sip capture sip trace and tls modifications in webrt to webrtc

rts-cn · Jul 23, 2019 · ba9c3eb · ba9c3eb
1 parent 5c5db8d
commit ba9c3eb
Show file tree

Hide file tree

Showing 5 changed files with 257 additions and 7 deletions.
diff --git a/sipcapture_siptrace_hep/README.md b/sipcapture_siptrace_hep/README.md
@@ -0,0 +1,102 @@
+
+## sipcapture module 
+
+Listens to traffic and saves incoming messages to the database
+kamailio Homer's sipcapture module allows native support for HEPv1/v2, IPIP Encapsulation protocols and switch mirroring/monitoring port traffic.
+
+Kamailio can be configured either as
+- Capture Agent (siptrace module) sampling and forwarding packets
+- Capture Node (sipcapture module) collecting, indexing and storing SIP packets as received from the available Capture Agents (HEP), SBCs (IPIP) or directly from the ethernet wire.
+
+A stand-alone capture agent (captagent) is provided enabling HEP encapsulation for unsupported systems and soft-switches.
+
+### sipcapture vs siptrace 
+
+Sender or server with sip trace module - lets you capture sip tarffic to database. Using HEP protocol messages can be send form one server to another server over the network.
+
+Receiver or server with sip capture module - can listens to traffic and saves incoming messages to the database. can filter which messages you want to save in a normal Kamailio routing script
+
+## homer 
+open source software 
+selfcontained SIP Analysis and Troubleshooting environment 
+capture SIP messages from a running Kamailio production server or from a mirrored port in a switch in your network
+
+###features of homer 
+can generate searchable database of your SIP traffic
+visual diagrams of individual SIP sessions
+centralized access to present and past signaling & stats
+Full SIP/SDP payload with precise timestamping
+Automatic correlation of sessions and reports
+Visual representation of multi session call-flows
+Fast detection of usage and system anomalies
+
+sender captures traffic and forwards to a receiver. For homer we need a  database and a web server with PHP support.
+
+### HOMER server installation 
+using bash script approach on debian 9 or centos 7
+```
+cd /usr/src
+wget https://cdn.rawgit.com/sipcapture/homer-installer/master/homer_installer.sh
+chmod +x homer_installer.sh
+./homer_installer.sh
+```
+end of installation should look like 
+```
+************************************************************
+      ,;;;;,                                                 
+     ;;;;;;;;.     Congratulations! HOMER has been installed!
+   ;;;;;;;;;;;;                                              
+  ;;;;  ;;  ;;;;   <--------------- INVITE ---------------   
+  ;;;;  ;;  ;;;;    --------------- 200 OK --------------->  
+  ;;;;  ..  ;;;;                                             
+  ;;;;      ;;;;   Your system should be now ready to rock!
+  ;;;;  ;;  ;;;;   Please verify/complete the configuration  
+  ,;;;  ;;  ;;;;   files generated by the installer below.   
+   ;;;;;;;;;;;;                                              
+    :;;;;;;;;;     THIS SCRIPT IS PROVIDED AS-IS, USE AT     
+     ;;;;;;;;      YOUR *OWN* RISK, REVIEW LICENSE & DOCS    
+                                                             
+*************************************************************
+
+     * Verify configuration for HOMER-API:
+         '/api/configuration.php'
+         '/api/preferences.php'
+
+     * Start/stop Homer SIP Capture:
+         'systemtcl start|stop heplify'
+
+     * Access HOMER UI:
+         http://10.130.74.199
+         [default: admin/sipcapture]
+
+     * Send HEP/EEP Encapsulated Packets:
+         hep://10.130.74.199:9060
+```
+## Install kamailio with sip capture 
+
+Depedencies bison , flex
+```
+ apt-get install bison flex
+```
+
+for mysql server and client to get mysql.h file , if libmysqlclient-dev is not working 
+like it wsnt for me on debian 9 on AWS (Package 'libmysqlclient-dev' has no installation candidate) , then
+Look into apt-cache
+```
+>apt-cache search libmysqlclient
+```
+from the list choose choose any candidate such as default-libmysqlclient-dev
+
+Then get kamaikio source code , build and install
+```
+git clone --depth 1 https://github.com/kamailio/kamailio kamailio
+cd kamailio; 
+make FLAVOUR=kamailio include_modules="db_mysql sipcapture pv textops rtimer xlog sqlops htable sl siputils" cfg
+make all && make install
+```
+
+Ref : 
+HOMER - https://www.kamailio.org/w/2013/02/tips-homer/
+homer bash installer - https://github.com/sipcapture/homer-installer#page_with_curl-bash-installer
+sip capture homer - https://github.com/sipcapture/homer/wiki/Examples%3A-Kamailio
+sipcapture sorce code - https://github.com/sipcapture/
diff --git a/sipcapture_siptrace_hep/sipcapture_capturenode.cfg b/sipcapture_siptrace_hep/sipcapture_capturenode.cfg
@@ -0,0 +1,75 @@
+!KAMAILIO
+#
+####### Global Parameters #########
+debug=1
+log_stderror=no
+memdbg=5
+memlog=5
+log_facility=LOG_LOCAL0
+fork=yes
+children=5
+disable_tcp=yes
+
+/* IP and port for HEP capturing) */
+listen=udp:10.0.0.1:9060
+
+/* enable it only in mirroring scenario, not for HEP! */
+/* #!define SIPCAPTURE_MIRRORING_PORT */
+
+mpath="/usr/local/lib64/kamailio/modules_k/:/usr/local/lib64/kamailio/modules/"
+
+loadmodule "pv.so"
+loadmodule "db_mysql.so"
+loadmodule "sipcapture.so"
+
+# ----- mi_fifo params -----
+
+####### Routing Logic ########
+modparam("sipcapture", "db_url", "mysql://homer:password@localhost/homer_data")
+modparam("sipcapture", "capture_on", 1)
+modparam("sipcapture", "table_name", "sip_capture")
+modparam("sipcapture", "hep_capture_on", 1)
+modparam("siptrace", "hep_capture_id", 301)
+modparam("siptrace", "hep_version", 2)
+
+#!ifdef SIPCAPTURE_MIRRORING_PORT
+/* IP to listen. Port/Portrange apply only on mirroring port capturing */
+modparam("sipcapture", "raw_socket_listen", "192.168.254.1:5060-5080")
+/* Name of interface to bind on raw socket */
+modparam("sipcapture", "raw_interface", "eth1")
+/* activate monitoring/mirroring port capturing */
+modparam("sipcapture", "raw_moni_capture_on", 1)
+/* children for raw socket */
+modparam("sipcapture", "raw_sock_children", 4)
+
+/* Linux only */
+/* Promiscious mode RAW socket. Mirroring port. */
+modparam("sipcapture", "promiscious_on", 1)
+/* activate BPF */
+modparam("sipcapture", "raw_moni_bpf_on", 1)
+
+#endif
+
+/* insert delayed */
+#modparam("sipcapture", "db_insert_mode", 1)
+
+
+# Main SIP request routing logic
+# - processing of any incoming SIP request starts with this route
+route {
+
+        #For example, you can capture only needed methods...
+        if (!(method =~ "^(NOTIFY|SUBSCRIBE|OPTIONS)"))) {
+                sip_capture();
+        }
+        drop;
+}
+
+onreply_route {
+
+        #And replies of request methods
+        if(!($rm =~ "^(NOTIFY|SUBSCRIBE|OPTIONS)")) {
+                sip_capture();
+        }
+        drop;
+}
diff --git a/sipcapture_siptrace_hep/siptrace_tracenode.cfg b/sipcapture_siptrace_hep/siptrace_tracenode.cfg
@@ -0,0 +1,76 @@
+#!KAMAILIO
+
+debug=1
+log_stderror=no
+
+memdbg=5
+memlog=5
+
+log_facility=LOG_LOCAL0
+
+fork=yes
+children=4
+
+disable_tcp=yes
+
+listen=udp:192.168.0.1:5060
+
+/* port to listen to
+ * - can be specified more than once if needed to listen on many ports */
+port=5060
+
+####### Modules Section ########
+
+mpath="/usr/local/lib64/kamailio/modules_k/:/usr/local/lib64/kamailio/modules/"
+
+loadmodule "mi_fifo.so"
+loadmodule "kex.so"
+loadmodule "tm.so"
+loadmodule "sl.so"
+loadmodule "rr.so"
+loadmodule "pv.so"
+loadmodule "maxfwd.so"
+loadmodule "xlog.so"
+loadmodule "textops.so"
+loadmodule "siputils.so"
+loadmodule "siptrace.so"
+
+
+modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
+modparam("tm", "failure_reply_mode", 3)
+modparam("tm", "fr_timer", 30000)
+modparam("tm", "fr_inv_timer", 120000)
+modparam("rr", "enable_full_lr", 1)
+modparam("rr", "append_fromtag", 0)
+
+#Siptrace
+modparam("siptrace", "duplicate_uri", "sip:10.0.0.1:9060")
+modparam("siptrace", "hep_mode_on", 1)
+modparam("siptrace", "trace_to_database", 0)
+modparam("siptrace", "trace_flag", 22)
+modparam("siptrace", "trace_on", 1)
+modparam("siptrace", "hep_version", 3)
+
+####### Routing Logic ########
+
+# Main SIP request routing logic
+# - processing of any incoming SIP request starts with this route
+route {
+
+        ....
+        #start duplicate the SIP message now
+        sip_trace();
+
+        setflag(22);
+
+        ....
+        route(RELAY);
+}
+
+route[RELAY] {
+
+        if (!t_relay()) {
+                sl_reply_error();
+        }
+        exit;
+}
diff --git a/webrtc_to_webrtc_ws/tls.cfg b/webrtc_to_webrtc_ws/tls.cfg
diff --git a/webrtc_to_webrtc_ws/websocket_tls_webrtc_kamailio.cfg b/webrtc_to_webrtc_ws/websocket_tls_webrtc_kamailio.cfg
@@ -98,10 +98,10 @@ modparam("corex", "alias_subdomains", "MY_DOMAIN")
 #!ifdef WITH_TLS
 # ----- tls params -----
 modparam("tls", "tls_method", "SSLv23")
-modparam("tls", "certificate", "/etc/pki/CA/kamailio1_cert.pem")
-modparam("tls", "private_key", "/etc/pki/CA/privkey.pem")
-modparam("tls","ca_list","/home/ubuntu/demoCA/cacert.pem")
-#modparam("tls", "ca_list", "/etc/pki/CA/calist.pem")
+modparam("tls", "certificate", "kamailio1_cert.pem")
+modparam("tls", "private_key", "privkey.pem")
+modparam("tls","ca_list","cacert.pem")
+#modparam("tls", "ca_list", "calist.pem")
 #!endif
 
 #!ifdef WITH_WEBSOCKETS