<div dir="auto"><div>Hi Gustavo,</div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">This part would answer on OPTIONS if all conditions where true. </div><div dir="auto"><br></div><div dir="auto">The "and have NOT Uri with something for and after an @" surpress the option reply. </div><div dir="auto"><br></div><div dir="auto">So you can remove that or build an own OPTIONS related stuff in your config. </div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto"><span style="font-family:sans-serif;font-size:12.8px"> if (uri==$ru) {</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px"> if ((method==OPTIONS) && (! uri=~"sip:.*[@]+.*")) {</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px"> options_reply();</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px"> }</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px"> }</span><br><br><div class="gmail_quote" dir="auto"><div dir="ltr" class="gmail_attr">Gustavo A. M. <<a href="mailto:gustavo@memorea.com">gustavo@memorea.com</a>> schrieb am Sa., 9. Nov. 2019, 23:45:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Greetings,<br>
<br>
I'm trying to configure kamailio to get OPTIONS response, but it does<br>
not working properly.<br>
After a successful REGISTER, I send OPTIONS first time, get Proxy-<br>
Authenticate header to calculate Proxy-Authorization, and resend<br>
OPTIONS with Proxy-Authenticate header, but server follows answering<br>
with a 407 response, apparently ignoring Proxy-Authenticate.<br>
Note that same password is used in REGISTER request, and first time<br>
REGISTER response with a 401, not a 407 response.<br>
<br>
I think messages sent from client are right, and problem is on the<br>
server configuration.<br>
<br>
Follow messages and kamailio.cfg.<br>
<br>
Thanks in advance,<br>
<br>
<br>
Gustavo Adolfo Moennich<br>
<br>
<br>
OPTIONS <a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a> SIP/2.0<br>
Call-ID: A6DB9DCAA18049E784034FB6F5F95680<br>
Contact: <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>><br>
Content-Length: 0<br>
CSeq: 0 OPTIONS<br>
Expires: 20<br>
From: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>>;tag=0B3D2156FF9E46DAAD7FC43<br>
B62C9E2FC<br>
Max-Forwards: 70<br>
To: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>><br>
User-Agent: Memorea 1.0 (SIP 2.0) Build 1.1.1.0, Windows x64 Build<br>
6.1.7601<br>
Via: SIP/2.0/UDP 192.168.122.21:5060;rport=58905<br>
<br>
<br>
SIP/2.0 407 Proxy Authentication Required<br>
Call-ID: A6DB9DCAA18049E784034FB6F5F95680<br>
CSeq: 0 OPTIONS<br>
From: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>>;tag=0B3D2156FF9E46DAAD7FC43<br>
B62C9E2FC<br>
To: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>>;tag=9dd61ff61e802d8e2bef5f146<br>
21ef3c2.467d<br>
Via: SIP/2.0/UDP<br>
192.168.122.21:5060;rport=58905;received=192.168.122.12<br>
Proxy-Authenticate: Digest realm="<a href="http://kamailio.memorea.com" rel="noreferrer noreferrer" target="_blank">kamailio.memorea.com</a>",<br>
nonce="Xcc1wV3HNJXdfUDchNlEUkT6kHCtqBAn"<br>
Server: kamailio (5.2.1 (x86_64/linux))<br>
Content-Length: 0<br>
<br>
<br>
OPTIONS <a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a> SIP/2.0<br>
Call-ID: A6DB9DCAA18049E784034FB6F5F95680<br>
Contact: <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>><br>
Content-Length: 0<br>
CSeq: 1 OPTIONS<br>
Expires: 20<br>
From: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>>;tag=0B3D2156FF9E46DAAD7FC43<br>
B62C9E2FC<br>
Max-Forwards: 70<br>
Proxy-Authorization: Digest uri=<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>,nonce="Xc<br>
c1wV3HNJXdfUDchNlEUkT6kHCtqBAn",realm="<a href="http://kamailio.memorea.com" rel="noreferrer noreferrer" target="_blank">kamailio.memorea.com</a>",response="<br>
5bcd184eea53284f3ec548c2412ce36a",username=6000<br>
To: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>><br>
User-Agent: Memorea 1.0 (SIP 2.0) Build 1.1.1.0, Windows x64 Build<br>
6.1.7601<br>
Via: SIP/2.0/UDP 192.168.122.21:5060;rport=58905<br>
<br>
<br>
<br>
SIP/2.0 407 Proxy Authentication Required<br>
Call-ID: A6DB9DCAA18049E784034FB6F5F95680<br>
CSeq: 1 OPTIONS<br>
From: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>>;tag=0B3D2156FF9E46DAAD7FC43<br>
B62C9E2FC<br>
To: "Bob" <<a href="mailto:sip%3A6000@kamailio.memorea.com" target="_blank" rel="noreferrer">sip:6000@kamailio.memorea.com</a>>;tag=9dd61ff61e802d8e2bef5f146<br>
21ef3c2.32de<br>
Via: SIP/2.0/UDP<br>
192.168.122.21:5060;received=192.168.122.12;rport=58905<br>
Proxy-Authenticate: Digest realm="<a href="http://kamailio.memorea.com" rel="noreferrer noreferrer" target="_blank">kamailio.memorea.com</a>",<br>
nonce="Xcc1xl3HNJqRobJFuZggPSGvNdtp+GnP"<br>
Server: kamailio (5.2.1 (x86_64/linux))<br>
Content-Length: 0<br>
<br>
<br>
kamailio.cfg content's:<br>
<br>
#!KAMAILIO<br>
#!define WITH_MYSQL<br>
#!define WITH_AUTH<br>
#!define WITH_USRLOCDB<br>
#<br>
# Kamailio (OpenSER) SIP Server v5.2 - default configuration script<br>
# - web: <a href="https://www.kamailio.org" rel="noreferrer noreferrer" target="_blank">https://www.kamailio.org</a><br>
# - git: <a href="https://github.com/kamailio/kamailio" rel="noreferrer noreferrer" target="_blank">https://github.com/kamailio/kamailio</a><br>
#<br>
# Direct your questions about this file to: <sr-users@lists.kamailio.or<br>
g><br>
#<br>
# Refer to the Core CookBook at <a href="https://www.kamailio.org/wiki/" rel="noreferrer noreferrer" target="_blank">https://www.kamailio.org/wiki/</a><br>
# for an explanation of possible statements, functions and parameters.<br>
#<br>
# Note: the comments can be:<br>
# - lines starting with #, but not the pre-processor directives,<br>
# which start with #!, like #!define, #!ifdef, #!endif, #!else,<br>
#!trydef,<br>
# #!subst, #!substdef, ...<br>
# - lines starting with //<br>
# - blocks enclosed in between /* */<br>
#<br>
# Several features can be enabled using '#!define WITH_FEATURE'<br>
directives:<br>
#<br>
# *** To run in debug mode:<br>
# - define WITH_DEBUG<br>
#<br>
# *** To enable mysql:<br>
# - define WITH_MYSQL<br>
#<br>
# *** To enable authentication execute:<br>
# - enable mysql<br>
# - define WITH_AUTH<br>
# - add users using 'kamctl'<br>
#<br>
# *** To enable IP authentication execute:<br>
# - enable mysql<br>
# - enable authentication<br>
# - define WITH_IPAUTH<br>
# - add IP addresses with group id '1' to 'address' table<br>
#<br>
# *** To enable persistent user location execute:<br>
# - enable mysql<br>
# - define WITH_USRLOCDB<br>
#<br>
# *** To enable presence server execute:<br>
# - enable mysql<br>
# - define WITH_PRESENCE<br>
#<br>
# *** To enable nat traversal execute:<br>
# - define WITH_NAT<br>
# - install RTPProxy: <a href="http://www.rtpproxy.org" rel="noreferrer noreferrer" target="_blank">http://www.rtpproxy.org</a><br>
# - start RTPProxy:<br>
# rtpproxy -l _your_public_ip_ -s udp:localhost:7722<br>
# - option for NAT SIP OPTIONS keepalives: WITH_NATSIPPING<br>
#<br>
# *** To enable PSTN gateway routing execute:<br>
# - define WITH_PSTN<br>
# - set the value of pstn.gw_ip<br>
# - check route[PSTN] for regexp routing condition<br>
#<br>
# *** To enable database aliases lookup execute:<br>
# - enable mysql<br>
# - define WITH_ALIASDB<br>
#<br>
# *** To enable speed dial lookup execute:<br>
# - enable mysql<br>
# - define WITH_SPEEDDIAL<br>
#<br>
# *** To enable multi-domain support execute:<br>
# - enable mysql<br>
# - define WITH_MULTIDOMAIN<br>
#<br>
# *** To enable TLS support execute:<br>
# - adjust CFGDIR/tls.cfg as needed<br>
# - define WITH_TLS<br>
#<br>
# *** To enable XMLRPC support execute:<br>
# - define WITH_XMLRPC<br>
# - adjust route[XMLRPC] for access policy<br>
#<br>
# *** To enable anti-flood detection execute:<br>
# - adjust pike and htable=>ipban settings as needed (default is<br>
# block if more than 16 requests in 2 seconds and ban for 300<br>
seconds)<br>
# - define WITH_ANTIFLOOD<br>
#<br>
# *** To block 3XX redirect replies execute:<br>
# - define WITH_BLOCK3XX<br>
#<br>
# *** To block 401 and 407 authentication replies execute:<br>
# - define WITH_BLOCK401407<br>
#<br>
# *** To enable VoiceMail routing execute:<br>
# - define WITH_VOICEMAIL<br>
# - set the value of voicemail.srv_ip<br>
# - adjust the value of voicemail.srv_port<br>
#<br>
# *** To enhance accounting execute:<br>
# - enable mysql<br>
# - define WITH_ACCDB<br>
# - add following columns to database<br>
#!ifdef ACCDB_COMMENT<br>
ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';<br>
ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT<br>
'';<br>
ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';<br>
ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';<br>
ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';<br>
ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT<br>
'';<br>
ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL<br>
DEFAULT '';<br>
ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL<br>
DEFAULT '';<br>
ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL<br>
default '';<br>
ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL<br>
DEFAULT '';<br>
ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL<br>
DEFAULT '';<br>
ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL<br>
DEFAULT '';<br>
#!endif<br>
<br>
####### Include Local Config If Exists #########<br>
import_file "kamailio-local.cfg"<br>
<br>
####### Defined Values #########<br>
<br>
# *** Value defines - IDs used later in config<br>
#!ifdef WITH_MYSQL<br>
# - database URL - used to connect to database server by modules such<br>
# as: auth_db, acc, usrloc, a.s.o.<br>
#!ifndef DBURL<br>
#!define DBURL "mysql://<a href="http://kamailio:temp@database.memorea.com/kamailio" rel="noreferrer noreferrer" target="_blank">kamailio:temp@database.memorea.com/kamailio</a>"<br>
#!endif<br>
#!endif<br>
#!ifdef WITH_MULTIDOMAIN<br>
# - the value for 'use_domain' parameters<br>
#!define MULTIDOMAIN 1<br>
#!else<br>
#!define MULTIDOMAIN 0<br>
#!endif<br>
<br>
# - flags<br>
# FLT_ - per transaction (message) flags<br>
# FLB_ - per branch flags<br>
#!define FLT_ACC 1<br>
#!define FLT_ACCMISSED 2<br>
#!define FLT_ACCFAILED 3<br>
#!define FLT_NATS 5<br>
<br>
#!define FLB_NATB 6<br>
#!define FLB_NATSIPPING 7<br>
<br>
####### Global Parameters #########<br>
<br>
### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR<br>
#!ifdef WITH_DEBUG<br>
debug=4<br>
log_stderror=yes<br>
#!else<br>
debug=2<br>
log_stderror=no<br>
#!endif<br>
<br>
memdbg=5<br>
memlog=5<br>
<br>
log_facility=LOG_LOCAL0<br>
log_prefix="{$mt $hdr(CSeq) $ci} "<br>
<br>
/* number of SIP routing processes */<br>
children=8<br>
<br>
/* uncomment the next line to disable TCP (default on) */<br>
# disable_tcp=yes<br>
<br>
/* uncomment the next line to disable the auto discovery of local<br>
aliases<br>
* based on reverse DNS on IPs (default on) */<br>
# auto_aliases=no<br>
<br>
/* add local domain aliases */<br>
# alias="<a href="http://sip.mydomain.com" rel="noreferrer noreferrer" target="_blank">sip.mydomain.com</a>"<br>
<br>
/* uncomment and configure the following line if you want Kamailio to<br>
* bind on a specific interface/port/proto (default bind on all<br>
available) */<br>
# listen=udp:<a href="http://10.0.0.10:5060" rel="noreferrer noreferrer" target="_blank">10.0.0.10:5060</a><br>
<br>
#!ifdef WITH_TLS<br>
enable_tls=yes<br>
#!endif<br>
<br>
/* life time of TCP connection when there is no traffic<br>
* - a bit higher than registration expires to cope with UA behind NAT<br>
*/<br>
tcp_connection_lifetime=3605<br>
<br>
####### Custom Parameters #########<br>
<br>
/* These parameters can be modified runtime via RPC interface<br>
* - see the documentation of 'cfg_rpc' module.<br>
*<br>
* Format: <a href="http://group.id" rel="noreferrer noreferrer" target="_blank">group.id</a> = value 'desc' description<br>
* Access: $sel(<a href="http://cfg_get.group.id" rel="noreferrer noreferrer" target="_blank">cfg_get.group.id</a>) or @<a href="http://cfg_get.group.id" rel="noreferrer noreferrer" target="_blank">cfg_get.group.id</a> */<br>
<br>
#!ifdef WITH_PSTN<br>
/* PSTN GW Routing<br>
*<br>
* - pstn.gw_ip: valid IP or hostname as string value, example:<br>
* pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"<br>
*<br>
* - by default is empty to avoid misrouting */<br>
pstn.gw_ip = "" desc "PSTN GW Address"<br>
pstn.gw_port = "" desc "PSTN GW Port"<br>
#!endif<br>
<br>
#!ifdef WITH_VOICEMAIL<br>
/* VoiceMail Routing on offline, busy or no answer<br>
*<br>
* - by default Voicemail server IP is empty to avoid misrouting */<br>
voicemail.srv_ip = "" desc "VoiceMail IP Address"<br>
voicemail.srv_port = "5060" desc "VoiceMail Port"<br>
#!endif<br>
<br>
####### Modules Section ########<br>
<br>
/* set paths to location of modules */<br>
# mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/"<br>
<br>
#!ifdef WITH_MYSQL<br>
loadmodule "db_mysql.so"<br>
#!endif<br>
<br>
loadmodule "jsonrpcs.so"<br>
loadmodule "kex.so"<br>
loadmodule "corex.so"<br>
loadmodule "tm.so"<br>
loadmodule "tmx.so"<br>
loadmodule "sl.so"<br>
loadmodule "rr.so"<br>
loadmodule "pv.so"<br>
loadmodule "maxfwd.so"<br>
loadmodule "usrloc.so"<br>
loadmodule "registrar.so"<br>
loadmodule "textops.so"<br>
loadmodule "siputils.so"<br>
loadmodule "xlog.so"<br>
loadmodule "sanity.so"<br>
loadmodule "ctl.so"<br>
loadmodule "cfg_rpc.so"<br>
loadmodule "acc.so"<br>
loadmodule "counters.so"<br>
<br>
#!ifdef WITH_AUTH<br>
loadmodule "auth.so"<br>
loadmodule "auth_db.so"<br>
#!ifdef WITH_IPAUTH<br>
loadmodule "permissions.so"<br>
#!endif<br>
#!endif<br>
<br>
#!ifdef WITH_ALIASDB<br>
loadmodule "alias_db.so"<br>
#!endif<br>
<br>
#!ifdef WITH_SPEEDDIAL<br>
loadmodule "speeddial.so"<br>
#!endif<br>
<br>
#!ifdef WITH_MULTIDOMAIN<br>
loadmodule "domain.so"<br>
#!endif<br>
<br>
#!ifdef WITH_PRESENCE<br>
loadmodule "presence.so"<br>
loadmodule "presence_xml.so"<br>
#!endif<br>
<br>
#!ifdef WITH_NAT<br>
loadmodule "nathelper.so"<br>
loadmodule "rtpproxy.so"<br>
#!endif<br>
<br>
#!ifdef WITH_TLS<br>
loadmodule "tls.so"<br>
#!endif<br>
<br>
#!ifdef WITH_ANTIFLOOD<br>
loadmodule "htable.so"<br>
loadmodule "pike.so"<br>
#!endif<br>
<br>
#!ifdef WITH_XMLRPC<br>
loadmodule "xmlrpc.so"<br>
#!endif<br>
<br>
#!ifdef WITH_DEBUG<br>
loadmodule "debugger.so"<br>
#!endif<br>
<br>
# ----------------- setting module-specific parameters ---------------<br>
<br>
<br>
# ----- jsonrpcs params -----<br>
modparam("jsonrpcs", "pretty_format", 1)<br>
/* set the path to RPC fifo control file */<br>
# modparam("jsonrpcs", "fifo_name",<br>
"/var/run/kamailio/kamailio_rpc.fifo")<br>
/* set the path to RPC unix socket control file */<br>
# modparam("jsonrpcs", "dgram_socket",<br>
"/var/run/kamailio/kamailio_rpc.sock")<br>
<br>
# ----- ctl params -----<br>
/* set the path to RPC unix socket control file */<br>
# modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")<br>
<br>
# ----- tm params -----<br>
# auto-discard branches from previous serial forking leg<br>
modparam("tm", "failure_reply_mode", 3)<br>
# default retransmission timeout: 30sec<br>
modparam("tm", "fr_timer", 30000)<br>
# default invite retransmission timeout after 1xx: 120sec<br>
modparam("tm", "fr_inv_timer", 120000)<br>
<br>
# ----- rr params -----<br>
# set next param to 1 to add value to ;lr param (helps with some UAs)<br>
modparam("rr", "enable_full_lr", 0)<br>
# do not append from tag to the RR (no need for this script)<br>
modparam("rr", "append_fromtag", 0)<br>
<br>
# ----- registrar params -----<br>
modparam("registrar", "method_filtering", 1)<br>
/* uncomment the next line to disable parallel forking via location */<br>
# modparam("registrar", "append_branches", 0)<br>
/* uncomment the next line not to allow more than 10 contacts per AOR<br>
*/<br>
# modparam("registrar", "max_contacts", 10)<br>
/* max value for expires of registrations */<br>
modparam("registrar", "max_expires", 3600)<br>
/* set it to 1 to enable GRUU */<br>
modparam("registrar", "gruu_enabled", 0)<br>
<br>
# ----- acc params -----<br>
/* what special events should be accounted ? */<br>
modparam("acc", "early_media", 0)<br>
modparam("acc", "report_ack", 0)<br>
modparam("acc", "report_cancels", 0)<br>
/* by default ww do not adjust the direct of the sequential requests.<br>
* if you enable this parameter, be sure the enable "append_fromtag"<br>
* in "rr" module */<br>
modparam("acc", "detect_direction", 0)<br>
/* account triggers (flags) */<br>
modparam("acc", "log_flag", FLT_ACC)<br>
modparam("acc", "log_missed_flag", FLT_ACCMISSED)<br>
modparam("acc", "log_extra",<br>
"src_user=$fU;src_domain=$fd;src_ip=$si;"<br>
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")<br>
modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)<br>
/* enhanced DB accounting */<br>
#!ifdef WITH_ACCDB<br>
modparam("acc", "db_flag", FLT_ACC)<br>
modparam("acc", "db_missed_flag", FLT_ACCMISSED)<br>
modparam("acc", "db_url", DBURL)<br>
modparam("acc", "db_extra",<br>
"src_user=$fU;src_domain=$fd;src_ip=$si;"<br>
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")<br>
#!endif<br>
<br>
# ----- usrloc params -----<br>
/* enable DB persistency for location entries */<br>
#!ifdef WITH_USRLOCDB<br>
modparam("usrloc", "db_url", DBURL)<br>
modparam("usrloc", "db_mode", 2)<br>
modparam("usrloc", "use_domain", MULTIDOMAIN)<br>
#!endif<br>
<br>
# ----- auth_db params -----<br>
#!ifdef WITH_AUTH<br>
modparam("auth_db", "db_url", DBURL)<br>
modparam("auth_db", "calculate_ha1", yes)<br>
modparam("auth_db", "password_column", "password")<br>
modparam("auth_db", "load_credentials", "")<br>
modparam("auth_db", "use_domain", MULTIDOMAIN)<br>
<br>
# ----- permissions params -----<br>
#!ifdef WITH_IPAUTH<br>
modparam("permissions", "db_url", DBURL)<br>
modparam("permissions", "db_mode", 1)<br>
#!endif<br>
<br>
#!endif<br>
<br>
# ----- alias_db params -----<br>
#!ifdef WITH_ALIASDB<br>
modparam("alias_db", "db_url", DBURL)<br>
modparam("alias_db", "use_domain", MULTIDOMAIN)<br>
#!endif<br>
<br>
# ----- speeddial params -----<br>
#!ifdef WITH_SPEEDDIAL<br>
modparam("speeddial", "db_url", DBURL)<br>
modparam("speeddial", "use_domain", MULTIDOMAIN)<br>
#!endif<br>
<br>
# ----- domain params -----<br>
#!ifdef WITH_MULTIDOMAIN<br>
modparam("domain", "db_url", DBURL)<br>
/* register callback to match myself condition with domains list */<br>
modparam("domain", "register_myself", 1)<br>
#!endif<br>
<br>
#!ifdef WITH_PRESENCE<br>
# ----- presence params -----<br>
modparam("presence", "db_url", DBURL)<br>
<br>
# ----- presence_xml params -----<br>
modparam("presence_xml", "db_url", DBURL)<br>
modparam("presence_xml", "force_active", 1)<br>
#!endif<br>
<br>
#!ifdef WITH_NAT<br>
# ----- rtpproxy params -----<br>
modparam("rtpproxy", "rtpproxy_sock", "udp:<a href="http://127.0.0.1:7722" rel="noreferrer noreferrer" target="_blank">127.0.0.1:7722</a>")<br>
<br>
# ----- nathelper params -----<br>
modparam("nathelper", "natping_interval", 30)<br>
modparam("nathelper", "ping_nated_only", 1)<br>
modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)<br>
modparam("nathelper", "sipping_from", "<a href="mailto:sip%3Apinger@kamailio.org" target="_blank" rel="noreferrer">sip:pinger@kamailio.org</a>")<br>
<br>
# params needed for NAT traversal in other modules<br>
modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")<br>
modparam("usrloc", "nat_bflag", FLB_NATB)<br>
#!endif<br>
<br>
#!ifdef WITH_TLS<br>
# ----- tls params -----<br>
modparam("tls", "config", "/etc/kamailio/tls.cfg")<br>
#!endif<br>
<br>
#!ifdef WITH_ANTIFLOOD<br>
# ----- pike params -----<br>
modparam("pike", "sampling_time_unit", 2)<br>
modparam("pike", "reqs_density_per_unit", 16)<br>
modparam("pike", "remove_latency", 4)<br>
<br>
# ----- htable params -----<br>
/* ip ban htable with autoexpire after 5 minutes */<br>
modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")<br>
#!endif<br>
<br>
#!ifdef WITH_XMLRPC<br>
# ----- xmlrpc params -----<br>
modparam("xmlrpc", "route", "XMLRPC");<br>
modparam("xmlrpc", "url_match", "^/RPC")<br>
#!endif<br>
<br>
#!ifdef WITH_DEBUG<br>
# ----- debugger params -----<br>
modparam("debugger", "cfgtrace", 1)<br>
modparam("debugger", "log_level_name", "exec")<br>
#!endif<br>
<br>
####### Routing Logic ########<br>
<br>
<br>
/* Main SIP request routing logic<br>
* - processing of any incoming SIP request starts with this route<br>
* - note: this is the same as route { ... } */<br>
request_route {<br>
<br>
# per request initial checks<br>
route(REQINIT);<br>
<br>
# NAT detection<br>
route(NATDETECT);<br>
<br>
# CANCEL processing<br>
if (is_method("CANCEL")) {<br>
if (t_check_trans()) {<br>
route(RELAY);<br>
}<br>
exit;<br>
}<br>
<br>
# handle retransmissions<br>
if (!is_method("ACK")) {<br>
if(t_precheck_trans()) {<br>
t_check_trans();<br>
exit;<br>
}<br>
t_check_trans();<br>
}<br>
<br>
# handle requests within SIP dialogs<br>
route(WITHINDLG);<br>
<br>
### only initial requests (no To tag)<br>
<br>
# authentication<br>
route(AUTH);<br>
<br>
# record routing for dialog forming requests (in case they are<br>
routed)<br>
# - remove preloaded route headers<br>
remove_hf("Route");<br>
if (is_method("INVITE|SUBSCRIBE")) {<br>
record_route();<br>
}<br>
<br>
# account only INVITEs<br>
if (is_method("INVITE")) {<br>
setflag(FLT_ACC); # do accounting<br>
}<br>
<br>
# dispatch requests to foreign domains<br>
route(SIPOUT);<br>
<br>
### requests for my local domains<br>
<br>
# handle presence related requests<br>
route(PRESENCE);<br>
<br>
# handle registrations<br>
route(REGISTRAR);<br>
<br>
if ($rU==$null) {<br>
# request with no Username in RURI<br>
sl_send_reply("484","Address Incomplete");<br>
exit;<br>
}<br>
<br>
# dispatch destinations to PSTN<br>
route(PSTN);<br>
<br>
# user location service<br>
route(LOCATION);<br>
}<br>
<br>
# Wrapper for relaying requests<br>
route[RELAY] {<br>
<br>
# enable additional event routes for forwarded requests<br>
# - serial forking, RTP relaying handling, a.s.o.<br>
if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {<br>
if(!t_is_set("branch_route"))<br>
t_on_branch("MANAGE_BRANCH");<br>
}<br>
if (is_method("INVITE|SUBSCRIBE|UPDATE")) {<br>
if(!t_is_set("onreply_route"))<br>
t_on_reply("MANAGE_REPLY");<br>
}<br>
if (is_method("INVITE")) {<br>
if(!t_is_set("failure_route"))<br>
t_on_failure("MANAGE_FAILURE");<br>
}<br>
<br>
if (!t_relay()) {<br>
sl_reply_error();<br>
}<br>
exit;<br>
}<br>
<br>
# Per SIP request initial checks<br>
route[REQINIT] {<br>
#!ifdef WITH_ANTIFLOOD<br>
# flood detection from same IP and traffic ban for a while<br>
# be sure you exclude checking trusted peers, such as pstn<br>
gateways<br>
# - local host excluded (e.g., loop to self)<br>
if(src_ip!=$si) {<br>
if($sht(ipban=>$si)!=$null) {<br>
# ip is already blocked<br>
xdbg("request from blocked IP - $rm from $fu<br>
(IP:$si:$sp)\n");<br>
exit;<br>
}<br>
if (!pike_check_req()) {<br>
xlog("L_ALERT","ALERT: pike blocking $rm from<br>
$fu (IP:$si:$sp)\n");<br>
$sht(ipban=>$si) = 1;<br>
exit;<br>
}<br>
}<br>
#!endif<br>
if($ua =~ "friendly-scanner|sipcli|VaxSIPUserAgent") {<br>
# silent drop for scanners - uncomment next line if<br>
want to reply<br>
# sl_send_reply("200", "OK");<br>
exit;<br>
}<br>
<br>
if (!mf_process_maxfwd_header("10")) {<br>
sl_send_reply("483","Too Many Hops");<br>
exit;<br>
}<br>
<br>
if (uri==$ru) {<br>
if ((method==OPTIONS) && (! uri=~"sip:.*[@]+.*")) {<br>
options_reply();<br>
}<br>
}<br>
<br>
if(!sanity_check("17895", "7")) {<br>
xlog("Malformed SIP message from $si:$sp\n");<br>
exit;<br>
}<br>
}<br>
<br>
# Handle requests within SIP dialogs<br>
route[WITHINDLG] {<br>
if (!has_totag()) return;<br>
<br>
# sequential request withing a dialog should<br>
# take the path determined by record-routing<br>
if (loose_route()) {<br>
route(DLGURI);<br>
if (is_method("BYE")) {<br>
setflag(FLT_ACC); # do accounting ...<br>
setflag(FLT_ACCFAILED); # ... even if the<br>
transaction fails<br>
} else if ( is_method("ACK") ) {<br>
# ACK is forwarded statelessly<br>
route(NATMANAGE);<br>
} else if ( is_method("NOTIFY") ) {<br>
# Add Record-Route for in-dialog NOTIFY as per<br>
RFC 6665.<br>
record_route();<br>
}<br>
route(RELAY);<br>
exit;<br>
}<br>
<br>
if (is_method("SUBSCRIBE") && uri == $ru) {<br>
# in-dialog subscribe requests<br>
route(PRESENCE);<br>
exit;<br>
}<br>
if ( is_method("ACK") ) {<br>
if ( t_check_trans() ) {<br>
# no loose-route, but stateful ACK;<br>
# must be an ACK after a 487<br>
# or e.g. 404 from upstream server<br>
route(RELAY);<br>
exit;<br>
} else {<br>
# ACK without matching transaction ... ignore<br>
and discard<br>
exit;<br>
}<br>
}<br>
sl_send_reply("404","Not here");<br>
exit;<br>
}<br>
<br>
# Handle SIP registrations<br>
route[REGISTRAR] {<br>
if (!is_method("REGISTER")) return;<br>
<br>
if(isflagset(FLT_NATS)) {<br>
setbflag(FLB_NATB);<br>
#!ifdef WITH_NATSIPPING<br>
# do SIP NAT pinging<br>
setbflag(FLB_NATSIPPING);<br>
#!endif<br>
}<br>
if (!save("location")) {<br>
sl_reply_error();<br>
}<br>
exit;<br>
}<br>
<br>
# User location service<br>
route[LOCATION] {<br>
<br>
#!ifdef WITH_SPEEDDIAL<br>
# search for short dialing - 2-digit extension<br>
if($rU=~"^[0-9][0-9]$") {<br>
if(sd_lookup("speed_dial")) {<br>
route(SIPOUT);<br>
}<br>
}<br>
#!endif<br>
<br>
#!ifdef WITH_ALIASDB<br>
# search in DB-based aliases<br>
if(alias_db_lookup("dbaliases")) {<br>
route(SIPOUT);<br>
}<br>
#!endif<br>
<br>
$avp(oexten) = $rU;<br>
if (!lookup("location")) {<br>
$var(rc) = $rc;<br>
route(TOVOICEMAIL);<br>
t_newtran();<br>
switch ($var(rc)) {<br>
case -1:<br>
case -3:<br>
send_reply("404", "Not Found");<br>
exit;<br>
case -2:<br>
send_reply("405", "Method Not<br>
Allowed");<br>
exit;<br>
}<br>
}<br>
<br>
# when routing via usrloc, log the missed calls also<br>
if (is_method("INVITE")) {<br>
setflag(FLT_ACCMISSED);<br>
}<br>
<br>
route(RELAY);<br>
exit;<br>
}<br>
<br>
# Presence server processing<br>
route[PRESENCE] {<br>
if(!is_method("PUBLISH|SUBSCRIBE")) return;<br>
<br>
if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") {<br>
route(TOVOICEMAIL);<br>
# returns here if no voicemail server is configured<br>
sl_send_reply("404", "No voicemail service");<br>
exit;<br>
}<br>
<br>
#!ifdef WITH_PRESENCE<br>
if (!t_newtran()) {<br>
sl_reply_error();<br>
exit;<br>
}<br>
<br>
if(is_method("PUBLISH")) {<br>
handle_publish();<br>
t_release();<br>
} else if(is_method("SUBSCRIBE")) {<br>
handle_subscribe();<br>
t_release();<br>
}<br>
exit;<br>
#!endif<br>
<br>
# if presence enabled, this part will not be executed<br>
if (is_method("PUBLISH") || $rU==$null) {<br>
sl_send_reply("404", "Not here");<br>
exit;<br>
}<br>
return;<br>
}<br>
<br>
# IP authorization and user authentication<br>
route[AUTH] {<br>
#!ifdef WITH_AUTH<br>
<br>
#!ifdef WITH_IPAUTH<br>
if((!is_method("REGISTER")) && allow_source_address()) {<br>
# source IP allowed<br>
return;<br>
}<br>
#!endif<br>
<br>
if (is_method("REGISTER") || from_uri==$fu) {<br>
# authenticate requests<br>
if (!auth_check("$fd", "subscriber", "1")) {<br>
auth_challenge("$fd", "0");<br>
exit;<br>
}<br>
# user authenticated - remove auth header<br>
if(!is_method("REGISTER|PUBLISH"))<br>
consume_credentials();<br>
}<br>
<br>
if (is_method("OPTIONS") || from_uri==$fu) {<br>
# authenticate requests<br>
if (!auth_check("$fd", "subscriber", "1")) {<br>
auth_challenge("$fd", "0");<br>
exit;<br>
}<br>
# user authenticated - remove auth header<br>
if(!is_method("OPTIONS|PUBLISH"))<br>
consume_credentials();<br>
}<br>
<br>
# if caller is not local subscriber, then check if it calls<br>
# a local destination, otherwise deny, not an open relay here<br>
if (from_uri!=$fu && uri!=$ru) {<br>
sl_send_reply("403","Not relaying");<br>
exit;<br>
}<br>
<br>
#!else<br>
<br>
# authentication not enabled - do not relay at all to foreign<br>
networks<br>
if(uri!=$ru) {<br>
sl_send_reply("403","Not relaying");<br>
exit;<br>
}<br>
<br>
#!endif<br>
return;<br>
}<br>
<br>
# Caller NAT detection<br>
route[NATDETECT] {<br>
#!ifdef WITH_NAT<br>
force_rport();<br>
if (nat_uac_test("19")) {<br>
if (is_method("REGISTER")) {<br>
fix_nated_register();<br>
} else {<br>
if(is_first_hop()) {<br>
set_contact_alias();<br>
}<br>
}<br>
setflag(FLT_NATS);<br>
}<br>
#!endif<br>
return;<br>
}<br>
<br>
# RTPProxy control and signaling updates for NAT traversal<br>
route[NATMANAGE] {<br>
#!ifdef WITH_NAT<br>
if (is_request()) {<br>
if(has_totag()) {<br>
if(check_route_param("nat=yes")) {<br>
setbflag(FLB_NATB);<br>
}<br>
}<br>
}<br>
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return;<br>
<br>
if(nat_uac_test("8")) {<br>
rtpproxy_manage("co");<br>
} else {<br>
rtpproxy_manage("cor");<br>
}<br>
<br>
if (is_request()) {<br>
if (!has_totag()) {<br>
if(t_is_branch_route()) {<br>
add_rr_param(";nat=yes");<br>
}<br>
}<br>
}<br>
if (is_reply()) {<br>
if(isbflagset(FLB_NATB)) {<br>
if(is_first_hop())<br>
set_contact_alias();<br>
}<br>
}<br>
#!endif<br>
return;<br>
}<br>
<br>
# URI update for dialog requests<br>
route[DLGURI] {<br>
#!ifdef WITH_NAT<br>
if(!isdsturiset()) {<br>
handle_ruri_alias();<br>
}<br>
#!endif<br>
return;<br>
}<br>
<br>
# Routing to foreign domains<br>
route[SIPOUT] {<br>
if (uri==$ru) return;<br>
<br>
append_hf("P-hint: outbound\r\n");<br>
route(RELAY);<br>
exit;<br>
}<br>
<br>
# PSTN GW routing<br>
route[PSTN] {<br>
#!ifdef WITH_PSTN<br>
# check if PSTN GW IP is defined<br>
if (strempty($sel(cfg_get.pstn.gw_ip))) {<br>
xlog("SCRIPT: PSTN routing enabled but pstn.gw_ip not<br>
defined\n");<br>
return;<br>
}<br>
<br>
# route to PSTN dialed numbers starting with '+' or '00'<br>
# (international format)<br>
# - update the condition to match your dialing rules for PSTN<br>
routing<br>
if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$")) return;<br>
<br>
# only local users allowed to call<br>
if(from_uri!=$fu) {<br>
sl_send_reply("403", "Not Allowed");<br>
exit;<br>
}<br>
<br>
# normalize target number for pstn gateway<br>
# - convert leading 00 to +<br>
if (starts_with("$rU", "00")) {<br>
strip(2);<br>
prefix("+");<br>
}<br>
<br>
if (strempty($sel(cfg_get.pstn.gw_port))) {<br>
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);<br>
} else {<br>
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) +<br>
":"<br>
+ $sel(cfg_get.pstn.gw_port);<br>
}<br>
<br>
route(RELAY);<br>
exit;<br>
#!endif<br>
<br>
return;<br>
}<br>
<br>
# XMLRPC routing<br>
#!ifdef WITH_XMLRPC<br>
route[XMLRPC] {<br>
# allow XMLRPC from localhost<br>
if ((method=="POST" || method=="GET")<br>
&& (src_ip==127.0.0.1)) {<br>
# close connection only for xmlrpclib user agents<br>
(there is a bug in<br>
# xmlrpclib: it waits for EOF before interpreting the<br>
response).<br>
if ($hdr(User-Agent) =~ "xmlrpclib")<br>
set_reply_close();<br>
set_reply_no_connect();<br>
dispatch_rpc();<br>
exit;<br>
}<br>
send_reply("403", "Forbidden");<br>
exit;<br>
}<br>
#!endif<br>
<br>
# Routing to voicemail server<br>
route[TOVOICEMAIL] {<br>
#!ifdef WITH_VOICEMAIL<br>
if(!is_method("INVITE|SUBSCRIBE")) return;<br>
<br>
# check if VoiceMail server IP is defined<br>
if (strempty($sel(cfg_get.voicemail.srv_ip))) {<br>
xlog("SCRIPT: VoiceMail routing enabled but IP not<br>
defined\n");<br>
return;<br>
}<br>
if(is_method("INVITE")) {<br>
if($avp(oexten)==$null) return;<br>
<br>
$ru = "sip:" + $avp(oexten) + "@" +<br>
$sel(cfg_get.voicemail.srv_ip)<br>
+ ":" +<br>
$sel(cfg_get.voicemail.srv_port);<br>
} else {<br>
if($rU==$null) return;<br>
<br>
$ru = "sip:" + $rU + "@" +<br>
$sel(cfg_get.voicemail.srv_ip)<br>
+ ":" +<br>
$sel(cfg_get.voicemail.srv_port);<br>
}<br>
route(RELAY);<br>
exit;<br>
#!endif<br>
<br>
return;<br>
}<br>
<br>
# Manage outgoing branches<br>
branch_route[MANAGE_BRANCH] {<br>
xdbg("new branch [$T_branch_idx] to $ru\n");<br>
route(NATMANAGE);<br>
}<br>
<br>
# Manage incoming replies<br>
onreply_route[MANAGE_REPLY] {<br>
xdbg("incoming reply\n");<br>
if(status=~"[12][0-9][0-9]") {<br>
route(NATMANAGE);<br>
}<br>
}<br>
<br>
# Manage failure routing cases<br>
failure_route[MANAGE_FAILURE] {<br>
route(NATMANAGE);<br>
<br>
if (t_is_canceled()) exit;<br>
<br>
#!ifdef WITH_BLOCK3XX<br>
# block call redirect based on 3xx replies.<br>
if (t_check_status("3[0-9][0-9]")) {<br>
t_reply("404","Not found");<br>
exit;<br>
}<br>
#!endif<br>
<br>
#!ifdef WITH_BLOCK401407<br>
# block call redirect based on 401, 407 replies.<br>
if (t_check_status("401|407")) {<br>
t_reply("404","Not found");<br>
exit;<br>
}<br>
#!endif<br>
<br>
#!ifdef WITH_VOICEMAIL<br>
# serial forking<br>
# - route to voicemail on busy or no answer (timeout)<br>
if (t_check_status("486|408")) {<br>
$du = $null;<br>
route(TOVOICEMAIL);<br>
exit;<br>
}<br>
#!endif<br>
}<br>
<br>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org" target="_blank" rel="noreferrer">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote></div></div></div>