This is an old revision of the document!
Kamailio 3.0 Config
This page provides guidelines to get the default config file of Kamailio 1.5.x working with SIP Router core.
Functionalities:
- SIP routing
- User location
- Authentication
- Accounting
- NAT traversal
- Presence server
IMPORTANT: check the tips page: http://sip-router.org/wiki/migration/kamailio-tips[/b]
===== 1. Install from GIT =====
It is highly recommended that you have Kamailio 1.5.x installed already so you can use the additional tools coming with that version and not yet included in SIP Router. See here a step by step guide to install Kamailio 1.5.x from SVN
The steps here are given for Unbuntu/Debian based distributions and should be easy to adapt to other Linux distros.
==== 1.1. Prerequisites ====
To be able to follow the guidelines from this document you need root access.
The following packages are required before proceeding to the next steps.
* git client: apt-get install git-core - it is recommended to have the latest version, which might not be part of the distribution yet, but you can get it from: http://git-scm.com/
* gcc compiler: apt-get install gcc
* flex - apt-get install flex
* bison - apt-get install bison
* libmysqlclient15-dev - apt-get install libmysqlclient15-dev
* make - apt-get install make
==== 1.2. Getting sources from GIT ====
First of all, you have to create a directory on the file system where the sources will be stored.
<code>
mkdir -p /usr/local/src/sr
cd /usr/local/src/sr
</code>
Download the sources from GIT using the following command.
<code>
git clone –depth 1 git:git.sip-router.org/sip-router
</code>
==== 1.3.Tuning Makefiles ====
Next step is to edit Makefile files to include the MySQL module.
<code>
cd sip-router
vim Makefile
</code>
Remove db_mysql from exclude_modules variable.
Note: if you need PCRE-dependent modules (e.g., lcr, dialplan, regexp), instal the PCRE devel library and uncomment
==== 1.4. Compile SIP Router ====
Once the mysql module was removed from excluded modules list, you can compile:
<code>
make all
</code>
==== 1.5. Install SIP Router ====
When the compilation is ready, install with the following command:
make install
==== 1.6. What and where was installed ====
The binaries and executable scripts were installed in:
<code>
/usr/local/sbin
</code>
These are:
* ser - SIP Router binary
To be able to use the binaries from command line, make sure that '/usr/local/sbin' is set in PATH environment variable. You can check that with 'echo $PATH'. If not and you are using 'bash', open '/root/.bash_profile' and at the end add:
PATH=$PATH:/usr/local/sbin
export PATH
SIP Router modules are installed in:
/usr/local/lib/ser/modules/
The documentation and readme files are installed in:
/usr/local/share/doc/ser/
The man pages are installed in:
/usr/local/share/man/man5/
/usr/local/share/man/man8/
The configuration file was installed in:
/usr/local/etc/ser/ser.cfg
However, this configuration file is not the one used by Kamailio (OpenSER) 1.5.x. Section 2 includes it.
===== 2. Kamailio Config File =====
* this is the configuration file from Kamailio (OpenSER) 1.5.x adapted for the development version based on SIP-Router.org project
* it has turned on most of the features that are by default commented (authentication, accounting, nat traversal, presence)
* copy it and paste into /usr/local/etc/ser/kamailio.org
Remarks:
* it runs in debug mode, level 5
* only udp, tcp is disabled
* one child
<code>
#
# $Id: kamailio.cfg 5679 2009-03-10 09:22:27Z ibc_sf $
#
# Kamailio (OpenSER) SIP Server - basic configuration script
# - web: http://www.kamailio.org
# - svn: http://openser.svn.sourceforge.net/viewvc/openser/
#
# Direct your questions about this file to: users@lists.kamailio.org
#
# Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php
# for an explanation of possible statements, functions and parameters.
#
# There are comments showing how to enable different features in th econfig
# file. Such commented code starts with #X# where X is a letter to identify
# a feature. Delete entire #X# if you want to enable that feature. Next are
# sed commands that help you enable such features.
#
# * To enable mysql execute:
# sed -i 's/g' kamailio.cfg
#
# * To enable authentication execute:
# - enable mysql
# sed -i 's/g' kamailio.cfg
# - add users using 'kamctl'
#
# * To enable persistent user location execute:
# - enable mysql
# sed -i 's/g' kamailio.cfg
#
# * To enable presence server execute:
# - enable mysql
# sed -i 's/g' kamailio.cfg
#
# * To enable nat traversal execute:
# sed -i 's/g' kamailio.cfg
# - install RTPProxy: http://www.rtpproxy.org
# - start RTPProxy:
# rtpproxy -l _your_public_ip_ -s udp:localhost:7722
#
# * To enhance accounting execute:
# - enable mysql
# sed -i 's/g' kamailio.cfg
# - add following columns to database
# ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ;
# ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT
;
# ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ;
# ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT
;
# ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ;
# ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT
;
# ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ;
# ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT
;
# ALTER TABLE missed_call ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ;
# ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT
;
#
####### Global Parameters #########
debug=4
memdbg=5
memlog=5
log_stderror=yes
log_facility=LOG_LOCAL0
fork=yes
children=1
#debug=6
#fork=no
#log_stderror=yes
disable_tcp=yes
#disable_dns_blacklist=no
#dns_try_ipv6=yes
auto_aliases=no
#disable_tls = no
#listen = tls:your_IP:5061
#tls_verify_server = 1
#tls_verify_client = 1
#tls_require_client_certificate = 0
#tls_method = TLSv1
#tls_certificate = "/usr/local/etc/kamailio/tls/user/user-cert.pem"
#tls_private_key = "/usr/local/etc/kamailio/tls/user/user-privkey.pem"
#tls_ca_list = "/usr/local/etc/kamailio/tls/user/user-calist.pem"
listen=udp:192.168.1.23:5060
#listen=udp:192.168.1.2:5060
####### Modules Section ########
#set module path
loadpath "./"
loadmodule "modules/db_mysql/db_mysql.so"
loadmodule "modules_k/mi_fifo/mi_fifo.so"
loadmodule "modules_k/mi_datagram/mi_datagram.so"
loadmodule "modules_k/kex/kex.so"
loadmodule "modules_k/sl/sl.so"
loadmodule "modules/tm/tm.so"
loadmodule "modules_k/tmx/tmx.so"
loadmodule "modules_k/rr/rr.so"
loadmodule "modules_k/pv/pv.so"
loadmodule "modules_k/maxfwd/maxfwd.so"
loadmodule "modules_k/usrloc/usrloc.so"
loadmodule "modules_k/registrar/registrar.so"
loadmodule "modules_k/textops/textops.so"
loadmodule "modules_k/uri_db/uri_db.so"
loadmodule "modules_k/siputils/siputils.so"
loadmodule "modules_k/xlog/xlog.so"
loadmodule "modules_k/acc/acc.so"
loadmodule "modules_k/auth/auth.so"
loadmodule "modules_k/auth_db/auth_db.so"
#loadmodule "modules_k/alias_db/alias_db.so"
#loadmodule "modules_k/domain/domain.so"
loadmodule "modules_k/presence/presence.so"
loadmodule "modules_k/presence_xml/presence_xml.so"
loadmodule "modules_k/nathelper/nathelper.so"
# —————– setting module-specific parameters —————
# —– mi_fifo params —–
modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
# —– mi_datagram params —–
modparam("mi_datagram", "socket_name", "udp:127.0.0.1:7744")
# —– rr params —–
# add value to ;lr param to cope with most of the UAs
modparam("rr", "enable_full_lr", 1)
# do not append from tag to the RR (no need for this script)
modparam("rr", "append_fromtag", 0)
# —– rr params —–
modparam("registrar", "method_filtering", 1)
# modparam("registrar", "append_branches", 0)
#modparam("registrar", "max_contacts", 10)
# —– uri_db params —–
modparam("uri_db", "use_uri_table", 0)
modparam("uri_db", "db_url", "")
# —– acc params —–
modparam("acc", "early_media", 1)
modparam("acc", "report_ack", 1)
modparam("acc", "report_cancels", 1)
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", 3)
modparam("acc", "log_flag", 1)
modparam("acc", "log_missed_flag", 2)
modparam("acc", "log_extra",
"src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
modparam("acc", "db_flag", 1)
modparam("acc", "db_missed_flag", 2)
modparam("acc", "db_url",
"mysql:openser:openserrw@localhost/openser")
modparam("acc", "db_extra",
"src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
# —– usrloc params —–
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "db_url",
"mysql:openser:openserrw@localhost/openser")
# —– auth_db params —–
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "db_url",
"mysql:openser:openserrw@localhost/openser")
modparam("auth_db", "load_credentials", "")
# —– alias_db params —–
#modparam("alias_db", "db_url",
# "mysql:openser:openserrw@localhost/openser")
# —– domain params —–
#modparam("domain", "db_url",
# "mysql:openser:openserrw@localhost/openser")
#modparam("domain", "db_mode", 1) # Use caching
# —– multi-module params —–
#modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)
# —– presence params —–
modparam("presence|presence_xml", "db_url",
"mysql:openser:openserrw@localhost/openser")
modparam("presence_xml", "force_active", 1)
modparam("presence", "server_address", "sip:192.168.1.23:5060")
modparam("presence_xml", "disable_bla", 1)
# – nathelper
modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722")
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "sipping_bflag", 7)
modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
modparam("registrar|nathelper", "received_avp", "$avp(i:80)")
modparam("usrloc", "nat_bflag", 6)
#extra testing
modparam("pv", "avp_aliases", "test=i:11;st=s:asd")
####### Routing Logic ########
# main request routing logic
route{
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
$avp(test) = 1;
# NAT detection
route(4);
if (has_totag()) {
# sequential request withing a dialog should
# take the path determined by record-routing
if (loose_route()) {
if (is_method("BYE")) {
setflag(1); # do accounting …
setflag(3); # … even if the transaction fails
}
route(1);
} else {
if (is_method("SUBSCRIBE") && uri == myself) {
# in-dialog subscribe requests
route(2);
exit;
}
if ( is_method("ACK") ) {
if ( t_check_trans() ) {
# non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server
t_relay();
exit;
} else {
# ACK without matching transaction … ignore and discard.\n");
exit;
}
}
sl_send_reply("404","Not here");
}
exit;
}
#initial requests
# CANCEL processing
if (is_method("CANCEL"))
{
if (t_check_trans())
t_relay();
exit;
}
t_check_trans();
# authentication
route(3);
# record routing for dialog forming requests (in case they are routed)
if (is_method("INVITE|SUBSCRIBE"))
record_route();
# account only INVITEs
if (is_method("INVITE")) {
setflag(1); # do accounting
}
if (!uri==myself)
##if (!is_uri_host_local())
{
append_hf("P-hint: outbound\r\n");
# if you have some interdomain connections via TLS
##if($rd=="tls_domain1.net") {
## t_relay("tls:domain1.net");
## exit;
##} else if($rd=="tls_domain2.net") {
## t_relay("tls:domain2.net");
## exit;
##}
route(1);
}
# requests for my domain
if( is_method("PUBLISH|SUBSCRIBE")) {
route(2);
}
if (is_method("REGISTER"))
{
if (!save("location"))
sl_reply_error();
exit;
}
if ($rU=="") {
# request with no Username in RURI
sl_send_reply("484","Address Incomplete");
exit;
}
# apply DB based aliases (uncomment to enable)
##alias_db_lookup("dbaliases");
if (!lookup("location")) {
switch ($rc) {
case -1:
case -3:
t_newtran();
t_reply("404", "Not Found");
exit;
case -2:
sl_send_reply("405", "Method Not Allowed");
exit;
}
}
# when routing via usrloc, log the missed calls also
setflag(2);
route(1);
}
route[1] {
if (check_route_param("nat=yes")) {
setbflag("6");
}
if (isflagset(5) || isbflagset("6")) {
route(5);
}
if (is_method("INVITE")) {
#t_on_branch("1");
t_on_reply("1");
t_on_failure("1");
}
if (!t_relay()) {
sl_reply_error();
}
exit;
}
# Presence route
route[2]
{
if (!t_newtran())
{
sl_reply_error();
exit;
};
if(is_method("PUBLISH"))
{
handle_publish();
t_release();
}
else
if( is_method("SUBSCRIBE"))
{
handle_subscribe();
t_release();
}
exit;
# if presence enabled, this part will not be executed
if (is_method("PUBLISH") || $rU!="")
{
sl_send_reply("404", "Not here");
exit;
}
return;
}
# Authentication route
route[3] {
if (is_method("REGISTER"))
{
# authenticate the REGISTER requests (uncomment to enable auth)
if (! (www_authorize("", "subscriber")))
{
www_challenge("", "0");
exit;
}
if ($au!=$tU)
{
sl_send_reply("403","Forbidden auth ID");
exit;
}
} else {
# authenticate if from local subscriber (uncomment to enable auth)
if (from_uri==myself)
{
if (!proxy_authorize("", "subscriber")) {
proxy_challenge("", "0");
exit;
}
if (is_method("PUBLISH"))
{
if ($au!=$tU) {
sl_send_reply("403","Forbidden auth ID");
exit;
}
} else {
if ($au!=$fU) {
sl_send_reply("403","Forbidden auth ID");
exit;
}
}
consume_credentials();
# caller authenticated
}
}
return;
}
# Caller NAT detection route
route[4]{
force_rport();
if (nat_uac_test("19")) {
if (method=="REGISTER") {
fix_nated_register();
} else {
fix_nated_contact();
}
setflag(5);
}
return;
}
# RTPProxy control
route[5] {
if (is_method("BYE")) {
unforce_rtp_proxy();
} else if (is_method("INVITE")){
force_rtp_proxy();
}
if (!has_totag()) add_rr_param(";nat=yes");
return;
}
branch_route[1] {
xdbg("new branch at $ru\n");
}
onreply_route[1] {
xdbg("incoming reply\n");
if 1) && status=~"(183)|(2[0-9][0-9])") {
force_rtp_proxy();
}
if (isbflagset("6")) {
fix_nated_contact();
}
}
failure_route[1] {
if (is_method("INVITE")
&& (isbflagset("6") || isflagset(5))) {
unforce_rtp_proxy();
}
if (t_is_canceled()) {
exit;
}
# uncomment the following lines if you want to block client
# redirect based on 3xx replies.
##if (t_check_status("3[0-9][0-9]")) {
## t_reply("404","Not found");
## exit;
##}
# uncomment the following lines if you want to redirect the failed
# calls to a different new destination
##if (t_check_status("486|408")) {
## sethostport("192.168.2.100:5060");
## append_branch();
## # do not set the missed call flag again
## t_relay();
##}
}
</code>
===== 3. Run it =====
You must have the database used by Kamailio (OpenSER) 1.5.x created. The name of the database is openser. If you installed Kamailio (OpenSER) 1.5.x from SVN using the Dokuwiki guidelines (http://www.kamailio.org/dokuwiki/doku.php/install:kamailio-1.5.x-from-svn), then you should do:
<code>
/usr/local/sbin/kamdbctl create
</code>
Start SIP Router with the config above:
<code>
/usr/local/sbin/ser -f /usr/local/etc/ser/kamailio.cfg
</code>
===== 4. Remarks =====
Please contribute here with remarks and comments.
* load kex module for Kamailio core specific extensions
* load tmx module for Kamailio TM specific extensions
* avp_aliases is now a parameter of pv module
===== 5. FAQ =====
* Q: Why binary is named ser?
* A: It is the default name for SIP Router binary. In the future, the packaged version will differ from what is now. However, right now, it is the short of: "SIP E Router" where E comes from any of:
* Exceptional
* Excellent
* Exotic (as Kamailio name origins)
* Express (the initial project name)
* Extraordinary
* …