| 知乎专栏 |
目录
安装环境 ubuntu 13.10
dnf -y install dnf-plugins-core dnf config-manager --add-repo https://rpm.kamailio.org/centos/kamailio.repo dnf install kamailio
启动 kamailio
[root@netkiller ~]# systemctl start kamailio
[root@netkiller ~]# systemctl status kamailio
● kamailio.service - Kamailio - the Open Source SIP Server
Loaded: loaded (/usr/lib/systemd/system/kamailio.service; enabled; preset: disabled)
Active: active (running) since Sat 2025-03-29 21:08:22 CST; 5s ago
Docs: man:kamailio(8)
Main PID: 1950993 (kamailio)
Tasks: 1 (limit: 100479)
Memory: 5.5M
CPU: 12ms
CGroup: /system.slice/kamailio.service
└─1950993 /usr/sbin/kamailio --atexit=no -DD -P /run/kamailio/kamailio.pid -f /etc/kamailio/kamailio.cfg -m 64 -M 8
Mar 29 21:08:22 netkiller systemd[1]: Started Kamailio - the Open Source SIP Server.
相关文件
[root@netkiller ~]# rpm -ql kamailio | grep bin /usr/sbin/kamailio /usr/sbin/kamcmd /usr/sbin/kamctl /usr/sbin/kamdbctl
查看端口
[root@netkiller ~]# ss -ln | grep 5060 udp UNCONN 0 0 192.168.0.71:5060 0.0.0.0:* tcp LISTEN 0 1024 192.168.0.71:5060 0.0.0.0:*
查看配置文件
[root@netkiller ~]# ls /etc/kamailio/ dictionary.kamailio kamailio.cfg kamctlrc pi_framework.xml tls.cfg
备份配置文件,防止修改损坏
[root@netkiller ~]# cp /etc/kamailio/kamailio.cfg{,.backup}
这里环境是阿里云,阿里云有一个公网IP地址影射到内网的 eth0 上,所以我们必须配置 kamailio 告诉他公网地址是什么
[root@netkiller ~]# ifconfig eth0 | grep inet
inet 192.168.0.71 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::f816:3eff:feda:3279 prefixlen 64 scopeid 0x20<link>
192.168.0.71 是内网 eth0 的 LAN IP 地址,139.9.54.21 是 WAN IP 地址
/* listen sockets - if none set, Kamailio binds to all local IP addresses * - basic prototype (full prototype can be found in Wiki - Core Cookbook): * listen=[proto]:[localip]:[lport] advertise [publicip]:[pport] * - it can be set many times to add more sockets to listen to */ # listen=udp:10.0.0.10:5060 listen=udp:192.168.0.71:5060 advertise 139.9.54.21:5060 listen=tcp:192.168.0.71:5060 advertise 139.9.54.21:5060
启动 rtpproxy,参数 rtpproxy -A 公网地址 -l 本地地址 -s udp:127.0.0.1:7722 -m 最小起始端口 -M 最大终止端口号 -F
rtpproxy -A 139.9.54.211 -l 192.168.0.71 -s udp:127.0.0.1:7722 -F -m 35000 -M 65000
[root@netkiller ~]# ps ax | grep rtp 1994065 ? Ssl 0:39 rtpproxy -A 139.9.54.211 -l 192.168.0.71 -s udp:127.0.0.1:7722 -F 2011637 pts/2 S+ 0:00 grep --color=auto rtp
安装 mysql 模块
[root@netkiller ~]# dnf install -y kamailio-mysql
配置 kamailio
[root@netkiller ~]# cat /etc/kamailio/kamailio.cfg
#!KAMAILIO
#
# Kamailio SIP Server v6.0 - default configuration script
# - web: https://www.kamailio.org
# - git: https://github.com/kamailio/kamailio
#
# Direct your questions about this file to: <sr-users@lists.kamailio.org>
#
# Refer to the Core CookBook at https://www.kamailio.org/wikidocs/
# for an explanation of possible statements, functions and parameters.
#
# Note: the comments can be:
# - lines starting with #, but not the pre-processor directives,
# which start with #!, like #!define, #!ifdef, #!endif, #!else, #!trydef,
# #!subst, #!substdef, ...
# - lines starting with //
# - blocks enclosed in between /* */
# Note: the config performs symmetric SIP signaling
# - it sends the reply to the source address of the request
# - remove the use of force_rport() for asymmetric SIP signaling
#
# Several features can be enabled using '#!define WITH_FEATURE' directives:
#
# *** To run in debug mode:
# - define WITH_DEBUG
# - debug level increased to 3, logs still sent to syslog
# - debugger module loaded with cfgtrace enabled
#
# *** To enable mysql:
# - define WITH_MYSQL
#
# *** To enable authentication execute:
# - enable mysql
# - define WITH_AUTH
# - add users using 'kamctl' or 'kamcli'
#
# *** To enable IP authentication execute:
# - enable mysql
# - enable authentication
# - define WITH_IPAUTH
# - add IP addresses with group id '1' to 'address' table
#
# *** To enable persistent user location execute:
# - enable mysql
# - define WITH_USRLOCDB
#
# *** To enable presence server execute:
# - enable mysql
# - define WITH_PRESENCE
# - if modified headers or body in config must be used by presence handling:
# - define WITH_MSGREBUILD
#
# *** To enable nat traversal execute:
# - define WITH_NAT
# - option for NAT SIP OPTIONS keepalives: WITH_NATSIPPING
# - install RTPProxy: http://www.rtpproxy.org
# - start RTPProxy:
# rtpproxy -l _your_public_ip_ -s udp:localhost:7722
#
# *** To use RTPEngine (instead of RTPProxy) for nat traversal execute:
# - define WITH_RTPENGINE
# - install RTPEngine: https://github.com/sipwise/rtpengine
# - start RTPEngine:
# rtpengine --listen-ng=127.0.0.1:2223 ...
#
# *** To enable PSTN gateway routing execute:
# - define WITH_PSTN
# - set the value of pstn.gw_ip
# - check route[PSTN] for regexp routing condition
#
# *** To enable database aliases lookup execute:
# - enable mysql
# - define WITH_ALIASDB
#
# *** To enable speed dial lookup execute:
# - enable mysql
# - define WITH_SPEEDDIAL
#
# *** To enable multi-domain support execute:
# - enable mysql
# - define WITH_MULTIDOMAIN
#
# *** To enable TLS support execute:
# - adjust CFGDIR/tls.cfg as needed
# - define WITH_TLS
#
# *** To enable JSONRPC over HTTP(S) support execute:
# - define WITH_JSONRPC
# - adjust event_route[xhttp:request] for access policy
#
# *** To enable anti-flood detection execute:
# - adjust pike and htable=>ipban settings as needed (default is
# block if more than 16 requests in 2 seconds and ban for 300 seconds)
# - define WITH_ANTIFLOOD
#
# *** To load htable module execute:
# - define WITH_HTABLE
#
# *** To block 3XX redirect replies execute:
# - define WITH_BLOCK3XX
#
# *** To block 401 and 407 authentication replies execute:
# - define WITH_BLOCK401407
#
# *** To enable VoiceMail routing execute:
# - define WITH_VOICEMAIL
# - set the value of voicemail.srv_ip
# - adjust the value of voicemail.srv_port
#
# *** To enhance accounting execute:
# - enable mysql
# - define WITH_ACCDB
# - add following columns to database
#!ifdef ACCDB_COMMENT
ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
#!endif
####### Include Local Config If Exists #########
import_file "kamailio-local.cfg"
####### Defined Values #########
# *** Value defines - IDs used later in config
#!ifdef WITH_DEBUG
#!define DBGLEVEL 3
#!else
#!define DBGLEVEL 2
#!endif
#!ifdef WITH_MYSQL
# - database URL - used to connect to database server by modules such
# as: auth_db, acc, usrloc, a.s.o.
#!trydef DBURL "mysql://sip:13113668890@124.71.107.154/sip"
#!endif
#!ifdef WITH_MULTIDOMAIN
# - the value for 'use_domain' parameters
#!define MULTIDOMAIN 1
#!else
#!define MULTIDOMAIN 0
#!endif
#!ifdef WITH_ANTIFLOOD
# - hash table 'ipban' used to store blocked IP addresses
#!trydef WITH_HTABLE
#!endif
# - flags
# FLT_ - per transaction (message) flags
#!define FLT_ACC 1
#!define FLT_ACCMISSED 2
#!define FLT_ACCFAILED 3
#!define FLT_NATS 5
# FLB_ - per branch flags
#!define FLB_NATB 6
#!define FLB_NATSIPPING 7
####### Global Parameters #########
/* LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR, ... */
debug=DBGLEVEL
/* set to 'yes' to print log messages to terminal or use '-E' cli option */
log_stderror=no
memdbg=5
memlog=5
log_facility=LOG_LOCAL0
log_prefix="{$mt $hdr(CSeq) $ci} "
/* number of SIP routing processes for each UDP socket
* - value inherited by tcp_children and sctp_children when not set explicitely */
children=8
/* uncomment the next line to disable TCP (default on) */
# disable_tcp=yes
/* number of SIP routing processes for all TCP/TLS sockets */
# tcp_children=8
/* UDP receiving mode:
* - 0: multi-process (default)
* - 1: multi-threaded with async worker group 'udp'
* - 2: per socket configuration (see core cookbook) */
# async_workers_group="name=udp;workers=8"
# udp_receiver_mode = 1
/* uncomment the next line to disable the auto discovery of local aliases
* based on reverse DNS on IPs (default on) */
# auto_aliases=no
/* add local domain aliases - it can be set many times */
alias="sip.netkiller.cn"
/* listen sockets - if none set, Kamailio binds to all local IP addresses
* - basic prototype (full prototype can be found in Wiki - Core Cookbook):
* listen=[proto]:[localip]:[lport] advertise [publicip]:[pport]
* - it can be set many times to add more sockets to listen to */
# listen=udp:10.0.0.10:5060
listen=udp:192.168.0.71:5060 advertise 139.19.54.21:5060
listen=tcp:192.168.0.71:5060 advertise 139.19.54.21:5060
/* life time of TCP connection when there is no traffic
* - a bit higher than registration expires to cope with UA behind NAT */
tcp_connection_lifetime=3605
/* upper limit for TCP connections (it includes the TLS connections) */
tcp_max_connections=2048
/* upper limit for TCP connections for one ip address - default 1024 */
#tcp_accept_iplimit=1024
#!ifdef WITH_JSONRPC
tcp_accept_no_cl=yes
#!endif
#!ifdef WITH_TLS
enable_tls=yes
/* upper limit for TLS connections */
tls_max_connections=2048
/* For OpenSSL 3 integration
* functions calling libssl3 can be invoked in a transient thread
* 0: disable threaded calls
* 1: use thread executors for process #0 only
* 2: no thread executors, but use atfork handler to reset thread-locals to NULL */
tls_threads_mode=2
#!endif
/* set it to yes to enable sctp and load sctp.so module */
enable_sctp=no
####### Custom Parameters #########
/* These parameters can be modified at runtime via RPC interface
* - see the documentation of 'cfg_rpc' module.
*
* Format: group.id = value 'desc' description
* Access: $sel(cfg_get.group.id) or @cfg_get.group.id */
#!ifdef WITH_PSTN
/* PSTN GW Routing
*
* - pstn.gw_ip: valid IP or hostname as string value, example:
* pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
*
* - by default is empty to avoid misrouting */
pstn.gw_ip = "" desc "PSTN GW Address"
pstn.gw_port = "" desc "PSTN GW Port"
#!endif
#!ifdef WITH_VOICEMAIL
/* VoiceMail Routing on offline, busy or no answer
*
* - by default Voicemail server IP is empty to avoid misrouting */
voicemail.srv_ip = "" desc "VoiceMail IP Address"
voicemail.srv_port = "5060" desc "VoiceMail Port"
#!endif
####### Modules Section ########
/* set paths to location of modules */
# mpath="/usr/lib64/kamailio/modules/"
# when using TLS with OpenSSL it is recommended to load this module
# first so that OpenSSL is initialized correctly
#!ifdef WITH_TLS
loadmodule "tls.so"
#!endif
#!ifdef WITH_MYSQL
loadmodule "db_mysql.so"
#!endif
#!ifdef WITH_JSONRPC
loadmodule "xhttp.so"
#!endif
loadmodule "jsonrpcs.so"
loadmodule "kex.so"
loadmodule "corex.so"
loadmodule "tm.so"
loadmodule "tmx.so"
loadmodule "sl.so"
loadmodule "rr.so"
loadmodule "pv.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "textopsx.so"
loadmodule "siputils.so"
loadmodule "xlog.so"
loadmodule "sanity.so"
loadmodule "ctl.so"
loadmodule "cfg_rpc.so"
loadmodule "acc.so"
loadmodule "counters.so"
loadmodule "dlgs.so"
#!ifdef WITH_AUTH
loadmodule "auth.so"
loadmodule "auth_db.so"
#!ifdef WITH_IPAUTH
loadmodule "permissions.so"
#!endif
#!endif
#!ifdef WITH_ALIASDB
loadmodule "alias_db.so"
#!endif
#!ifdef WITH_SPEEDDIAL
loadmodule "speeddial.so"
#!endif
#!ifdef WITH_MULTIDOMAIN
loadmodule "domain.so"
#!endif
#!ifdef WITH_PRESENCE
loadmodule "presence.so"
loadmodule "presence_xml.so"
#!endif
#!ifdef WITH_NAT
loadmodule "nathelper.so"
#!ifdef WITH_RTPENGINE
loadmodule "rtpengine.so"
#!else
loadmodule "rtpproxy.so"
#!endif
#!endif
#!ifdef WITH_HTABLE
loadmodule "htable.so"
#!endif
#!ifdef WITH_ANTIFLOOD
loadmodule "pike.so"
#!endif
#!ifdef WITH_DEBUG
loadmodule "debugger.so"
#!endif
# ----------------- setting module-specific parameters ---------------
# ----- jsonrpcs params -----
modparam("jsonrpcs", "pretty_format", 1)
/* set the path to RPC fifo control file */
# modparam("jsonrpcs", "fifo_name", "/run/kamailio/kamailio_rpc.fifo")
/* set the path to RPC unix socket control file */
# modparam("jsonrpcs", "dgram_socket", "/run/kamailio/kamailio_rpc.sock")
#!ifdef WITH_JSONRPC
modparam("jsonrpcs", "transport", 7)
#!endif
# ----- ctl params -----
/* set the path to RPC unix socket control file */
# modparam("ctl", "binrpc", "unix:/run/kamailio/kamailio_ctl")
# ----- sanity params -----
modparam("sanity", "autodrop", 0)
# ----- tm params -----
# auto-discard branches from previous serial forking leg
modparam("tm", "failure_reply_mode", 3)
# default retransmission timeout: 30sec
modparam("tm", "fr_timer", 30000)
# default invite retransmission timeout after 1xx: 120sec
modparam("tm", "fr_inv_timer", 120000)
# ----- rr params -----
# set next param to 1 to add value to ;lr param (helps with some UAs)
modparam("rr", "enable_full_lr", 0)
# do not append from tag to the RR (no need for this script)
modparam("rr", "append_fromtag", 0)
# ----- dlgs params -----
modparam("dlgs", "timer_interval", 10)
modparam("dlgs", "init_lifetime", 180)
modparam("dlgs", "active_lifetime", 7200)
modparam("dlgs", "finish_lifetime", 10)
# ----- registrar params -----
modparam("registrar", "method_filtering", 1)
/* uncomment the next line to disable parallel forking via location */
# modparam("registrar", "append_branches", 0)
/* uncomment the next line not to allow more than 10 contacts per AOR */
# modparam("registrar", "max_contacts", 10)
/* max value for expires of registrations */
modparam("registrar", "max_expires", 3600)
/* set it to 1 to enable GRUU */
modparam("registrar", "gruu_enabled", 0)
/* set it to 0 to disable Path handling */
modparam("registrar", "use_path", 1)
/* save Path even if not listed in Supported header */
modparam("registrar", "path_mode", 0)
# ----- acc params -----
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_ack", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
* if you enable this parameter, be sure the enable "append_fromtag"
* in "rr" module */
modparam("acc", "detect_direction", 0)
/* account triggers (flags) */
modparam("acc", "log_flag", FLT_ACC)
modparam("acc", "log_missed_flag", FLT_ACCMISSED)
modparam("acc", "log_extra",
"src_user=$fU;src_domain=$fd;src_ip=$si;"
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
/* enhanced DB accounting */
#!ifdef WITH_ACCDB
modparam("acc", "db_flag", FLT_ACC)
modparam("acc", "db_missed_flag", FLT_ACCMISSED)
modparam("acc", "db_url", DBURL)
modparam("acc", "db_extra",
"src_user=$fU;src_domain=$fd;src_ip=$si;"
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
#!endif
# ----- usrloc params -----
modparam("usrloc", "timer_interval", 60)
modparam("usrloc", "timer_procs", 1)
modparam("usrloc", "use_domain", MULTIDOMAIN)
/* enable DB persistency for location entries */
#!ifdef WITH_USRLOCDB
modparam("usrloc", "db_url", DBURL)
modparam("usrloc", "db_mode", 2)
#!endif
# ----- auth_db params -----
#!ifdef WITH_AUTH
modparam("auth_db", "db_url", DBURL)
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials", "")
modparam("auth_db", "use_domain", MULTIDOMAIN)
# ----- permissions params -----
#!ifdef WITH_IPAUTH
modparam("permissions", "db_url", DBURL)
modparam("permissions", "load_backends", 1)
#!endif
#!endif
# ----- alias_db params -----
#!ifdef WITH_ALIASDB
modparam("alias_db", "db_url", DBURL)
modparam("alias_db", "use_domain", MULTIDOMAIN)
#!endif
# ----- speeddial params -----
#!ifdef WITH_SPEEDDIAL
modparam("speeddial", "db_url", DBURL)
modparam("speeddial", "use_domain", MULTIDOMAIN)
#!endif
# ----- domain params -----
#!ifdef WITH_MULTIDOMAIN
modparam("domain", "db_url", DBURL)
/* register callback to match myself condition with domains list */
modparam("domain", "register_myself", 1)
#!endif
#!ifdef WITH_PRESENCE
# ----- presence params -----
modparam("presence", "db_url", DBURL)
# ----- presence_xml params -----
modparam("presence_xml", "db_url", DBURL)
modparam("presence_xml", "force_active", 1)
#!endif
#!ifdef WITH_NAT
#!ifdef WITH_RTPENGINE
# ----- rtpengine params -----
modparam("rtpengine", "rtpengine_sock", "udp:127.0.0.1:2223")
#!else
# ----- rtpproxy params -----
modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
#!endif
# ----- nathelper params -----
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
# params needed for NAT traversal in other modules
modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
modparam("usrloc", "nat_bflag", FLB_NATB)
#!endif
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config", "/etc/kamailio/tls.cfg")
#!endif
#!ifdef WITH_ANTIFLOOD
# ----- pike params -----
modparam("pike", "sampling_time_unit", 2)
modparam("pike", "reqs_density_per_unit", 16)
modparam("pike", "remove_latency", 4)
#!endif
#!ifdef WITH_HTABLE
# ----- htable params -----
#!ifdef WITH_ANTIFLOOD
/* ip ban htable with autoexpire after 5 minutes */
modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
#!endif
#!endif
#!ifdef WITH_DEBUG
# ----- debugger params -----
modparam("debugger", "cfgtrace", 1)
modparam("debugger", "log_level_name", "exec")
#!endif
####### Routing Logic ########
/* Main SIP request routing logic
* - processing of any incoming SIP request starts with this route
* - note: this is the same as route { ... } */
request_route {
# per request initial checks
route(REQINIT);
# NAT detection
route(NATDETECT);
# CANCEL processing
if (is_method("CANCEL")) {
dlgs_update();
if (t_check_trans()) {
route(RELAY);
}
exit;
}
# handle retransmissions
if (!is_method("ACK")) {
if(t_precheck_trans()) {
t_check_trans();
exit;
}
t_check_trans();
}
# handle requests within SIP dialogs
route(WITHINDLG);
### only initial requests (no To tag)
# authentication
route(AUTH);
# record routing for dialog forming requests (in case they are routed)
# - remove preloaded route headers
remove_hf("Route");
if (is_method("INVITE|SUBSCRIBE|REFER")) {
record_route();
}
# account only INVITEs
if (is_method("INVITE")) {
setflag(FLT_ACC); # do accounting
}
# dispatch requests to foreign domains
route(SIPOUT);
### requests for my local domains
# handle presence related requests
route(PRESENCE);
# handle registrations
route(REGISTRAR);
if ($rU==$null) {
# request with no Username in RURI
sl_send_reply("484", "Address Incomplete");
exit;
}
if(is_method("INVITE")) {
dlgs_init("$fu", "$tu", "srcip=$si");
}
# dispatch destinations to PSTN
route(PSTN);
# user location service
route(LOCATION);
return;
}
# Wrapper for relaying requests
route[RELAY] {
# enable additional event routes for forwarded requests
# - serial forking, RTP relaying handling, a.s.o.
if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
}
if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
}
if (is_method("INVITE")) {
if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
}
if (!t_relay()) {
send_reply_error();
}
exit;
}
# Per SIP request initial checks
route[REQINIT] {
# no connect for sending replies
set_reply_no_connect();
# enforce symmetric signaling
# - send back replies to the source address of request
force_rport();
#!ifdef WITH_ANTIFLOOD
# flood detection from same IP and traffic ban for a while
# be sure you exclude checking trusted peers, such as pstn gateways
# - local host excluded (e.g., loop to self)
if(src_ip!=myself) {
if($sht(ipban=>$si)!=$null) {
# ip is already blocked
xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
exit;
}
if (!pike_check_req()) {
xalert("ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
$sht(ipban=>$si) = 1;
exit;
}
}
#!endif
if($ua =~ "friendly|scanner|sipcli|sipvicious|VaxSIPUserAgent|pplsip") {
# silent drop for scanners - uncomment next line if want to reply
# sl_send_reply("200", "OK");
exit;
}
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
exit;
}
if(is_method("OPTIONS") && uri==myself && $rU==$null) {
sl_send_reply("200", "Keepalive");
exit;
}
if(!sanity_check("17895", "7")) {
xlog("Malformed SIP request from $si:$sp\n");
exit;
}
}
# Handle requests within SIP dialogs
route[WITHINDLG] {
if (!has_totag()) return;
# sequential request within a dialog should
# take the path determined by record-routing
if (loose_route()) {
route(DLGURI);
dlgs_update();
if (is_method("BYE")) {
setflag(FLT_ACC); # do accounting ...
setflag(FLT_ACCFAILED); # ... even if the transaction fails
} else if ( is_method("ACK") ) {
# ACK is forwarded statelessly
route(NATMANAGE);
} else if ( is_method("NOTIFY|REFER") ) {
# Add Record-Route for in-dialog NOTIFY and REFER (RFC6665, RFC3515)
record_route();
}
route(RELAY);
exit;
}
if (is_method("SUBSCRIBE") && uri == myself) {
# in-dialog subscribe requests
route(PRESENCE);
exit;
}
if ( is_method("ACK") ) {
if ( t_check_trans() ) {
# no loose-route, but stateful ACK;
# must be an ACK after a 487
# or e.g. 404 from upstream server
route(RELAY);
exit;
} else {
# ACK without matching transaction ... ignore and discard
exit;
}
}
sl_send_reply("404", "Not here");
exit;
}
# Handle SIP registrations
route[REGISTRAR] {
if (!is_method("REGISTER")) return;
if(isflagset(FLT_NATS)) {
setbflag(FLB_NATB);
#!ifdef WITH_NATSIPPING
# do SIP NAT pinging
setbflag(FLB_NATSIPPING);
#!endif
}
if (!save("location")) {
send_reply_error();
}
exit;
}
# User location service
route[LOCATION] {
#!ifdef WITH_SPEEDDIAL
# search for short dialing - 2-digit extension
if($rU=~"^[0-9][0-9]$") {
if(sd_lookup("speed_dial")) {
route(SIPOUT);
}
}
#!endif
#!ifdef WITH_ALIASDB
# search in DB-based aliases
if(alias_db_lookup("dbaliases")) {
route(SIPOUT);
}
#!endif
$avp(oexten) = $rU;
if (!lookup("location")) {
$var(rc) = $rc;
route(TOVOICEMAIL);
t_newtran();
switch ($var(rc)) {
case -1:
case -3:
send_reply("404", "Not Found");
exit;
case -2:
send_reply("405", "Method Not Allowed");
exit;
}
}
# when routing via usrloc, log the missed calls also
if (is_method("INVITE")) {
setflag(FLT_ACCMISSED);
}
route(RELAY);
exit;
}
# Presence server processing
route[PRESENCE] {
if(!is_method("PUBLISH|SUBSCRIBE")) return;
if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") {
route(TOVOICEMAIL);
# returns here if no voicemail server is configured
sl_send_reply("404", "No voicemail service");
exit;
}
#!ifdef WITH_PRESENCE
#!ifdef WITH_MSGREBUILD
# apply changes in case the request headers or body were modified
msg_apply_changes();
#!endif
if (!t_newtran()) {
send_reply_error();
exit;
}
if(is_method("PUBLISH")) {
handle_publish();
t_release();
} else if(is_method("SUBSCRIBE")) {
handle_subscribe();
t_release();
}
exit;
#!endif
# if presence enabled, this part will not be executed
if (is_method("PUBLISH") || $rU==$null) {
sl_send_reply("404", "Not here");
exit;
}
return;
}
# IP authorization and user authentication
route[AUTH] {
#!ifdef WITH_AUTH
#!ifdef WITH_IPAUTH
if((!is_method("REGISTER")) && allow_source_address()) {
# source IP allowed
return;
}
#!endif
if (is_method("REGISTER") || from_uri==myself) {
# authenticate requests
if (!auth_check("$fd", "subscriber", "1")) {
auth_challenge("$fd", "0");
exit;
}
# user authenticated - remove auth header
if(!is_method("REGISTER|PUBLISH"))
consume_credentials();
}
# if caller is not local subscriber, then check if it calls
# a local destination, otherwise deny, not an open relay here
if (from_uri!=myself && uri!=myself) {
sl_send_reply("403", "Not relaying");
exit;
}
#!else
# authentication not enabled - do not relay at all to foreign networks
if(uri!=myself) {
sl_send_reply("403", "Not relaying");
exit;
}
#!endif
return;
}
# Caller NAT detection
route[NATDETECT] {
#!ifdef WITH_NAT
if (nat_uac_test("19")) {
if (is_method("REGISTER")) {
fix_nated_register();
} else {
if(is_first_hop()) {
set_contact_alias();
}
}
setflag(FLT_NATS);
}
#!endif
return;
}
# RTP relaying management and signaling updates for NAT traversal
route[NATMANAGE] {
#!ifdef WITH_NAT
if (is_request()) {
if(has_totag()) {
if(check_route_param("nat=yes")) {
setbflag(FLB_NATB);
}
}
}
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return;
#!ifdef WITH_RTPENGINE
if(nat_uac_test("8")) {
rtpengine_manage("SIP-source-address replace-origin replace-session-connection");
} else {
rtpengine_manage("replace-origin replace-session-connection");
}
#!else
if(nat_uac_test("8")) {
rtpproxy_manage("co");
} else {
rtpproxy_manage("cor");
}
#!endif
if (is_request()) {
if (!has_totag()) {
if(t_is_branch_route()) {
add_rr_param(";nat=yes");
}
}
}
if (is_reply()) {
if(isbflagset(FLB_NATB)) {
if(is_first_hop())
set_contact_alias();
}
}
if(isbflagset(FLB_NATB)) {
# no connect message in a dialog involving NAT traversal
if (is_request()) {
if(has_totag()) {
set_forward_no_connect();
}
}
}
#!endif
return;
}
# URI update for dialog requests
route[DLGURI] {
#!ifdef WITH_NAT
if(!isdsturiset()) {
handle_ruri_alias();
}
#!endif
return;
}
# Routing to foreign domains
route[SIPOUT] {
if (uri==myself) return;
append_hf("P-Hint: outbound\r\n");
route(RELAY);
exit;
}
# PSTN GW routing
route[PSTN] {
#!ifdef WITH_PSTN
# check if PSTN GW IP is defined
if (strempty($sel(cfg_get.pstn.gw_ip))) {
xlog("SCRIPT: PSTN routing enabled but pstn.gw_ip not defined\n");
return;
}
# route to PSTN dialed numbers starting with '+' or '00'
# (international format)
# - update the condition to match your dialing rules for PSTN routing
if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$")) return;
# only local users allowed to call
if(from_uri!=myself) {
sl_send_reply("403", "Not Allowed");
exit;
}
# normalize target number for pstn gateway
# - convert leading 00 to +
if (starts_with("$rU", "00")) {
strip(2);
prefix("+");
}
if (strempty($sel(cfg_get.pstn.gw_port))) {
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
} else {
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) + ":"
+ $sel(cfg_get.pstn.gw_port);
}
route(RELAY);
exit;
#!endif
return;
}
# JSONRPC over HTTP(S) routing
#!ifdef WITH_JSONRPC
event_route[xhttp:request] {
set_reply_close();
set_reply_no_connect();
if(src_ip!=127.0.0.1) {
xhttp_reply("403", "Forbidden", "text/html",
"<html><body>Not allowed from $si</body></html>");
exit;
}
if ($hu =~ "^/RPC") {
jsonrpc_dispatch();
exit;
}
xhttp_reply("200", "OK", "text/html",
"<html><body>Wrong URL $hu</body></html>");
exit;
}
#!endif
# Routing to voicemail server
route[TOVOICEMAIL] {
#!ifdef WITH_VOICEMAIL
if(!is_method("INVITE|SUBSCRIBE")) return;
# check if VoiceMail server IP is defined
if (strempty($sel(cfg_get.voicemail.srv_ip))) {
xlog("SCRIPT: VoiceMail routing enabled but IP not defined\n");
return;
}
if(is_method("INVITE")) {
if($avp(oexten)==$null) return;
$ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip)
+ ":" + $sel(cfg_get.voicemail.srv_port);
} else {
if($rU==$null) return;
$ru = "sip:" + $rU + "@" + $sel(cfg_get.voicemail.srv_ip)
+ ":" + $sel(cfg_get.voicemail.srv_port);
}
route(RELAY);
exit;
#!endif
return;
}
# Manage outgoing branches
branch_route[MANAGE_BRANCH] {
xdbg("new branch [$T_branch_idx] to $ru\n");
route(NATMANAGE);
return;
}
# Manage incoming replies
reply_route {
if(!sanity_check("17604", "6")) {
xlog("Malformed SIP response from $si:$sp\n");
drop;
}
return;
}
# Manage incoming replies in transaction context
onreply_route[MANAGE_REPLY] {
xdbg("incoming reply\n");
if(status=~"[12][0-9][0-9]") {
route(NATMANAGE);
}
return;
}
# Manage failure routing cases
failure_route[MANAGE_FAILURE] {
route(NATMANAGE);
if (t_is_canceled()) exit;
#!ifdef WITH_BLOCK3XX
# block call redirect based on 3xx replies.
if (t_check_status("3[0-9][0-9]")) {
t_reply("404", "Not found");
exit;
}
#!endif
#!ifdef WITH_BLOCK401407
# block call redirect based on 401, 407 replies.
if (t_check_status("401|407")) {
t_reply("404", "Not found");
exit;
}
#!endif
#!ifdef WITH_VOICEMAIL
# serial forking
# - route to voicemail on busy or no answer (timeout)
if (t_check_status("486|408")) {
$du = $null;
route(TOVOICEMAIL);
exit;
}
#!endif
return;
}
配置数据
[root@netkiller ~]# cp /etc/kamailio/kamctlrc{,.backup}
[root@netkiller ~]# vim /etc/kamailio/kamctlrc
[root@netkiller src]# cat /etc/kamailio/kamctlrc
## The Kamailio configuration file for the control tools.
##
## Here you can set variables used in the kamctl and kamdbctl setup
## scripts. Per default all variables here are commented out, the control tools
## will use their internal default values.
## the SIP domain
SIP_DOMAIN=sip.netkiller.cn
## chrooted directory
# CHROOT_DIR="/path/to/chrooted/directory"
## database type: MYSQL, PGSQL, ORACLE, DB_BERKELEY, DBTEXT, or SQLITE
## by default none is loaded
##
## If you want to setup a database with kamdbctl, you must at least specify
## this parameter.
DBENGINE=MYSQL
## database host
DBHOST=124.71.17.15
## database port
DBPORT=3306
## database name (for ORACLE this is TNS name)
DBNAME=sip
## database path used by dbtext, db_berkeley or sqlite
# DB_PATH="/usr/local/etc/kamailio/dbtext"
## database read/write user
DBRWUSER="sip"
## password for database read/write user
DBRWPW="netkiller"
## database read only user
DBROUSER="sip"
## password for database read only user
DBROPW="netkiller"
## database access host (from where is kamctl used)
DBACCESSHOST=124.71.107.154
## database host for super user (useful for specifying a local socket or virtual hostname)
# defaults to value of DBHOST when not set
# DBROOTHOST="localhost"
## database port for super user (on some DB specifying the port will force TCP connections)
# default value will depend on client DB tool
# DBROOTPORT=""
## database super user (for ORACLE this is 'scheme-creator' user)
# DBROOTUSER="root"
## password for database super user
## - important: this is insecure, targeting the use only for automatic netkiller
## - known to work for: mysql
# DBROOTPW="dbrootpw"
## option to ask confirmation for all database creation steps
# DBINITASK=yes
## database character set (used by MySQL when creating database)
CHARSET="utf8"
## user name column
USERCOL="username"
## SQL definitions
## If you change this definitions here, then you must change them
## in db/schema/entities.xml too.
## FIXME
# FOREVER="2030-05-28 21:32:15"
# DEFAULT_Q="1.0"
## Program to calculate a message-digest fingerprint
# MD5="md5sum"
## awk tool
# AWK="awk"
## gdb tool
# GDB="gdb"
## If you use a system with a grep and egrep that is not 100% gnu grep compatible,
## e.g. solaris, install the gnu grep (ggrep) and specify this below.
##
## grep tool
# GREP="grep"
## egrep tool
# EGREP="egrep"
## sed tool
# SED="sed"
## tail tool
# LAST_LINE="tail -n 1"
## expr tool
# EXPR="expr"
## Describe what additional tables to install. Valid values for the variables
## below are yes/no/ask. With ask (default) it will interactively ask the user
## for an answer, while yes/no allow for automated, unassisted installs.
## If to install tables for the modules in the EXTRA_MODULES variable.
# INSTALL_EXTRA_TABLES=ask
## If to install presence related tables.
# INSTALL_PRESENCE_TABLES=ask
## If to install uid modules related tables.
# INSTALL_DBUID_TABLES=ask
## Define what module tables should be installed.
## If you use the postgres database and want to change the installed tables, then you
## must also adjust the STANDARD_TABLES or EXTRA_TABLES variable accordingly in the
## kamdbctl.base script.
## Kamailio standard modules
# STANDARD_MODULES="standard acc lcr domain group permissions registrar usrloc msilo
# alias_db uri_db speeddial avpops auth_db pdt dialog dispatcher
# dialplan"
## Kamailio extra modules
# EXTRA_MODULES="imc cpl siptrace domainpolicy carrierroute userblocklist htable purple sca"
## type of aliases used: DB - database aliases; UL - usrloc aliases
## - default: none
# ALIASES_TYPE="DB"
## control engine: RPCFIFO
## - default RPCFIFO
# CTLENGINE="RPCFIFO"
## path to FIFO file for engine RPCFIFO
# RPCFIFOPATH="/run/kamailio/kamailio_rpc.fifo"
## check ACL names; default on (1); off (0)
# VERIFY_ACL=1
## ACL names - if VERIFY_ACL is set, only the ACL names from below list
## are accepted
# ACL_GROUPS="local ld int voicemail free-pstn"
## check if user exists (used by some commands such as acl);
## - default on (1); off (0)
# VERIFY_USER=1
## verbose - debug purposes - default '0'
VERBOSE=1
## do (1) or don't (0) store plaintext passwords
## in the subscriber table - default '1'
# STORE_PLAINTEXT_PW=0
## Kamailio START Options
## PID file path - default is: /run/kamailio/kamailio.pid
# PID_FILE=/run/kamailio/kamailio.pid
## Kamailio Startup Configuration File
## Default is: kamailio.cfg
# STARTUP_CONFIG_FILE=kamailio.cfg
## Extra start options - default is: not set
## example: start Kamailio with 64MB shared memory: STARTOPTIONS="-m 64"
# STARTOPTIONS=
启用模块
cat > /etc/kamailio/kamailio-local.cfg <<EOF #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_NAT EOF
创建数据库
[root@netkiller ~]# kamdbctl create
添加用户(分机号码)
[root@netkiller ~]# kamctl add 6001 6001 database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded is_user: user counter=0 new user '6001' added [root@netkiller ~]# kamctl add 6002 6002 database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded is_user: user counter=0 new user '6002' added [root@netkiller ~]# kamctl add 6003 6003 database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded is_user: user counter=0 new user '6003' added
查看用户
[root@netkiller ~]# kamctl db show subscriber database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded mysql: [Warning] Using a password on the command line interface can be insecure. +----+----------+----------------+----------+----------------------------------+----------------------------------+ | id | username | domain | password | ha1 | ha1b | +----+----------+----------------+----------+----------------------------------+----------------------------------+ | 1 | 6001 | sip.netkiller.cn | 6001 | 3acbde16c0844fbe793ffff98a66c3db | b0c0020803cf87d7d8546fbd5e73ae1f | | 2 | 6002 | sip.netkiller.cn | 6002 | d2c9bd9b4d976a8bb597b51e241b2a4e | 2275310fe3da577038667fbc091e20e9 | | 3 | 6003 | sip.netkiller.cn | 6003 | 0bb3b1f9588c5cc37eedf724231e708e | e48e8e49f77b061bd41df7d1601b26ab | +----+----------+----------------+----------+----------------------------------+----------------------------------+
启动 rtpproxy,参数 rtpproxy -A 公网地址 -l 本地地址 -s udp:127.0.0.1:7722 -m 最小起始端口 -M 最大终止端口号 -F
rtpproxy -A 139.9.54.211 -l 192.168.0.71 -s udp:127.0.0.1:7722 -F -m 35000 -M 65000
查看已经登录的话机
[root@netkiller ~]# kamctl ul show
database engine 'MYSQL' loaded
Control engine 'RPCFIFO' loaded
entering rpc_cmd ul.dump
{
"jsonrpc": "2.0",
"result": {
"Domains": [{
"Domain": {
"Domain": "location",
"Size": 1024,
"AoRs": [{
"Info": {
"AoR": "6004",
"HashID": 821943562,
"Contacts": [{
"Contact": {
"Address": "sip:6004@10.65.17.4:34964;rinstance=A071D824",
"Expires": 343,
"Q": -1,
"Call-ID": "1A5F7D7EA8AA4F2FE3B073BC7FDB417D6BED39D2",
"CSeq": 4,
"User-Agent": "Acrobits SIPIS",
"Received": "sip:159.89.179.103:34964",
"Path": "[not set]",
"State": "CS_SYNC",
"Flags": 0,
"CFlags": 64,
"Socket": "udp:192.168.0.71:5060",
"Methods": 4767,
"Ruid": "uloc-67e94b0a-1e6d65-01",
"Instance": "[not set]",
"Reg-Id": 0,
"Server-Id": 0,
"Tcpconn-Id": -1,
"Keepalive": 1,
"Last-Keepalive": 1743348085,
"KA-Roundtrip": 0,
"Last-Modified": 1743348085
}
}]
}
}, {
"Info": {
"AoR": "6003",
"HashID": 821943565,
"Contacts": [{
"Contact": {
"Address": "sip:6003@192.168.123.55:5060",
"Expires": 3232,
"Q": -1,
"Call-ID": "1_934163685@192.168.123.55",
"CSeq": 4,
"User-Agent": "Yealink SIP-T21P_E2 52.84.0.125",
"Received": "sip:223.74.131.24:22563",
"Path": "[not set]",
"State": "CS_SYNC",
"Flags": 0,
"CFlags": 64,
"Socket": "udp:192.168.0.71:5060",
"Methods": 16383,
"Ruid": "uloc-67e94b0a-1e6d68-3",
"Instance": "[not set]",
"Reg-Id": 0,
"Server-Id": 0,
"Tcpconn-Id": -1,
"Keepalive": 1,
"Last-Keepalive": 1743347974,
"KA-Roundtrip": 0,
"Last-Modified": 1743347974
}
}]
}
}, {
"Info": {
"AoR": "6000",
"HashID": 821943566,
"Contacts": [{
"Contact": {
"Address": "sip:6000@172.16.0.12:5060",
"Expires": 3522,
"Q": -1,
"Call-ID": "708aa87-da81b23c@172.16.0.12",
"CSeq": 50703,
"User-Agent": "Linksys/PAP2T-5.1.6(LS)",
"Received": "sip:112.97.181.132:65065",
"Path": "[not set]",
"State": "CS_SYNC",
"Flags": 0,
"CFlags": 64,
"Socket": "udp:192.168.0.71:5060",
"Methods": 4767,
"Ruid": "uloc-67e94b0a-1e6d66-a",
"Instance": "[not set]",
"Reg-Id": 0,
"Server-Id": 0,
"Tcpconn-Id": -1,
"Keepalive": 1,
"Last-Keepalive": 1743348264,
"KA-Roundtrip": 0,
"Last-Modified": 1743348264
}
}]
}
}
],
"Stats": {
"Records": 3,
"Max-Slots": 1
}
}
}]
},
"id": 1996075
}
FIFO command was:\n{"jsonrpc": "2.0", "method": "ul.dump", "reply_name": "kamailio_receiver_1996075", "id": 1996075}\n
kamailio 可以使用多种数据库 MYSQL, PGSQL, ORACLE, DB_BERKELEY, DBTEXT, or SQLITE 存储用户信息,这里使用最简单的纯文本文件,存储用户数据
[root@netkiller ~]# cp /etc/kamailio/kamctlrc{,.backup}
[root@netkiller ~]# vim /etc/kamailio/kamctlrc
[root@netkiller ~]# egrep -v "^#|^$" /etc/kamailio/kamctlrc
SIP_DOMAIN=netkiller.cn
DBENGINE=DBTEXT
DB_PATH="/etc/kamailio/dbtext"
USERCOL="username"
INSTALL_EXTRA_TABLES=ask
INSTALL_PRESENCE_TABLES=ask
STANDARD_MODULES="standard acc lcr domain group permissions registrar usrloc msilo
alias_db uri_db speeddial avpops auth_db pdt dialog dispatcher
dialplan"
EXTRA_MODULES="imc cpl siptrace domainpolicy carrierroute userblocklist htable purple sca"
ALIASES_TYPE="DB"
CTLENGINE="RPCFIFO"
RPCFIFOPATH="/run/kamailio/kamailio_rpc.fifo"
VERBOSE=1
创建文本数据库
[root@netkiller ~]# kamdbctl create database engine 'dbtext' loaded INFO: creating DBTEXT tables at: /etc/kamailio/dbtext ... Creating core table: version Creating core table: acc Creating core table: dbaliases Creating core table: domain Creating core table: domain_attrs Creating core table: grp Creating core table: uri Creating core table: speed_dial Creating core table: lcr_gw Creating core table: lcr_rule Creating core table: lcr_rule_target Creating core table: pdt Creating core table: subscriber Creating core table: location Creating core table: location_attrs Creating core table: re_grp Creating core table: trusted Creating core table: address Creating core table: missed_calls Creating core table: usr_preferences Creating core table: aliases Creating core table: silo Creating core table: dialog Creating core table: dialog_vars Creating core table: dispatcher Creating core table: dialplan Creating core table: acc_cdrs Creating core table: topos_d Creating core table: topos_t Install presence related tables? (y/n): y INFO: creating DBTEXT presence tables at: /etc/kamailio/dbtext ... Creating presence table: presentity Creating presence table: active_watchers Creating presence table: watchers Creating presence table: xcap Creating presence table: pua Creating presence table: rls_presentity Creating presence table: rls_watchers Install tables for imc cpl siptrace domainpolicy carrierroute userblocklist htable purple sca? (y/n): y INFO: creating DBTEXT extra tables at: /etc/kamailio/dbtext ... Creating extra table: imc_members Creating extra table: imc_rooms Creating extra table: cpl Creating extra table: sip_trace Creating extra table: domainpolicy Creating extra table: carrierroute Creating extra table: carrier_name Creating extra table: domain_name Creating extra table: carrierfailureroute Creating extra table: userblocklist Creating extra table: globalblocklist Creating extra table: htable Creating extra table: purplemap Creating extra table: uacreg Creating extra table: pl_pipes Creating extra table: mtree Creating extra table: mtrees Creating extra table: sca_subscriptions Creating extra table: mohqcalls Creating extra table: mohqueues Creating extra table: rtpproxy Creating extra table: rtpengine Creating extra table: dr_gateways Creating extra table: dr_rules Creating extra table: dr_gw_lists Creating extra table: dr_groups Creating extra table: secfilter Creating extra table: nds_trusted_domains Creating extra table: s_cscf Creating extra table: s_cscf_capabilities [root@netkiller ~]# ls /etc/kamailio/dbtext/ acc carrier_name dialplan dr_gateways htable location mtrees purplemap sca_subscriptions speed_dial uri acc_cdrs carrierroute dispatcher dr_groups imc_members location_attrs nds_trusted_domains re_grp s_cscf subscriber userblocklist active_watchers cpl domain dr_gw_lists imc_rooms missed_calls pdt rls_presentity s_cscf_capabilities topos_d usr_preferences address dbaliases domain_attrs dr_rules lcr_gw mohqcalls pl_pipes rls_watchers secfilter topos_t version aliases dialog domain_name globalblocklist lcr_rule mohqueues presentity rtpengine silo trusted watchers carrierfailureroute dialog_vars domainpolicy grp lcr_rule_target mtree pua rtpproxy sip_trace uacreg xcap
重启 kamailio
[root@netkiller ~]# systemctl restart kamailio
账号文件
/etc/kamailio/dbtext/subscriber
启用配置
cat >> /etc/kamailio/kamailio-local.cfg <<EOF #!define WITH_DBTEXT #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_NAT #!ifdef WITH_DBTEXT loadmodule "db_text.so" #!endif #!ifdef WITH_DBTEXT # - database URL - used to connect to database server by modules such # as: auth_db, acc, usrloc, a.s.o. #!define DBURL "text:///etc/kamailio/dbtext" #!endif EOF
查看日志
[root@netkiller ~]# grep db_text /var/log/kamailio.log Mar 30 13:29:32 netkiller /usr/sbin/kamailio[1965713]: INFO: db_text [dbt_lib.c:138]: dbt_cache_get_db(): using database at: /etc/kamailio/dbtext Mar 30 13:29:32 netkiller /usr/sbin/kamailio[1965713]: INFO: db_text [dbt_lib.c:138]: dbt_cache_get_db(): using database at: /etc/kamailio/dbtext
[root@netkiller ~]# vim /etc/kamailio/kamailio.cfg
log_facility=LOG_LOCAL0
log_prefix="{$mt $hdr(CSeq) $ci} "
配置日志文件,前面加一个减号 “-” 表示异步写入日志
[root@netkiller ~]# echo "local0.* -/var/log/kamailio.log" >> /etc/rsyslog.d/kamailio.conf [root@netkiller ~]# cat /etc/rsyslog.conf | grep local0 local0.* -/var/log/kamailio.log [root@netkiller ~]# systemctl reload rsyslog.service [root@netkiller ~]# kamctl restart
查看日志
tail -f /var/log/kamailio.log
日志切割 /etc/logrotate.d/rsyslog 加入 /var/log/kamailio.log
[root@netkiller ~]# cat /etc/logrotate.d/rsyslog
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
/var/log/kamailio.log
{
missingok
sharedscripts
postrotate
/usr/bin/systemctl -s HUP kill rsyslog.service >/dev/null 2>&1 || true
endscript
}
# 启动Kamailio服务 kamctl start # 停止Kamailio服务 kamctl stop # 重载配置文件 kamctl reload
[root@netkiller ~]# kamctl restart database engine 'DBTEXT' loaded Control engine 'RPCFIFO' loaded INFO: Stopping Kamailio : INFO: stopped INFO: Starting Kamailio : INFO: started (pid: 1963857)
[root@netkiller ~]# kamctl show neo database engine 'DBTEXT' loaded Control engine 'RPCFIFO' loaded [1, 'neo', 'netkiller.cn', '12345678', 'b43c9a9b43d85880cdfc4cba7100fc9c', '513a61b6cbc9594cb07b9a69b2d21a8e']
[root@netkiller ~]# kamctl db show subscriber database engine 'DBTEXT' loaded Control engine 'RPCFIFO' loaded [1, 'neo', 'netkiller.cn', 'passw0rd', 'b43c9a9b43d85880cdfc4cba7100fc9c', '513a61b6cbc9594cb07b9a69b2d21a8e'] [2, '6003', 'netkiller.cn', '6003', '06306984457d05c0a0f1a949ab435b7f', '18f5a109d10fc8770a0e2f052afbad9c'] [3, '6001', 'netkiller.cn', '6001', 'f6175848a51d0f74bc93a4e72c0ca98e', 'd119ff48e7b8021c60005375e1af5205'] [4, '6002', 'netkiller.cn', '6002', '5f89ff48b4a67537c5e5b707f9661474', 'f8003867c0f09bb9bd2c59f4b4506003']
[root@netkiller ~]# kamctl moni
[cycle #: 5; if constant make sure server lives]
Kamailio Runtime Details:
kamailio 6.0.1 (x86_64/linux) fce50d
now: Sun Mar 30 13:52:04 2025
up_since: Sun Mar 30 13:29:19 2025
uptime: 1365
Transaction Statistics:
tmx:UAS_transactions = 7 tmx:UAC_transactions = 0 tmx:active_transactions = 0 tmx:inuse_transactions = 0
Stateless Server Statistics:
sl:sent_replies = 0 sl:sent_err_replies = 0
UsrLoc Statistics:
usrloc:location_contacts = 0 usrloc:location_expires = 0 usrloc:location_users = 0 usrloc:registered_users = 0
Core Statistics:
core:rcv_requests = 10 core:fwd_requests = 0 core:rcv_replies = 0 core:fwd_replies = 0
Shared Memory Statistics:
shmem:fragments = 1 shmem:max_used_size = 2942016 shmem:total_size = 67108864
shmem:free_size = 64181808 shmem:real_used_size = 2927056 shmem:used_size = 2613760