# Uncomment these 3 lines to debug SER debug = 5 fork = no log_stderror = yes check_via = yes dns = yes rev_dns = no listen = 2XX.XXX.XXX.98 port = 5060 children = 4 fifo = "/tmp/openser_fifo" alias = 2XX.XXX.XXX.98 alias = sipserver.xy.mydomain.org #mhomed=1 # mhomed tells SER to check which network interface has the correct route, if there are multiple interf. loadmodule "/lib/openser/modules/exec.so" loadmodule "/lib/openser/modules/postgres.so" loadmodule "/lib/openser/modules/sl.so" loadmodule "/lib/openser/modules/tm.so" loadmodule "/lib/openser/modules/rr.so" loadmodule "/lib/openser/modules/maxfwd.so" loadmodule "/lib/openser/modules/usrloc.so" loadmodule "/lib/openser/modules/registrar.so" loadmodule "/lib/openser/modules/textops.so" loadmodule "/lib/openser/modules/auth.so" loadmodule "/lib/openser/modules/auth_db.so" loadmodule "/lib/openser/modules/uri_db.so" loadmodule "/lib/openser/modules/uri.so" loadmodule "/lib/openser/modules/nathelper.so" loadmodule "/lib/openser/modules/xlog.so" modparam( "auth_db", "db_url", "postgres://openser:topsecret@127.0.0.1/mydb" ) modparam( "auth_db", "calculate_ha1", yes ) modparam( "auth_db", "user_column", "username" ) #modparam( "auth_db", "domain_column", "domain" ) modparam( "auth_db", "password_column", "password" ) #modparam( "auth_db", "use_domain", 0 ) modparam( "nathelper", "natping_interval", 30 ) modparam( "nathelper", "ping_nated_only", 1 ) #modparam("nathelper", "rtpproxy_disable", 1) modparam( "nathelper", "rtpproxy_sock", "udp:2XX.XXX.XXX.98:35000") modparam( "registrar", "append_branches", 1 ) modparam( "registrar", "desc_time_order", 1 ) modparam( "registrar", "nat_flag", 6 ) modparam("registrar", "min_expires", 60) modparam("registrar", "default_expires", 120) modparam("registrar", "max_expires", 4000) #expire values set to 66 minutes due to phones not recognizing the max value but have a default value of 60min) modparam( "rr", "enable_full_lr", 1 ) modparam( "uri_db", "db_url", "postgres://openser:topsecret@127.0.0.1/mydb" ) modparam( "usrloc", "db_url", "postgres://openser:topsecret@127.0.0.1/mydb" ) modparam( "usrloc", "db_mode", 2 ) route{ if ( ! mf_process_maxfwd_header( "10" ) ) { sl_send_reply( "483", "Too Many Hops" ); return; }; if ( msg:len >= 2048 ) { sl_send_reply( "513", "Message too big" ); return; }; if ( ! method == "REGISTER" ) { record_route(); }; if (method=="BYE" || method=="CANCEL") { unforce_rtp_proxy(); }; if ( loose_route()) { if (( method=="INVITE" || method=="REFER") && !has_totag()) { sl_send_reply("403", "Forbidden"); return; }; if ( method == "INVITE" ) { if ( ! proxy_authorize( "sipserver.xy.mydomain.org", "subscriber" ) ) { proxy_challenge( "sipserver.xy.mydomain.org", "0" ); return; } else if ( ! check_from() ) { #check_from checks the username against the db sl_send_reply( "403", "Username must be same as login name" ); return; }; consume_credentials(); if (nat_uac_test("19")) { setflag(6); force_rport(); #adds the rport we have received the packet from to be added to the first via-header fix_nated_contact(); #Rewrites Contact HF to contain request's source address:port if ( ! search( "^Content-Length:\ 0" ) ) { fix_nated_sdp( "1" ); }; }; force_rtp_proxy("l"); #Rewrites SDP body to ensure that media is passed through an RTP proxy. #(l-flag means lookup mode, only use this if a corresponding #session already exists in the rtpproxy } xlog("L_ERR", "XXXXXXXXXXXXXLOG1 route1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); return; }; if ( uri != myself) { xlog("L_ERR", "XXXXXXXXXXXXXLOG2 route1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); return; }; if ( method == "ACK" ) { xlog("L_ERR", "XXXXXXXXXXXXXLOG3 route1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); return; } else if ( method == "CANCEL" ) { xlog("L_ERR", "XXXXXXXXXXXXXLOG4 route1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); return; } else if ( method == "INVITE" ) { xlog("L_ERR", "XXXXXXXXXXXXXLOG5 route3 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(3); return; } else if (method == "REGISTER" ) { xlog("L_ERR", "XXXXXXXXXXXXXLOG6 route2 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(2); return; }; lookup("aliases"); if (uri!=myself) { xlog("L_ERR", "XXXXXXXXXXXXXLOG7 route1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); return; }; if (!lookup("location")) { sl_send_reply("404","User Not Found"); return; }; xlog("L_ERR", "XXXXXXXXXXXXXLOG8 route1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); } route[1] { t_on_reply("1"); if (!t_relay()) { if (method =="INVITE" && isflagset (6)) { unforce_rtp_proxy(); }; sl_reply_error(); }; } route[2] { if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) { setflag(6); fix_nated_register(); if ( ! search( "^Content-Length:\ 0" ) ) { fix_nated_sdp( "1" ); }; force_rport(); }; sl_send_reply("100", "Trying"); if (!www_authorize("sipserver.xy.mydomain.org","subscriber")) { www_challenge("sipserver.xy.mydomain.org","0"); return; }; consume_credentials(); if (!save("location")) { sl_reply_error(); }; } route[3] { if ( src_ip == 2XX.XXX.XXX.97 ) { lookup("aliases"); if (!lookup("location")) { sl_send_reply("404","User Not Found"); return; }; route ( 4 ); route ( 1 ); return; }; if (!proxy_authorize("sipserver.xy.mydomain.org","subscriber")) { proxy_challenge("sipserver.xy.mydomain.org","0"); return; } else if (!check_from()) { sl_send_reply("403","Username does not match Login name"); return; }; consume_credentials(); if (nat_uac_test("19")) { setflag(6); } lookup("aliases"); if (uri != myself ) { xlog("L_ERR", "XXXXXXXXXXXXXLOG9 inroute3 route4-1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(4); xlog("L_ERR", "XXXXXXXXXXXXXLOG10-1 inroute3 route1-1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); rewritehostport("mgw.xy.mydomain.org"); xlog("L_ERR", "XXXXXXXXXXXXXLOG10-2 inroute3 route1-1 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); return; }; xlog("L_ERR", "XXXXXXXXXXXXXLOG11 inroute3 route4-2 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(4); xlog("L_ERR", "XXXXXXXXXXXXXLOG11-1 inroute3 route1-2 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); rewritehostport("mgw.xy.mydomain.org"); xlog("L_ERR", "XXXXXXXXXXXXXLOG11-2 inroute3 route1-2 time [$Tf] method <$rm> r-uri <$ru> 2nd via <$hdr(via[1])>\n"); route(1); } route[4] { if (isflagset(6)) { force_rport(); fix_nated_contact(); if ( ! search( "^Content-Length:\ 0" ) ) { fix_nated_sdp( "1" ); }; force_rtp_proxy(); } } onreply_route[ 1 ] { if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") { if (!search("^Content-Lenth:[ ]*0")) { force_rtp_proxy(); }; }; if( nat_uac_test( "1" ) ) { fix_nated_contact(); if ( ! search( "^Content-Length:\ 0" ) ) { fix_nated_sdp( "1" ); }; }; }