Is it possible to add siptrace.so module to Kamailio package?

[Kirill Sysoev]

Hi!

Reading KAZOO-1802 recalled the question wanted to ask recently.

For network problems diagnostics (including Attacks) we are using Homer (sipcapture.org)

Very usefull solution - can be easily installed and saves tonns of time.

Version 3.5 controlls DDOS ATTACKS, APPLICATION LAYER ATTACKS, HIJACKING, SCAMMING/FRAUD.

Detailed description could be seen at KAMAILIO WORLD CONFERENCE 2013 presentation:

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CC4QFjAA&url=http%3A%2F%2Fhomer.googlecode.com%2Ffiles%2F13-Alexandr.Dubovikov-Homer-SIP-Capture.pdf&ei=DBoEUsSBPIfDO-HJgZAB&usg=AFQjCNFOGRWKMU6kE2S1lNdjTRCsSjSLMA&sig2=zW5W9A9ri2EcUT35Mkei_A&bvm=bv.50500085,d.ZWU

In case siptrace.so module (not loaded by default) will be added to KAZOO Kamailio package, it will make more easier to connect KAZOO to HOMER monitoring system.

Regards,

Kirill

PS Please, please, please. The feeling is like when you installs HOMER and start using it, you can not even understand how you could live without it before :)

[Karl Anderson]

Kirill,

 

That’s reasonable, I will add it to the build.

--
You received this message because you are subscribed to the Google Groups "2600hz-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 2600hz-dev+...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Kirill Sysoev]

Thank you, Karl.

This will save us time and, at the end of the day, will let us sleep better :)))

Regards,

Kirill  

пятница, 20 декабря 2013 г., 21:30:12 UTC+4 пользователь Karl Anderson написал:

[Karl Anderson]

The latest build of Kamailio contains siptrace (and the sipcapture just in case).
http://repo.2600hz.com/base/6/x86_64/Kazoo-Kamailio/origin/4.0/kazoo-kamailio-4.0-29.el6.x86_64.rpm

If you want to provide us with the modifications you make to the configuration I think it would be nice to incorporate them as a roll. Thanks!

[Darren Schreiber]

Ok we are calling you now!

[Darren Schreiber]

Whoops this was the totally wrong email! Sorry for the spam :-/

[Kirill Sysoev]

No worries, Darren!

It is already Friday night in Russia, everyone is eating and drinking... :)

пятница, 20 декабря 2013 г., 22:38:27 UTC+4 пользователь Darren Schreiber написал:

[Kirill Sysoev]

Karl, thank you! 

Will do...

2013/12/20 Karl Anderson <ka...@2600hz.com>

The latest build of Kamailio contains siptrace (and the sipcapture just in case).
http://repo.2600hz.com/base/6/x86_64/Kazoo-Kamailio/origin/4.0/kazoo-kamailio-4.0-29.el6.x86_64.rpm

If you want to provide us with the modifications you make to the configuration I think it would be nice to incorporate them as a roll.  Thanks!

[jus...@watsonvoice.com]

Need to add   db_mysql.so  for the homer application to be able to dump the sip traces to the database. 

-- loadmodule "db_mysql.so"

[Kirill Sysoev]

Hi Justin 

You are right db_mysql.so needed for Homer application.

But from my experience Homer is very resource consuming and should be run separately.

Especially if your voice network consists not only of KAZOO cluster.

So siptrace.so is the only module needed to use Kamailio internal/build-in HEP capture agent 

to send traffic to Homer instance to process.

FS also has this functionality built-in. You only need to add a couple of strings to config:

Citate from https://code.google.com/p/homer/wiki/HOWTO

open sofia.conf.xml and set capture-server param

<param name="capture-server" value="udp:192.168.0.1:9060"/>

the ip address and port must be same as the listen param in your kamailio.cfg (Homer's)

open internal.xml and change sip-capture param to "yes"

<param name="sip-capture" value="yes"/>

 

Regards,

Kirill 

2013/12/23 <jus...@watsonvoice.com>

[Kirill Sysoev]

Hi again Justin, Karl

My fault. db_mysql.so needed anyway.

SipTrace Module Readme:

2. Dependencies

   2.1. Kamailio Modules

   2.2. External Libraries or Applications

2.1. Kamailio Modules

   The following modules must be loaded before this module:

     * database module - Mysql, Postgres, dbtext, unixODBC...

     * tm and sl modules - optional, only if you want to trace messages

       forwarded by these modules.

Regards,

Kirill

понедельник, 23 декабря 2013 г., 15:26:59 UTC+4 пользователь Kirill Sysoev написал:

[Kirill Sysoev]

Hi again

Added to kamailio/default.cfg file the next strings around the beginning of Route Logic and siptrace seems to work fine without db_mysql.so. As the default.cfg file will be replaced on config updates, also added some automation to setup updated configs quickly:

https://github.com/onnet/kazoo_utils/blob/master/kazoo_config_edit.sh 

#############################################################

################## Homer addition  ##########################

#############################################################

loadmodule "siptrace.so"

# check IP and port of your capture node

modparam("siptrace", "duplicate_uri","sip:94.125.0.50:9060");

modparam("siptrace", "hep_mode_on",1);

modparam("siptrace", "trace_to_database",0);

modparam("siptrace", "trace_flag",22);

modparam("siptrace", "trace_on", 1);

#############################################################

####### Routing Logic ########

route

{

#############################################################

################## Homer addition  ##########################

### start duplicate the SIP message now for Homer Logging ###

#############################################################

        sip_trace();

        setflag(22);

#############################################################

Regards,

Kirill

понедельник, 23 декабря 2013 г., 17:04:27 UTC+4 пользователь Kirill Sysoev написал: