Re: [SR-Users] pua_subscribe and force_send_socket trouble
On 13/01/15 00:28, Mikko Lehto wrote: Juha Heinanen j...@tutpro.com: in case of tcp (and tls) the source port is always a random one. only the destination port can be predetermined. OK, thanks. I'll go with that then. Actually I can see non-random port with TLS... ...but that's with Homer + sip_trace() captured traffic. I'll write another thread about that. I checked the code and there is a bind() to local socket before doing tcp connect(). That should preserve the source port of the local address (socket) Kamailio is listening on. However, it is not guaranteed that the OS can do that, if there is an overlap on (source ip, source port, destination ip, destination port) with another connection. From the code, a warning message should be printed in logs. It also depends on OS and kernel versions. Apparently next link is a good article about (didn't have time to read it all): - https://idea.popcount.org/2014-04-03-bind-before-connect/ Cheers, Daniel -- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] pua_subscribe and force_send_socket trouble
Makes sense, I can live with this. Thanks for clarfication. -- Mikko Lehto ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] pua_subscribe and force_send_socket trouble
Juha Heinanen j...@tutpro.com: in case of tcp (and tls) the source port is always a random one. only the destination port can be predetermined. OK, thanks. I'll go with that then. Actually I can see non-random port with TLS... ...but that's with Homer + sip_trace() captured traffic. I'll write another thread about that. -- Mikko ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] pua_subscribe and force_send_socket trouble
Mikko Lehto writes: Here is the trouble: when I observe outgoing TLS traffic with tcpdump, I can see that local source port is not following what I set with force_send_socket(). I tried to place force_send_socket() in request_route, branch_route, and tm:local-request, but it is always some random high port (3), never the intended one. I am trying to set it to same as my TLS listening socket. my understanding is that force_send_socket forces outbound connection to use a particular socket kamailio is listening at. it does not mean that source port would be the one of the listening socket. in case of tcp (and tls) the source port is always a random one. only the destination port can be predetermined. -- juha ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] pua_subscribe and force_send_socket trouble
Some additional information: OS is Linux Debian Wheezy 7.6 on amd64 pua_subscribe is launched like this: kamcmd mi pua_subscribe sip:+35812345789@A.B.C.D:5041 sip:myproxy.fqdn.invalid presence 3600 -- Mikko ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] pua_subscribe and force_send_socket trouble
Hi
I am having strange behavior on local port assignment when
proxying out locally generated request. Kamailio is 4.2.1 from git.
I use MI pua_subscribe to create subscription to be handled by
external presence server.
In event_route[tm:local-request] I set $du to point back to proxy itself.
When request hits initial request_route, I add some headers, change
request URI and prepare failure_route for later uac_auth() processing.
So far so good and TLS packets are flying to correct destination.
Here is the trouble:
when I observe outgoing TLS traffic with tcpdump, I can see that local
source port is not following what I set with force_send_socket(). I tried to
place force_send_socket() in request_route, branch_route, and
tm:local-request, but it is always some random high port (3), never
the intended one. I am trying to set it to same as my TLS listening socket.
Is my usage somehow incorrect?
What should I try next to make Kamailio use constant source port?
Relevant config snippet below (IP address and domain part is obscured).
---
mhomed=1
listen=udp:A.B.C.D:5041
listen=tls:A.B.C.D:5041
request_route {
route(REQINIT);
if ( blahblah... ) {
$ru = sip: + $rU + @domain.part.invalid;transport=tls;
$avp(uac_auth) = 0;
route(PR_HDRS);
route(PR_TRIGGERS);
force_send_socket(A.B.C.D:5041);
t_newtran();
route(RELAY);
}
}
route[PR_HDRS] {
remove_hf(User-Agent);
insert_hf(User-Agent: pua_subscribe\r\n,Call-ID);
}
route[PR_TRIGGERS] {
t_on_branch(PR_BRANCH);
t_on_failure(PR_FAILURE);
}
branch_route[PR_BRANCH] {
force_send_socket(A.B.C.D:5041);
}
failure_route[PR_FAILURE] {
if ( $avp(uac_auth) == 0 ($T_reply_code == 401 or $T_reply_code ==
407) ) {
uac_auth();
$avp(uac_auth) = 1;
route(PR_TRIGGERS);
route(RELAY);
}
}
event_route [tm:local-request] {
force_send_socket(A.B.C.D:5041);
$du = sip:A.B.C.D:5041;
}
route[RELAY] { is from default config }
---
I found these recent commits, bugs and threads somehow relating
to force_send_socket and tm:local-request:
http://sip-router.org/tracker/index.php?do=detailstask_id=462
http://lists.sip-router.org/pipermail/sr-users/2014-August/084459.html
dbd8ea9b1fa216e59d4c36e2eb4b671202824259
http://lists.sip-router.org/pipermail/sr-dev/2014-September/024984.html
e404d123610b63ddd1c75d39667b373c40071eab
http://lists.sip-router.org/pipermail/sr-dev/2014-September/024977.html
--
Mikko Lehto
___
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
