My Kamailio server is installed on CentOs6.4, can run well in the LAN, I can use the X-Lite successfully register with local Kamailio IP address (192.168.0.68)
But it can not run on my public IP:
listen = udp: 220.128.XX.XX: 5060
listen = udp: 192.168.1.137:5060
port = 5060
When I use the public IP reported the following error when running:
Nov 14 11:33:46 localhost / usr / local / sbin / kamailio [16058]: INFO:
The following is the content of my kamailio.cfg:
<-! Main posts under Banner (D4) -><-! Posts under the main text (D5) ->
/ * Port to listen to
* - Can be specified more than once if needed to listen on many ports * /
port = 5060
#! Ifdef WITH_TLS
enable_tls = yes
#! Endif
# Life time of TCP connection when there is no traffic
# - A bit higher than registration expires to cope with UA behind NAT
tcp_connection_lifetime = 3605
# # # # # # # Custom Parameters # # # # # # # # #
# These parameters can be modified runtime via RPC interface
# - See the documentation of 'cfg_rpc' module
.#
# Format: group.id = value 'desc' description
# Access: $ sel (cfg_get.group.id) or@cfg_get.group.id
#
#! Ifdef WITH_PSTN
# PSTN GW Routing
#
# - Pstn.gw_ip: valid IP or hostname as string value, example:
# Pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
#
# - By default is empty to avoid misrouting
pstn.gw_ip = "" desc "PSTN GW Address"
#! Endif
#! Ifdef WITH_VOICEMAIL
# VoiceMail Routing on offline, busy or no answer
#
# - By default Voicemail server IP is empty to avoid misrouting
voicemail.srv_ip = "" desc "VoiceMail IP Address"
voicemail.srv_port = "5060" desc "VoiceMail Port"
#! Endif
# # # # # # # Modules Section # # # # # # # #
# Set paths to location of modules (to sources or installation folders)
#! Ifdef WITH_SRCPATH
mpath = "modules_k: modules"
#! Else
mpath = "/ usr/local/lib64/kamailio/modules_k / :/ usr/local/lib64/kamailio/modules /"
#! Endif
#! Ifdef WITH_MYSQL
loadmodule "db_mysql.so"
#! Endif
loadmodule "mi_fifo.so"
loadmodule "kex.so"
loadmodule "tm.so"
loadmodule "tmx.so"
loadmodule "sl.so"
loadmodule "rr.so"
loadmodule "pv.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "siputils.so"
loadmodule "xlog.so"
loadmodule "sanity.so"
loadmodule "ctl.so"
loadmodule "cfg_rpc.so"
loadmodule "mi_rpc.so"
loadmodule "acc.so"
#! Ifdef WITH_AUTH
loadmodule "auth.so"
loadmodule "auth_db.so"
#! Ifdef WITH_IPAUTH
loadmodule "permissions.so"
#! Endif
#! Endif
#! Ifdef WITH_ALIASDB
loadmodule "alias_db.so"
#! Endif
#! Ifdef WITH_SPEEDDIAL
loadmodule "speeddial.so"
#! Endif
#! Ifdef WITH_MULTIDOMAIN
loadmodule "domain.so"
#! Endif
#! Ifdef WITH_PRESENCE
loadmodule "presence.so"
loadmodule "presence_xml.so"
#! Endif
#! Ifdef WITH_NAT
loadmodule "nathelper.so"
loadmodule "rtpproxy.so"
#! Endif
#! Ifdef WITH_TLS
loadmodule "tls.so"
#! Endif
#! Ifdef WITH_ANTIFLOOD
loadmodule "htable.so"
loadmodule "pike.so"
#! Endif
#! Ifdef WITH_XMLRPC
loadmodule "xmlrpc.so"
#! Endif
#! Ifdef WITH_DEBUG
loadmodule "debugger.so"
#! Endif
# ----------------- Setting module-specific parameters ---------------
# ----- Mi_fifo params -----
modparam ("mi_fifo", "fifo_name", "/ tmp / kamailio_fifo")
# ----- Tm params -----
# Auto-discard branches from previous serial forking leg
modparam ("tm", "failure_reply_mode", 3)
# Default retransmission timeout: 30sec
modparam ("tm", "fr_timer", 30000)
# Default invite retransmission timeout after 1xx: 120sec
modparam ("tm", "fr_inv_timer", 120000)
# ----- Rr params -----
# Add value to; lr param to cope with most of the UAs
modparam ("rr", "enable_full_lr", 1)
# Do not append from tag to the RR (no need for this script)
modparam ("rr", "append_fromtag", 0)
# ----- Registrar params -----
modparam ("registrar", "method_filtering", 1)
/ * Uncomment the next line to disable parallel forking via location * /
# Modparam ("registrar", "append_branches", 0)
/ * Uncomment the next line not to allow more than 10 contacts per AOR * /
# Modparam ("registrar", "max_contacts", 10)
# Max value for expires of registrations
modparam ("registrar", "max_expires", 3600)
# Set it to 1 to enable GRUU
modparam ("registrar", "gruu_enabled", 0)
# ----- Acc params -----
/ * What special events should be accounted? * /
modparam ("acc", "early_media", 0)
modparam ("acc", "report_ack", 0)
modparam ("acc", "report_cancels", 0)
/ * By default ww do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module * /
modparam ("acc", "detect_direction", 0)
/ * Account triggers (flags) * /
modparam ("acc", "log_flag", FLT_ACC)
modparam ("acc", "log_missed_flag", FLT_ACCMISSED)
modparam ("acc", "log_extra",
"Src_user = $ fU; src_domain = $ fd; src_ip = $ si;"
"Dst_ouser = $ tU; dst_user = $ rU; dst_domain = $ rd")
modparam ("acc", "failed_transaction_flag", FLT_ACCFAILED)
/ * Enhanced DB accounting * /
#! Ifdef WITH_ACCDB
modparam ("acc", "db_flag", FLT_ACC)
modparam ("acc", "db_missed_flag", FLT_ACCMISSED)
modparam ("acc", "db_url", DBURL)
modparam ("acc", "db_extra",
"Src_user = $ fU; src_domain = $ fd; src_ip = $ si;"
"Dst_ouser = $ tU; dst_user = $ rU; dst_domain = $ rd")
#! Endif
# ----- Usrloc params -----
/ * Enable DB persistency for location entries * /
#! Ifdef WITH_USRLOCDB
modparam ("usrloc", "db_url", DBURL)
modparam ("usrloc", "db_mode", 2)
modparam ("usrloc", "use_domain", MULTIDOMAIN)
#! Endif
# ----- Auth_db params -----
#! Ifdef WITH_AUTH
modparam ("auth_db", "db_url", DBURL)
modparam ("auth_db", "calculate_ha1", yes)
modparam ("auth_db", "password_column", "password")
modparam ("auth_db", "load_credentials", "")
modparam ("auth_db", "use_domain", MULTIDOMAIN)
# ----- Permissions params -----
#! Ifdef WITH_IPAUTH
modparam ("permissions", "db_url", DBURL)
modparam ("permissions", "db_mode", 1)
#! Endif
#! Endif
# ----- Alias_db params -----
#! Ifdef WITH_ALIASDB
modparam ("alias_db", "db_url", DBURL)
modparam ("alias_db", "use_domain", MULTIDOMAIN)
#! Endif
# ----- Speedial params -----
#! Ifdef WITH_SPEEDDIAL
modparam ("speeddial", "db_url", DBURL)
modparam ("speeddial", "use_domain", MULTIDOMAIN)
#! Endif
# ----- Domain params -----
#! Ifdef WITH_MULTIDOMAIN
modparam ("domain", "db_url", DBURL)
# Register callback to match myself condition with domains list
modparam ("domain", "register_myself", 1)
#! Endif
#! Ifdef WITH_PRESENCE
# ----- Presence params -----
modparam ("presence", "db_url", DBURL)
# ----- Presence_xml params -----
modparam ("presence_xml", "db_url", DBURL)
modparam ("presence_xml", "force_active", 1)
#! Endif
#! Ifdef WITH_NAT
# ----- Rtpproxy params -----
modparam ("rtpproxy", "rtpproxy_sock", "udp: 127.0.0.1:7722")
# ----- Nathelper params -----
modparam ("nathelper", "natping_interval", 30)
modparam ("nathelper", "ping_nated_only", 1)
modparam ("nathelper", "sipping_bflag", FLB_NATSIPPING)
modparam ("nathelper", "sipping_from", "sip: pinger@kamailio.org")
# Params needed for NAT traversal in other modules
modparam ("nathelper | registrar", "received_avp", "$ avp (RECEIVED)")
modparam ("usrloc", "nat_bflag", FLB_NATB)
#! Endif
#! Ifdef WITH_TLS
# ----- Tls params -----
modparam ("tls", "config", "/ usr / local / etc / kamailio / tls.cfg")
#! Endif
#! Ifdef WITH_ANTIFLOOD
# ----- Pike params -----
modparam ("pike", "sampling_time_unit", 2)
modparam ("pike", "reqs_density_per_unit", 16)
modparam ("pike", "remove_latency", 4)
# ----- Htable params -----
# Ip ban htable with autoexpire after 5 minutes
modparam ("htable", "htable", "ipban => size = 8; autoexpire = 300;")
#! Endif
#! Ifdef WITH_XMLRPC
# ----- Xmlrpc params -----
modparam ("xmlrpc", "route", "XMLRPC");
modparam ("xmlrpc", "url_match", "^ / RPC")
#! Endif
#! Ifdef WITH_DEBUG
# ----- Debugger params -----
modparam ("debugger", "cfgtrace", 1)
#! Endif
# # # # # # # Routing Logic # # # # # # # #
# Main SIP request routing logic
# - Processing of any incoming SIP request starts with this route
# - Note: this is the same as route {...}
request_route {
# Per request initial checks
route (REQINIT);
# NAT detection
route (NATDETECT);
# CANCEL processing
if (is_method ("CANCEL"))
{
if (t_check_trans ())
t_relay ();
exit;
}
# Handle requests within SIP dialogs
route (WITHINDLG);
# # # Only initial requests (no To tag)
t_check_trans ();
# Authentication
route (AUTH);
# Record routing for dialog forming requests (in case they are routed)
# - Remove preloaded route headers
remove_hf ("Route");
if (is_method ("INVITE | SUBSCRIBE"))
record_route ();
# Record_route_preset ("220.128.95.68");
# Account only INVITEs
if (is_method ("INVITE"))
{
setflag (FLT_ACC); # do accounting
}
# Dispatch requests to foreign domains
route (SIPOUT);
# # # Requests for my local domains
# Handle presence related requests
route (PRESENCE);
# Handle registrations
route (REGISTRAR);
if ($ rU == $ null)
{
# Request with no Username in RURI
sl_send_reply ("484", "Address Incomplete");
exit;
}
# Dispatch destinations to PSTN
route (PSTN);
# User location service
route (LOCATION);
route (RELAY);
}
route [RELAY] {
# Enable additional event routes for forwarded requests
# - Serial forking, RTP relaying handling, aso
if (is_method ("INVITE | SUBSCRIBE")) {
t_on_branch ("MANAGE_BRANCH");
t_on_reply ("MANAGE_REPLY");
}
if (is_method ("INVITE")) {
t_on_failure ("MANAGE_FAILURE");
}
if (! t_relay ()) {
sl_reply_error ();
}
exit;
}
# Per SIP request initial checks
route [REQINIT] {
#! Ifdef WITH_ANTIFLOOD
# Flood dection from same IP and traffic ban for a while
# Be sure you exclude checking trusted peers, such as pstn gateways
# - Local host excluded (eg, loop to self)
if (src_ip! = myself)
{
if ($ sht (ipban => $ si)! = $ null)
{
# Ip is already blocked
xdbg ("request from blocked IP - $ rm from $ fu (IP: $ si: $ sp) \ n");
exit;
}
if (! pike_check_req ())
{
xlog ("L_ALERT", "ALERT: pike blocking $ rm from $ fu (IP: $ si: $ sp) \ n");
$ Sht (ipban => $ si) = 1;
exit;
}
}
#! Endif
if (! mf_process_maxfwd_header ("10")) {
sl_send_reply ("483", "Too Many Hops");
exit;
}
if (! sanity_check ("1511", "7"))
{
xlog ("Malformed SIP message from $ si: $ sp \ n");
exit;
}
}
Reply:
# Handle requests within SIP dialogs
route [WITHINDLG] {
if (has_totag ()) {
# Sequential request withing a dialog should
# Take the path determined by record-routing
if (loose_route ()) {
route (DLGURI);
if (is_method ("BYE")) {
setflag (FLT_ACC); # do accounting ...
setflag (FLT_ACCFAILED); # ... even if the transaction fails
}
else if (is_method ("ACK")) {
# ACK is forwarded statelessy
route (NATMANAGE);
}
else if (is_method ("NOTIFY")) {
# Add Record-Route for in-dialog NOTIFY as per RFC 6665.
record_route ();
}
route (RELAY);
} Else {
if (is_method ("SUBSCRIBE") && uri == myself) {
# In-dialog subscribe requests
route (PRESENCE);
exit;
}
if (is_method ("ACK")) {
if (t_check_trans ()) {
# No loose-route, but stateful ACK;
# Must be an ACK after a 487
# Or eg 404 from upstream server
t_relay ();
exit;
} Else {
# ACK without matching transaction ... ignore and discard
exit;
}
}
sl_send_reply ("404", "Not here");
}
exit;
}
}
# Handle SIP registrations
route [REGISTRAR] {
if (is_method ("REGISTER"))
{
if (isflagset (FLT_NATS))
{
setbflag (FLB_NATB);
# Uncomment next line to do SIP NAT pinging
# # Setbflag (FLB_NATSIPPING);
}
if (! save ("location"))
sl_reply_error ();
exit;
}
}
# USER location service
route [LOCATION] {
#! Ifdef WITH_SPEEDIAL
# Search for short dialing - 2-digit extension
if ($ rU = ~ "^ [0-9] [0-9] $")
if (sd_lookup ("speed_dial"))
route (SIPOUT);
#! Endif
#! Ifdef WITH_ALIASDB
# Search in DB-based aliases
if (alias_db_lookup ("dbaliases"))
route (SIPOUT);
#! Endif
$ Avp (oexten) = $ rU;
if (! lookup ("location")) {
$ Var (rc) = $ rc;
route (TOVOICEMAIL);
t_newtran ();
switch ($ var (rc)) {
case -1:
case -3:
send_reply ("404", "Not Found");
exit;
case -2:
send_reply ("405", "Method Not Allowed");
exit;
}
}
# When routing via usrloc, log the missed calls also
if (is_method ("INVITE"))
{
setflag (FLT_ACCMISSED);
}
}
# Presence server route
route [PRESENCE] {
if (is_method (! "PUBLISH | SUBSCRIBE"))
return;
#! Ifdef WITH_PRESENCE
if (! t_newtran ())
{
sl_reply_error ();
exit;
};
if (is_method ("PUBLISH"))
{
handle_publish ();
t_release ();
}
else
if (is_method ("SUBSCRIBE"))
{
handle_subscribe ();
t_release ();
}
exit;
#! Endif
# If presence enabled, this part will not be executed
if (is_method ("PUBLISH") | | $ rU == $ null)
{
sl_send_reply ("404", "Not here");
exit;
}
return;
}
# Authentication route
route [AUTH] {
#! Ifdef WITH_AUTH
#! Ifdef WITH_IPAUTH
if ((! is_method ("REGISTER")) && allow_source_address ())
{
# Source IP allowed
return;
}
#! Endif
if (is_method ("REGISTER") | | from_uri == myself)
{
# Authenticate requests
if (! auth_check ("$ fd", "subscriber", "1")) {
auth_challenge ("$ fd", "0");
exit;
}
# User authenticated - remove auth header
if (is_method (! "REGISTER | PUBLISH"))
consume_credentials ();
}
# If caller is not local subscriber, then check if it calls
# A local destination, otherwise deny, not an open relay here
if (from_uri! = myself && uri! = myself)
{
sl_send_reply ("403", "Not relaying");
exit;
}
#! Endif
return;
}
# Caller NAT detection route
route [NATDETECT] {
#! Ifdef WITH_NAT
force_rport ();
if (nat_uac_test ("19")) {
if (is_method ("REGISTER")) {
fix_nated_register ();
} Else {
add_contact_alias ();
}
setflag (FLT_NATS);
}
#! Endif
return;
}
# RTPProxy control
route [NATMANAGE] {
#! Ifdef WITH_NAT
if (is_request ()) {
if (has_totag ()) {
if (check_route_param ("nat = yes")) {
setbflag (FLB_NATB);
}
}
}
if ((isflagset (FLT_NATS) |! | isbflagset (FLB_NATB)))
return;
rtpproxy_manage ();
if (is_request ()) {
if (! has_totag ()) {
add_rr_param ("; nat = yes");
}
}
if (is_reply ()) {
if (isbflagset (FLB_NATB)) {
add_contact_alias ();
}
}
#! Endif
return;
}
# URI update for dialog requests
route [DLGURI] {
#! Ifdef WITH_NAT
if (! isdsturiset ()) {
handle_ruri_alias ();
}
#! Endif
return;
}
# Routing to foreign domains
route [SIPOUT] {
if (! uri == myself)
{
append_hf ("P-hint: outbound \ r \ n");
route (RELAY);
}
}
# PSTN GW routing
route [PSTN] {
#! Ifdef WITH_PSTN
# Check if PSTN GW IP is defined
if (strempty ($ sel (cfg_get.pstn.gw_ip))) {
xlog ("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined \ n");
return;
}
# Route to PSTN dialed numbers starting with '+' or '00 '
# (International format)
# - Update the condition to match your dialing rules for PSTN routing
if (($ rU = ~! "^ (\ + | 00) [1-9] [0-9] {3,20} $"))
return;
# Only local users allowed to call
if (from_uri! = myself) {
sl_send_reply ("403", "Not Allowed");
exit;
}
$ Ru = "sip:" + $ rU + "@" + $ sel (cfg_get.pstn.gw_ip);
route (RELAY);
exit;
#! Endif
return;
}
# XMLRPC routing
#! Ifdef WITH_XMLRPC
route [XMLRPC] {
# Allow XMLRPC from localhost
if ((method == "POST" | | method == "GET")
&& (Src_ip == 127.0.0.1)) {
# Close connection only for xmlrpclib user agents (there is a bug in
# Xmlrpclib: it waits for EOF before interpreting the response)
.if ($ hdr (User-Agent) = ~ "xmlrpclib")
set_reply_close ();
set_reply_no_connect ();
dispatch_rpc ();
exit;
}
send_reply ("403", "Forbidden");
exit;
}
#! Endif
# Route to voicemail server
route [TOVOICEMAIL] {
#! Ifdef WITH_VOICEMAIL
if (! is_method ("INVITE"))
return;
# Check if VoiceMail server IP is defined
if (strempty ($ sel (cfg_get.voicemail.srv_ip))) {
xlog ("SCRIPT: VoiceMail rotuing enabled but IP not defined \ n");
return;
}
if ($ avp (oexten) == $ null)
return;
$ Ru = "sip:" + $ avp (oexten) + "@" + $ sel (cfg_get.voicemail.srv_ip)
+ ":" + $ Sel (cfg_get.voicemail.srv_port);
route (RELAY);
exit;
#! Endif
return;
}
# Manage outgoing branches
branch_route [MANAGE_BRANCH] {
xdbg ("new branch [$ T_branch_idx] to $ ru \ n");
route (NATMANAGE);
}
# Manage incoming replies
onreply_route [MANAGE_REPLY] {
xdbg ("incoming reply \ n");
if (status = ~ "[12] [0-9] [0-9]")
route (NATMANAGE);
}
# Manage failure routing cases
failure_route [MANAGE_FAILURE] {
route (NATMANAGE);
if (t_is_canceled ()) {
exit;
}
#! Ifdef WITH_BLOCK3XX
# Block call redirect based on 3xx replies.
if (t_check_status ("3 [0-9] [0-9]")) {
t_reply ("404", "Not found");
exit;
}
#! Endif
#! Ifdef WITH_VOICEMAIL
# Serial forking
# - Route to voicemail on busy or no answer (timeout)
if (t_check_status ("486 | 408")) {
route (TOVOICEMAIL);
exit;
}
#! Endif
}
Reply:
How no one answered?
Reply:
LZ you improve it? Give a hint!
Reply:
I can not be registered on the LAN server also started
[Root @ bogon kamailio] # service kamailio status
kamailio (pid 12285 12284 12283 12281 12280 12278 12272 12271 12270 12268 12266 12265 12263 12261 12259 12257 12255 12253) is running ...
There
databaseselect * from subscriber;
+ ---- + ---------- + ----------------- + ---------- + ---- ----------- + ---------------------------------- + --- ------------------------------- + ------ +
| Id | username | domain | password | email_address | ha1 | ha1b | rpid |
+ ---- + ---------- + ----------------- + ---------- + ---- ----------- + ---------------------------------- + --- ------------------------------- + ------ +
| 1 | 100 | mysipserver.com | 100 | | 7a57d216811de1671687e98b7e551594 | 88db92ad106dcc4b75354b578a6e9244 | NULL |
| 2 | 101 | mysipserver.com | 101 | | f6fd1a6a10264984b58dfff9138640e0 | 994291a69c6ecf1b519cd877181debb9 | NULL |
| 3 | 102 | 192.168.0.196 | 102 | | bcd6c335311d2c2896d153e2c041d63b | f48e7a843c543d9f95586da4531990a1 | NULL |
| 4 | 104 | 192.168.0.196 | 104 | | e01372e51ffae8c072710b22343d3be6 | 46368ecb1b749c809e7bdaed15e97c5e | NULL |
+ ---- + ---------- + ----------------- + ---------- + ---- -----------
104 104 registered users password, but not on how the matter?
Reply:
You and me is a phenomenon. Now I do not know how to get.
No comments:
Post a Comment