Nur Aini Rakhmawati SIP
MULTIMEDIA INFORMATION SYSTEM
Session Initiation Protocoldengan OpenSer dan Kphone
oleh :
Nur Aini Rakhmawati
http://ai23.wordpress.com
Fall 2006
1
Nur Aini Rakhmawati SIP
OpenSER (http://www.openser.org) adalah open source untuk server SIP yang berkembang dan fleksibel. OpenSER ditulis dalam bahasa C untuk sistem Unix/Linux-like dengan arsitektur optimasi tertentu untuk mendapatkan kinerja yang tinggi. OpenSER awalnya dibangun pada 2001-2002, di FhG FOKUS research institute di Berlin, Jerman. Pada autumn 2002, SIP Express Router (SER) project merilis open source dengan lisensi GPL dan source tree dipindahkan ke BerliOS sebagai site mediator open source.
OpenSER dapat sebagai :
• SIP proxy server • SIP registrar server • SIP location server • SIP application server • SIP dispatcher server
Kebutuhan :
1. gcc2. bison3. yacc4. MySQL server, MySQL Client
Arsitektur Sistem
2
Nur Aini Rakhmawati SIP
Lingkungan :
Untuk tutorial ini saya menggunakan sistem operasi Debian dimana konfigurasi dan perintah akan sama untuk distro turunannya (Ubuntu, Knoppix dll). Namun tidak mentup kemungkinan untuk distro lain dapat menggunakan tutorial ini, meskipun ada beberapa perbedaan
1. Database Server : mysql-server 5.0.27-12. Database Client : mysql-client 5.0.27-13. OpenSer 1.1.0-74. openser-mysql-module 1.1.0-75. SIP agent client : Kphone 1:4.2-6
Installation
OpenSer
OpenSER menyediakan paket source dalam bentuk tar.gz , namun saya lebih suka langsung menggunakan binary karena lebih mudah.
1. Penambahan repositoryedit /etc/apt/sourcelist, tambahkan daftar mirror paket debian.deb http://www.openser.org/debian etch main
deb http://www.openser.org/debian sarge main
deb http://www.openser.org/debian sid main
update repository
root@luaini:~#aptget update
2. Searching paketroot@luaini:~# aptcache search openser
openser very fast and configurable SIP proxy
opensercplmodule CPL module (CPL interpreter engine) for OpenSER
openserdbg very fast and configurable SIP proxy [debug symbols]
openserjabbermodule Jabber module (SIPJabber message translation) for OpenSER
opensermysqlmodule MySQL database connectivity module for OpenSER
openserpostgresmodule PostgreSQL database connectivity module for OpenSER
openserradiusmodules radius modules for OpenSER
3
Nur Aini Rakhmawati SIP
openserunixodbcmodule unixODBC database connectivity module for OpenSER
3. Instalasi Paket
Openserroot@luaini:~# aptget install openser
Module MySQL untuk openserroot@luaini:~# aptget install opensermysqlmodule
4. Konfigurasi /usr/sbin/openser_mysql . Kita harus memodifikasi ini untuk keperluan SIP registrar.
# name of the database to be used by SERif [ z "$DBNAME" ]; then
DBNAME="openser"fi# address of MySQL serverif [ z "$DBHOST" ]; then
DBHOST="localhost"fi# user with full privileges over DBNAME databaseif [ z "$DBRWUSER" ]; then
DBRWUSER="aini"fi# password user with full privileges over DBNAME databaseif [ z "$DEFAULT_PW" ]; then
DEFAULT_PW="iinRW"fi# readonly userif [ z "$DBROUSER" ]; then
DBROUSER="luaini"fi# password for readonly userif [ z "$RO_PW" ]; then
RO_PW="iinRO"fi# full privileges MySQL userif [ z "$SQL_USER" ]; then
SQL_USER="root"fi
5. Membuat database OpenSer MySQLroot@luaini:~# openser_mysql create
MySql password for root:
Ketik password root untuk MySQL creating database openser ...
Install SERWEB tables ?(y/n):
creating serweb tables into openser ...
4
Nur Aini Rakhmawati SIP
Membuat tabel2 serweb yang akan digunakan untuk administrasi lewat web.
Hasil yang nampak di webmin
MySQL User :
MySQL Database :
6. Konfigurasi OpenserAda 3 file konfigurasi yang harus dimodifikasi yaitu /etc/default/openser, /etc/openser/openser.cfg, /etc/openser/openserctlrc
○ /etc/openser/openserctlrcFile ini berisi konfigurasi domain, database dan FIFO File## your SIP domainSIP_DOMAIN=luaini.homends.org## database type: MYSQL or PGSQL, by defaulte none is loadedDBENGINE=MYSQL## database hostDBHOST=localhost## ingat pastikan sesuai dengan database## database nameDBNAME=openser## database read/write userDBRWUSER=aini## database read only userDBROUSER=luaini## password for database read only userDBROPW=iinRW## database super userDBROOTUSER="root"## type of aliases used: DB database aliases; UL usrloc aliases## default: none
5
Nur Aini Rakhmawati SIP
#ALIASES_TYPE="DB"## control engine: FIFO or UNIXSOCK## default FIFOCTLENGINE="FIFO"## path to FIFO fileOSER_FIFO="/home/aini/FIFO"
○ /etc/openser/openser.cfg# global configuration parameters .
# port dapat diganti, konfigurasi FIFO harus sama dengan operserctlport=5060fifo="/home/aini/FIFO"alias=luaini.homedns.org# module loading #uncoment .loadmodule "/usr/lib/openser/modules/mysql.so"..loadmodule "/usr/lib/openser/modules/auth.so"loadmodule "/usr/lib/openser/modules/auth_db.so"# Uncomment this if you want to use SQL database # for persistent storage and comment the previous linemodparam("usrloc", "db_mode", 2)# "mysql://namauser:pasworduser@localhost/openser"modparam("usrloc", "db_url", "mysql://aini:iinRW@localhost/openser") ..# Uncomment if you are using auth modulemodparam("auth_db", "calculate_ha1", yes)
# auth params # Uncomment if you are using auth modulemodparam("auth_db", "db_url", "mysql://luaini:iinRO@localhost/openser")# If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter)modparam("auth_db", "password_column", "password")# rr params # add value to ;lr param to make some broken UAs happymodparam("rr", "enable_full_lr", 1)..if (method=="REGISTER") {
# Uncomment this if you want to use digest authenticationif (!www_authorize("luaini.homedns.org", "subscriber")) {
www_challenge("luaini.homedns.org", "0");exit;
};save("location");exit;
6
Nur Aini Rakhmawati SIP
};○ /etc/default/openser
RUN_OPENSER=yes# User to run asUSER=openser# Group to run asGROUP=openser# Amount of memory to allocate for the running OpenSER server (in Mb)MEMORY=64
7. Konfigurasi SIP DomainSesuaikan dengan nama host anda sama SIP Domainedit /etc/hostnameluaini.homedns.org
Ganti hostnameroot@luaini:~# hostname F /etc/hostname
edit /etc/profileSIP_DOMAIN=luaini.homedns.orgexport SIP_DOMAIN
edit /etc/bashrcSIP_DOMAIN=luaini.homedns.orgexport SIP_DOMAIN
8. Menjalankan Openser root@luaini:~# /etc/init.d/openser startStarting openser: openserListening on
udp: 127.0.0.1 [127.0.0.1]:5060 udp: 140.118.123.56 [140.118.123.56]:5060 tcp: 127.0.0.1 [127.0.0.1]:5060 tcp: 140.118.123.56 [140.118.123.56]:5060
Aliases: tcp: localhost:5060 tcp: darqueenice:5060 udp: localhost:5060 udp: darqueenice:5060 *: luaini.homedns.org:*
9. Administrasi UserPenambahan UserSintaks : add <namauser> <pasword> <email>Perintah : root@luaini:~# openserctl add aini aini [email protected] engine 'MYSQL' loadedControl engine 'FIFO' loadedis_user: user counter=0MySql password for user 'aini@localhost':
7
Nur Aini Rakhmawati SIP
new user 'aini' added
Delete UserSintaks : rm <username> Perintah : root@luaini:~# openserctl add aini aini [email protected] engine 'MYSQL' loadedControl engine 'FIFO' loadedis_user: user counter=0MySql password for user 'aini@localhost':new user 'aini' addedroot@luaini:~# openserctl rm ainidatabase engine 'MYSQL' loadedControl engine 'FIFO' loadedis_user: user counter=1Enter password:MySql password for user 'aini@localhost':
Changing User passwordSintaks : passwd <username> <passwd>Perintah :root@luaini:~# openserctl passwd aini ainidatabase engine 'MYSQL' loadedControl engine 'FIFO' loadedis_user: user counter=1MySql password for user 'aini@localhost':password change succeeded
10. Monitoring Serverroot@luaini:/var/log/webmin# openserctl monidatabase engine 'MYSQL' loadedControl engine 'FIFO' loadedcycle #: 1; if constant make sure server lives]Server: OpenSer (1.1.0notls (i386/linux))Now: Fri Dec 29 12:58:40 2006Up Since: Fri Dec 29 12:53:05 2006Up time: 335 [sec]
Transaction Statistics: Module name = tm; statistics=11tm:received_replies = 0tm:relayed_replies = 0tm:local_replies = 0tm:UAS_transactions = 0tm:UAC_transactions = 0tm:2xx_transactions = 0tm:3xx_transactions = 0tm:4xx_transactions = 0tm:5xx_transactions = 0tm:6xx_transactions = 0tm:inuse_transactions = 0
8
Nur Aini Rakhmawati SIP
Stateless Server Statistics: Module name = sl; statistics=9sl:1xx_replies = 0sl:2xx_replies = 0sl:3xx_replies = 0sl:4xx_replies = 0sl:5xx_replies = 0sl:6xx_replies = 0sl:sent_replies = 0sl:sent_err_replies = 0sl:received_ACKs = 0
UsrLoc Stats: Module name = usrloc; statistics=6usrloc:locationusers = 0usrloc:locationcontacts = 0usrloc:locationexpires = 0usrloc:aliasesusers = 0usrloc:aliasescontacts = 0usrloc:aliasesexpires = 0
Kphones
1. InstalasiDownload source code wget http://www.wirlab.net/kphone/kphone4.2.tar.gzatauInstalasi di Debian root@luaini:~# aptget install kphone
2. Konfiguarsi SIPMenu Preference -> SIP Preference
Tab Socket○ Pilih UDP○ Pilih STUN Server○ Isi sesuai dengan nama STUN server dan nomor port.
9
Nur Aini Rakhmawati SIP
3. User identityMenu File -> Identity
Isi form sesuai dengan identitas pada SIP registrar (OpenSer)
10
Nur Aini Rakhmawati SIP
Klik tombol register, tunggu hingga muncul form di bawah ini
Contoh untuk user lain :
Jika login berhasil, tombol register berubah menjadi unregister
11
Nur Aini Rakhmawati SIP
Status user terhubung
4. User CommunicationKirim pesan
12
Nur Aini Rakhmawati SIP
Pemanggilan User
13
Nur Aini Rakhmawati SIP
Lampiran :
/etc/default/openser
## OpenSER startup options#
# Set to yes to enable openser, once configured properly.RUN_OPENSER=yes
# User to run asUSER=openser
# Group to run asGROUP=openser
# Amount of memory to allocate for the running OpenSER server (in Mb)MEMORY=64
# Enable the server to leave a core file when it crashes.# Set this to 'yes' to enable OpenSER to leave a core file when it crashes# or 'no' to disable this feature. This option is case sensitive and only# accepts 'yes' and 'no' and only in lowercase letters.## Please note that when this is enabled, the USER and GROUP options above# will be ignored and the root user/group will be used instead. This is# because only then OpenSER will be able to leave a core file.# If someone knows how this can be made to work even when the server runs as# user openser, please let us know. Tests show that if only as much as the# group is set to openser, while the user is root for the running server,# it will still refuse to write the core file.DUMP_CORE=yes
14
Nur Aini Rakhmawati SIP
/etc/openser/openser.cfg
## $Id: openser.cfg,v 1.6 2006/02/15 18:23:46 bogdan_iancu Exp $## simple quickstart config script#
# global configuration parameters
debug=3 # debug level (cmd line: dddddddddd)fork=yes # Set to no to enter debugging modelog_stderror=no # (cmd line: E) Set to yes to enter debugging mode
check_via=no # (cmd. line: v)dns=no # (cmd. line: r)rev_dns=no # (cmd. line: R)port=5060children=4fifo="/home/aini/FIFO"alias=luaini.homedns.org## uncomment the following lines for TLS support#disable_tls = 0#listen = tls:your_IP:5061#tls_verify = 1#tls_require_certificate = 0#tls_method = TLSv1#tls_certificate = "/build/buildd/openser1.1.0/debian/openser/etc/openser/tls/user/usercert.pem"#tls_private_key = "/build/buildd/openser1.1.0/debian/openser/etc/openser/tls/user/userprivkey.pem"#tls_ca_list = "/build/buildd/openser1.1.0/debian/openser/etc/openser/tls/user/usercalist.pem"
# module loading
# Uncomment this if you want to use SQL databaseloadmodule "/usr/lib/openser/modules/mysql.so"
loadmodule "/usr/lib/openser/modules/sl.so"loadmodule "/usr/lib/openser/modules/tm.so"loadmodule "/usr/lib/openser/modules/rr.so"loadmodule "/usr/lib/openser/modules/maxfwd.so"loadmodule "/usr/lib/openser/modules/usrloc.so"loadmodule "/usr/lib/openser/modules/registrar.so"loadmodule "/usr/lib/openser/modules/textops.so"
# Uncomment this if you want digest authentication# mysql.so must be loaded !loadmodule "/usr/lib/openser/modules/auth.so"loadmodule "/usr/lib/openser/modules/auth_db.so"
15
Nur Aini Rakhmawati SIP
# setting modulespecific parameters
# usrloc params
modparam("usrloc", "db_mode", 2)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line#modparam("usrloc", "db_mode", 2)modparam("usrloc", "db_url", "mysql://aini:iinRW@localhost/openser")
# auth params # Uncomment if you are using auth module#modparam("auth_db", "calculate_ha1", yes)modparam("auth_db", "db_url", "mysql://luaini:iinRO@localhost/openser")## If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter)#modparam("auth_db", "password_column", "password")
# rr params # add value to ;lr param to make some broken UAs happymodparam("rr", "enable_full_lr", 1)
# request routing logic
# main routing logic
route{
# initial sanity checks messages with# max_forwards==0, or excessively long requestsif (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");exit;
};
if (msg:len >= 2048 ) {sl_send_reply("513", "Message too big");exit;
};
# we recordroute all messages to make sure that# subsequent messages will go through our proxy; that's# particularly good if upstream and downstream entities# use different transport protocolif (!method=="REGISTER")
record_route();
16
Nur Aini Rakhmawati SIP
# subsequent messages withing a dialog should take the# path determined by recordroutingif (loose_route()) {
# mark routing logic in requestappend_hf("Phint: rrenforced\r\n"); route(1);
};
if (!uri==myself) {# mark routing logic in requestappend_hf("Phint: outbound\r\n"); # if you have some interdomain connections via TLS#if(uri=~"@tls_domain1.net") {# t_relay("tls:domain1.net");# exit;#} else if(uri=~"@tls_domain2.net") {# t_relay("tls:domain2.net");# exit;#}route(1);
};
# if the request is for other domain use UsrLoc# (in case, it does not work, use the following command# with proper names and addresses in it)if (uri==myself) {
if (method=="REGISTER") {
# Uncomment this if you want to use digest authenticationif (!www_authorize("luaini.homedns.org", "subscriber")) {
www_challenge("luaini.homedns.org", "0");exit;
};
save("location");exit;
};
lookup("aliases");if (!uri==myself) {
append_hf("Phint: outbound alias\r\n"); route(1);
};
# native SIP destinations are handled using our USRLOC DBif (!lookup("location")) {
sl_send_reply("404", "Not Found");exit;
};append_hf("Phint: usrloc applied\r\n");
};
17
Nur Aini Rakhmawati SIP
route(1);}
route[1] {# send it out now; use stateful forwarding as it works reliably# even for UDP2TCPif (!t_relay()) {
sl_reply_error();};exit;
}
18
Nur Aini Rakhmawati SIP
/etc/openser/openserctlrc
# $Id: openserctlrc,v 1.2 2006/07/05 19:37:20 miconda Exp $## openser control tool resource file## here you can set variables used in the openserctl
## your SIP domainSIP_DOMAIN=luaini.homends.org
## database type: MYSQL or PGSQL, by defaulte none is loadedDBENGINE=MYSQL
## database hostDBHOST=localhost
## database nameDBNAME=openser
## database read/write userDBRWUSER=aini
## database read only userDBROUSER=luaini
## password for database read only userDBROPW=iinRO
## database super userDBROOTUSER="root"
## type of aliases used: DB database aliases; UL usrloc aliases## default: none#ALIASES_TYPE="DB"
## control engine: FIFO or UNIXSOCK## default FIFOCTLENGINE="FIFO"
## path to FIFO fileOSER_FIFO="/home/aini/FIFO"
## check ACL names; default on (1); off (0)VERIFY_ACL=1
## ACL names if VERIFY_ACL is set, only the ACL names from below list## are acceptedACL_GROUPS="local ld int voicemail freepstn"
## verbose debug purposes default '0'VERBOSE=1
19
Nur Aini Rakhmawati SIP
/usr/sbin/openser_mysql
#!/bin/sh## $Id: mysqldb.sh,v 1.31 2006/06/26 08:48:56 bogdan_iancu Exp $## Script for adding and dropping ser MySql tables## TODO: update_structures command for migriting to new# table definitons# USAGE: call the command without any parameters for info## 20030121 changed SILO table definition, by dcm## History:# 20030312 added replication mark and state columns to location (nils)# 20030305: Changed user to username, user is reserved word (janakj)# 20030126 statistics table introduced (jiri)# 20030125: Optimized keys of some core tables (janakj)# 20030125: USER_ID changed to user everywhere (janakj)# 20030124: Changed realm column of subscriber and pending# tables to domain (janakj)# 20030414 reinstall introduced (jiri)# 20040705 new definition of table silo (dcm)# 20060407 removed gen_ha1 dependency use md5sum;# separated the serweb from openser tables;# fixed the reinstall functionality (bogdan)# 20060516 added ability to specify MD5 from a configuration file# FreeBSD does not have the md5sum function (norm)
#$PATH=/usr/sbin/
# include resource files, if anyif [ f /etc/openser/.opensermysqlrc ]; then
. /etc/openser/.opensermysqlrcfiif [ f /usr/local/etc/openser/.opensermysqlrc ]; then
. /usr/local/etc/openser/.opensermysqlrcfiif [ f ~/.opensermysqlrc ]; then
. ~/.opensermysqlrcfi
################################################################## config vars################################################################## name of the database to be used by SERif [ z "$DBNAME" ]; then
DBNAME="openser"fi# address of MySQL serverif [ z "$DBHOST" ]; then
DBHOST="localhost"
20
Nur Aini Rakhmawati SIP
fi# user with full privileges over DBNAME databaseif [ z "$DBRWUSER" ]; then
DBRWUSER="aini"fi# password user with full privileges over DBNAME databaseif [ z "$DEFAULT_PW" ]; then
DEFAULT_PW="aini"fi# readonly userif [ z "$DBROUSER" ]; then
DBROUSER="iinRO"fi# password for readonly userif [ z "$RO_PW" ]; then
RO_PW="iinRW"fi# full privileges MySQL userif [ z "$SQL_USER" ]; then
SQL_USER="root"fi
CMD="mysql h $DBHOST u$SQL_USER "DUMP_CMD="mysqldump h $DBHOST u$SQL_USER c t "BACKUP_CMD="mysqldump h $DBHOST u$SQL_USER c "
# type of mysql tablesif [ z "$TABLE_TYPE" ]; then
TABLE_TYPE="TYPE=MyISAM"fi# user name columnif [ z "$USERCOL" ]; then
USERCOL="username"fi
# Program to calculate a messagedigest fingerprint if [ z "$MD5" ]; then
MD5="md5sum"fi
FOREVER="20200528 21:32:15"
DEFAULT_ALIASES_EXPIRES=$FOREVERDEFAULT_Q="1.0"DEFAULT_CALLID="DefaultCallID"DEFAULT_CSEQ="42"DEFAULT_LOCATION_EXPIRES=$FOREVER
saya potong sampai disini untuk file /usr/sbin/openser_mysql
21