| 知乎专栏 |
查看配置文件
[root@netkiller ~]# ls /etc/kamailio/ dictionary.kamailio kamailio.cfg kamctlrc pi_framework.xml tls.cfg
这里可以看到三个配置文件,kamailio.cfg 核心配置文件,kamctlrc 工具配置文件,主要是用于 kamctl 命令。kamctlrc 配置不影响 kamailio.cfg
备份配置文件,防止修改损坏
[root@netkiller ~]# cp /etc/kamailio/kamailio.cfg{,.backup}
[root@netkiller ~]# cp /etc/kamailio/kamctlrc{,.backup}
这里环境是阿里云,阿里云有一个公网IP地址影射到内网的 eth0 上,所以我们必须配置 kamailio 告诉他公网地址是什么
[root@netkiller ~]# ifconfig eth0 | grep inet
inet 172.22.11.163 netmask 255.255.240.0 broadcast 172.22.15.255
inet6 2408:4003:1150:2600:5ec0:2ed4:4199:547f prefixlen 128 scopeid 0x0<global>
inet6 fe80::216:3eff:fe0e:5457 prefixlen 64 scopeid 0x20<link>
192.168.0.71 是内网 eth0 的 LAN IP 地址,139.9.54.21 是 WAN IP 地址
/* listen sockets - if none set, Kamailio binds to all local IP addresses * - basic prototype (full prototype can be found in Wiki - Core Cookbook): * listen=[proto]:[localip]:[lport] advertise [publicip]:[pport] * - it can be set many times to add more sockets to listen to */ # listen=udp:10.0.0.10:5060 listen=udp:172.22.11.163:5060 advertise 120.79.202.61:5060 listen=tcp:172.22.11.163:5060 advertise 120.79.202.61:5060
检查配置
[root@development ~]# kamailio -c
Listening on
udp: 127.0.0.1:5060
udp: 172.22.11.163:5060 advertise udp:120.79.202.61:5060
tcp: 127.0.0.1:5060
tcp: 172.22.11.163:5060 advertise tcp:120.79.202.61:5060
Aliases:
tcp: development:5060
tcp: localhost4.localdomain4:5060
tcp: localhost4:5060
tcp: localhost.localdomain:5060
tcp: localhost:5060
udp: development:5060
udp: localhost4.localdomain4:5060
udp: localhost4:5060
udp: localhost.localdomain:5060
udp: localhost:5060
config file ok, exiting...
NAT 模式启动 rtpproxy,参数 rtpproxy -A 公网地址 -l 本地地址 -s udp:127.0.0.1:7722 -m 最小起始端口 -M 最大终止端口号 -F
rtpproxy -A 139.9.54.211 -l 192.168.0.71 -s udp:127.0.0.1:7722 -F -m 35000 -M 65000
[root@netkiller ~]# ps ax | grep rtp 1994065 ? Ssl 0:39 rtpproxy -A 139.9.54.211 -l 192.168.0.71 -s udp:127.0.0.1:7722 -F 2011637 pts/2 S+ 0:00 grep --color=auto rtp
安装 mysql 模块
[root@netkiller ~]# dnf install -y kamailio-mysql
kamailio 数据库连接配置 DBURL
[root@netkiller ~]# cat /etc/kamailio/kamailio.cfg #!ifdef WITH_MYSQL # - database URL - used to connect to database server by modules such # as: auth_db, acc, usrloc, a.s.o. #!trydef DBURL "mysql://sip:13113668890@124.71.107.154/sip" #!endif /* add local domain aliases - it can be set many times */ alias="sip.netkiller.cn" /* listen sockets - if none set, Kamailio binds to all local IP addresses * - basic prototype (full prototype can be found in Wiki - Core Cookbook): * listen=[proto]:[localip]:[lport] advertise [publicip]:[pport] * - it can be set many times to add more sockets to listen to */ # listen=udp:10.0.0.10:5060 listen=udp:192.168.0.71:5060 advertise 139.19.54.21:5060 listen=tcp:192.168.0.71:5060 advertise 139.19.54.21:5060
配置数据库,kamctlrc 配置只作用于 kamctl 命令,不影响 kamailio.cfg 配置,所以kamailio数据库连接还要在 kamailio.cfg 中配置一次 DBURL。
[root@netkiller ~]# cp /etc/kamailio/kamctlrc{,.backup}
[root@netkiller ~]# vim /etc/kamailio/kamctlrc
[root@netkiller src]# cat /etc/kamailio/kamctlrc
## The Kamailio configuration file for the control tools.
##
## Here you can set variables used in the kamctl and kamdbctl setup
## scripts. Per default all variables here are commented out, the control tools
## will use their internal default values.
## the SIP domain
SIP_DOMAIN=sip.netkiller.cn
## chrooted directory
# CHROOT_DIR="/path/to/chrooted/directory"
## database type: MYSQL, PGSQL, ORACLE, DB_BERKELEY, DBTEXT, or SQLITE
## by default none is loaded
##
## If you want to setup a database with kamdbctl, you must at least specify
## this parameter.
DBENGINE=MYSQL
## database host
DBHOST=124.71.17.15
## database port
DBPORT=3306
## database name (for ORACLE this is TNS name)
DBNAME=sip
## database path used by dbtext, db_berkeley or sqlite
# DB_PATH="/usr/local/etc/kamailio/dbtext"
## database read/write user
DBRWUSER="sip"
## password for database read/write user
DBRWPW="netkiller"
## database read only user
DBROUSER="sip"
## password for database read only user
DBROPW="netkiller"
## database access host (from where is kamctl used)
DBACCESSHOST=124.71.107.154
## database host for super user (useful for specifying a local socket or virtual hostname)
# defaults to value of DBHOST when not set
# DBROOTHOST="localhost"
## database port for super user (on some DB specifying the port will force TCP connections)
# default value will depend on client DB tool
# DBROOTPORT=""
## database super user (for ORACLE this is 'scheme-creator' user)
# DBROOTUSER="root"
## password for database super user
## - important: this is insecure, targeting the use only for automatic netkiller
## - known to work for: mysql
# DBROOTPW="dbrootpw"
## option to ask confirmation for all database creation steps
# DBINITASK=yes
## database character set (used by MySQL when creating database)
CHARSET="utf8"
## user name column
USERCOL="username"
## SQL definitions
## If you change this definitions here, then you must change them
## in db/schema/entities.xml too.
## FIXME
# FOREVER="2030-05-28 21:32:15"
# DEFAULT_Q="1.0"
## Program to calculate a message-digest fingerprint
# MD5="md5sum"
## awk tool
# AWK="awk"
## gdb tool
# GDB="gdb"
## If you use a system with a grep and egrep that is not 100% gnu grep compatible,
## e.g. solaris, install the gnu grep (ggrep) and specify this below.
##
## grep tool
# GREP="grep"
## egrep tool
# EGREP="egrep"
## sed tool
# SED="sed"
## tail tool
# LAST_LINE="tail -n 1"
## expr tool
# EXPR="expr"
## Describe what additional tables to install. Valid values for the variables
## below are yes/no/ask. With ask (default) it will interactively ask the user
## for an answer, while yes/no allow for automated, unassisted installs.
## If to install tables for the modules in the EXTRA_MODULES variable.
# INSTALL_EXTRA_TABLES=ask
## If to install presence related tables.
# INSTALL_PRESENCE_TABLES=ask
## If to install uid modules related tables.
# INSTALL_DBUID_TABLES=ask
## Define what module tables should be installed.
## If you use the postgres database and want to change the installed tables, then you
## must also adjust the STANDARD_TABLES or EXTRA_TABLES variable accordingly in the
## kamdbctl.base script.
## Kamailio standard modules
# STANDARD_MODULES="standard acc lcr domain group permissions registrar usrloc msilo
# alias_db uri_db speeddial avpops auth_db pdt dialog dispatcher
# dialplan"
## Kamailio extra modules
# EXTRA_MODULES="imc cpl siptrace domainpolicy carrierroute userblocklist htable purple sca"
## type of aliases used: DB - database aliases; UL - usrloc aliases
## - default: none
# ALIASES_TYPE="DB"
## control engine: RPCFIFO
## - default RPCFIFO
# CTLENGINE="RPCFIFO"
## path to FIFO file for engine RPCFIFO
# RPCFIFOPATH="/run/kamailio/kamailio_rpc.fifo"
## check ACL names; default on (1); off (0)
# VERIFY_ACL=1
## ACL names - if VERIFY_ACL is set, only the ACL names from below list
## are accepted
# ACL_GROUPS="local ld int voicemail free-pstn"
## check if user exists (used by some commands such as acl);
## - default on (1); off (0)
# VERIFY_USER=1
## verbose - debug purposes - default '0'
VERBOSE=1
## do (1) or don't (0) store plaintext passwords
## in the subscriber table - default '1'
# STORE_PLAINTEXT_PW=0
## Kamailio START Options
## PID file path - default is: /run/kamailio/kamailio.pid
# PID_FILE=/run/kamailio/kamailio.pid
## Kamailio Startup Configuration File
## Default is: kamailio.cfg
# STARTUP_CONFIG_FILE=kamailio.cfg
## Extra start options - default is: not set
## example: start Kamailio with 64MB shared memory: STARTOPTIONS="-m 64"
# STARTOPTIONS=
启用模块
cat > /etc/kamailio/kamailio-local.cfg <<EOF #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_NAT EOF
创建数据库
[root@netkiller ~]# kamdbctl create
添加用户(分机号码)
[root@netkiller ~]# kamctl add 6001 6001 database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded is_user: user counter=0 new user '6001' added [root@netkiller ~]# kamctl add 6002 6002 database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded is_user: user counter=0 new user '6002' added [root@netkiller ~]# kamctl add 6003 6003 database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded is_user: user counter=0 new user '6003' added
查看用户
[root@netkiller ~]# kamctl db show subscriber database engine 'MYSQL' loaded Control engine 'RPCFIFO' loaded mysql: [Warning] Using a password on the command line interface can be insecure. +----+----------+----------------+----------+----------------------------------+----------------------------------+ | id | username | domain | password | ha1 | ha1b | +----+----------+----------------+----------+----------------------------------+----------------------------------+ | 1 | 6001 | sip.netkiller.cn | 6001 | 3acbde16c0844fbe793ffff98a66c3db | b0c0020803cf87d7d8546fbd5e73ae1f | | 2 | 6002 | sip.netkiller.cn | 6002 | d2c9bd9b4d976a8bb597b51e241b2a4e | 2275310fe3da577038667fbc091e20e9 | | 3 | 6003 | sip.netkiller.cn | 6003 | 0bb3b1f9588c5cc37eedf724231e708e | e48e8e49f77b061bd41df7d1601b26ab | +----+----------+----------------+----------+----------------------------------+----------------------------------+
启动 rtpproxy,参数 rtpproxy -A 公网地址 -l 本地地址 -s udp:127.0.0.1:7722 -m 最小起始端口 -M 最大终止端口号 -F
rtpproxy -A 139.9.54.211 -l 192.168.0.71 -s udp:127.0.0.1:7722 -F -m 35000 -M 65000
查看已经登录的话机
[root@netkiller ~]# kamctl ul show
database engine 'MYSQL' loaded
Control engine 'RPCFIFO' loaded
entering rpc_cmd ul.dump
{
"jsonrpc": "2.0",
"result": {
"Domains": [{
"Domain": {
"Domain": "location",
"Size": 1024,
"AoRs": [{
"Info": {
"AoR": "6004",
"HashID": 821943562,
"Contacts": [{
"Contact": {
"Address": "sip:6004@10.65.17.4:34964;rinstance=A071D824",
"Expires": 343,
"Q": -1,
"Call-ID": "1A5F7D7EA8AA4F2FE3B073BC7FDB417D6BED39D2",
"CSeq": 4,
"User-Agent": "Acrobits SIPIS",
"Received": "sip:159.89.179.103:34964",
"Path": "[not set]",
"State": "CS_SYNC",
"Flags": 0,
"CFlags": 64,
"Socket": "udp:192.168.0.71:5060",
"Methods": 4767,
"Ruid": "uloc-67e94b0a-1e6d65-01",
"Instance": "[not set]",
"Reg-Id": 0,
"Server-Id": 0,
"Tcpconn-Id": -1,
"Keepalive": 1,
"Last-Keepalive": 1743348085,
"KA-Roundtrip": 0,
"Last-Modified": 1743348085
}
}]
}
}, {
"Info": {
"AoR": "6003",
"HashID": 821943565,
"Contacts": [{
"Contact": {
"Address": "sip:6003@192.168.123.55:5060",
"Expires": 3232,
"Q": -1,
"Call-ID": "1_934163685@192.168.123.55",
"CSeq": 4,
"User-Agent": "Yealink SIP-T21P_E2 52.84.0.125",
"Received": "sip:223.74.131.24:22563",
"Path": "[not set]",
"State": "CS_SYNC",
"Flags": 0,
"CFlags": 64,
"Socket": "udp:192.168.0.71:5060",
"Methods": 16383,
"Ruid": "uloc-67e94b0a-1e6d68-3",
"Instance": "[not set]",
"Reg-Id": 0,
"Server-Id": 0,
"Tcpconn-Id": -1,
"Keepalive": 1,
"Last-Keepalive": 1743347974,
"KA-Roundtrip": 0,
"Last-Modified": 1743347974
}
}]
}
}, {
"Info": {
"AoR": "6000",
"HashID": 821943566,
"Contacts": [{
"Contact": {
"Address": "sip:6000@172.16.0.12:5060",
"Expires": 3522,
"Q": -1,
"Call-ID": "708aa87-da81b23c@172.16.0.12",
"CSeq": 50703,
"User-Agent": "Linksys/PAP2T-5.1.6(LS)",
"Received": "sip:112.97.181.132:65065",
"Path": "[not set]",
"State": "CS_SYNC",
"Flags": 0,
"CFlags": 64,
"Socket": "udp:192.168.0.71:5060",
"Methods": 4767,
"Ruid": "uloc-67e94b0a-1e6d66-a",
"Instance": "[not set]",
"Reg-Id": 0,
"Server-Id": 0,
"Tcpconn-Id": -1,
"Keepalive": 1,
"Last-Keepalive": 1743348264,
"KA-Roundtrip": 0,
"Last-Modified": 1743348264
}
}]
}
}
],
"Stats": {
"Records": 3,
"Max-Slots": 1
}
}
}]
},
"id": 1996075
}
FIFO command was:\n{"jsonrpc": "2.0", "method": "ul.dump", "reply_name": "kamailio_receiver_1996075", "id": 1996075}\n
kamailio 可以使用多种数据库 MYSQL, PGSQL, ORACLE, DB_BERKELEY, DBTEXT, or SQLITE 存储用户信息,这里使用最简单的纯文本文件,存储用户数据
[root@netkiller ~]# cp /etc/kamailio/kamctlrc{,.backup}
[root@netkiller ~]# vim /etc/kamailio/kamctlrc
[root@netkiller ~]# egrep -v "^#|^$" /etc/kamailio/kamctlrc
SIP_DOMAIN=netkiller.cn
DBENGINE=DBTEXT
DB_PATH="/etc/kamailio/dbtext"
USERCOL="username"
INSTALL_EXTRA_TABLES=ask
INSTALL_PRESENCE_TABLES=ask
STANDARD_MODULES="standard acc lcr domain group permissions registrar usrloc msilo
alias_db uri_db speeddial avpops auth_db pdt dialog dispatcher
dialplan"
EXTRA_MODULES="imc cpl siptrace domainpolicy carrierroute userblocklist htable purple sca"
ALIASES_TYPE="DB"
CTLENGINE="RPCFIFO"
RPCFIFOPATH="/run/kamailio/kamailio_rpc.fifo"
VERBOSE=1
创建文本数据库
[root@netkiller ~]# kamdbctl create database engine 'dbtext' loaded INFO: creating DBTEXT tables at: /etc/kamailio/dbtext ... Creating core table: version Creating core table: acc Creating core table: dbaliases Creating core table: domain Creating core table: domain_attrs Creating core table: grp Creating core table: uri Creating core table: speed_dial Creating core table: lcr_gw Creating core table: lcr_rule Creating core table: lcr_rule_target Creating core table: pdt Creating core table: subscriber Creating core table: location Creating core table: location_attrs Creating core table: re_grp Creating core table: trusted Creating core table: address Creating core table: missed_calls Creating core table: usr_preferences Creating core table: aliases Creating core table: silo Creating core table: dialog Creating core table: dialog_vars Creating core table: dispatcher Creating core table: dialplan Creating core table: acc_cdrs Creating core table: topos_d Creating core table: topos_t Install presence related tables? (y/n): y INFO: creating DBTEXT presence tables at: /etc/kamailio/dbtext ... Creating presence table: presentity Creating presence table: active_watchers Creating presence table: watchers Creating presence table: xcap Creating presence table: pua Creating presence table: rls_presentity Creating presence table: rls_watchers Install tables for imc cpl siptrace domainpolicy carrierroute userblocklist htable purple sca? (y/n): y INFO: creating DBTEXT extra tables at: /etc/kamailio/dbtext ... Creating extra table: imc_members Creating extra table: imc_rooms Creating extra table: cpl Creating extra table: sip_trace Creating extra table: domainpolicy Creating extra table: carrierroute Creating extra table: carrier_name Creating extra table: domain_name Creating extra table: carrierfailureroute Creating extra table: userblocklist Creating extra table: globalblocklist Creating extra table: htable Creating extra table: purplemap Creating extra table: uacreg Creating extra table: pl_pipes Creating extra table: mtree Creating extra table: mtrees Creating extra table: sca_subscriptions Creating extra table: mohqcalls Creating extra table: mohqueues Creating extra table: rtpproxy Creating extra table: rtpengine Creating extra table: dr_gateways Creating extra table: dr_rules Creating extra table: dr_gw_lists Creating extra table: dr_groups Creating extra table: secfilter Creating extra table: nds_trusted_domains Creating extra table: s_cscf Creating extra table: s_cscf_capabilities [root@netkiller ~]# ls /etc/kamailio/dbtext/ acc carrier_name dialplan dr_gateways htable location mtrees purplemap sca_subscriptions speed_dial uri acc_cdrs carrierroute dispatcher dr_groups imc_members location_attrs nds_trusted_domains re_grp s_cscf subscriber userblocklist active_watchers cpl domain dr_gw_lists imc_rooms missed_calls pdt rls_presentity s_cscf_capabilities topos_d usr_preferences address dbaliases domain_attrs dr_rules lcr_gw mohqcalls pl_pipes rls_watchers secfilter topos_t version aliases dialog domain_name globalblocklist lcr_rule mohqueues presentity rtpengine silo trusted watchers carrierfailureroute dialog_vars domainpolicy grp lcr_rule_target mtree pua rtpproxy sip_trace uacreg xcap
重启 kamailio
[root@netkiller ~]# systemctl restart kamailio
账号文件
/etc/kamailio/dbtext/subscriber
启用配置
cat >> /etc/kamailio/kamailio-local.cfg <<EOF #!define WITH_DBTEXT #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_NAT #!ifdef WITH_DBTEXT loadmodule "db_text.so" #!endif #!ifdef WITH_DBTEXT # - database URL - used to connect to database server by modules such # as: auth_db, acc, usrloc, a.s.o. #!define DBURL "text:///etc/kamailio/dbtext" #!endif EOF
查看日志
[root@netkiller ~]# grep db_text /var/log/kamailio.log Mar 30 13:29:32 netkiller /usr/sbin/kamailio[1965713]: INFO: db_text [dbt_lib.c:138]: dbt_cache_get_db(): using database at: /etc/kamailio/dbtext Mar 30 13:29:32 netkiller /usr/sbin/kamailio[1965713]: INFO: db_text [dbt_lib.c:138]: dbt_cache_get_db(): using database at: /etc/kamailio/dbtext
[root@netkiller ~]# dnf install -y kamailio-bdb
[root@netkiller ~]# vim /etc/kamailio/kamailio.cfg
modparam("db_berkeley", "auto_reload", 1)
modparam("db_berkeley", "log_enable", 1)
modparam("db_berkeley", "journal_roll_interval", 3600)
[root@netkiller ~]# vim kamctlrc ## database type: MYSQL, PGSQL, DB_BERKELEY, or DBTEXT, by default none is loaded DBENGINE=DB_BERKELEY ## database path used by dbtext or db_berkeley DB_PATH="/usr/local/etc/kamailio/db_berkeley"
kamdbctl create (required) kamdbctl presence (optional) kamdbctl extra (optional)
[root@development kamailio]# dnf install kamailio-sqlite
[root@netkiller ~]# vim kamctlrc ## the SIP domain SIP_DOMAIN=netkiller.cn ## chrooted directory # CHROOT_DIR="/path/to/chrooted/directory" ## database type: MYSQL, PGSQL, ORACLE, DB_BERKELEY, DBTEXT, or SQLITE ## by default none is loaded ## ## If you want to set up a database with kamdbctl, you must at least specify ## this parameter. DBENGINE=SQLITE ## database path used by dbtext, db_berkeley or sqlite DB_PATH="/etc/kamailio/kamailio.db"
[root@netkiller kamailio]# kamdbctl create
INFO: creating database /etc/kamailio/kamailio.db ...
INFO: Core Kamailio tables successfully created.
Install presence related tables? (y/n): y
INFO: creating presence tables into /etc/kamailio/kamailio.db ...
INFO: Presence tables successfully created.
Install tables for imc cpl siptrace domainpolicy carrierroute
drouting userblocklist htable purple uac pipelimit mtree sca mohqueue
rtpproxy rtpengine secfilter ims_icscf? (y/n): y
INFO: creating extra tables into /etc/kamailio/kamailio.db ...
INFO: Extra tables successfully created.
[root@netkiller kamailio]# kamctl add 166 123456
[root@netkiller kamailio]# kamctl db show subscriber
cat >> /etc/kamailio/kamailio-local.cfg <<EOF #!define WITH_SQLITE #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_NAT #!ifdef WITH_SQLITE loadmodule "db_sqlite.so" #!endif #!ifdef WITH_SQLITE # - database URL - used to connect to database server by modules such # as: auth_db, acc, usrloc, a.s.o. #!define DBURL "sqlite:///etc/kamailio/kamailio.db" #!endif EOF
[root@netkiller kamailio]# systemctl restart kamailio.service [root@netkiller kamailio]# journalctl -f -u kamailio.service
开启 DEBUG 模式
[root@development kamailio]# cat kamailio-local.cfg #!define WITH_DEBUG
[root@netkiller ~]# vim /etc/kamailio/kamailio.cfg
log_facility=LOG_LOCAL0
log_prefix="{$mt $hdr(CSeq) $ci} "
配置日志文件,前面加一个减号 “-” 表示异步写入日志
[root@netkiller ~]# echo "local0.* -/var/log/kamailio.log" >> /etc/rsyslog.d/kamailio.conf [root@netkiller ~]# cat /etc/rsyslog.conf | grep local0 local0.* -/var/log/kamailio.log [root@netkiller ~]# systemctl reload rsyslog.service [root@netkiller ~]# kamctl restart
查看日志
tail -f /var/log/kamailio.log
日志切割 /etc/logrotate.d/rsyslog 加入 /var/log/kamailio.log
[root@netkiller ~]# cat /etc/logrotate.d/rsyslog
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
/var/log/kamailio.log
{
missingok
sharedscripts
postrotate
/usr/bin/systemctl -s HUP kill rsyslog.service >/dev/null 2>&1 || true
endscript
}