Re: [SR-Users] unable to receive UDP

2021-10-13 Thread dem 

Hi Fred,

We'll, problem solved...

I was able to duplicate the problem with the IP configured on em3 using # nc 
-lvu  10.102.88.81 5060. No traffic.


As stated before, the IP works on interface em1(10g), not em3(1g). Centos 7, 
Dell R630. Firewalld correct.


I started digging into the Dell Broadcom BCM57800 card. Numerous reports of 
issues with the ports not working. Which comes as quite a surprise, considering 
we have 8 x R630's running the cards since January!


I've never seen a network interface not pass the packet to the stack - kind of 
the whole point. Ordering replacement Dell/Intel cards now.


Thanks to all for your help!!! Anxious to put Kamailio in production to handle 
STIR/SHAKEN (and maybe some cool routing).


Thanks,
Dan

Fred Posner wrote on 10/13/21 9:39 AM:

I think at this point, it would be best to rule out your
system/environment before debugging code.

Have you see if another application layer program can see the SIP
traffic (such as sipp)?

If a netstat shows kamailio listening on the IP/port, and kamailio
didn't indicate any errors binding to the IP provided, we must further
rule out something on the system.

Fred Posner | palner.com
Matrix: @fred:matrix.lod.com
o: +1 (212) 937-7844

On 10/13/21 7:58 AM, d...@htsweb.com wrote:

Hi Sergey,

Only testing with the SIP INVITE from one of our production SIP trunk
providers. The 'length's are listed below for the tcpdump. Same packet
size/contents for all tests. Only change was moving IP from interface
em3 to em1. Doesn't look like packet size is the issue.

Looking at some of the socket code. Could be related to socket structs,
maybe an array enumeration issue. We have 4 interfaces: em1 ((10g up),
em2(10g down), em3 (1g up), em4 (1g up). Just switched IP from 3rd
interface (2nd up) to 1st interface (1st up) - it worked.

If somebody would like to provide a debug message/location, I could
recompile to test the array bucket theory. Quick way to check.

Note, the config below is the entire test config. No changes. Only
purpose was to receive SIP INVITE to test socket.

Thanks,
Dan

Sergey Safarov wrote on 10/13/21 4:08 AM:

you also need to check UDP packets are fragmented or not.
you must receive all fragments before Kamailio is able to parse the
message.

On Wed, Oct 13, 2021 at 1:28 AM David Villasmil
mailto:david.villasmil.w...@gmail.com>> wrote:

 use the

 listen=udp:YOUR-LOCAL-IP:5060

 then do a netstat to see if it's listening on 5060


 Regards,

 David Villasmil
 email: david.villasmil.w...@gmail.com
 
 phone: +34669448337


 On Tue, Oct 12, 2021 at 11:17 PM mailto:d...@htsweb.com>> wrote:

 Okay, think I discovered something

 I'm attempting to run the kamailio on interface em3 - no joy.
 I moved the 10.102.88.81 ip to the em1 interface. kamailio is
 showing the UDP packets as received (via my horribly simple
 config below).

 This test also answers the firewall question, UDP port is allowed.

 So, that prompts the question... how do you use kamailio with
 UDP on a specific interface ?  I'm thinking it might not do it
 currently ?

 Also, forgive me if I messed up the prior reply to the list.

 Thanks,
 Dan

 d...@htsweb.com  wrote on 10/12/21 5:28 PM:

 Hello,

 The tcpdump (below) shows packet reaching em3 interface. The
 firewalld command (below) shows UDP port 5060 open.

 netcat doesn't do specific interfaces. Can't do ALL
 interfaces, since em4 is a pcap of hundreds of thousands of
 live UDP 5060.

 I'll have to write a standalone to prove that the firewall
 allows UDP 5060 through the em3 interface, post firewall...
 (betting it does). Should have test prog tomorrow.

 Thanks,
 Dan

 Daniel-Constantin Mierla wrote on 10/12/21 4:27 PM:

 Hello,

 tcpdump and other network sniffers (e.g., ngrep, sngrep)
 capture the sip traffic before firewall, so even if you see
 packets with them, the application can still not get them
 due to firewall.

 To test, you can replace kamailio with netcat listening on
 UDP port 5060 and see if it receives the sip traffic.

 Cheers,
 Daniel

 On 12.10.21 19:08, d...@htsweb.com  wrote:

 After 4 (long) days of trying to receive any UDP SIP, I'm
 hoping someone can point out what I'm doing wrong. I've
 looked at the kamailio code. I'm beginning to think it's
 the 'polling' code, but it looks fine. It could be Centos
 or a Dell network driver, but not seeing any errors anywhere.

 - stock build/compile...
   Version: kamailio 5.5.2 (x86_64/linux) 0d53d9
   Compile flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS,

Re: [SR-Users] Kamailio Inbound proxy to Asterisk - ACL Filtering

2021-10-13 Thread Henning Westerholt 
Hello,

if you want to modify the From header you should use the uac_replace_from 
function from uac module and not the PVs.
If you just want to pass the IP to the asterisk, do not change the From header 
but add e.g. a new "X-IP" header for it and evaluate it from asterisk.

Cheers,

Henning

-- 
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com

-Original Message-
From: Mihai Cezar  
Sent: Wednesday, October 13, 2021 3:10 PM
To: Henning Westerholt 
Cc: Kamailio (SER) - Users Mailing List 
Subject: Re: [SR-Users] Kamailio Inbound proxy to Asterisk - ACL Filtering

Hi,

I am looking at Kamailio 5.5.x wiki, and they are a few pseudo variables, $si, 
$siz (don't know which one to use) Should I manipulate the "From" header?

Like so:
remove_hf("From");
insert_hf("From: $fn;tag=$ft\r\n","To");

Thanks in advance,

On Tue, Oct 12, 2021 at 11:39 PM Henning Westerholt  wrote:
>
> Hello,
>
> you can surely just add the original IP to an X-Header in Kamailio.
>
> Have a look to the pseudo-variables (e.g. incoming IP address) and textops 
> module, append_hf function for example.
>
> Cheers,
>
> Henning
>
> --
> Henning Westerholt - https://skalatan.de/blog/ Kamailio services - 
> https://gilawa.com
>
> -Original Message-
> From: sr-users  On Behalf Of 
> Mihai Cezar
> Sent: Tuesday, October 12, 2021 10:10 PM
> To: Kamailio (SER) - Users Mailing List 
> Subject: Re: [SR-Users] Kamailio Inbound proxy to Asterisk - ACL 
> Filtering
>
> But is there something that I can do in kamailio to send the original IP to 
> an asterisk server like in http with the XFF header?
>
> On Mon, Oct 11, 2021 at 1:29 AM David Villasmil 
>  wrote:
> >
> > Hello, this is really an Asterisk question.
> > Here in Kamailio we'd recommend you do that filtering at the proxy level, 
> > using the "permissions" module.
> >
> > Regards,
> >
> > David Villasmil
> > email: david.villasmil.w...@gmail.com
> > phone: +34669448337
> >
> >
> > On Sun, Oct 10, 2021 at 6:52 PM Mihai Cezar  wrote:
> >>
> >> Hi,
> >>
> >> The last matching rule is the one used. If no rule matches, then 
> >> the connection is permitted.
> >>
> >> Example:
> >> deny=0.0.0.0/0.0.0.0
> >> permit=1.2.3.4/32
> >> Deny every address except for the only one allowed.
> >>
> >> Basically the rules are processed from the first to the last.
> >>
> >> On Sat, Oct 9, 2021 at 3:26 PM Bugaian A. Vitalie  
> >> wrote:
> >> >
> >> > Hi,
> >> >
> >> > I think its the order you apply the ACL, first permit some, then deny 
> >> > any?
> >> >
> >> > Vitalie.
> >> >
> >> > On Sat, Oct 9, 2021 at 1:58 PM Mihai Cezar  wrote:
> >> >>
> >> >> Hello,
> >> >>
> >> >> I have an issue with filtering on the asterisk side, my requests are:
> >> >> UsersPhones(bria) -> Kamailio -> Asterisk -> Sip Trunk Out.
> >> >>
> >> >> The goal is to manage a new layer of protection ( IP filtering / 
> >> >> Whitelisting ).
> >> >> When I try to compile a list of Whitelisted IP in sip.conf I get this 
> >> >> error:
> >> >>
> >> >> NOTICE[205]: acl.c:748 ast_apply_acl: SIP contact ACL: Rejecting 
> >> >> '145.72.23.45' due to a failure to pass ACL '(BASELINE)'
> >> >> WARNING[205]: chan_sip.c:17061 parse_register_contact: Domain 
> >> >> '5.12.16.2:48669' disallowed by contact ACL (violating IP
> >> >> 145.72.23.45)
> >> >> WARNING[205]: chan_sip.c:17933 register_verify: Registration 
> >> >> denied because of contact ACL
> >> >>
> >> >> The IP 145.72.23.45, is the proxy kamailio and if I added it to 
> >> >> sip.conf it works, but so does every ip afterwards.
> >> >>
> >> >> I tried with contactpermit also with permit, the result is the 
> >> >> same as long as I permit the proxy ip it works. Is there 
> >> >> something that I can do on the asterisk side to activate this 
> >> >> filtering Or there is something that I can do in Kamailio so it will 
> >> >> forward the realip ?
> >> >>
> >> >> contactdeny=0.0.0.0/0.0.0.0
> >> >> contactpermit=145.72.23.45/32
> >> >> contactpermit=5.12.16.2/32
> >> >>
> >> >>
> >> >> Thanks in advance,
> >> >>
> >> >> __
> >> >> Kamailio - Users Mailing List - Non Commercial Discussions
> >> >>   * sr-users@lists.kamailio.org
> >> >> Important: keep the mailing list in the recipients, do not reply only 
> >> >> to the sender!
> >> >> Edit mailing list options or unsubscribe:
> >> >>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> >> >
> >> > __
> >> > Kamailio - Users Mailing List - Non Commercial Discussions
> >> >   * sr-users@lists.kamailio.org
> >> > Important: keep the mailing list in the recipients, do not reply only to 
> >> > the sender!
> >> > Edit mailing list options or unsubscribe:
> >> >   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> >>
> >> __
> >> Kamailio - Users Mailing List - Non Commercial Discussions
> >>   *

Re: [SR-Users] unable to receive UDP

2021-10-13 Thread Fred Posner 
I think at this point, it would be best to rule out your
system/environment before debugging code.

Have you see if another application layer program can see the SIP
traffic (such as sipp)?

If a netstat shows kamailio listening on the IP/port, and kamailio
didn't indicate any errors binding to the IP provided, we must further
rule out something on the system.

Fred Posner | palner.com
Matrix: @fred:matrix.lod.com
o: +1 (212) 937-7844

On 10/13/21 7:58 AM, d...@htsweb.com wrote:
> Hi Sergey,
> 
> Only testing with the SIP INVITE from one of our production SIP trunk
> providers. The 'length's are listed below for the tcpdump. Same packet
> size/contents for all tests. Only change was moving IP from interface
> em3 to em1. Doesn't look like packet size is the issue.
> 
> Looking at some of the socket code. Could be related to socket structs,
> maybe an array enumeration issue. We have 4 interfaces: em1 ((10g up),
> em2(10g down), em3 (1g up), em4 (1g up). Just switched IP from 3rd
> interface (2nd up) to 1st interface (1st up) - it worked.
> 
> If somebody would like to provide a debug message/location, I could
> recompile to test the array bucket theory. Quick way to check.
> 
> Note, the config below is the entire test config. No changes. Only
> purpose was to receive SIP INVITE to test socket.
> 
> Thanks,
> Dan
> 
> Sergey Safarov wrote on 10/13/21 4:08 AM:
>> you also need to check UDP packets are fragmented or not.
>> you must receive all fragments before Kamailio is able to parse the
>> message.
>>
>> On Wed, Oct 13, 2021 at 1:28 AM David Villasmil
>> > > wrote:
>>
>> use the
>>
>> listen=udp:YOUR-LOCAL-IP:5060
>>
>> then do a netstat to see if it's listening on 5060
>>
>>
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.w...@gmail.com
>> 
>> phone: +34669448337
>>
>>
>> On Tue, Oct 12, 2021 at 11:17 PM > > wrote:
>>
>> Okay, think I discovered something
>>
>> I'm attempting to run the kamailio on interface em3 - no joy. 
>> I moved the 10.102.88.81 ip to the em1 interface. kamailio is
>> showing the UDP packets as received (via my horribly simple
>> config below).
>>
>> This test also answers the firewall question, UDP port is allowed.
>>
>> So, that prompts the question... how do you use kamailio with
>> UDP on a specific interface ?  I'm thinking it might not do it
>> currently ?
>>
>> Also, forgive me if I messed up the prior reply to the list.
>>
>> Thanks,
>> Dan
>>
>> d...@htsweb.com  wrote on 10/12/21 5:28 PM:
>>> Hello,
>>>
>>> The tcpdump (below) shows packet reaching em3 interface. The
>>> firewalld command (below) shows UDP port 5060 open.
>>>
>>> netcat doesn't do specific interfaces. Can't do ALL
>>> interfaces, since em4 is a pcap of hundreds of thousands of
>>> live UDP 5060.
>>>
>>> I'll have to write a standalone to prove that the firewall
>>> allows UDP 5060 through the em3 interface, post firewall...
>>> (betting it does). Should have test prog tomorrow.
>>>
>>> Thanks,
>>> Dan
>>>
>>> Daniel-Constantin Mierla wrote on 10/12/21 4:27 PM:

 Hello,

 tcpdump and other network sniffers (e.g., ngrep, sngrep)
 capture the sip traffic before firewall, so even if you see
 packets with them, the application can still not get them
 due to firewall.

 To test, you can replace kamailio with netcat listening on
 UDP port 5060 and see if it receives the sip traffic.

 Cheers,
 Daniel

 On 12.10.21 19:08, d...@htsweb.com  wrote:
> After 4 (long) days of trying to receive any UDP SIP, I'm
> hoping someone can point out what I'm doing wrong. I've
> looked at the kamailio code. I'm beginning to think it's
> the 'polling' code, but it looks fine. It could be Centos
> or a Dell network driver, but not seeing any errors anywhere.
>
> - stock build/compile...
>   Version: kamailio 5.5.2 (x86_64/linux) 0d53d9
>   Compile flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS,
> USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK,
> SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC,
> DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT,
> USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR,
> USE_DST_BLOCKLIST, HAVE_RESOLV_RES
>   MAX_RECV_BUFFER_SIZE=262144
>   MAX_URI_SIZE=1024
>   BUF_SIZE=65535
>   DEFAULT PKG_SIZE=8MB
>   DEFAULT SHM_SIZE=64MB
>  

Re: [SR-Users] Kamailio Inbound proxy to Asterisk - ACL Filtering

2021-10-13 Thread Mihai Cezar 
Hi,

I am looking at Kamailio 5.5.x wiki, and they are a few pseudo
variables, $si, $siz (don't know which one to use)
Should I manipulate the "From" header?

Like so:
remove_hf("From");
insert_hf("From: $fn;tag=$ft\r\n","To");

Thanks in advance,

On Tue, Oct 12, 2021 at 11:39 PM Henning Westerholt  wrote:
>
> Hello,
>
> you can surely just add the original IP to an X-Header in Kamailio.
>
> Have a look to the pseudo-variables (e.g. incoming IP address) and textops 
> module, append_hf function for example.
>
> Cheers,
>
> Henning
>
> --
> Henning Westerholt - https://skalatan.de/blog/
> Kamailio services - https://gilawa.com
>
> -Original Message-
> From: sr-users  On Behalf Of Mihai Cezar
> Sent: Tuesday, October 12, 2021 10:10 PM
> To: Kamailio (SER) - Users Mailing List 
> Subject: Re: [SR-Users] Kamailio Inbound proxy to Asterisk - ACL Filtering
>
> But is there something that I can do in kamailio to send the original IP to 
> an asterisk server like in http with the XFF header?
>
> On Mon, Oct 11, 2021 at 1:29 AM David Villasmil 
>  wrote:
> >
> > Hello, this is really an Asterisk question.
> > Here in Kamailio we'd recommend you do that filtering at the proxy level, 
> > using the "permissions" module.
> >
> > Regards,
> >
> > David Villasmil
> > email: david.villasmil.w...@gmail.com
> > phone: +34669448337
> >
> >
> > On Sun, Oct 10, 2021 at 6:52 PM Mihai Cezar  wrote:
> >>
> >> Hi,
> >>
> >> The last matching rule is the one used. If no rule matches, then the
> >> connection is permitted.
> >>
> >> Example:
> >> deny=0.0.0.0/0.0.0.0
> >> permit=1.2.3.4/32
> >> Deny every address except for the only one allowed.
> >>
> >> Basically the rules are processed from the first to the last.
> >>
> >> On Sat, Oct 9, 2021 at 3:26 PM Bugaian A. Vitalie  
> >> wrote:
> >> >
> >> > Hi,
> >> >
> >> > I think its the order you apply the ACL, first permit some, then deny 
> >> > any?
> >> >
> >> > Vitalie.
> >> >
> >> > On Sat, Oct 9, 2021 at 1:58 PM Mihai Cezar  wrote:
> >> >>
> >> >> Hello,
> >> >>
> >> >> I have an issue with filtering on the asterisk side, my requests are:
> >> >> UsersPhones(bria) -> Kamailio -> Asterisk -> Sip Trunk Out.
> >> >>
> >> >> The goal is to manage a new layer of protection ( IP filtering / 
> >> >> Whitelisting ).
> >> >> When I try to compile a list of Whitelisted IP in sip.conf I get this 
> >> >> error:
> >> >>
> >> >> NOTICE[205]: acl.c:748 ast_apply_acl: SIP contact ACL: Rejecting
> >> >> '145.72.23.45' due to a failure to pass ACL '(BASELINE)'
> >> >> WARNING[205]: chan_sip.c:17061 parse_register_contact: Domain
> >> >> '5.12.16.2:48669' disallowed by contact ACL (violating IP
> >> >> 145.72.23.45)
> >> >> WARNING[205]: chan_sip.c:17933 register_verify: Registration
> >> >> denied because of contact ACL
> >> >>
> >> >> The IP 145.72.23.45, is the proxy kamailio and if I added it to
> >> >> sip.conf it works, but so does every ip afterwards.
> >> >>
> >> >> I tried with contactpermit also with permit, the result is the
> >> >> same as long as I permit the proxy ip it works. Is there something
> >> >> that I can do on the asterisk side to activate this filtering Or
> >> >> there is something that I can do in Kamailio so it will forward the 
> >> >> realip ?
> >> >>
> >> >> contactdeny=0.0.0.0/0.0.0.0
> >> >> contactpermit=145.72.23.45/32
> >> >> contactpermit=5.12.16.2/32
> >> >>
> >> >>
> >> >> Thanks in advance,
> >> >>
> >> >> __
> >> >> Kamailio - Users Mailing List - Non Commercial Discussions
> >> >>   * sr-users@lists.kamailio.org
> >> >> Important: keep the mailing list in the recipients, do not reply only 
> >> >> to the sender!
> >> >> Edit mailing list options or unsubscribe:
> >> >>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> >> >
> >> > __
> >> > Kamailio - Users Mailing List - Non Commercial Discussions
> >> >   * sr-users@lists.kamailio.org
> >> > Important: keep the mailing list in the recipients, do not reply only to 
> >> > the sender!
> >> > Edit mailing list options or unsubscribe:
> >> >   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> >>
> >> __
> >> Kamailio - Users Mailing List - Non Commercial Discussions
> >>   * sr-users@lists.kamailio.org
> >> Important: keep the mailing list in the recipients, do not reply only to 
> >> the sender!
> >> Edit mailing list options or unsubscribe:
> >>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> >
> > __
> > Kamailio - Users Mailing List - Non Commercial Discussions
> >   * sr-users@lists.kamailio.org
> > Important: keep the mailing list in the recipients, do not reply only to 
> > the sender!
> > Edit mailing list options or unsubscribe:
> >   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>

Re: [SR-Users] unable to receive UDP

2021-10-13 Thread dem 

Hi Sergey,

Only testing with the SIP INVITE from one of our production SIP trunk providers. 
The 'length's are listed below for the tcpdump. Same packet size/contents for 
all tests. Only change was moving IP from interface em3 to em1. Doesn't look 
like packet size is the issue.


Looking at some of the socket code. Could be related to socket structs, maybe an 
array enumeration issue. We have 4 interfaces: em1 ((10g up), em2(10g down), em3 
(1g up), em4 (1g up). Just switched IP from 3rd interface (2nd up) to 1st 
interface (1st up) - it worked.


If somebody would like to provide a debug message/location, I could recompile to 
test the array bucket theory. Quick way to check.


Note, the config below is the entire test config. No changes. Only purpose was 
to receive SIP INVITE to test socket.


Thanks,
Dan

Sergey Safarov wrote on 10/13/21 4:08 AM:

you also need to check UDP packets are fragmented or not.
you must receive all fragments before Kamailio is able to parse the message.

On Wed, Oct 13, 2021 at 1:28 AM David Villasmil 
mailto:david.villasmil.w...@gmail.com>> wrote:


use the

listen=udp:YOUR-LOCAL-IP:5060

then do a netstat to see if it's listening on 5060


Regards,

David Villasmil
email: david.villasmil.w...@gmail.com 

phone: +34669448337


On Tue, Oct 12, 2021 at 11:17 PM mailto:d...@htsweb.com>>
wrote:

Okay, think I discovered something

I'm attempting to run the kamailio on interface em3 - no joy.  I moved
the 10.102.88.81 ip to the em1 interface. kamailio is showing the UDP
packets as received (via my horribly simple config below).

This test also answers the firewall question, UDP port is allowed.

So, that prompts the question... how do you use kamailio with UDP on a
specific interface ?  I'm thinking it might not do it currently ?

Also, forgive me if I messed up the prior reply to the list.

Thanks,
Dan

d...@htsweb.com  wrote on 10/12/21 5:28 PM:

Hello,

The tcpdump (below) shows packet reaching em3 interface. The
firewalld command (below) shows UDP port 5060 open.

netcat doesn't do specific interfaces. Can't do ALL interfaces, since
em4 is a pcap of hundreds of thousands of live UDP 5060.

I'll have to write a standalone to prove that the firewall allows UDP
5060 through the em3 interface, post firewall... (betting it does).
Should have test prog tomorrow.

Thanks,
Dan

Daniel-Constantin Mierla wrote on 10/12/21 4:27 PM:


Hello,

tcpdump and other network sniffers (e.g., ngrep, sngrep) capture the
sip traffic before firewall, so even if you see packets with them,
the application can still not get them due to firewall.

To test, you can replace kamailio with netcat listening on UDP port
5060 and see if it receives the sip traffic.

Cheers,
Daniel

On 12.10.21 19:08, d...@htsweb.com  wrote:

After 4 (long) days of trying to receive any UDP SIP, I'm hoping
someone can point out what I'm doing wrong. I've looked at the
kamailio code. I'm beginning to think it's the 'polling' code, but
it looks fine. It could be Centos or a Dell network driver, but not
seeing any errors anywhere.

- stock build/compile...
  Version: kamailio 5.5.2 (x86_64/linux) 0d53d9
  Compile flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS,
USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP,
PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY,
USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE,
USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES
  MAX_RECV_BUFFER_SIZE=262144
  MAX_URI_SIZE=1024
  BUF_SIZE=65535
  DEFAULT PKG_SIZE=8MB
  DEFAULT SHM_SIZE=64MB
  ADAPTIVE_WAIT_LOOPS=1024
  TCP poll methods: poll, epoll_lt, epoll_et, sigio_rt, select
  Source code revision ID: 0d53d9
  Compiled with: gcc 4.8.5
  Compiled architecture: x86_64
  Compiled on: 08:44:19 Oct 11 2021

Running Centos 7 all updated. Dell R630.
# sestatus
SELinux status: disabled
# firewall-cmd --list-all
  ports: 5666/tcp 873/tcp 873/udp 80/tcp 443/tcp 5060/tcp 5060/udp
5061/tcp 5061/udp

- Just trying to send SIP INVITE from trunk provider to R630
kamailio...
(SIP trunk) UDP 172.200.200.202:5060 
-> (firewall) UDP 172.250.250.162:5060
 -> 1:1 NAT -> (R630) UDP
10.102.88.81:5060 

- I can 'see' the packet hit the em3 network...
#  tcpdump -i em3 -e -vv

[SR-Users] Compile kamailio-5.4 against openssl1.1.1

2021-10-13 Thread Antony Russell 
Hello

I see that support for compiling kamailio against openssl1.1.1 was recently
added (https://github.com/kamailio/kamailio/pull/2779) and I see that this
can be done in kamailio-5.5.2.

Will this ability be made available in kamilio-5.4? I see it is not in the
most recent 5.4 release (5.4.7)

-- 
*Antony Russell*

Chief Technical Officer

Tel  087 820 8113
antony.russ...@telviva.co.za

www.telviva.co.za

*Telviva (Pty) Ltd - formerly Connection Telecom (Pty) Ltd*

-- 
https://www.telviva.co.za/legal/email-disclaimer 

__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] unable to receive UDP

2021-10-13 Thread Sergey Safarov 
you also need to check UDP packets are fragmented or not.
you must receive all fragments before Kamailio is able to parse the message.

On Wed, Oct 13, 2021 at 1:28 AM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> use the
>
> listen=udp:YOUR-LOCAL-IP:5060
>
> then do a netstat to see if it's listening on 5060
>
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Tue, Oct 12, 2021 at 11:17 PM  wrote:
>
>> Okay, think I discovered something
>>
>> I'm attempting to run the kamailio on interface em3 - no joy.  I moved
>> the 10.102.88.81 ip to the em1 interface. kamailio is showing the UDP
>> packets as received (via my horribly simple config below).
>>
>> This test also answers the firewall question, UDP port is allowed.
>>
>> So, that prompts the question... how do you use kamailio with UDP on a
>> specific interface ?  I'm thinking it might not do it currently ?
>>
>> Also, forgive me if I messed up the prior reply to the list.
>>
>> Thanks,
>> Dan
>>
>> d...@htsweb.com wrote on 10/12/21 5:28 PM:
>>
>> Hello,
>>
>> The tcpdump (below) shows packet reaching em3 interface. The firewalld
>> command (below) shows UDP port 5060 open.
>>
>> netcat doesn't do specific interfaces. Can't do ALL interfaces, since em4
>> is a pcap of hundreds of thousands of live UDP 5060.
>>
>> I'll have to write a standalone to prove that the firewall allows UDP
>> 5060 through the em3 interface, post firewall... (betting it does). Should
>> have test prog tomorrow.
>>
>> Thanks,
>> Dan
>>
>> Daniel-Constantin Mierla wrote on 10/12/21 4:27 PM:
>>
>> Hello,
>>
>> tcpdump and other network sniffers (e.g., ngrep, sngrep) capture the sip
>> traffic before firewall, so even if you see packets with them, the
>> application can still not get them due to firewall.
>>
>> To test, you can replace kamailio with netcat listening on UDP port 5060
>> and see if it receives the sip traffic.
>>
>> Cheers,
>> Daniel
>> On 12.10.21 19:08, d...@htsweb.com wrote:
>>
>> After 4 (long) days of trying to receive any UDP SIP, I'm hoping someone
>> can point out what I'm doing wrong. I've looked at the kamailio code. I'm
>> beginning to think it's the 'polling' code, but it looks fine. It could be
>> Centos or a Dell network driver, but not seeing any errors anywhere.
>>
>> - stock build/compile...
>>   Version: kamailio 5.5.2 (x86_64/linux) 0d53d9
>>   Compile flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS,
>> DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC,
>> F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT,
>> USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST,
>> HAVE_RESOLV_RES
>>   MAX_RECV_BUFFER_SIZE=262144
>>   MAX_URI_SIZE=1024
>>   BUF_SIZE=65535
>>   DEFAULT PKG_SIZE=8MB
>>   DEFAULT SHM_SIZE=64MB
>>   ADAPTIVE_WAIT_LOOPS=1024
>>   TCP poll methods: poll, epoll_lt, epoll_et, sigio_rt, select
>>   Source code revision ID: 0d53d9
>>   Compiled with: gcc 4.8.5
>>   Compiled architecture: x86_64
>>   Compiled on: 08:44:19 Oct 11 2021
>>
>> Running Centos 7 all updated. Dell R630.
>> # sestatus
>> SELinux status: disabled
>> # firewall-cmd --list-all
>>   ports: 5666/tcp 873/tcp 873/udp 80/tcp 443/tcp 5060/tcp 5060/udp
>> 5061/tcp 5061/udp
>>
>> - Just trying to send SIP INVITE from trunk provider to R630 kamailio...
>> (SIP trunk) UDP 172.200.200.202:5060 -> (firewall) UDP
>> 172.250.250.162:5060 -> 1:1 NAT -> (R630) UDP 10.102.88.81:5060
>>
>> - I can 'see' the packet hit the em3 network...
>> #  tcpdump -i em3 -e -vv -n port 5060
>> 11:53:33.260892 99:99:ef:3e:69:c1 > 99:99:1c:48:4e:e3, ethertype IPv4
>> (0x0800), length 1366: (tos 0x0, ttl 54, id 20430, offset 0, flags [none],
>> proto UDP (17), length 1352)
>> 172.200.200.202.sip > 10.102.88.81.sip: [udp sum ok] SIP, length: 1324
>> INVITE sip:+18005551234@172.250.250.162:5060 SIP/2.0
>> ...
>>
>> At this point, I just need to see a SIP INVITE received. Then I can go
>> back to working on a real config.
>>
>> I've tried with TCP on/off, listening on all networks, alias on/off,
>> strace and everything else I could think of. Truly appreciate any
>> guidance.
>>
>> Tried every sample config possible, but I just need to test receiving the
>> SIP UDP packet, so this 'should' be minimum config...
>>
>> #!KAMAILIO
>> debug=9
>> log_stderror=no
>> log_facility=LOG_LOCAL0
>> log_prefix="{$mt $hdr(CSeq) $ci} "
>> children=2
>> disable_tcp=yes
>> udp4_raw=on
>> auto_aliases=no
>> alias="sbc01.mysite.com"
>> listen=udp:10.102.88.81:5060
>>
>> loadmodule "debugger.so"
>> loadmodule "jsonrpcs.so"
>> loadmodule "kex.so"
>> loadmodule "corex.so"
>> loadmodule "sl.so"
>> loadmodule "rr.so"
>> loadmodule "pv.so"
>> loadmodule "textops.so"
>> loadmodule "siputils.so"
>> loadmodule "xlog.so"
>> loadmodule "sanity.so"
>> loadmodule "ctl.so"
>> loadmodule "cfg_rpc.so"
>>
>> modparam("debugger", "cfgtrace", 1)
>>
>> request_route {
>>   xlog("SIP