├── .gitignore
├── README.md
├── kamailio.cfg
└── kamctlrc


/.gitignore:
--------------------------------------------------------------------------------
1 | kamailio_siteconfig.cfg
2 | 
3 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | Static SIP and RTP relay proxy
  2 | ==============================
  3 | 
  4 | Introduction
  5 | ------------
  6 | 
  7 | This project sponsored by BluePackets - http://www.bluepackets.com.au
  8 | 
  9 | This is a Kamailio configuration that builds up a static SIP and RTP
 10 | proxy and relays the packets between two IP interfaces on the relay
 11 | server and two remote SIP servers. It allows to hide the internal
 12 | network topology and to go around some security or topology
 13 | restrictions.
 14 | 
 15 | The network topology consists of two segments: internal and
 16 | external. The relay server has IP interfaces in both segments, and
 17 | forwards SIP messages and RTP data in both directions.
 18 | 
 19 | The following IP addresses and ports are used further in this document:
 20 | 
 21 | * Internal SIP server: `10.0.0.10:5060`
 22 | * Relay server's interface in internal network: `10.5.5.5:5060`
 23 | * Relay server's interface in external network: `192.0.2.5:5060`
 24 | * External SIP server: `198.51.100.100:5060`
 25 | 
 26 | 
 27 | When `10.0.0.10` needs to send a SIP call to `198.51.100.100`, it sends
 28 | it to `10.5.5.5`, and when `198.51.100.100` needs to send a call to
 29 | `10.0.0.10`, it sends it to `192.0.2.5`. Both SIP servers see the
 30 | corresponding relay's interface IP address as the source address in
 31 | received packets. The RTP media is relayed using the same principle.
 32 | 
 33 | The configuration is completely symmetrical, but the internal and
 34 | external addresses should not be mixed up.
 35 | 
 36 | 
 37 | Software installation
 38 | ---------------------
 39 | 
 40 | The following is the installation sequence for Debian Wheezy.
 41 | 
 42 | ```
 43 | curl http://deb.kamailio.org/kamailiodebkey.gpg | apt-key add -
 44 | 
 45 | cat >/etc/apt/sources.list.d/kamailio.list <<EOT
 46 | deb http://deb.kamailio.org/kamailio wheezy main
 47 | EOT
 48 | 
 49 | apt-get update && apt-get install -y kamailio rtpproxy git
 50 | 
 51 | cat >/etc/default/kamailio <<'EOT'
 52 | # Kamailio startup options
 53 | RUN_KAMAILIO=yes
 54 | USER=kamailio
 55 | GROUP=kamailio
 56 | SHM_MEMORY=64
 57 | PKG_MEMORY=8
 58 | CFGFILE=/etc/kamailio/kamailio.cfg
 59 | DUMP_CORE=yes
 60 | EOT
 61 | 
 62 | cat >/etc/rsyslog.d/siprelay.conf <<'EOT'
 63 | local0.*                        -/var/log/kamailio.log
 64 | local1.*                        -/var/log/rtpproxy.log
 65 | EOT
 66 | 
 67 | service rsyslog restart 
 68 | 
 69 | cat >/etc/logrotate.d/siprelay <<'EOT'
 70 | /var/log/kamailio.log
 71 | /var/log/rtpproxy.log
 72 | {
 73 |         rotate 4
 74 |         weekly
 75 |         missingok
 76 |         notifempty
 77 |         compress
 78 |         delaycompress
 79 |         sharedscripts
 80 |         postrotate
 81 |                 invoke-rc.d rsyslog rotate > /dev/null
 82 |         endscript
 83 | }
 84 | EOT
 85 | ```
 86 | 
 87 | `sngrep` is a convenient tool for debugging SIP sessions. It requires a
 88 | wide text terminal with color support (xterm, for example). It is not
 89 | required, but very handy in troubleshooting and tuning a SIP service:
 90 | 
 91 | ```
 92 | apt-get update && \
 93 | apt-get install -y git autoconf automake gcc make libncurses5-dev \
 94 | libpcap-dev libssl-dev libpcre3-dev
 95 | cd /usr/local/src
 96 | git clone https://github.com/irontec/sngrep.git
 97 | cd sngrep/
 98 | ./bootstrap.sh && ./configure && make install
 99 | ```
100 | 
101 | 
102 | Proxy configuration
103 | -------------------
104 | 
105 | All site-specific configuration is done in `kamailio_siteconfig.cfg`,
106 | and this file is ignored by Git. This allows you to keep the Github
107 | remote for future updates. You can also create your own branch where
108 | `kamailio_siteconfig.cfg` is excluded from `.gitignore`, and merge the
109 | updates from Github with your branch.
110 | 
111 | ```
112 | cd /etc/kamailio
113 | /bin/rm *
114 | git clone https://github.com/voxserv/kamailio-static-relay.git .
115 | 
116 | cat >kamailio_siteconfig.cfg <<'EOT'
117 | #!substdef "/INTERNAL_HOST/10.0.0.10/"
118 | #!substdef "/INTERNAL_PORT/5060/"
119 | #!substdef "/EXTERNAL_HOST/198.51.100.100/"
120 | #!substdef "/EXTERNAL_PORT/5060/"
121 | port=5060
122 | EOT
123 | 
124 | 
125 | # -l option specifies the relay NIC addresses, and the order is important:
126 | # internal NIC address should go first. The UDP port range is up to you,
127 | # and it should be consistent with all surrounding firewall configurations
128 | 
129 | cat >/etc/default/rtpproxy <<'EOT'
130 | CONTROL_SOCK=udp:127.0.0.1:9000
131 | EXTRA_OPTS="-l 10.5.5.5/192.0.2.5 -m 10000 -M 40000 -d WARN:LOG_LOCAL1"
132 | EOT
133 | 
134 | insserv rtpproxy
135 | service rtpproxy restart
136 | 
137 | insserv kamailio
138 | service kamailio start
139 | ```
140 | 
141 | 
142 | Author
143 | ------
144 | 
145 | Copyright (c) 2015 Stanislav Sinyagin <ssinyagin@k-open.com>
146 | http://voxserv.ch/
147 | 
148 | 
149 | Permission is hereby granted, free of charge, to any person obtaining a copy
150 | of this software and associated documentation files (the "Software"), to deal
151 | in the Software without restriction, including without limitation the rights
152 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
153 | copies of the Software, and to permit persons to whom the Software is
154 | furnished to do so, subject to the following conditions:
155 | 
156 | The above copyright notice and this permission notice shall be included in
157 | all copies or substantial portions of the Software.
158 | 
159 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
160 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
161 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
162 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
163 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
164 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
165 | THE SOFTWARE.


--------------------------------------------------------------------------------
/kamailio.cfg:
--------------------------------------------------------------------------------
  1 | #!KAMAILIO
  2 | 
  3 | ################################################################
  4 | #
  5 | #  SIP relay server for Bluepackets
  6 | #  Author: Stanislav Sinyagin <ssinaygin@k-open.com>
  7 | #
  8 | ################################################################
  9 | 
 10 | fork=yes
 11 | children=4
 12 | 
 13 | 
 14 | ###  Site-specific configuration defines hosts and ports
 15 | include_file "/etc/kamailio/kamailio_siteconfig.cfg"
 16 | 
 17 | ####### Global Parameters #########
 18 | 
 19 | #!ifdef WITH_DEBUG
 20 | debug=4
 21 | log_stderror=no
 22 | #!else
 23 | debug=2
 24 | log_stderror=no
 25 | #!endif
 26 | 
 27 | memdbg=5
 28 | memlog=5
 29 | 
 30 | log_facility=LOG_LOCAL0
 31 | 
 32 | # This is not part of siteconfig because the routing logic
 33 | # depends on these settings
 34 | disable_tcp=yes
 35 | auto_aliases=no
 36 | mhomed=1
 37 | 
 38 | 
 39 | ####### Modules Section ########
 40 | 
 41 | mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules"
 42 | 
 43 | loadmodule "mi_fifo.so"
 44 | loadmodule "kex.so"
 45 | loadmodule "sl.so"
 46 | loadmodule "rr.so"
 47 | loadmodule "pv.so"
 48 | loadmodule "maxfwd.so"
 49 | loadmodule "textops.so"
 50 | loadmodule "siputils.so"
 51 | loadmodule "xlog.so"
 52 | loadmodule "sanity.so"
 53 | loadmodule "ctl.so"
 54 | loadmodule "cfg_rpc.so"
 55 | loadmodule "mi_rpc.so"
 56 | 
 57 | loadmodule "rtpproxy.so"
 58 | 
 59 | 
 60 | #!ifdef WITH_DEBUG
 61 | loadmodule "debugger.so"
 62 | #!endif
 63 | 
 64 | # ----------------- setting module-specific parameters ---------------
 65 | 
 66 | 
 67 | modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
 68 | 
 69 | 
 70 | modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:9000")
 71 | modparam("rtpproxy", "nortpproxy_str", "")
 72 | 
 73 | #!ifdef WITH_DEBUG
 74 | # ----- debugger params -----
 75 | modparam("debugger", "cfgtrace", 1)
 76 | #!endif
 77 | 
 78 | ####### Routing Logic ########
 79 | 
 80 | 
 81 | route {
 82 |     if (!sanity_check()) {
 83 |         exit;
 84 |     }
 85 | 
 86 |     if ( !mf_process_maxfwd_header("10") )
 87 |     {
 88 |         sl_send_reply("483","To Many Hops");
 89 |         xlog("L_NOTICE", "$si $rm $ru -- too many hops\n");
 90 |         exit;
 91 |     }
 92 | 
 93 |     if( !is_method("OPTIONS") )
 94 |     {
 95 |         xlog("L_INFO", "received SIP request: " +
 96 |             "$si:$sp -> $rm $ru From: $fu To: $tu\n");
 97 |     }
 98 |     
 99 |     if( !loose_route() )
100 |     {
101 |         $var(usr) = "";
102 |         if( !strempty($rU) )
103 |         {
104 |             $var(usr) = $rU + "@";
105 |         }
106 |         
107 |         if (src_ip == INTERNAL_HOST && src_port == INTERNAL_PORT)
108 |         {
109 |             $du = "sip:" + "EXTERNAL_HOST" + ":" + "EXTERNAL_PORT";
110 |             $ru = "sip:" + $var(usr) + "EXTERNAL_HOST" + ":" + "EXTERNAL_PORT";
111 |             rtpproxy_manage("cwie");
112 |         }
113 |         else if (src_ip == EXTERNAL_HOST && src_port == EXTERNAL_PORT)
114 |         {
115 |             $du = "sip:" + "INTERNAL_HOST" + ":" + "INTERNAL_PORT";
116 |             $ru = "sip:" + $var(usr) + "INTERNAL_HOST" + ":" + "INTERNAL_PORT";
117 |             rtpproxy_manage("cwei");
118 |         }
119 |         else
120 |         {
121 |             xlog("L_NOTICE", "Dropping request: $si:$sp $rm $ru\n");
122 |             exit;
123 |         }
124 |     }
125 | 
126 |     record_route();
127 | 
128 |     forward();
129 |     if( !is_method("OPTIONS") )
130 |     {
131 |         xlog("L_INFO", "forwarding SIP request: " +
132 |             "$nh(u) <- $rm $ru From: $fu To: $tu\n");
133 |     }
134 | }
135 | 
136 | 
137 | onreply_route {
138 | 
139 |     if( !is_method("OPTIONS") )
140 |     {
141 |         xlog("L_INFO", "received SIP reply: " +
142 |             "$si:$sp -> $rs $rm From: $fu To: $tu\n");
143 |     }
144 |     
145 |     if (src_ip == INTERNAL_HOST && src_port == INTERNAL_PORT)
146 |     {
147 |         rtpproxy_manage("cwei");
148 |     }
149 |     else if(src_ip == EXTERNAL_HOST && src_port == EXTERNAL_PORT)
150 |     {
151 |         rtpproxy_manage("cwie");
152 |     }
153 |     else
154 |     {
155 |         exit;
156 |     }
157 |     
158 |     return(1);
159 | }
160 | 
161 | 
162 | 
163 | # Local Variables:
164 | # mode: sh
165 | # sh-indent-after-if: 0
166 | # indent-tabs-mode: nil
167 | # tab-width: 4
168 | # End:
169 | 


--------------------------------------------------------------------------------
/kamctlrc:
--------------------------------------------------------------------------------
1 | ## control engine: FIFO or UNIXSOCK
2 | ## - default FIFO
3 | CTLENGINE="FIFO"
4 | 
5 | ## path to FIFO file
6 | FIFOPATH="/tmp/kamailio_fifo"
7 | 
8 | 


--------------------------------------------------------------------------------