#!KAMAILIO #!KAMAILIO #!define WITH_MYSQL #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_USRLOCDB > #!define WITH_ASTERISK # # # Kamailio (OpenSER) SIP Server v5.2 - default configuration # Kamailio (OpenSER) SIP Server v5.2 - default configuration # - web: https://www.kamailio.org # - web: https://www.kamailio.org # - git: https://github.com/kamailio/kamailio # - git: https://github.com/kamailio/kamailio # # # Direct your questions about this file to: ipban settings as needed (def # - adjust pike and htable=>ipban settings as needed (def # block if more than 16 requests in 2 seconds and ban f # block if more than 16 requests in 2 seconds and ban f # - define WITH_ANTIFLOOD # - define WITH_ANTIFLOOD # # # *** To block 3XX redirect replies execute: # *** To block 3XX redirect replies execute: # - define WITH_BLOCK3XX # - define WITH_BLOCK3XX # # # *** To block 401 and 407 authentication replies execute: # *** To block 401 and 407 authentication replies execute: # - define WITH_BLOCK401407 # - define WITH_BLOCK401407 # # # *** To enable VoiceMail routing execute: # *** To enable VoiceMail routing execute: # - define WITH_VOICEMAIL # - define WITH_VOICEMAIL # - set the value of voicemail.srv_ip # - set the value of voicemail.srv_ip # - adjust the value of voicemail.srv_port # - adjust the value of voicemail.srv_port # # # *** To enhance accounting execute: # *** To enhance accounting execute: # - enable mysql # - enable mysql # - define WITH_ACCDB # - define WITH_ACCDB # - add following columns to database # - add following columns to database #!ifdef ACCDB_COMMENT #!ifdef ACCDB_COMMENT ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DE ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DE ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL defa ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL defa ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL D ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL D ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DE ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DE ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NO ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NO ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) N ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) N ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NO ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NO ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) #!endif #!endif ####### Include Local Config If Exists ######### ####### Include Local Config If Exists ######### import_file "kamailio-local.cfg" import_file "kamailio-local.cfg" ####### Defined Values ######### ####### Defined Values ######### # *** Value defines - IDs used later in config # *** Value defines - IDs used later in config #!ifdef WITH_MYSQL #!ifdef WITH_MYSQL # - database URL - used to connect to database server by modu # - database URL - used to connect to database server by modu # as: auth_db, acc, usrloc, a.s.o. # as: auth_db, acc, usrloc, a.s.o. #!ifndef DBURL | #!define DBURL "mysql://openser:openserrw@localhost/openser" #!define DBURL "mysql://kamailio:kamailiorw@localhost/kamaili | #!ifdef WITH_ASTERISK > #!define DBASTURL "mysql://asterisk:asterisk_password@localho #!endif #!endif #!endif #!endif #!ifdef WITH_MULTIDOMAIN #!ifdef WITH_MULTIDOMAIN # - the value for 'use_domain' parameters # - the value for 'use_domain' parameters #!define MULTIDOMAIN 1 #!define MULTIDOMAIN 1 #!else #!else #!define MULTIDOMAIN 0 #!define MULTIDOMAIN 0 #!endif #!endif # - flags # - flags # FLT_ - per transaction (message) flags # FLT_ - per transaction (message) flags # FLB_ - per branch flags # FLB_ - per branch flags #!define FLT_ACC 1 #!define FLT_ACC 1 #!define FLT_ACCMISSED 2 #!define FLT_ACCMISSED 2 #!define FLT_ACCFAILED 3 #!define FLT_ACCFAILED 3 #!define FLT_NATS 5 #!define FLT_NATS 5 #!define FLB_NATB 6 #!define FLB_NATB 6 #!define FLB_NATSIPPING 7 #!define FLB_NATSIPPING 7 ####### Global Parameters ######### ####### Global Parameters ######### ### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR ### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR #!ifdef WITH_DEBUG #!ifdef WITH_DEBUG debug=4 debug=4 log_stderror=yes log_stderror=yes #!else #!else debug=2 debug=2 log_stderror=no log_stderror=no #!endif #!endif memdbg=5 memdbg=5 memlog=5 memlog=5 log_facility=LOG_LOCAL0 log_facility=LOG_LOCAL0 log_prefix="{$mt $hdr(CSeq) $ci} " log_prefix="{$mt $hdr(CSeq) $ci} " /* number of SIP routing processes */ /* number of SIP routing processes */ children=8 children=8 /* uncomment the next line to disable TCP (default on) */ /* uncomment the next line to disable TCP (default on) */ # disable_tcp=yes # disable_tcp=yes /* uncomment the next line to disable the auto discovery of l /* uncomment the next line to disable the auto discovery of l * based on reverse DNS on IPs (default on) */ * based on reverse DNS on IPs (default on) */ # auto_aliases=no # auto_aliases=no /* add local domain aliases */ /* add local domain aliases */ # alias="sip.mydomain.com" # alias="sip.mydomain.com" /* uncomment and configure the following line if you want Kam /* uncomment and configure the following line if you want Kam * bind on a specific interface/port/proto (default bind on a * bind on a specific interface/port/proto (default bind on a # listen=udp:10.0.0.10:5060 | listen=udp:192.168.1.230:5060 #!ifdef WITH_TLS #!ifdef WITH_TLS enable_tls=yes enable_tls=yes #!endif #!endif /* life time of TCP connection when there is no traffic /* life time of TCP connection when there is no traffic * - a bit higher than registration expires to cope with UA b * - a bit higher than registration expires to cope with UA b tcp_connection_lifetime=3605 tcp_connection_lifetime=3605 ####### Custom Parameters ######### ####### Custom Parameters ######### /* These parameters can be modified runtime via RPC interface /* These parameters can be modified runtime via RPC interface * - see the documentation of 'cfg_rpc' module. * - see the documentation of 'cfg_rpc' module. * * * Format: group.id = value 'desc' description * Format: group.id = value 'desc' description * Access: $sel(cfg_get.group.id) or @cfg_get.group.id */ * Access: $sel(cfg_get.group.id) or @cfg_get.group.id */ #!ifdef WITH_PSTN #!ifdef WITH_PSTN /* PSTN GW Routing /* PSTN GW Routing * * * - pstn.gw_ip: valid IP or hostname as string value, exampl * - pstn.gw_ip: valid IP or hostname as string value, exampl * pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" * pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" * * * - by default is empty to avoid misrouting */ * - by default is empty to avoid misrouting */ pstn.gw_ip = "" desc "PSTN GW Address" pstn.gw_ip = "" desc "PSTN GW Address" pstn.gw_port = "" desc "PSTN GW Port" pstn.gw_port = "" desc "PSTN GW Port" #!endif #!endif #!ifdef WITH_VOICEMAIL #!ifdef WITH_VOICEMAIL /* VoiceMail Routing on offline, busy or no answer /* VoiceMail Routing on offline, busy or no answer * * * - by default Voicemail server IP is empty to avoid misrout * - by default Voicemail server IP is empty to avoid misrout voicemail.srv_ip = "" desc "VoiceMail IP Address" voicemail.srv_ip = "" desc "VoiceMail IP Address" voicemail.srv_port = "5060" desc "VoiceMail Port" voicemail.srv_port = "5060" desc "VoiceMail Port" #!endif #!endif > > #!ifdef WITH_ASTERISK > asterisk.bindip = "192.168.1.230" desc "Asterisk IP Address" > asterisk.bindport = "5080" desc "Asterisk Port" > kamailio.bindip = "192.168.178.230" desc "Kamailio IP Address > kamailio.bindport = "5060" desc "Kamailio Port" > #!endif > > ####### Modules Section ######## ####### Modules Section ######## /* set paths to location of modules */ /* set paths to location of modules */ # mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/" # mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/" #!ifdef WITH_MYSQL #!ifdef WITH_MYSQL loadmodule "db_mysql.so" loadmodule "db_mysql.so" #!endif #!endif loadmodule "jsonrpcs.so" loadmodule "jsonrpcs.so" loadmodule "kex.so" loadmodule "kex.so" loadmodule "corex.so" loadmodule "corex.so" loadmodule "tm.so" loadmodule "tm.so" loadmodule "tmx.so" loadmodule "tmx.so" loadmodule "sl.so" loadmodule "sl.so" loadmodule "rr.so" loadmodule "rr.so" loadmodule "pv.so" loadmodule "pv.so" loadmodule "maxfwd.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "textops.so" loadmodule "siputils.so" loadmodule "siputils.so" loadmodule "xlog.so" loadmodule "xlog.so" loadmodule "sanity.so" loadmodule "sanity.so" loadmodule "ctl.so" loadmodule "ctl.so" loadmodule "cfg_rpc.so" loadmodule "cfg_rpc.so" loadmodule "acc.so" loadmodule "acc.so" loadmodule "counters.so" loadmodule "counters.so" #!ifdef WITH_AUTH #!ifdef WITH_AUTH loadmodule "auth.so" loadmodule "auth.so" loadmodule "auth_db.so" loadmodule "auth_db.so" #!ifdef WITH_IPAUTH #!ifdef WITH_IPAUTH loadmodule "permissions.so" loadmodule "permissions.so" #!endif #!endif #!endif #!endif #!ifdef WITH_ALIASDB #!ifdef WITH_ALIASDB loadmodule "alias_db.so" loadmodule "alias_db.so" #!endif #!endif #!ifdef WITH_SPEEDDIAL #!ifdef WITH_SPEEDDIAL loadmodule "speeddial.so" loadmodule "speeddial.so" #!endif #!endif #!ifdef WITH_MULTIDOMAIN #!ifdef WITH_MULTIDOMAIN loadmodule "domain.so" loadmodule "domain.so" #!endif #!endif #!ifdef WITH_PRESENCE #!ifdef WITH_PRESENCE loadmodule "presence.so" loadmodule "presence.so" loadmodule "presence_xml.so" loadmodule "presence_xml.so" #!endif #!endif #!ifdef WITH_NAT #!ifdef WITH_NAT loadmodule "nathelper.so" loadmodule "nathelper.so" loadmodule "rtpproxy.so" loadmodule "rtpproxy.so" #!endif #!endif #!ifdef WITH_TLS #!ifdef WITH_TLS loadmodule "tls.so" loadmodule "tls.so" #!endif #!endif #!ifdef WITH_ANTIFLOOD #!ifdef WITH_ANTIFLOOD loadmodule "htable.so" loadmodule "htable.so" loadmodule "pike.so" loadmodule "pike.so" #!endif #!endif #!ifdef WITH_XMLRPC #!ifdef WITH_XMLRPC loadmodule "xmlrpc.so" loadmodule "xmlrpc.so" #!endif #!endif #!ifdef WITH_DEBUG #!ifdef WITH_DEBUG loadmodule "debugger.so" loadmodule "debugger.so" #!endif #!endif # ----------------- setting module-specific parameters ------ # ----------------- setting module-specific parameters ------ # ----- jsonrpcs params ----- # ----- jsonrpcs params ----- modparam("jsonrpcs", "pretty_format", 1) modparam("jsonrpcs", "pretty_format", 1) /* set the path to RPC fifo control file */ /* set the path to RPC fifo control file */ # modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamail # modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamail /* set the path to RPC unix socket control file */ /* set the path to RPC unix socket control file */ # modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio/kam # modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio/kam # ----- ctl params ----- # ----- ctl params ----- /* set the path to RPC unix socket control file */ /* set the path to RPC unix socket control file */ # modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ # modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ # ----- tm params ----- # ----- tm params ----- # auto-discard branches from previous serial forking leg # auto-discard branches from previous serial forking leg modparam("tm", "failure_reply_mode", 3) modparam("tm", "failure_reply_mode", 3) # default retransmission timeout: 30sec # default retransmission timeout: 30sec modparam("tm", "fr_timer", 30000) modparam("tm", "fr_timer", 30000) # default invite retransmission timeout after 1xx: 120sec # default invite retransmission timeout after 1xx: 120sec modparam("tm", "fr_inv_timer", 120000) modparam("tm", "fr_inv_timer", 120000) # ----- rr params ----- # ----- rr params ----- # set next param to 1 to add value to ;lr param (helps with s # set next param to 1 to add value to ;lr param (helps with s modparam("rr", "enable_full_lr", 0) modparam("rr", "enable_full_lr", 0) # do not append from tag to the RR (no need for this script) # do not append from tag to the RR (no need for this script) modparam("rr", "append_fromtag", 0) modparam("rr", "append_fromtag", 0) | #!ifdef WITH_ASTERISK > modparam("rr", "append_fromtag", 1) > #!else > modparam("rr", "append_fromtag", 0) > #!endif > #!ifdef WITH_ASTERISK > modparam("rr", "append_fromtag", 1) > #!else > modparam("rr", "append_fromtag", 0) > #!endif # ----- registrar params ----- # ----- registrar params ----- modparam("registrar", "method_filtering", 1) modparam("registrar", "method_filtering", 1) /* uncomment the next line to disable parallel forking via lo /* uncomment the next line to disable parallel forking via lo # modparam("registrar", "append_branches", 0) # modparam("registrar", "append_branches", 0) /* uncomment the next line not to allow more than 10 contacts /* uncomment the next line not to allow more than 10 contacts # modparam("registrar", "max_contacts", 10) # modparam("registrar", "max_contacts", 10) /* max value for expires of registrations */ /* max value for expires of registrations */ modparam("registrar", "max_expires", 3600) modparam("registrar", "max_expires", 3600) /* set it to 1 to enable GRUU */ /* set it to 1 to enable GRUU */ modparam("registrar", "gruu_enabled", 0) modparam("registrar", "gruu_enabled", 0) # ----- acc params ----- # ----- acc params ----- /* what special events should be accounted ? */ /* what special events should be accounted ? */ modparam("acc", "early_media", 0) modparam("acc", "early_media", 0) modparam("acc", "report_ack", 0) modparam("acc", "report_ack", 0) modparam("acc", "report_cancels", 0) modparam("acc", "report_cancels", 0) /* by default ww do not adjust the direct of the sequential r /* by default ww do not adjust the direct of the sequential r * if you enable this parameter, be sure the enable "append_f * if you enable this parameter, be sure the enable "append_f * in "rr" module */ * in "rr" module */ modparam("acc", "detect_direction", 0) modparam("acc", "detect_direction", 0) /* account triggers (flags) */ /* account triggers (flags) */ modparam("acc", "log_flag", FLT_ACC) modparam("acc", "log_flag", FLT_ACC) modparam("acc", "log_missed_flag", FLT_ACCMISSED) modparam("acc", "log_missed_flag", FLT_ACCMISSED) modparam("acc", "log_extra", modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;src_ip=$si;" "src_user=$fU;src_domain=$fd;src_ip=$si;" "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") modparam("acc", "failed_transaction_flag", FLT_ACCFAILED) modparam("acc", "failed_transaction_flag", FLT_ACCFAILED) /* enhanced DB accounting */ /* enhanced DB accounting */ #!ifdef WITH_ACCDB #!ifdef WITH_ACCDB modparam("acc", "db_flag", FLT_ACC) modparam("acc", "db_flag", FLT_ACC) modparam("acc", "db_missed_flag", FLT_ACCMISSED) modparam("acc", "db_missed_flag", FLT_ACCMISSED) modparam("acc", "db_url", DBURL) modparam("acc", "db_url", DBURL) modparam("acc", "db_extra", modparam("acc", "db_extra", "src_user=$fU;src_domain=$fd;src_ip=$si;" "src_user=$fU;src_domain=$fd;src_ip=$si;" "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") #!endif #!endif # ----- usrloc params ----- # ----- usrloc params ----- /* enable DB persistency for location entries */ /* enable DB persistency for location entries */ #!ifdef WITH_USRLOCDB #!ifdef WITH_USRLOCDB modparam("usrloc", "db_url", DBURL) modparam("usrloc", "db_url", DBURL) modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_mode", 2) modparam("usrloc", "use_domain", MULTIDOMAIN) modparam("usrloc", "use_domain", MULTIDOMAIN) #!endif #!endif # ----- auth_db params ----- # ----- auth_db params ----- #!ifdef WITH_AUTH #!ifdef WITH_AUTH modparam("auth_db", "db_url", DBURL) modparam("auth_db", "db_url", DBURL) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "password_column", "password") modparam("auth_db", "load_credentials", "") modparam("auth_db", "load_credentials", "") modparam("auth_db", "use_domain", MULTIDOMAIN) modparam("auth_db", "use_domain", MULTIDOMAIN) > #!ifdef WITH_ASTERISK > modparam("auth_db", "user_column", "name") > modparam("auth_db", "password_column", "sippasswd") > modparam("auth_db", "db_url", DBASTURL) > modparam("auth_db", "version_table", 0) > #!else > modparam("auth_db", "db_url", DBURL) > modparam("auth_db", "password_column", "password") > modparam("auth_db", "use_domain", MULTIDOMAIN) > #!endif > # ----- permissions params ----- # ----- permissions params ----- #!ifdef WITH_IPAUTH #!ifdef WITH_IPAUTH modparam("permissions", "db_url", DBURL) modparam("permissions", "db_url", DBURL) modparam("permissions", "db_mode", 1) modparam("permissions", "db_mode", 1) #!endif #!endif #!endif #!endif # ----- alias_db params ----- # ----- alias_db params ----- #!ifdef WITH_ALIASDB #!ifdef WITH_ALIASDB modparam("alias_db", "db_url", DBURL) modparam("alias_db", "db_url", DBURL) modparam("alias_db", "use_domain", MULTIDOMAIN) modparam("alias_db", "use_domain", MULTIDOMAIN) #!endif #!endif # ----- speeddial params ----- # ----- speeddial params ----- #!ifdef WITH_SPEEDDIAL #!ifdef WITH_SPEEDDIAL modparam("speeddial", "db_url", DBURL) modparam("speeddial", "db_url", DBURL) modparam("speeddial", "use_domain", MULTIDOMAIN) modparam("speeddial", "use_domain", MULTIDOMAIN) #!endif #!endif # ----- domain params ----- # ----- domain params ----- #!ifdef WITH_MULTIDOMAIN #!ifdef WITH_MULTIDOMAIN modparam("domain", "db_url", DBURL) modparam("domain", "db_url", DBURL) /* register callback to match myself condition with domains l /* register callback to match myself condition with domains l modparam("domain", "register_myself", 1) modparam("domain", "register_myself", 1) #!endif #!endif #!ifdef WITH_PRESENCE #!ifdef WITH_PRESENCE # ----- presence params ----- # ----- presence params ----- modparam("presence", "db_url", DBURL) modparam("presence", "db_url", DBURL) # ----- presence_xml params ----- # ----- presence_xml params ----- modparam("presence_xml", "db_url", DBURL) modparam("presence_xml", "db_url", DBURL) modparam("presence_xml", "force_active", 1) modparam("presence_xml", "force_active", 1) #!endif #!endif #!ifdef WITH_NAT #!ifdef WITH_NAT # ----- rtpproxy params ----- # ----- rtpproxy params ----- modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722") modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722") # ----- nathelper params ----- # ----- nathelper params ----- modparam("nathelper", "natping_interval", 30) modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", FLB_NATSIPPING) modparam("nathelper", "sipping_bflag", FLB_NATSIPPING) modparam("nathelper", "sipping_from", "sip:pinger@kamailio.or modparam("nathelper", "sipping_from", "sip:pinger@kamailio.or # params needed for NAT traversal in other modules # params needed for NAT traversal in other modules modparam("nathelper|registrar", "received_avp", "$avp(RECEIVE modparam("nathelper|registrar", "received_avp", "$avp(RECEIVE modparam("usrloc", "nat_bflag", FLB_NATB) modparam("usrloc", "nat_bflag", FLB_NATB) #!endif #!endif #!ifdef WITH_TLS #!ifdef WITH_TLS # ----- tls params ----- # ----- tls params ----- modparam("tls", "config", "/etc/kamailio/tls.cfg") modparam("tls", "config", "/etc/kamailio/tls.cfg") #!endif #!endif #!ifdef WITH_ANTIFLOOD #!ifdef WITH_ANTIFLOOD # ----- pike params ----- # ----- pike params ----- modparam("pike", "sampling_time_unit", 2) modparam("pike", "sampling_time_unit", 2) modparam("pike", "reqs_density_per_unit", 16) modparam("pike", "reqs_density_per_unit", 16) modparam("pike", "remove_latency", 4) modparam("pike", "remove_latency", 4) # ----- htable params ----- # ----- htable params ----- /* ip ban htable with autoexpire after 5 minutes */ /* ip ban htable with autoexpire after 5 minutes */ modparam("htable", "htable", "ipban=>size=8;autoexpire=300;") modparam("htable", "htable", "ipban=>size=8;autoexpire=300;") #!endif #!endif #!ifdef WITH_XMLRPC #!ifdef WITH_XMLRPC # ----- xmlrpc params ----- # ----- xmlrpc params ----- modparam("xmlrpc", "route", "XMLRPC"); modparam("xmlrpc", "route", "XMLRPC"); modparam("xmlrpc", "url_match", "^/RPC") modparam("xmlrpc", "url_match", "^/RPC") #!endif #!endif #!ifdef WITH_DEBUG #!ifdef WITH_DEBUG # ----- debugger params ----- # ----- debugger params ----- modparam("debugger", "cfgtrace", 1) modparam("debugger", "cfgtrace", 1) modparam("debugger", "log_level_name", "exec") modparam("debugger", "log_level_name", "exec") #!endif #!endif ####### Routing Logic ######## ####### Routing Logic ######## /* Main SIP request routing logic /* Main SIP request routing logic * - processing of any incoming SIP request starts with this * - processing of any incoming SIP request starts with this * - note: this is the same as route { ... } */ * - note: this is the same as route { ... } */ request_route { request_route { # per request initial checks # per request initial checks route(REQINIT); route(REQINIT); # NAT detection # NAT detection route(NATDETECT); route(NATDETECT); # CANCEL processing # CANCEL processing if (is_method("CANCEL")) { if (is_method("CANCEL")) { if (t_check_trans()) { if (t_check_trans()) { route(RELAY); route(RELAY); } } exit; exit; } } # handle retransmissions # handle retransmissions if (!is_method("ACK")) { if (!is_method("ACK")) { if(t_precheck_trans()) { if(t_precheck_trans()) { t_check_trans(); t_check_trans(); exit; exit; } } t_check_trans(); t_check_trans(); } } # handle requests within SIP dialogs # handle requests within SIP dialogs route(WITHINDLG); route(WITHINDLG); ### only initial requests (no To tag) ### only initial requests (no To tag) # authentication # authentication route(AUTH); route(AUTH); # record routing for dialog forming requests (in case # record routing for dialog forming requests (in case # - remove preloaded route headers # - remove preloaded route headers remove_hf("Route"); remove_hf("Route"); if (is_method("INVITE|SUBSCRIBE")) { if (is_method("INVITE|SUBSCRIBE")) { record_route(); record_route(); } } # account only INVITEs # account only INVITEs if (is_method("INVITE")) { if (is_method("INVITE")) { setflag(FLT_ACC); # do accounting setflag(FLT_ACC); # do accounting } } # dispatch requests to foreign domains # dispatch requests to foreign domains route(SIPOUT); route(SIPOUT); ### requests for my local domains ### requests for my local domains # handle presence related requests # handle presence related requests route(PRESENCE); route(PRESENCE); # handle registrations # handle registrations route(REGISTRAR); route(REGISTRAR); if ($rU==$null) { if ($rU==$null) { # request with no Username in RURI # request with no Username in RURI sl_send_reply("484","Address Incomplete"); sl_send_reply("484","Address Incomplete"); exit; exit; } } # dispatch destinations to PSTN # dispatch destinations to PSTN route(PSTN); route(PSTN); # user location service # user location service route(LOCATION); route(LOCATION); } } # Wrapper for relaying requests # Wrapper for relaying requests route[RELAY] { route[RELAY] { # enable additional event routes for forwarded reques # enable additional event routes for forwarded reques # - serial forking, RTP relaying handling, a.s.o. # - serial forking, RTP relaying handling, a.s.o. if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { if(!t_is_set("branch_route")) t_on_branch("MA if(!t_is_set("branch_route")) t_on_branch("MA } } if (is_method("INVITE|SUBSCRIBE|UPDATE")) { if (is_method("INVITE|SUBSCRIBE|UPDATE")) { if(!t_is_set("onreply_route")) t_on_reply("MA if(!t_is_set("onreply_route")) t_on_reply("MA } } if (is_method("INVITE")) { if (is_method("INVITE")) { if(!t_is_set("failure_route")) t_on_failure(" if(!t_is_set("failure_route")) t_on_failure(" } } if (!t_relay()) { if (!t_relay()) { sl_reply_error(); sl_reply_error(); } } exit; exit; } } # Per SIP request initial checks # Per SIP request initial checks route[REQINIT] { route[REQINIT] { #!ifdef WITH_ANTIFLOOD #!ifdef WITH_ANTIFLOOD # flood detection from same IP and traffic ban for a # flood detection from same IP and traffic ban for a # be sure you exclude checking trusted peers, such as # be sure you exclude checking trusted peers, such as # - local host excluded (e.g., loop to self) # - local host excluded (e.g., loop to self) if(src_ip!=myself) { if(src_ip!=myself) { if($sht(ipban=>$si)!=$null) { if($sht(ipban=>$si)!=$null) { # ip is already blocked # ip is already blocked xdbg("request from blocked IP - $rm f xdbg("request from blocked IP - $rm f exit; exit; } } if (!pike_check_req()) { if (!pike_check_req()) { xlog("L_ALERT","ALERT: pike blocking xlog("L_ALERT","ALERT: pike blocking $sht(ipban=>$si) = 1; $sht(ipban=>$si) = 1; exit; exit; } } } } #!endif #!endif if($ua =~ "friendly-scanner|sipcli|VaxSIPUserAgent") if($ua =~ "friendly-scanner|sipcli|VaxSIPUserAgent") # silent drop for scanners - uncomment next l # silent drop for scanners - uncomment next l # sl_send_reply("200", "OK"); # sl_send_reply("200", "OK"); exit; exit; } } if (!mf_process_maxfwd_header("10")) { if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); sl_send_reply("483","Too Many Hops"); exit; exit; } } if(is_method("OPTIONS") && uri==myself && $rU==$null) if(is_method("OPTIONS") && uri==myself && $rU==$null) sl_send_reply("200","Keepalive"); sl_send_reply("200","Keepalive"); exit; exit; } } if(!sanity_check("17895", "7")) { if(!sanity_check("17895", "7")) { xlog("Malformed SIP message from $si:$sp\n"); xlog("Malformed SIP message from $si:$sp\n"); exit; exit; } } } } # Handle requests within SIP dialogs # Handle requests within SIP dialogs route[WITHINDLG] { route[WITHINDLG] { if (!has_totag()) return; if (!has_totag()) return; # sequential request withing a dialog should # sequential request withing a dialog should # take the path determined by record-routing # take the path determined by record-routing if (loose_route()) { if (loose_route()) { route(DLGURI); route(DLGURI); if (is_method("BYE")) { if (is_method("BYE")) { setflag(FLT_ACC); # do accounting ... setflag(FLT_ACC); # do accounting ... setflag(FLT_ACCFAILED); # ... even if setflag(FLT_ACCFAILED); # ... even if } else if ( is_method("ACK") ) { } else if ( is_method("ACK") ) { # ACK is forwarded statelessly # ACK is forwarded statelessly route(NATMANAGE); route(NATMANAGE); } else if ( is_method("NOTIFY") ) { } else if ( is_method("NOTIFY") ) { # Add Record-Route for in-dialog NOTI # Add Record-Route for in-dialog NOTI record_route(); record_route(); } } route(RELAY); route(RELAY); exit; exit; } } if (is_method("SUBSCRIBE") && uri == myself) { if (is_method("SUBSCRIBE") && uri == myself) { # in-dialog subscribe requests # in-dialog subscribe requests route(PRESENCE); route(PRESENCE); exit; exit; } } if ( is_method("ACK") ) { if ( is_method("ACK") ) { if ( t_check_trans() ) { if ( t_check_trans() ) { # no loose-route, but stateful ACK; # no loose-route, but stateful ACK; # must be an ACK after a 487 # must be an ACK after a 487 # or e.g. 404 from upstream server # or e.g. 404 from upstream server route(RELAY); route(RELAY); exit; exit; } else { } else { # ACK without matching transaction .. # ACK without matching transaction .. exit; exit; } } } } sl_send_reply("404","Not here"); sl_send_reply("404","Not here"); exit; exit; } } # Handle SIP registrations # Handle SIP registrations route[REGISTRAR] { route[REGISTRAR] { if (!is_method("REGISTER")) return; if (!is_method("REGISTER")) return; if(isflagset(FLT_NATS)) { if(isflagset(FLT_NATS)) { setbflag(FLB_NATB); setbflag(FLB_NATB); #!ifdef WITH_NATSIPPING #!ifdef WITH_NATSIPPING # do SIP NAT pinging # do SIP NAT pinging setbflag(FLB_NATSIPPING); setbflag(FLB_NATSIPPING); #!endif #!endif } } if (!save("location")) { if (!save("location")) { sl_reply_error(); sl_reply_error(); } } > #!ifdef WITH_ASTERISK > route(REGFWD); > #!endif exit; exit; } } # User location service # User location service route[LOCATION] { route[LOCATION] { #!ifdef WITH_SPEEDDIAL #!ifdef WITH_SPEEDDIAL # search for short dialing - 2-digit extension # search for short dialing - 2-digit extension if($rU=~"^[0-9][0-9]$") { if($rU=~"^[0-9][0-9]$") { if(sd_lookup("speed_dial")) { if(sd_lookup("speed_dial")) { route(SIPOUT); route(SIPOUT); } } } } #!endif #!endif #!ifdef WITH_ALIASDB #!ifdef WITH_ALIASDB # search in DB-based aliases # search in DB-based aliases if(alias_db_lookup("dbaliases")) { if(alias_db_lookup("dbaliases")) { route(SIPOUT); route(SIPOUT); } } #!endif #!endif > #!ifdef WITH_ASTERISK > if(is_method("INVITE") && (!route(FROMASTERISK))) { > # if new call from out there - send to Asterisk > # - non-INVITE request are routed directly by Kamailio > # - traffic from Asterisk is routed also directy by Kamaili > route(TOASTERISK); > exit; > } > #!endif $avp(oexten) = $rU; $avp(oexten) = $rU; if (!lookup("location")) { if (!lookup("location")) { $var(rc) = $rc; $var(rc) = $rc; route(TOVOICEMAIL); route(TOVOICEMAIL); t_newtran(); t_newtran(); switch ($var(rc)) { switch ($var(rc)) { case -1: case -1: case -3: case -3: send_reply("404", "Not Found" send_reply("404", "Not Found" exit; exit; case -2: case -2: send_reply("405", "Method Not send_reply("405", "Method Not exit; exit; } } } } # when routing via usrloc, log the missed calls also # when routing via usrloc, log the missed calls also if (is_method("INVITE")) { if (is_method("INVITE")) { setflag(FLT_ACCMISSED); setflag(FLT_ACCMISSED); } } route(RELAY); route(RELAY); exit; exit; } } # Presence server processing # Presence server processing route[PRESENCE] { route[PRESENCE] { if(!is_method("PUBLISH|SUBSCRIBE")) return; if(!is_method("PUBLISH|SUBSCRIBE")) return; if(is_method("SUBSCRIBE") && $hdr(Event)=="message-su if(is_method("SUBSCRIBE") && $hdr(Event)=="message-su route(TOVOICEMAIL); route(TOVOICEMAIL); # returns here if no voicemail server is conf # returns here if no voicemail server is conf sl_send_reply("404", "No voicemail service"); sl_send_reply("404", "No voicemail service"); exit; exit; } } #!ifdef WITH_PRESENCE #!ifdef WITH_PRESENCE if (!t_newtran()) { if (!t_newtran()) { sl_reply_error(); sl_reply_error(); exit; exit; } } if(is_method("PUBLISH")) { if(is_method("PUBLISH")) { handle_publish(); handle_publish(); t_release(); t_release(); } else if(is_method("SUBSCRIBE")) { } else if(is_method("SUBSCRIBE")) { handle_subscribe(); handle_subscribe(); t_release(); t_release(); } } exit; exit; #!endif #!endif # if presence enabled, this part will not be executed # if presence enabled, this part will not be executed if (is_method("PUBLISH") || $rU==$null) { if (is_method("PUBLISH") || $rU==$null) { sl_send_reply("404", "Not here"); sl_send_reply("404", "Not here"); exit; exit; } } return; return; } } # IP authorization and user authentication # IP authorization and user authentication route[AUTH] { route[AUTH] { #!ifdef WITH_AUTH #!ifdef WITH_AUTH > #!ifdef WITH_ASTERISK > # do not auth traffic from Asterisk - trusted! > if(route(FROMASTERISK)) > return; > #!endif #!ifdef WITH_IPAUTH #!ifdef WITH_IPAUTH if((!is_method("REGISTER")) && allow_source_address() if((!is_method("REGISTER")) && allow_source_address() # source IP allowed # source IP allowed return; return; } } #!endif #!endif if (is_method("REGISTER") || from_uri==myself) { if (is_method("REGISTER") || from_uri==myself) { # authenticate requests # authenticate requests if (!auth_check("$fd", "subscriber", "1")) { if (!auth_check("$fd", "subscriber", "1")) { auth_challenge("$fd", "0"); auth_challenge("$fd", "0"); exit; exit; } } # user authenticated - remove auth header # user authenticated - remove auth header if(!is_method("REGISTER|PUBLISH")) if(!is_method("REGISTER|PUBLISH")) consume_credentials(); consume_credentials(); } } # if caller is not local subscriber, then check if it # if caller is not local subscriber, then check if it # a local destination, otherwise deny, not an open re # a local destination, otherwise deny, not an open re if (from_uri!=myself && uri!=myself) { if (from_uri!=myself && uri!=myself) { sl_send_reply("403","Not relaying"); sl_send_reply("403","Not relaying"); exit; exit; } } #!else #!else # authentication not enabled - do not relay at all to # authentication not enabled - do not relay at all to if(uri!=myself) { if(uri!=myself) { sl_send_reply("403","Not relaying"); sl_send_reply("403","Not relaying"); exit; exit; } } > #!ifdef WITH_ASTERISK > if (!auth_check("$fd", "sipusers", "1")) { > #!else > if (!auth_check("$fd", "subscriber", "1")) { > #!endif > auth_challenge("$fd", "0"); > exit; > } > # user authenticated - remove auth header > if(!is_method("REGISTER|PUBLISH")) > consume_credentials(); > } #!endif #!endif return; return; } } # Caller NAT detection # Caller NAT detection route[NATDETECT] { route[NATDETECT] { #!ifdef WITH_NAT #!ifdef WITH_NAT force_rport(); force_rport(); if (nat_uac_test("19")) { if (nat_uac_test("19")) { if (is_method("REGISTER")) { if (is_method("REGISTER")) { fix_nated_register(); fix_nated_register(); } else { } else { if(is_first_hop()) { if(is_first_hop()) { set_contact_alias(); set_contact_alias(); } } } } setflag(FLT_NATS); setflag(FLT_NATS); } } #!endif #!endif return; return; } } # RTPProxy control and signaling updates for NAT traversal # RTPProxy control and signaling updates for NAT traversal route[NATMANAGE] { route[NATMANAGE] { #!ifdef WITH_NAT #!ifdef WITH_NAT if (is_request()) { if (is_request()) { if(has_totag()) { if(has_totag()) { if(check_route_param("nat=yes")) { if(check_route_param("nat=yes")) { setbflag(FLB_NATB); setbflag(FLB_NATB); } } } } } } if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) r if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) r if(nat_uac_test("8")) { if(nat_uac_test("8")) { rtpproxy_manage("co"); rtpproxy_manage("co"); } else { } else { rtpproxy_manage("cor"); rtpproxy_manage("cor"); } } if (is_request()) { if (is_request()) { if (!has_totag()) { if (!has_totag()) { if(t_is_branch_route()) { if(t_is_branch_route()) { add_rr_param(";nat=yes"); add_rr_param(";nat=yes"); } } } } } } if (is_reply()) { if (is_reply()) { if(isbflagset(FLB_NATB)) { if(isbflagset(FLB_NATB)) { if(is_first_hop()) if(is_first_hop()) set_contact_alias(); set_contact_alias(); } } } } #!endif #!endif return; return; } } # URI update for dialog requests # URI update for dialog requests route[DLGURI] { route[DLGURI] { #!ifdef WITH_NAT #!ifdef WITH_NAT if(!isdsturiset()) { if(!isdsturiset()) { handle_ruri_alias(); handle_ruri_alias(); } } #!endif #!endif return; return; } } # Routing to foreign domains # Routing to foreign domains route[SIPOUT] { route[SIPOUT] { if (uri==myself) return; if (uri==myself) return; append_hf("P-hint: outbound\r\n"); append_hf("P-hint: outbound\r\n"); route(RELAY); route(RELAY); exit; exit; } } # PSTN GW routing # PSTN GW routing route[PSTN] { route[PSTN] { #!ifdef WITH_PSTN #!ifdef WITH_PSTN # check if PSTN GW IP is defined # check if PSTN GW IP is defined if (strempty($sel(cfg_get.pstn.gw_ip))) { if (strempty($sel(cfg_get.pstn.gw_ip))) { xlog("SCRIPT: PSTN routing enabled but pstn.g xlog("SCRIPT: PSTN routing enabled but pstn.g return; return; } } # route to PSTN dialed numbers starting with '+' or ' # route to PSTN dialed numbers starting with '+' or ' # (international format) # (international format) # - update the condition to match your dialing rules # - update the condition to match your dialing rules if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$")) return; if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$")) return; # only local users allowed to call # only local users allowed to call if(from_uri!=myself) { if(from_uri!=myself) { sl_send_reply("403", "Not Allowed"); sl_send_reply("403", "Not Allowed"); exit; exit; } } # normalize target number for pstn gateway # normalize target number for pstn gateway # - convert leading 00 to + # - convert leading 00 to + if (starts_with("$rU", "00")) { if (starts_with("$rU", "00")) { strip(2); strip(2); prefix("+"); prefix("+"); } } if (strempty($sel(cfg_get.pstn.gw_port))) { if (strempty($sel(cfg_get.pstn.gw_port))) { $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn. $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn. } else { } else { $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn. $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn. + $sel(cfg_get.pstn.g + $sel(cfg_get.pstn.g } } route(RELAY); route(RELAY); exit; exit; #!endif #!endif return; return; } } # XMLRPC routing # XMLRPC routing #!ifdef WITH_XMLRPC #!ifdef WITH_XMLRPC route[XMLRPC] { route[XMLRPC] { # allow XMLRPC from localhost # allow XMLRPC from localhost if ((method=="POST" || method=="GET") if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) { && (src_ip==127.0.0.1)) { # close connection only for xmlrpclib user ag # close connection only for xmlrpclib user ag # xmlrpclib: it waits for EOF before interpre # xmlrpclib: it waits for EOF before interpre if ($hdr(User-Agent) =~ "xmlrpclib") if ($hdr(User-Agent) =~ "xmlrpclib") set_reply_close(); set_reply_close(); set_reply_no_connect(); set_reply_no_connect(); dispatch_rpc(); dispatch_rpc(); exit; exit; } } send_reply("403", "Forbidden"); send_reply("403", "Forbidden"); exit; exit; } } #!endif #!endif # Routing to voicemail server # Routing to voicemail server route[TOVOICEMAIL] { route[TOVOICEMAIL] { #!ifdef WITH_VOICEMAIL #!ifdef WITH_VOICEMAIL if(!is_method("INVITE|SUBSCRIBE")) return; if(!is_method("INVITE|SUBSCRIBE")) return; # check if VoiceMail server IP is defined # check if VoiceMail server IP is defined if (strempty($sel(cfg_get.voicemail.srv_ip))) { if (strempty($sel(cfg_get.voicemail.srv_ip))) { xlog("SCRIPT: VoiceMail routing enabled but I xlog("SCRIPT: VoiceMail routing enabled but I return; return; } } if(is_method("INVITE")) { if(is_method("INVITE")) { if($avp(oexten)==$null) return; if($avp(oexten)==$null) return; $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_ $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_ + ":" + $sel(cfg_get.voicemai + ":" + $sel(cfg_get.voicemai } else { } else { if($rU==$null) return; if($rU==$null) return; $ru = "sip:" + $rU + "@" + $sel(cfg_get.voice $ru = "sip:" + $rU + "@" + $sel(cfg_get.voice + ":" + $sel(cfg_get.voicemai + ":" + $sel(cfg_get.voicemai } } route(RELAY); route(RELAY); exit; exit; #!endif #!endif return; return; } } # Manage outgoing branches # Manage outgoing branches branch_route[MANAGE_BRANCH] { branch_route[MANAGE_BRANCH] { xdbg("new branch [$T_branch_idx] to $ru\n"); xdbg("new branch [$T_branch_idx] to $ru\n"); route(NATMANAGE); route(NATMANAGE); } } # Manage incoming replies # Manage incoming replies onreply_route[MANAGE_REPLY] { onreply_route[MANAGE_REPLY] { xdbg("incoming reply\n"); xdbg("incoming reply\n"); if(status=~"[12][0-9][0-9]") { if(status=~"[12][0-9][0-9]") { route(NATMANAGE); route(NATMANAGE); } } } } # Manage failure routing cases # Manage failure routing cases failure_route[MANAGE_FAILURE] { failure_route[MANAGE_FAILURE] { route(NATMANAGE); route(NATMANAGE); if (t_is_canceled()) exit; if (t_is_canceled()) exit; #!ifdef WITH_BLOCK3XX #!ifdef WITH_BLOCK3XX # block call redirect based on 3xx replies. # block call redirect based on 3xx replies. if (t_check_status("3[0-9][0-9]")) { if (t_check_status("3[0-9][0-9]")) { t_reply("404","Not found"); t_reply("404","Not found"); exit; exit; } } #!endif #!endif #!ifdef WITH_BLOCK401407 #!ifdef WITH_BLOCK401407 # block call redirect based on 401, 407 replies. # block call redirect based on 401, 407 replies. if (t_check_status("401|407")) { if (t_check_status("401|407")) { t_reply("404","Not found"); t_reply("404","Not found"); exit; exit; } } #!endif #!endif #!ifdef WITH_VOICEMAIL #!ifdef WITH_VOICEMAIL # serial forking # serial forking # - route to voicemail on busy or no answer (timeout) # - route to voicemail on busy or no answer (timeout) if (t_check_status("486|408")) { if (t_check_status("486|408")) { $du = $null; $du = $null; route(TOVOICEMAIL); route(TOVOICEMAIL); exit; exit; } } #!endif #!endif } } > #!ifdef WITH_ASTERISK > # Test if coming from Asterisk > route[FROMASTERISK] { > if($si==$sel(cfg_get.asterisk.bindip) > && $sp==$sel(cfg_get.asterisk.bindport)) > return 1; > return -1; > } > > # Send to Asterisk > route[TOASTERISK] { > $du = "sip:" + $sel(cfg_get.asterisk.bindip) + ":" > + $sel(cfg_get.asterisk.bindport); > route(RELAY); > exit; > } > > # Forward REGISTER to Asterisk > route[REGFWD] { > if(!is_method("REGISTER")) > { > return; > } > $var(rip) = $sel(cfg_get.asterisk.bindip); > $uac_req(method)="REGISTER"; > $uac_req(ruri)="sip:" + $var(rip) + ":" + $sel(cfg_get.aster > $uac_req(furi)="sip:" + $au + "@" + $var(rip); > $uac_req(turi)="sip:" + $au + "@" + $var(rip); > $uac_req(hdrs)="Contact: if($sel(contact.expires) != $null) > $uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $sel(contact > else > $uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $hdr(Expires > uac_req_send(); > } > #!endif >