# Uncomment these 3 lines to debug SER #debug = 5 #fork = no #log_stderror = yes check_via = yes dns = yes rev_dns = no listen = 2XX.XXX.XXX.X8 port = 5060 children = 4 fifo = "/tmp/openser_fifo" alias = 2XX.XXX.XXX.X8 alias = sipserver.xy.mydomain.org #mhomed=1 loadmodule "/lib/openser/modules/exec.so" loadmodule "/lib/openser/modules/postgres.so" loadmodule "/lib/openser/modules/sl.so" loadmodule "/lib/openser/modules/tm.so" loadmodule "/lib/openser/modules/rr.so" loadmodule "/lib/openser/modules/maxfwd.so" loadmodule "/lib/openser/modules/usrloc.so" loadmodule "/lib/openser/modules/registrar.so" loadmodule "/lib/openser/modules/textops.so" loadmodule "/lib/openser/modules/auth.so" loadmodule "/lib/openser/modules/auth_db.so" loadmodule "/lib/openser/modules/uri_db.so" loadmodule "/lib/openser/modules/nathelper.so" modparam( "auth_db", "db_url", "postgres://openser:topsecret@127.0.0.1/mydb" ) modparam( "auth_db", "calculate_ha1", yes ) #this is the entry where ser asks the astcc-db for credentials? modparam( "auth_db", "user_column", "username" ) #modparam( "auth_db", "domain_column", "domain" ) modparam( "auth_db", "password_column", "password" ) ## Correct, and the table name is set in the www_auth command #modparam( "auth_db", "use_domain", 0 ) modparam( "nathelper", "natping_interval", 30 ) modparam( "nathelper", "ping_nated_only", 1 ) modparam("nathelper", "rtpproxy_disable", 1) modparam( "registrar", "append_branches", 1 ) modparam( "registrar", "desc_time_order", 1 ) modparam( "registrar", "nat_flag", 6 ) modparam( "registrar", "nat_flag", 6 ) modparam("registrar", "min_expires", 60) modparam("registrar", "default_expires", 120) modparam("registrar", "max_expires", 4000) #expire values set to 66 minutes due to phones not recognizing the max value but have a default value of 60min) modparam( "rr", "enable_full_lr", 1 ) modparam( "uri_db", "db_url", "postgres://openser:topsecret@127.0.0.1/mydb" ) modparam( "usrloc", "db_url", "postgres://openser:topsecret@127.0.0.1/mydb" ) modparam( "usrloc", "db_mode", 2 ) route{ if ( ! mf_process_maxfwd_header( "10" ) ) { sl_send_reply( "483", "Too Many Hops" ); return; }; if ( msg:len >= 2048 ) { sl_send_reply( "513", "Message too big" ); return; }; if ( ! method == "REGISTER" ) record_route(); if( nat_uac_test( "19" ) ) { fix_nated_contact(); if ( ! search( "^Content-Length:\ 0" ) ) { fix_nated_sdp( "3" ); }; force_rport(); setflag( 6 ); }; if ( loose_route() ) { route( 1 ); return; }; if ( uri == myself ) { if ( method == "REGISTER" ) { if ( ! www_authorize( "sip.xy.mydomain.org", "subscriber" ) ) { www_challenge( "sip.xy.mydomain.org", "0" ); return; }; save( "location" ); return; }; if ( src_ip == 2XX.XXX.XXX.X97 ) { # This is the mgw calling a user lookup( "aliases" ); if ( ! lookup( "location" ) ) { sl_send_reply( "404", "Not Found" ); return; }; route( 1 ); return; }; # Any call that gets here is from a user. Make sure it's authorised. if ( method == "INVITE" ) { if ( ! proxy_authorize( "sip.xy.mydomain.org", "subscriber" ) ) { proxy_challenge( "sip.xy.mydomain.org", "0" ); return; }; if ( ! check_from() ) { sl_send_reply( "403", "Username must be same as login name" ); return; }; consume_credentials(); }; # Forward to mgw rewritehostport( "mgw.xy.mydomain.org:5060" ); route( 1 ); return; }; # Handle SIP message like BYE that are routed direct to the destination. if ( method == "INVITE" || method == "REGISTER" ) { sl_send_reply( "403", "Host part forbidden" ); return; }; route( 1 ); return; } route[ 1 ] { t_on_reply( "1" ); if ( ! t_relay() ) { sl_reply_error(); }; } onreply_route[ 1 ] { if( nat_uac_test( "19" ) ) { fix_nated_contact(); if ( ! search( "^Content-Length:\ 0" ) ) { fix_nated_sdp( "3" ); }; force_rport(); }; }