Skip to content

Commit

Permalink
sip trace and homer ooon HEP protocl
Browse files Browse the repository at this point in the history
  • Loading branch information
@altanai
altanai committed Jul 22, 2019
1 parent 07b3866 commit e71aa8f
Show file tree
Hide file tree
Showing 11 changed files with 344 additions and 985 deletions.
4 changes: 4 additions & 0 deletions psql_location_storage/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
# PSQL based Registrar with location storage

## Database all tables list create

Schema | Name | Type | Owner
--------+-----------------+-------+----------
public | acc | table | postgres
Expand Down
78 changes: 78 additions & 0 deletions psql_location_storage/postgress.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
## Postgress sql DB

object-relational database management system (ORDBMS)

### features
complex queries
foreign keys
triggers
updatable views
transactional integrity
multiversion concurrency control

### Usage:
psql [OPTION]... [DBNAME [USERNAME]]

### General options:
-c, --command=COMMAND run only single command (SQL or internal) and exit
-d, --dbname=DBNAME database name to connect to (default: "root")
-f, --file=FILENAME execute commands from file, then exit
-l, --list list available databases, then exit
-v, --set=, --variable=NAME=VALUE
set psql variable NAME to VALUE (e.g., -v ON_ERROR_STOP=1)
-V, --version output version information, then exit
-X, --no-psqlrc do not read startup file (~/.psqlrc)
-1 ("one"), --single-transaction
execute as a single transaction (if non-interactive)
-?, --help[=options] show this help, then exit
--help=commands list backslash commands, then exit
--help=variables list special variables, then exit

Input and output options:
-a, --echo-all echo all input from script
-b, --echo-errors echo failed commands
-e, --echo-queries echo commands sent to server
-E, --echo-hidden display queries that internal commands generate
-L, --log-file=FILENAME send session log to file
-n, --no-readline disable enhanced command line editing (readline)
-o, --output=FILENAME send query results to file (or |pipe)
-q, --quiet run quietly (no messages, only query output)
-s, --single-step single-step mode (confirm each query)
-S, --single-line single-line mode (end of line terminates SQL command)

Output format options:
-A, --no-align unaligned table output mode
-F, --field-separator=STRING
field separator for unaligned output (default: "|")
-H, --html HTML table output mode
-P, --pset=VAR[=ARG] set printing option VAR to ARG (see \pset command)
-R, --record-separator=STRING
record separator for unaligned output (default: newline)
-t, --tuples-only print rows only
-T, --table-attr=TEXT set HTML table tag attributes (e.g., width, border)
-x, --expanded turn on expanded table output
-z, --field-separator-zero
set field separator for unaligned output to zero byte
-0, --record-separator-zero
set record separator for unaligned output to zero byte

Connection options:
-h, --host=HOSTNAME database server host or socket directory (default: "/var/run/postgresql")
-p, --port=PORT database server port (default: "5432")
-U, --username=USERNAME database user name (default: "root")
-w, --no-password never prompt for password
-W, --password force password prompt (should happen automatically)

### To list all postgress related packages

```
>dpkg -l | grep postgres
ii pgdg-keyring 2018.2 all keyring for apt.postgresql.org
ii postgresql-10 10.9-1.pgdg90+1 amd64 object-relational SQL database, version 10 server
ii postgresql-client-10 10.9-1.pgdg90+1 amd64 front-end programs for PostgreSQL 10
ii postgresql-client-common 203.pgdg90+1 all manager for multiple PostgreSQL client versions
ii postgresql-common 203.pgdg90+1 all PostgreSQL database-cluster manager
```

Ref : https://www.postgresql.org/docs/11/index.html

102 changes: 102 additions & 0 deletions sipcapture_siptrace_homer/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@

## sipcapture module

Listens to traffic and saves incoming messages to the database
kamailio Homer's sipcapture module allows native support for HEPv1/v2, IPIP Encapsulation protocols and switch mirroring/monitoring port traffic.

Kamailio can be configured either as
- Capture Agent (siptrace module) sampling and forwarding packets
- Capture Node (sipcapture module) collecting, indexing and storing SIP packets as received from the available Capture Agents (HEP), SBCs (IPIP) or directly from the ethernet wire.

A stand-alone capture agent (captagent) is provided enabling HEP encapsulation for unsupported systems and soft-switches.

### sipcapture vs siptrace

Sender or server with sip trace module - lets you capture sip tarffic to database. Using HEP protocol messages can be send form one server to another server over the network.

Receiver or server with sip capture module - can listens to traffic and saves incoming messages to the database. can filter which messages you want to save in a normal Kamailio routing script

## homer
open source software
selfcontained SIP Analysis and Troubleshooting environment
capture SIP messages from a running Kamailio production server or from a mirrored port in a switch in your network

###features of homer
can generate searchable database of your SIP traffic
visual diagrams of individual SIP sessions
centralized access to present and past signaling & stats
Full SIP/SDP payload with precise timestamping
Automatic correlation of sessions and reports
Visual representation of multi session call-flows
Fast detection of usage and system anomalies

sender captures traffic and forwards to a receiver. For homer we need a database and a web server with PHP support.

### HOMER server installation
using bash script approach on debian 9 or centos 7
```
cd /usr/src
wget https://cdn.rawgit.com/sipcapture/homer-installer/master/homer_installer.sh
chmod +x homer_installer.sh
./homer_installer.sh
```
end of installation should look like
```
************************************************************
,;;;;,
;;;;;;;;. Congratulations! HOMER has been installed!
;;;;;;;;;;;;
;;;; ;; ;;;; <--------------- INVITE ---------------
;;;; ;; ;;;; --------------- 200 OK --------------->
;;;; .. ;;;;
;;;; ;;;; Your system should be now ready to rock!
;;;; ;; ;;;; Please verify/complete the configuration
,;;; ;; ;;;; files generated by the installer below.
;;;;;;;;;;;;
:;;;;;;;;; THIS SCRIPT IS PROVIDED AS-IS, USE AT
;;;;;;;; YOUR *OWN* RISK, REVIEW LICENSE & DOCS
*************************************************************
* Verify configuration for HOMER-API:
'/api/configuration.php'
'/api/preferences.php'
* Start/stop Homer SIP Capture:
'systemtcl start|stop heplify'
* Access HOMER UI:
http://10.130.74.199
[default: admin/sipcapture]
* Send HEP/EEP Encapsulated Packets:
hep://10.130.74.199:9060
```
## Install kamailio with sip capture

Depedencies bison , flex
```
apt-get install bison flex
```

for mysql server and client to get mysql.h file , if libmysqlclient-dev is not working
like it wsnt for me on debian 9 on AWS (Package 'libmysqlclient-dev' has no installation candidate) , then
Look into apt-cache
```
>apt-cache search libmysqlclient
```
from the list choose choose any candidate such as default-libmysqlclient-dev

Then get kamaikio source code , build and install
```
git clone --depth 1 https://github.com/kamailio/kamailio kamailio
cd kamailio;
make FLAVOUR=kamailio include_modules="db_mysql sipcapture pv textops rtimer xlog sqlops htable sl siputils" cfg
make all && make install
```

Ref :
HOMER - https://www.kamailio.org/w/2013/02/tips-homer/
homer bash installer - https://github.com/sipcapture/homer-installer#page_with_curl-bash-installer
sip capture homer - https://github.com/sipcapture/homer/wiki/Examples%3A-Kamailio
sipcapture sorce code - https://github.com/sipcapture/
75 changes: 75 additions & 0 deletions sipcapture_siptrace_homer/sipcapture_capturenode.cfg
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
!KAMAILIO
#
####### Global Parameters #########
debug=1
log_stderror=no
memdbg=5
memlog=5
log_facility=LOG_LOCAL0
fork=yes
children=5
disable_tcp=yes

/* IP and port for HEP capturing) */
listen=udp:10.0.0.1:9060

/* enable it only in mirroring scenario, not for HEP! */
/* #!define SIPCAPTURE_MIRRORING_PORT */

mpath="/usr/local/lib64/kamailio/modules_k/:/usr/local/lib64/kamailio/modules/"

loadmodule "pv.so"
loadmodule "db_mysql.so"
loadmodule "sipcapture.so"

# ----- mi_fifo params -----

####### Routing Logic ########
modparam("sipcapture", "db_url", "mysql://homer:password@localhost/homer_data")
modparam("sipcapture", "capture_on", 1)
modparam("sipcapture", "table_name", "sip_capture")
modparam("sipcapture", "hep_capture_on", 1)
modparam("siptrace", "hep_capture_id", 301)
modparam("siptrace", "hep_version", 2)

#!ifdef SIPCAPTURE_MIRRORING_PORT
/* IP to listen. Port/Portrange apply only on mirroring port capturing */
modparam("sipcapture", "raw_socket_listen", "192.168.254.1:5060-5080")
/* Name of interface to bind on raw socket */
modparam("sipcapture", "raw_interface", "eth1")
/* activate monitoring/mirroring port capturing */
modparam("sipcapture", "raw_moni_capture_on", 1)
/* children for raw socket */
modparam("sipcapture", "raw_sock_children", 4)

/* Linux only */
/* Promiscious mode RAW socket. Mirroring port. */
modparam("sipcapture", "promiscious_on", 1)
/* activate BPF */
modparam("sipcapture", "raw_moni_bpf_on", 1)

#endif

/* insert delayed */
#modparam("sipcapture", "db_insert_mode", 1)


# Main SIP request routing logic
# - processing of any incoming SIP request starts with this route
route {

#For example, you can capture only needed methods...
if (!(method =~ "^(NOTIFY|SUBSCRIBE|OPTIONS)"))) {
sip_capture();
}
drop;
}

onreply_route {

#And replies of request methods
if(!($rm =~ "^(NOTIFY|SUBSCRIBE|OPTIONS)")) {
sip_capture();
}
drop;
}
76 changes: 76 additions & 0 deletions sipcapture_siptrace_homer/siptrace_tracenode.cfg
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
#!KAMAILIO

debug=1
log_stderror=no

memdbg=5
memlog=5

log_facility=LOG_LOCAL0

fork=yes
children=4

disable_tcp=yes

listen=udp:192.168.0.1:5060

/* port to listen to
* - can be specified more than once if needed to listen on many ports */
port=5060

####### Modules Section ########

mpath="/usr/local/lib64/kamailio/modules_k/:/usr/local/lib64/kamailio/modules/"

loadmodule "mi_fifo.so"
loadmodule "kex.so"
loadmodule "tm.so"
loadmodule "sl.so"
loadmodule "rr.so"
loadmodule "pv.so"
loadmodule "maxfwd.so"
loadmodule "xlog.so"
loadmodule "textops.so"
loadmodule "siputils.so"
loadmodule "siptrace.so"


modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
modparam("tm", "failure_reply_mode", 3)
modparam("tm", "fr_timer", 30000)
modparam("tm", "fr_inv_timer", 120000)
modparam("rr", "enable_full_lr", 1)
modparam("rr", "append_fromtag", 0)

#Siptrace
modparam("siptrace", "duplicate_uri", "sip:10.0.0.1:9060")
modparam("siptrace", "hep_mode_on", 1)
modparam("siptrace", "trace_to_database", 0)
modparam("siptrace", "trace_flag", 22)
modparam("siptrace", "trace_on", 1)
modparam("siptrace", "hep_version", 3)

####### Routing Logic ########

# Main SIP request routing logic
# - processing of any incoming SIP request starts with this route
route {

....
#start duplicate the SIP message now
sip_trace();

setflag(22);

....
route(RELAY);
}

route[RELAY] {

if (!t_relay()) {
sl_reply_error();
}
exit;
}
Loading

0 comments on commit e71aa8f

Please sign in to comment.