This is an old revision of the document!
Table of Contents
Kamailio 3.0 Config
This page provides guidelines to get the default config file of Kamailio 1.5.x working with SIP Router core.
Functionalities:
- SIP routing
- User location
- Authentication
- Accounting
- NAT traversal
- Presence server
1. Install from GIT
It is highly recommended that you have Kamailio 1.5.x installed already so you can use the additional tools coming with that version and not yet included in SIP Router. See here a step by step guide to install Kamailio 1.5.x from SVN
The steps here are given for Unbuntu/Debian based distributions and should be easy to adapt to other Linux distros.
1.1. Prerequisites
To be able to follow the guidelines from this document you need root access.
The following packages are required before proceeding to the next steps.
- git client: apt-get install git-core - it is recommended to have the latest version, which might not be part of the distribution yet, but you can get it from: http://git-scm.com/
- gcc compiler: apt-get install gcc
- flex - apt-get install flex
- bison - apt-get install bison
- libmysqlclient15-dev - apt-get install libmysqlclient15-dev
- make - apt-get install make
1.2. Getting sources from GIT
First of all, you have to create a directory on the file system where the sources will be stored.
mkdir -p /usr/local/src/sr cd /usr/local/src/sr
Download the sources from GIT using the following command.
git clone --depth 1 git://git.sip-router.org/sip-router
1.3.Tuning Makefiles
Next step is to edit Makefile files to include the MySQL module.
cd sip-router vim Makefile
Remove db_mysql from exclude_modules variable.
Note: if you need PCRE-dependent modules (e.g., lcr, dialplan, regexp), instal the PCRE devel library and uncomment
1.4. Compile SIP Router
Once the mysql module was removed from excluded modules list, you can compile:
make all
1.5. Install SIP Router
When the compilation is ready, install with the following command:
make install
1.6. What and where was installed
The binaries and executable scripts were installed in:
/usr/local/sbin
These are:
- ser - SIP Router binary
To be able to use the binaries from command line, make sure that '/usr/local/sbin' is set in PATH environment variable. You can check that with 'echo $PATH'. If not and you are using 'bash', open '/root/.bash_profile' and at the end add:
PATH=$PATH:/usr/local/sbin export PATH
SIP Router modules are installed in:
/usr/local/lib/ser/modules/
The documentation and readme files are installed in:
/usr/local/share/doc/ser/
The man pages are installed in:
/usr/local/share/man/man5/ /usr/local/share/man/man8/
The configuration file was installed in:
/usr/local/etc/ser/ser.cfg
However, this configuration file is not the one used by Kamailio (OpenSER) 1.5.x. Section 2 includes it.
2. Kamailio Config File
- this is the configuration file from Kamailio (OpenSER) 1.5.x adapted for the development version based on SIP-Router.org project
- it has turned on most of the features that are by default commented (authentication, accounting, nat traversal, presence)
- copy it and paste into /usr/local/etc/ser/kamailio.org
# # $Id: kamailio.cfg 5679 2009-03-10 09:22:27Z ibc_sf $ # # Kamailio (OpenSER) SIP Server - basic configuration script # - web: http://www.kamailio.org # - svn: http://openser.svn.sourceforge.net/viewvc/openser/ # # Direct your questions about this file to: <users@lists.kamailio.org> # # Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php # for an explanation of possible statements, functions and parameters. # # There are comments showing how to enable different features in th econfig # file. Such commented code starts with #X# where X is a letter to identify # a feature. Delete entire #X# if you want to enable that feature. Next are # sed commands that help you enable such features. # # *** To enamble mysql execute: # sed -i 's///g' kamailio.cfg # # *** To enamble authentication execute: # - enable mysql # sed -i 's///g' kamailio.cfg # - add users using 'kamctl' # # *** To enamble persistent user location execute: # - enable mysql # sed -i 's///g' kamailio.cfg # # *** To enamble presence server execute: # - enable mysql # sed -i 's///g' kamailio.cfg # # *** To enamble nat traversal execute: # sed -i 's///g' kamailio.cfg # - install RTPProxy: http://www.rtpproxy.org # - start RTPProxy: # rtpproxy -l _your_public_ip_ -s udp:localhost:7722 # # *** To enhance accounting execute: # - enable mysql # sed -i 's///g' kamailio.cfg # - add following columns to database # ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_call ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; # ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; # ####### Global Parameters ######### debug=4 memdbg=5 memlog=5 log_stderror=yes log_facility=LOG_LOCAL0 fork=yes children=1 /* uncomment the following lines to enable debugging */ #debug=6 #fork=no #log_stderror=yes /* uncomment the next line to disable TCP (default on) */ disable_tcp=yes /* uncomment the next line to enable the auto temporary blacklisting of not available destinations (default disabled) */ #disable_dns_blacklist=no /* uncomment the next line to enable IPv6 lookup after IPv4 dns lookup failures (default disabled) */ #dns_try_ipv6=yes /* uncomment the next line to disable the auto discovery of local aliases based on revers DNS on IPs (default on) */ auto_aliases=no /* uncomment the following lines to enable TLS support (default off) */ #disable_tls = no #listen = tls:your_IP:5061 #tls_verify_server = 1 #tls_verify_client = 1 #tls_require_client_certificate = 0 #tls_method = TLSv1 #tls_certificate = "/usr/local/etc/kamailio/tls/user/user-cert.pem" #tls_private_key = "/usr/local/etc/kamailio/tls/user/user-privkey.pem" #tls_ca_list = "/usr/local/etc/kamailio/tls/user/user-calist.pem" listen=udp:192.168.1.23:5060 /* uncomment and configure the following line if you want Kamailio to bind on a specific interface/port/proto (default bind on all available) */ #listen=udp:192.168.1.2:5060 ####### Modules Section ######## #set module path loadpath "./" /* uncomment next line for MySQL DB support */ loadmodule "modules/db_mysql/db_mysql.so" loadmodule "modules_k/mi_fifo/mi_fifo.so" loadmodule "modules_k/mi_datagram/mi_datagram.so" loadmodule "modules_k/kex/kex.so" loadmodule "modules_k/sl/sl.so" loadmodule "modules/tm/tm.so" loadmodule "modules_k/tmx/tmx.so" loadmodule "modules_k/rr/rr.so" loadmodule "modules_k/pv/pv.so" loadmodule "modules_k/maxfwd/maxfwd.so" loadmodule "modules_k/usrloc/usrloc.so" loadmodule "modules_k/registrar/registrar.so" loadmodule "modules_k/textops/textops.so" loadmodule "modules_k/uri_db/uri_db.so" loadmodule "modules_k/siputils/siputils.so" loadmodule "modules_k/xlog/xlog.so" loadmodule "modules_k/acc/acc.so" /* uncomment next lines for MySQL based authentication support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "modules_k/auth/auth.so" loadmodule "modules_k/auth_db/auth_db.so" /* uncomment next line for aliases support NOTE: a DB (like db_mysql) module must be also loaded */ #loadmodule "modules_k/alias_db/alias_db.so" /* uncomment next line for multi-domain support NOTE: a DB (like db_mysql) module must be also loaded NOTE: be sure and enable multi-domain support in all used modules (see "multi-module params" section ) */ #loadmodule "modules_k/domain/domain.so" /* uncomment the next two lines for presence server support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "modules_k/presence/presence.so" loadmodule "modules_k/presence_xml/presence_xml.so" loadmodule "modules_k/nathelper/nathelper.so" # ----------------- setting module-specific parameters --------------- # ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo") # ----- mi_datagram params ----- modparam("mi_datagram", "socket_name", "udp:127.0.0.1:7744") # ----- rr params ----- # add value to ;lr param to cope with most of the UAs modparam("rr", "enable_full_lr", 1) # do not append from tag to the RR (no need for this script) modparam("rr", "append_fromtag", 0) # ----- rr params ----- modparam("registrar", "method_filtering", 1) /* uncomment the next line to disable parallel forking via location */ # modparam("registrar", "append_branches", 0) /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10) # ----- uri_db params ----- /* by default we disable the DB support in the module as we do not need it in this configuration */ modparam("uri_db", "use_uri_table", 0) modparam("uri_db", "db_url", "") # ----- acc params ----- /* what sepcial events should be accounted ? */ modparam("acc", "early_media", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) /* by default ww do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) /* account triggers (flags) */ modparam("acc", "failed_transaction_flag", 3) modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") /* uncomment the following lines to enable DB accounting also */ modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2) modparam("acc", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("acc", "db_extra", "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") # ----- usrloc params ----- /* uncomment the following lines if you want to enable DB persistency for location entries */ modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://openser:openserrw@localhost/openser") # ----- auth_db params ----- /* uncomment the following lines if you want to enable the DB based authentication */ modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("auth_db", "load_credentials", "") # ----- alias_db params ----- /* uncomment the following lines if you want to enable the DB based aliases */ #modparam("alias_db", "db_url", # "mysql://openser:openserrw@localhost/openser") # ----- domain params ----- /* uncomment the following lines to enable multi-domain detection support */ #modparam("domain", "db_url", # "mysql://openser:openserrw@localhost/openser") #modparam("domain", "db_mode", 1) # Use caching # ----- multi-module params ----- /* uncomment the following line if you want to enable multi-domain support in the modules (dafault off) */ #modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1) # ----- presence params ----- /* uncomment the following lines if you want to enable presence */ modparam("presence|presence_xml", "db_url", "mysql://openser:openserrw@localhost/openser") modparam("presence_xml", "force_active", 1) modparam("presence", "server_address", "sip:192.168.1.23:5060") modparam("presence_xml", "disable_bla", 1) # -- nathelper modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722") modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org") modparam("registrar|nathelper", "received_avp", "$avp(i:80)") modparam("usrloc", "nat_bflag", 6) #extra testing modparam("pv", "avp_aliases", "test=i:11;st=s:asd") ####### Routing Logic ######## # main request routing logic route{ if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } $avp(test) = 1; # NAT detection route(4); if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } route(1); } else { if (is_method("SUBSCRIBE") && uri == myself) { # in-dialog subscribe requests route(2); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction ... ignore and discard.\n"); exit; } } sl_send_reply("404","Not here"); } exit; } #initial requests # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; } t_check_trans(); # authentication route(3); # record routing for dialog forming requests (in case they are routed) if (is_method("INVITE|SUBSCRIBE")) record_route(); # account only INVITEs if (is_method("INVITE")) { setflag(1); # do accounting } if (!uri==myself) /* replace with following line if multi-domain support is used */ ##if (!is_uri_host_local()) { append_hf("P-hint: outbound\r\n"); # if you have some interdomain connections via TLS ##if($rd=="tls_domain1.net") { ## t_relay("tls:domain1.net"); ## exit; ##} else if($rd=="tls_domain2.net") { ## t_relay("tls:domain2.net"); ## exit; ##} route(1); } # requests for my domain if( is_method("PUBLISH|SUBSCRIBE")) { route(2); } if (is_method("REGISTER")) { if (!save("location")) sl_reply_error(); exit; } if ($rU=="") { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # apply DB based aliases (uncomment to enable) ##alias_db_lookup("dbaliases"); if (!lookup("location")) { switch ($rc) { case -1: case -3: t_newtran(); t_reply("404", "Not Found"); exit; case -2: sl_send_reply("405", "Method Not Allowed"); exit; } } # when routing via usrloc, log the missed calls also setflag(2); route(1); } route[1] { if (check_route_param("nat=yes")) { setbflag("6"); } if (isflagset(5) || isbflagset("6")) { route(5); } /* example how to enable some additional event routes */ if (is_method("INVITE")) { #t_on_branch("1"); t_on_reply("1"); t_on_failure("1"); } if (!t_relay()) { sl_reply_error(); } exit; } # Presence route /* uncomment the whole following route for enabling presence server */ route[2] { if (!t_newtran()) { sl_reply_error(); exit; }; if(is_method("PUBLISH")) { handle_publish(); t_release(); } else if( is_method("SUBSCRIBE")) { handle_subscribe(); t_release(); } exit; # if presence enabled, this part will not be executed if (is_method("PUBLISH") || $rU!="") { sl_send_reply("404", "Not here"); exit; } return; } # Authentication route /* uncomment the whole following route for enabling authentication */ route[3] { if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) if (! (www_authorize("", "subscriber"))) { www_challenge("", "0"); exit; } if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } else { # authenticate if from local subscriber (uncomment to enable auth) if (from_uri==myself) { if (!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); exit; } if (is_method("PUBLISH")) { if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } else { if ($au!=$fU) { sl_send_reply("403","Forbidden auth ID"); exit; } } consume_credentials(); # caller authenticated } } return; } # Caller NAT detection route /* uncomment the whole following route for enabling Caller NAT Detection */ route[4]{ force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); } setflag(5); } return; } # RTPProxy control /* uncomment the whole following route for enabling RTPProxy Control */ route[5] { if (is_method("BYE")) { unforce_rtp_proxy(); } else if (is_method("INVITE")){ force_rtp_proxy(); } if (!has_totag()) add_rr_param(";nat=yes"); return; } branch_route[1] { xdbg("new branch at $ru\n"); } onreply_route[1] { xdbg("incoming reply\n"); if ((isflagset(5) || isbflagset("6")) && status=~"(183)|(2[0-9][0-9])") { force_rtp_proxy(); } if (isbflagset("6")) { fix_nated_contact(); } } failure_route[1] { if (is_method("INVITE") && (isbflagset("6") || isflagset(5))) { unforce_rtp_proxy(); } if (t_is_canceled()) { exit; } # uncomment the following lines if you want to block client # redirect based on 3xx replies. ##if (t_check_status("3[0-9][0-9]")) { ## t_reply("404","Not found"); ## exit; ##} # uncomment the following lines if you want to redirect the failed # calls to a different new destination ##if (t_check_status("486|408")) { ## sethostport("192.168.2.100:5060"); ## append_branch(); ## # do not set the missed call flag again ## t_relay(); ##} }
3. Run it
/usr/local/sbin/ser -f /usr/local/etc/ser/kamailio.cfg
4. Remarks
- load kex module for Kamailio core specific extensions
- load tmx module for Kamailio TM specific extensions
- avp_aliases is now a parameter of pv module
5. FAQ
- Q: Why binary is named ser?
- A: It is the default name for SIP Router binary. In the future, the packaged version will differ from what is now. However, it is the short of: "SIP E Router" where E comes from any of:
- Exceptional
- Excellent
- Exotic (as Kamailio name origins)
- Express (the initial/old name)
- Extraordinary
- …