered.

Any assistance would be greatly appreciated.

Thanks

Errol
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130820/af965e5b/attachment.html>

More information about the sr-users mailing list