[SR-Users] ?==?utf-8?q? kamailio - mariadb hosted on remote server - issue

Youssef Boujraf yboujraf at by-research.be
Tue Mar 29 13:15:35 CEST 2022


Dear

Finally I found the issue.

This is not from MYSQL DB or CLUSTER.

The issue is when creating a new "address" with "GROUP"=0; the permission module accept the record through RPC command.

STEP 7 : ADDRESS TABLE : add new ip address
 $ sudo systemctl restart kamailio
sipsecure at kamailio:/etc$ sudo kamctl address add 0 192.168.1.26 32 0 HP
-e \E[37;33mINFO: execute '/sbin/kamctl address reload' to synchronize cache and database
 
STEP 8 : DB : verify if the new ip address is created ? YesMariaDB [(none)]> select * from kamailio.address;
+----+-----+--------------+------+------+------+
| id | grp | ip_addr      | mask | port | tag  |
+----+-----+--------------+------+------+------+
|  1 |   0 | 192.168.1.26 |   32 |    0 | HP   |
+----+-----+--------------+------+------+------+
1 row in set (0.000 sec)

But when I try to reload the new record with GROUP=0, I got this


STEP 9 : Reload the content of the DB into kamailio. It failed
----------------------------------------------------------------------------------------

The host: '192.168.1.41' is kamailio (remote client)
 $ sudo kamctl address reload
{
  "jsonrpc":  "2.0",
  "error":  {
    "code": 500,
    "message":  "Reload failed."
  },
  "id": 12397
}
If I do the same to create a new record where GROUP is greater than 0 then everything is fine and working well.

QUESTION :
-------------------

In the documentation : https://kamailio.org/docs/modules/5.1.x/modules/permissions.html#sec-address-permissions

"Addresses stored in the database table can be grouped together into one or more groups specified by a group identifier (positive integer value, i.e., equal or greater than 1)."

Then, WHY GROUP = 0 is accepted when creating a new record through RPC command and why when RELOAD the content from "ADDRESS" and one record contain GROUP=0 the "permission" module crashes.

Best Regards,
Youssef 
Hello,


 
yes, DB connection is usually straight forward.


 
Do you see any errors in the mysql server logs? Any errors visible with some network debugging tools?


 
Cheers,


 
Henning


 
-- 

Henning Westerholt – https://skalatan.de/blog/

Kamailio services – https://gilawa.com


 
From: sr-users <sr-users-bounces at lists.kamailio.org> On Behalf Of Youssef Boujraf
Sent: Monday, March 28, 2022 5:47 PM
To: sr-users at lists.kamailio.org
Subject: [SR-Users] kamailio - mariadb hosted on remote server - issue


 
Dear all,

I don't belive to connect Kamailio to a remote Mariadb will take too much time.


STEP 1 : KAMAILIO :
--------------------------------

$ sudo kamailio -v
version: kamailio 5.5.4 (x86_64/linux)
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown
compiled with gcc 10.2.1


STEP 2 : Set the kamctlrc config
------------------------------------------------

KAMAILIO IP : 192.168.1.41
MARIADB IP : 192.168.1.39

- /etc/kamailio/kamctlrc

SIP_DOMAIN=example.be
DBENGINE=MYSQL
DBHOST=192.168.1.39 // where the mariadb is installed
DBNAME=kamailio
DBRWUSER="kamailio"
DBRWPW="XX"
DBROUSER="kamailioro"
DBROPW="XX"
DBACCESSHOST=192.168.1.41 // where kamctl is launched (here kamailio srv)
DBROOTUSER="root"
DBROOTPW="kamailio"
class="MsoNormal" style="margin-left:35.4pt">
STEP 3 : MARIADB : hosted on different srv than kamailio
--------------------------------------------------------------------------------------

IP : 192.168.1.39

- /etc/mysql/mariadb.conf.d/50-server.cnf

# this is only for the mysqld standalone daemon
[mysqld]

# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address            = 127.0.0.1
bind-address            = 0.0.0.0



STEP 4 : TEST : Reote connection with the DB
----------------------------------------------------------------------

REMOTE IP : 192.168.1.41
DB IP : 192.168.1.39
 


$ sudo mysql -u root -h 192.168.1.39 -p
Enter password:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 298
Server version: 10.5.15-MariaDB-1:10.5.15+maria~bullseye mariadb.org binary distribution

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>

The connection is established with success.


STEP 5 : KAMAILIO DB : creation
----------------------------------------------------

$ sudo kamdbctl create
-e \E[37;33mINFO: creating database kamailio ...
-e \E[37;33mINFO: granting privileges to database kamailio ...
-e \E[37;33mINFO: creating standard tables into kamailio ...
-e \E[37;33mINFO: Core Kamailio tables successfully created.
Create the presence related tables? (y/n): y
-e \E[37;33mINFO: creating presence tables into kamailio ...
-e \E[37;33mINFO: Presence tables successfully created.
Create the tables for imc cpl siptrace domainpolicy carrierroute
                drouting userblocklist htable purple uac pipelimit mtree sca mohqueue
                rtpproxy rtpengine secfilter? (y/n): y
-e \E[37;33mINFO: creating extra tables into kamailio ...
-e \E[37;33mINFO: Extra tables successfully created.
Create the tables for uid_auth_db uid_avp_db uid_domain uid_gflags
                uid_uri_db? (y/n): y
-e \E[37;33mINFO: creating uid tables into kamailio ...
-e \E[37;33mINFO: UID tables successfully created.


STEP 6 : DB : verify the users creation and rights
--------------------------------------------------------------------------

MariaDB [(none)]> select user, host from mysql.user;
+-------------+--------------+
| User        | Host         |
+-------------+--------------+
| kamailio    | 192.168.1.39 |
| kamailioro  | 192.168.1.39 |
| kamailio    | 192.168.1.41 |
| kamailioro  | 192.168.1.41 |
| root        | 192.168.1.41 |
| kamailio    | localhost    |
| kamailioro  | localhost    |
| mariadb.sys | localhost    |
| mysql       | localhost    |
| root        | localhost    |
+-------------+--------------+
10 rows in set (0.001 sec)

MariaDB [(none)]> SHOW GRANTS FOR kamailio at 192.168.1.41;
+--------------------------------------------------------------------------------------------------------------------+
| Grants for kamailio at 192.168.1.41                                                                                   |
+--------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `kamailio`@`192.168.1.41` IDENTIFIED BY PASSWORD '*157PASSWORD' |
| GRANT ALL PRIVILEGES ON `kamailio`.* TO `kamailio`@`192.168.1.41`                                                  |
+--------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)

MariaDB [(none)]> SHOW GRANTS FOR kamailio at 192.168.1.39;
+--------------------------------------------------------------------------------------------------------------------+
| Grants for kamailio at 192.168.1.39                                                                                   |
+--------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `kamailio`@`192.168.1.39` IDENTIFIED BY PASSWORD '*157PASSWORD' |
| GRANT ALL PRIVILEGES ON `kamailio`.* TO `kamailio`@`192.168.1.39`                                                  |
+--------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)

MariaDB [(none)]> SHOW GRANTS FOR kamailio at localhost;
+-----------------------------------------------------------------------------------------------------------------+
| Grants for kamailio at localhost                                                                                   |
+-----------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `kamailio`@`localhost` IDENTIFIED BY PASSWORD '*157PASSWORD' |
| GRANT ALL PRIVILEGES ON `kamailio`.* TO `kamailio`@`localhost`                                                  |
+-----------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)

STEP 7 : ADDRESS TABLE : add new ip address

$ sudo systemctl restart kamailio
sipsecure at kamailio:/etc$ sudo kamctl address add 0 192.168.1.26 32 0 HP
-e \E[37;33mINFO: execute '/sbin/kamctl address reload' to synchronize cache and database

 


STEP 8 : DB : verify if the new ip address is created ? Yes

MariaDB [(none)]> select * from kamailio.address;
+----+-----+--------------+------+------+------+
| id | grp | ip_addr      | mask | port | tag  |
+----+-----+--------------+------+------+------+
|  1 |   0 | 192.168.1.26 |   32 |    0 | HP   |
+----+-----+--------------+------+------+------+
1 row in set (0.000 sec)


STEP 9 : Reload the content of the DB into kamailio. It failed
----------------------------------------------------------------------------------------

The host: '192.168.1.41' is kamailio (remote client)

$ sudo kamctl address reload
{
  "jsonrpc":  "2.0",
  "error":  {
    "code": 500,
    "message":  "Reload failed."
  },
  "id": 12397
}

 

In /var/log/daemon.log

Mar 28 17:09:49 db04srv mariadbd[2430]: 2022-03-28 17:09:49 281 [Warning] Aborted connection 281 to db: 'kamailio' user: 'kamailio' host: '192.168.1.41' (Got an error reading communication packets)
Mar 28 17:09:49 db04srv mariadbd[2430]: 2022-03-28 17:09:49 273 [Warning] Aborted connection 273 to db: 'kamailio' user: 'kamailio' host: '192.168.1.41' (Got an error reading communication packets)
Mar 28 17:09:49 db04srv mariadbd[2430]: 2022-03-28 17:09:49 295 [Warning] Aborted connection 295 to db: 'kamailio' user: 'kamailio' host: '192.168.1.41' (Got an error reading communication packets)
Mar 28 17:09:49 db04srv mariadbd[2430]: 2022-03-28 17:09:49 264 [Warning] Aborted connection 264 to db: 'kamailio' user: 'kamailio' host: '192.168.1.41' (Got an error reading communication packets)


Now, if I am trying to restart "kamailio" service, I got an error :

Mar 28 17:36:30 kamailio /usr/sbin/kamailio[14196]: DEBUG: <core> [core/sr_module.c:940]: init_mod(): permissions
Mar 28 17:36:30 kamailio /usr/sbin/kamailio[14196]: DEBUG: permissions [address.c:179]: reload_address_db_table(): Number of rows in address table: 1
Mar 28 17:36:30 kamailio /usr/sbin/kamailio[14196]: DEBUG: permissions [address.c:191]: reload_address_db_table(): failure during checks of database value 1 (group) in address table
Mar 28 17:36:30 kamailio /usr/sbin/kamailio[14196]: ERROR: permissions [address.c:233]: reload_address_db_table(): database problem - invalid record
Mar 28 17:36:30 kamailio /usr/sbin/kamailio[14196]: CRITICAL: permissions [address.c:536]: init_addresses(): reload of address table failed
Mar 28 17:36:30 kamailio /usr/sbin/kamailio[14196]: ERROR: permissions [permissions.c:657]: mod_init(): failed to initialize the allow_address function
Mar 28 17:36:30 kamailio /usr/sbin/kamailio[14196]: ERROR: <core> [core/sr_module.c:942]: init_mod(): Error while initializing module permissions (/usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so)
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/cfg.y:1860]: yyparse(): loading module permissions.so
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/sr_module.c:513]: ksr_locate_module(): found module to load </usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so>
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/sr_module.c:563]: load_module(): trying to load </usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so>
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/kemi.c:3090]: sr_kemi_modules_add(): adding module: permissions
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/cfg.lex:1963]: pp_define(): defining id: MOD_permissions
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/modparam.c:112]: set_mod_param_regex(): 'permissions' matches module 'permissions'
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/sr_module.c:811]: find_param_export(): found <db_url> in module permissions [/usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so]
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/modparam.c:128]: set_mod_param_regex(): found <db_url> in module permissions [/usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so]
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/modparam.c:112]: set_mod_param_regex(): 'permissions' matches module 'permissions'
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/sr_module.c:811]: find_param_export(): found <load_backends> in module permissions [/usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so]
Mar 28 17:36:30 kamailio kamailio: DEBUG: <core> [core/modparam.c:128]: set_mod_param_regex(): found <load_backends> in module permissions [/usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so]
Mar 28 17:36:31 kamailio kamailio: DEBUG: <core> [core/sr_module.c:719]: find_mod_export_record(): found export of <allow_source_address> in module permissions [/usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so]
Mar 28 17:36:31 kamailio kamailio: DEBUG: <core> [core/sr_module.c:719]: find_mod_export_record(): found export of <allow_source_address_group> in module permissions [/usr/lib/x86_64-linux-gnu/kamailio/modules/permissions.so

If I remove the record from the database manually, I can restart kamailio but no way to add any address.

Thanks if someone could highlight my path.

Best Regards,

--
Youssef 



--
Youssef BOUJRAF | Managing Director

Direct Line: +32 (0)2 880 33 30
Mobile: +32 (0)477 94 86 89
Dubai Mobile : +971 (0)55 9928871
Fax: +32 (0)2 318 82 21
Skype: y_boujraf
Email: yboujraf at by-research.be
Web : www.by-systems.be/

BY-SYSTEMS sprl| Avenue Charles Plisnier 13 | B-1070 Anderlecht | Belgium | TVA: BE 0819.832.617______________________________________________________________________________
This communication, issued by BY-SYSTEMS SPRL, is confidential and we do not waive confidentiality by mistransmission. If you have received it by mistake please notify the sender immediately by reply and then delete it permanently from your system without copying it, using it for any purposes or disclosing its contents to any other person. Thank you for your cooperation. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of BY-SYSTEMS SPRL. Emails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or contain viruses. Anyone who communicates with us by email is taken to accept these risks.
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20220329/5961dc65/attachment.htm>


More information about the sr-users mailing list