hello all. this is my kamailio conf: http://pastebin.com/jGCak01E when I try to register any sip device. it looks like. device -> ext IP kamailio -> int IP kamailio -> asterisk. so I trying to nat something to lan. but on asterisk I see that register, it answer 401, than register again and it again answer 401. but on my sip device I see register and than kamailio answer 200 !! why ???
1. #!KAMAILIO 2. # 3. # Kamailio (OpenSER) SIP Server v4.1 - default configuration script 4. # - web: http://www.kamailio.org 5. # - git: http://sip-router.org 6. # 7. # Direct your questions about this file to: < sr-users@lists.sip-router.org> 8. # 9. # Refer to the Core CookBook at http://www.kamailio.org/wiki/ 10. # for an explanation of possible statements, functions and parameters. 11. # 12. # Several features can be enabled using '#!define WITH_FEATURE' directives: 13. # 14. # *** To run in debug mode: 15. # - define WITH_DEBUG 16. # 17. # *** To enable mysql: 18. # - define WITH_MYSQL 19. # 20. # *** To enable authentication execute: 21. # - enable mysql 22. # - define WITH_AUTH 23. # - add users using 'kamctl' 24. # 25. # *** To enable IP authentication execute: 26. # - enable mysql 27. # - enable authentication 28. # - define WITH_IPAUTH 29. # - add IP addresses with group id '1' to 'address' table 30. # 31. # *** To enable persistent user location execute: 32. # - enable mysql 33. # - define WITH_USRLOCDB 34. # 35. # *** To enable presence server execute: 36. # - enable mysql 37. # - define WITH_PRESENCE 38. # 39. # *** To enable nat traversal execute: 40. # - define WITH_NAT 41. # - install RTPProxy: http://www.rtpproxy.org 42. # - start RTPProxy: 43. # rtpproxy -l _your_public_ip_ -s udp:localhost:7722 44. # 45. # *** To enable PSTN gateway routing execute: 46. # - define WITH_PSTN 47. # - set the value of pstn.gw_ip 48. # - check route[PSTN] for regexp routing condition 49. # 50. # *** To enable database aliases lookup execute: 51. # - enable mysql 52. # - define WITH_ALIASDB 53. # 54. # *** To enable speed dial lookup execute: 55. # - enable mysql 56. # - define WITH_SPEEDDIAL 57. # 58. # *** To enable multi-domain support execute: 59. # - enable mysql 60. # - define WITH_MULTIDOMAIN 61. # 62. # *** To enable TLS support execute: 63. # - adjust CFGDIR/tls.cfg as needed 64. # - define WITH_TLS 65. # 66. # *** To enable XMLRPC support execute: 67. # - define WITH_XMLRPC 68. # - adjust route[XMLRPC] for access policy 69. # 70. # *** To enable anti-flood detection execute: 71. # - adjust pike and htable=>ipban settings as needed (default is 72. # block if more than 16 requests in 2 seconds and ban for 300 seconds) 73. # - define WITH_ANTIFLOOD 74. # 75. # *** To block 3XX redirect replies execute: 76. # - define WITH_BLOCK3XX 77. # 78. # *** To enable VoiceMail routing execute: 79. # - define WITH_VOICEMAIL 80. # - set the value of voicemail.srv_ip 81. # - adjust the value of voicemail.srv_port 82. # 83. # *** To enhance accounting execute: 84. # - enable mysql 85. # - define WITH_ACCDB 86. # - add following columns to database 87. #!ifdef ACCDB_COMMENT 88. ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; 89. ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; 90. ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default ''; 91. ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; 92. ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; 93. ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; 94. ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; 95. ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; 96. ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default ''; 97. ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; 98. ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; 99. ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; 100. #!endif 101. 102. # #!define WITH_MYSQL 103. # #!define WITH_AUTH 104. # #!define WITH_USRLOCDB 105. #!define WITH_NAT 106. #!define WITH_ASTERISK 107. # #!define WITH_DEBUG 108. 109. ####### Include Local Config If Exists ######### 110. import_file "kamailio-local.cfg" 111. 112. ####### Defined Values ######### 113. 114. # *** Value defines - IDs used later in config 115. #!ifdef WITH_MYSQL 116. # - database URL - used to connect to database server by modules such 117. # as: auth_db, acc, usrloc, a.s.o. 118. #!ifndef DBURL 119. #!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio" 120. #!endif 121. #!endif 122. #!ifdef WITH_MULTIDOMAIN 123. # - the value for 'use_domain' parameters 124. #!define MULTIDOMAIN 1 125. #!else 126. #!define MULTIDOMAIN 0 127. #!endif 128. 129. # - flags 130. # FLT_ - per transaction (message) flags 131. # FLB_ - per branch flags 132. #!define FLT_ACC 1 133. #!define FLT_ACCMISSED 2 134. #!define FLT_ACCFAILED 3 135. #!define FLT_NATS 5 136. 137. #!define FLB_NATB 6 138. #!define FLB_NATSIPPING 7 139. 140. ####### Global Parameters ######### 141. 142. ### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR 143. #!ifdef WITH_DEBUG 144. debug=4 145. log_stderror=yes 146. #!else 147. debug=3 148. log_stderror=no 149. #!endif 150. 151. memdbg=5 152. memlog=5 153. 154. log_facility=LOG_LOCAL0 155. 156. fork=yes 157. children=4 158. 159. /* uncomment the next line to disable TCP (default on) */ 160. #disable_tcp=yes 161. 162. /* uncomment the next line to disable the auto discovery of local aliases 163. based on reverse DNS on IPs (default on) */ 164. #auto_aliases=no 165. 166. /* add local domain aliases */ 167. #alias="sip.mydomain.com" 168. 169. /* uncomment and configure the following line if you want Kamailio to 170. bind on a specific interface/port/proto (default bind on all available) */ 171. 172. #listen=udp:50.0.0.1:5060 advertise 194.190.8.171:5060 173. listen=udp:194.190.8.171:5060 advertise 50.0.0.1:5060 174. 175. /* port to listen to 176. * - can be specified more than once if needed to listen on many ports */ 177. port=5060 178. 179. mhomed=1 180. 181. #!ifdef WITH_TLS 182. enable_tls=yes 183. #!endif 184. 185. # life time of TCP connection when there is no traffic 186. # - a bit higher than registration expires to cope with UA behind NAT 187. tcp_connection_lifetime=3605 188. 189. ####### Custom Parameters ######### 190. 191. # These parameters can be modified runtime via RPC interface 192. # - see the documentation of 'cfg_rpc' module. 193. # 194. # Format: group.id = value 'desc' description 195. # Access: $sel(cfg_get.group.id) or @cfg_get.group.id 196. # 197. 198. #!ifdef WITH_PSTN 199. # PSTN GW Routing 200. # 201. # - pstn.gw_ip: valid IP or hostname as string value, example: 202. # pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" 203. # 204. # - by default is empty to avoid misrouting 205. #pstn.gw_ip = "" desc "PSTN GW Address" 206. #pstn.gw_port = "" desc "PSTN GW Port" 207. #!endif 208. 209. #!ifdef WITH_VOICEMAIL 210. # VoiceMail Routing on offline, busy or no answer 211. # 212. # - by default Voicemail server IP is empty to avoid misrouting 213. #voicemail.srv_ip = "" desc "VoiceMail IP Address" 214. #voicemail.srv_port = "5060" desc "VoiceMail Port" 215. #!endif 216. 217. #!ifdef WITH_ASTERISK 218. asterisk.bindip = "50.0.0.10" desc "Asterisk IP Address" 219. asterisk.bindport = "5060" desc "Asterisk Port" 220. kamailio.bindip = "50.0.0.1" desc "Kamailio IP Address" 221. kamailio.bindport = "5060" desc "Kamailio Port" 222. #!endif 223. 224. ####### Modules Section ######## 225. 226. # set paths to location of modules (to sources or installation folders) 227. #!ifdef WITH_SRCPATH 228. mpath="modules/" 229. #!else 230. mpath="/usr/lib64/kamailio/modules/" 231. #!endif 232. 233. #!ifdef WITH_MYSQL 234. loadmodule "db_mysql.so" 235. #!endif 236. 237. loadmodule "mi_fifo.so" 238. loadmodule "kex.so" 239. loadmodule "tm.so" 240. loadmodule "tmx.so" 241. loadmodule "sl.so" 242. loadmodule "rr.so" 243. loadmodule "pv.so" 244. loadmodule "maxfwd.so" 245. loadmodule "usrloc.so" 246. loadmodule "registrar.so" 247. loadmodule "textops.so" 248. loadmodule "siputils.so" 249. loadmodule "xlog.so" 250. loadmodule "sanity.so" 251. loadmodule "ctl.so" 252. loadmodule "cfg_rpc.so" 253. loadmodule "mi_rpc.so" 254. loadmodule "acc.so" 255. 256. #!ifdef WITH_AUTH 257. loadmodule "auth.so" 258. loadmodule "auth_db.so" 259. #!ifdef WITH_IPAUTH 260. loadmodule "permissions.so" 261. #!endif 262. #!endif 263. 264. #!ifdef WITH_ALIASDB 265. loadmodule "alias_db.so" 266. #!endif 267. 268. #!ifdef WITH_SPEEDDIAL 269. loadmodule "speeddial.so" 270. #!endif 271. 272. #!ifdef WITH_MULTIDOMAIN 273. loadmodule "domain.so" 274. #!endif 275. 276. #!ifdef WITH_PRESENCE 277. loadmodule "presence.so" 278. loadmodule "presence_xml.so" 279. #!endif 280. 281. #!ifdef WITH_NAT 282. loadmodule "nathelper.so" 283. loadmodule "rtpproxy.so" 284. #!endif 285. 286. #!ifdef WITH_TLS 287. loadmodule "tls.so" 288. #!endif 289. 290. #!ifdef WITH_ANTIFLOOD 291. loadmodule "htable.so" 292. loadmodule "pike.so" 293. #!endif 294. 295. #!ifdef WITH_XMLRPC 296. loadmodule "xmlrpc.so" 297. #!endif 298. 299. #!ifdef WITH_DEBUG 300. loadmodule "debugger.so" 301. #!endif 302. 303. #!ifdef WITH_ASTERISK 304. loadmodule "uac.so" 305. #!endif 306. 307. 308. #loadmodule "topoh.so" 309. #modparam("topoh", "mask_key", "balalayka") 310. #modparam("topoh", "mask_ip", "50.0.0.1") 311. 312. # ----------------- setting module-specific parameters --------------- 313. 314. 315. # ----- mi_fifo params ----- 316. modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo") 317. 318. 319. # ----- tm params ----- 320. # auto-discard branches from previous serial forking leg 321. modparam("tm", "failure_reply_mode", 3) 322. # default retransmission timeout: 30sec 323. modparam("tm", "fr_timer", 30000) 324. # default invite retransmission timeout after 1xx: 120sec 325. modparam("tm", "fr_inv_timer", 120000) 326. 327. 328. # ----- rr params ----- 329. # add value to ;lr param to cope with most of the UAs 330. modparam("rr", "enable_full_lr", 1) 331. # do not append from tag to the RR (no need for this script) 332. #!ifdef WITH_ASTERISK 333. modparam("rr", "append_fromtag", 1) 334. #!else 335. modparam("rr", "append_fromtag", 0) 336. #!endif 337. 338. 339. # ----- registrar params ----- 340. modparam("registrar", "method_filtering", 1) 341. /* uncomment the next line to disable parallel forking via location */ 342. # modparam("registrar", "append_branches", 0) 343. /* uncomment the next line not to allow more than 10 contacts per AOR */ 344. #modparam("registrar", "max_contacts", 10) 345. # max value for expires of registrations 346. modparam("registrar", "max_expires", 3600) 347. # set it to 1 to enable GRUU 348. modparam("registrar", "gruu_enabled", 0) 349. 350. 351. # ----- acc params ----- 352. /* what special events should be accounted ? */ 353. modparam("acc", "early_media", 0) 354. modparam("acc", "report_ack", 0) 355. modparam("acc", "report_cancels", 0) 356. /* by default ww do not adjust the direct of the sequential requests. 357. if you enable this parameter, be sure the enable "append_fromtag" 358. in "rr" module */ 359. modparam("acc", "detect_direction", 0) 360. /* account triggers (flags) */ 361. modparam("acc", "log_flag", FLT_ACC) 362. modparam("acc", "log_missed_flag", FLT_ACCMISSED) 363. modparam("acc", "log_extra", 364. "src_user=$fU;src_domain=$fd;src_ip=$si;" 365. "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") 366. modparam("acc", "failed_transaction_flag", FLT_ACCFAILED) 367. /* enhanced DB accounting */ 368. #!ifdef WITH_ACCDB 369. modparam("acc", "db_flag", FLT_ACC) 370. modparam("acc", "db_missed_flag", FLT_ACCMISSED) 371. modparam("acc", "db_url", DBURL) 372. modparam("acc", "db_extra", 373. "src_user=$fU;src_domain=$fd;src_ip=$si;" 374. "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") 375. #!endif 376. 377. 378. # ----- usrloc params ----- 379. /* enable DB persistency for location entries */ 380. #!ifdef WITH_USRLOCDB 381. modparam("usrloc", "db_url", DBURL) 382. modparam("usrloc", "db_mode", 2) 383. modparam("usrloc", "use_domain", MULTIDOMAIN) 384. #!endif 385. 386. 387. # ----- auth_db params ----- 388. #!ifdef WITH_AUTH 389. modparam("auth_db", "db_url", DBURL) 390. modparam("auth_db", "calculate_ha1", yes) 391. modparam("auth_db", "password_column", "password") 392. modparam("auth_db", "load_credentials", "") 393. modparam("auth_db", "use_domain", MULTIDOMAIN) 394. 395. # ----- permissions params ----- 396. #!ifdef WITH_IPAUTH 397. modparam("permissions", "db_url", DBURL) 398. modparam("permissions", "db_mode", 1) 399. #!endif 400. 401. #!endif 402. 403. 404. # ----- alias_db params ----- 405. #!ifdef WITH_ALIASDB 406. modparam("alias_db", "db_url", DBURL) 407. modparam("alias_db", "use_domain", MULTIDOMAIN) 408. #!endif 409. 410. 411. # ----- speeddial params ----- 412. #!ifdef WITH_SPEEDDIAL 413. modparam("speeddial", "db_url", DBURL) 414. modparam("speeddial", "use_domain", MULTIDOMAIN) 415. #!endif 416. 417. 418. # ----- domain params ----- 419. #!ifdef WITH_MULTIDOMAIN 420. modparam("domain", "db_url", DBURL) 421. # register callback to match myself condition with domains list 422. modparam("domain", "register_myself", 1) 423. #!endif 424. 425. 426. #!ifdef WITH_PRESENCE 427. # ----- presence params ----- 428. modparam("presence", "db_url", DBURL) 429. 430. # ----- presence_xml params ----- 431. modparam("presence_xml", "db_url", DBURL) 432. modparam("presence_xml", "force_active", 1) 433. #!endif 434. 435. 436. #!ifdef WITH_NAT 437. # ----- rtpproxy params ----- 438. modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722") 439. 440. # ----- nathelper params ----- 441. modparam("nathelper", "natping_interval", 30) 442. modparam("nathelper", "ping_nated_only", 1) 443. modparam("nathelper", "sipping_bflag", FLB_NATSIPPING) 444. modparam("nathelper", "sipping_from", "sip:pinger@kamaz") 445. 446. # params needed for NAT traversal in other modules 447. modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") 448. modparam("usrloc", "nat_bflag", FLB_NATB) 449. #!endif 450. 451. 452. #!ifdef WITH_TLS 453. # ----- tls params ----- 454. modparam("tls", "config", "//etc/kamailio/tls.cfg") 455. #!endif 456. 457. #!ifdef WITH_ANTIFLOOD 458. # ----- pike params ----- 459. modparam("pike", "sampling_time_unit", 2) 460. modparam("pike", "reqs_density_per_unit", 16) 461. modparam("pike", "remove_latency", 4) 462. 463. # ----- htable params ----- 464. # ip ban htable with autoexpire after 5 minutes 465. modparam("htable", "htable", "ipban=>size=8;autoexpire=300;") 466. #!endif 467. 468. #!ifdef WITH_XMLRPC 469. # ----- xmlrpc params ----- 470. modparam("xmlrpc", "route", "XMLRPC"); 471. modparam("xmlrpc", "url_match", "^/RPC") 472. #!endif 473. 474. #!ifdef WITH_DEBUG 475. # ----- debugger params ----- 476. modparam("debugger", "cfgtrace", 1) 477. #!endif 478. 479. ####### Routing Logic ######## 480. 481. 482. # Main SIP request routing logic 483. # - processing of any incoming SIP request starts with this route 484. # - note: this is the same as route { ... } 485. request_route { 486. 487. # per request initial checks 488. route(REQINIT); 489. 490. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) Main Route before ---NAT---\n"); 491. route(DEBUG); 492. # NAT detection 493. route(NATDETECT); 494. 495. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) in Route[NATDETECT] fix_nat-register\n"); 496. route(DEBUG); 497. 498. # CANCEL processing 499. if (is_method("CANCEL")) 500. { 501. if (t_check_trans()) { 502. route(RELAY); 503. } 504. exit; 505. } 506. 507. route(DEBUG); 508. 509. # handle requests within SIP dialogs 510. route(WITHINDLG); 511. 512. route(DEBUG); 513. 514. ### only initial requests (no To tag) 515. 516. t_check_trans(); 517. 518. route(DEBUG); 519. 520. # authentication 521. route(AUTH); 522. 523. route(DEBUG); 524. 525. # record routing for dialog forming requests (in case they are routed) 526. # - remove preloaded route headers 527. remove_hf("Route"); 528. if (is_method("INVITE|SUBSCRIBE")) 529. record_route(); 530. 531. # account only INVITEs 532. if (is_method("INVITE")) 533. { 534. setflag(FLT_ACC); # do accounting 535. } 536. 537. # dispatch requests to foreign domains 538. route(SIPOUT); 539. 540. ### requests for my local domains 541. 542. # handle presence related requests 543. route(PRESENCE); 544. 545. route(DEBUG); 546. 547. # handle registrations 548. route(REGISTRAR); 549. 550. route(DEBUG); 551. 552. if ($rU==$null) 553. { 554. # request with no Username in RURI 555. sl_send_reply("484","Address Incomplete"); 556. exit; 557. } 558. 559. # dispatch destinations to PSTN 560. # route(PSTN); 561. 562. route(DEBUG); 563. 564. # user location service 565. route(LOCATION); 566. 567. route(DEBUG); 568. 569. route(RELAY); 570. 571. } 572. 573. 574. route[RELAY] { 575. 576. # enable additional event routes for forwarded requests 577. # - serial forking, RTP relaying handling, a.s.o. 578. if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { 579. if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH"); 580. } 581. if (is_method("INVITE|SUBSCRIBE|UPDATE")) { 582. if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY"); 583. } 584. if (is_method("INVITE")) { 585. if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE"); 586. } 587. 588. if (!t_relay()) { 589. sl_reply_error(); 590. } 591. exit; 592. } 593. 594. # Per SIP request initial checks 595. route[REQINIT] { 596. #!ifdef WITH_ANTIFLOOD 597. # flood dection from same IP and traffic ban for a while 598. # be sure you exclude checking trusted peers, such as pstn gateways 599. # - local host excluded (e.g., loop to self) 600. if(src_ip!=myself) 601. { 602. if($sht(ipban=>$si)!=$null) 603. { 604. # ip is already blocked 605. xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n"); 606. exit; 607. } 608. if (!pike_check_req()) 609. { 610. xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n"); 611. $sht(ipban=>$si) = 1; 612. exit; 613. } 614. } 615. #!endif 616. 617. if (!mf_process_maxfwd_header("10")) { 618. sl_send_reply("483","Too Many Hops"); 619. exit; 620. } 621. 622. if(!sanity_check("1511", "7")) 623. { 624. xlog("Malformed SIP message from $si:$sp\n"); 625. exit; 626. } 627. } 628. 629. # Handle requests within SIP dialogs 630. route[WITHINDLG] { 631. if (has_totag()) { 632. # sequential request withing a dialog should 633. # take the path determined by record-routing 634. if (loose_route()) { 635. route(DLGURI); 636. if (is_method("BYE")) { 637. setflag(FLT_ACC); # do accounting ... 638. setflag(FLT_ACCFAILED); # ... even if the transaction fails 639. } 640. else if ( is_method("ACK") ) { 641. # ACK is forwarded statelessy 642. route(NATMANAGE); 643. } 644. else if ( is_method("NOTIFY") ) { 645. # Add Record-Route for in-dialog NOTIFY as per RFC 6665. 646. record_route(); 647. } 648. route(RELAY); 649. } else { 650. if (is_method("SUBSCRIBE") && uri == myself) { 651. # in-dialog subscribe requests 652. route(PRESENCE); 653. exit; 654. } 655. if ( is_method("ACK") ) { 656. if ( t_check_trans() ) { 657. # no loose-route, but stateful ACK; 658. # must be an ACK after a 487 659. # or e.g. 404 from upstream server 660. route(RELAY); 661. exit; 662. } else { 663. # ACK without matching transaction ... ignore and discard 664. exit; 665. } 666. } 667. sl_send_reply("404","Not here"); 668. } 669. exit; 670. } 671. } 672. 673. # Handle SIP registrations 674. route[REGISTRAR] { 675. if (is_method("REGISTER")) 676. { 677. if(isflagset(FLT_NATS)) 678. { 679. setbflag(FLB_NATB); 680. # uncomment next line to do SIP NAT pinging 681. setbflag(FLB_NATSIPPING); 682. } 683. if (!save("location")) 684. sl_reply_error(); 685. 686. 687. #!ifdef WITH_ASTERISK 688. route(REGFWD); 689. #!endif 690. 691. exit; 692. } 693. } 694. 695. 696. #!ifdef WITH_ASTERISK 697. # Test if coming from Asterisk 698. route[FROMASTERISK] { 699. if($si==$sel(cfg_get.asterisk.bindip) && $sp==$sel(cfg_get.asterisk.bindport)) return 1; 700. return -1; 701. } 702. 703. 704. # Send to Asterisk 705. route[TOASTERISK] { 706. $du = "sip:" + $sel(cfg_get.asterisk.bindip) + ":" + $sel(cfg_get.asterisk.bindport); 707. xlog("L_INFO","[$fU@$si:$sp]{$rm} From Outside World to Asterisk Box $du\n"); 708. route(RELAY); 709. exit; 710. } 711. 712. # Forward REGISTER to Asterisk 713. route[REGFWD] { 714. if(!is_method("REGISTER")) 715. { 716. return; 717. } 718. 719. xlog("[$mi] PRINT AU: $au PRINT fU: $fU Received SIP Message (method: $rm) ($ml bytes) to $Ri:$Rp from $si:$sp:\n$mb\n"); 720. 721. t_relay_to_udp("50.0.0.10", "5060"); 722. 723. xlog("[$mi] PRINT AU: $au PRINT fU: $fU Sended SIP Message (method: $rm) ($ml bytes) to $Ri:$Rp from $si:$sp:\n$mb\n"); 724. 725. } 726. #!endif 727. 728. # USER location service 729. route[LOCATION] { 730. 731. #!ifdef WITH_SPEEDDIAL 732. # search for short dialing - 2-digit extension 733. if($rU=~"^[0-9][0-9]$") 734. if(sd_lookup("speed_dial")) 735. route(SIPOUT); 736. #!endif 737. 738. #!ifdef WITH_ALIASDB 739. # search in DB-based aliases 740. if(alias_db_lookup("dbaliases")) 741. route(SIPOUT); 742. #!endif 743. 744. #!ifdef WITH_ASTERISK 745. if(is_method("INVITE") && (!route(FROMASTERISK))) { 746. # if new call from out there - send to Asterisk 747. # - non-INVITE request are routed directly by Kamailio 748. # - traffic from Asterisk is routed also directy by Kamailio 749. route(TOASTERISK); 750. exit; 751. } 752. #!endif 753. 754. $avp(oexten) = $rU; 755. if (!lookup("location")) { 756. $var(rc) = $rc; 757. route(TOVOICEMAIL); 758. t_newtran(); 759. switch ($var(rc)) { 760. case -1: 761. case -3: 762. send_reply("404", "Not Found"); 763. exit; 764. case -2: 765. send_reply("405", "Method Not Allowed"); 766. exit; 767. } 768. } 769. 770. # when routing via usrloc, log the missed calls also 771. if (is_method("INVITE")) 772. { 773. setflag(FLT_ACCMISSED); 774. } 775. 776. route(RELAY); 777. exit; 778. } 779. 780. # Presence server route 781. route[PRESENCE] { 782. if(!is_method("PUBLISH|SUBSCRIBE")) 783. return; 784. 785. if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") { 786. route(TOVOICEMAIL); 787. # returns here if no voicemail server is configured 788. sl_send_reply("404", "No voicemail service"); 789. exit; 790. } 791. 792. #!ifdef WITH_PRESENCE 793. if (!t_newtran()) 794. { 795. sl_reply_error(); 796. exit; 797. } 798. 799. if(is_method("PUBLISH")) 800. { 801. handle_publish(); 802. t_release(); 803. } else if(is_method("SUBSCRIBE")) { 804. handle_subscribe(); 805. t_release(); 806. } 807. exit; 808. #!endif 809. 810. # if presence enabled, this part will not be executed 811. if (is_method("PUBLISH") || $rU==$null) 812. { 813. sl_send_reply("404", "Not here"); 814. exit; 815. } 816. return; 817. } 818. 819. # Authentication route 820. route[AUTH] { 821. 822. #!ifdef WITH_ASTERISK 823. # do not auth traffic from Asterisk - trusted! 824. if(route(FROMASTERISK)) 825. return; 826. #!endif 827. 828. 829. #!ifdef WITH_AUTH 830. 831. #!ifdef WITH_IPAUTH 832. if((!is_method("REGISTER")) && allow_source_address()) 833. { 834. # source IP allowed 835. return; 836. } 837. #!endif 838. 839. if (is_method("REGISTER") || from_uri==myself) 840. { 841. # authenticate requests 842. if (!auth_check("$fd", "subscriber", "1")) { 843. auth_challenge("$fd", "0"); 844. exit; 845. } 846. # user authenticated - remove auth header 847. if(!is_method("REGISTER|PUBLISH")) 848. consume_credentials(); 849. } 850. # if caller is not local subscriber, then check if it calls 851. # a local destination, otherwise deny, not an open relay here 852. if (from_uri!=myself && uri!=myself) 853. { 854. sl_send_reply("403","Not relaying"); 855. exit; 856. } 857. 858. #!endif 859. return; 860. } 861. 862. # Caller NAT detection route 863. route[NATDETECT] { 864. #!ifdef WITH_NAT 865. force_rport(); 866. if (nat_uac_test("19")) { 867. if (is_method("REGISTER")) { 868. fix_nated_register(); 869. } else { 870. if(is_first_hop()) 871. set_contact_alias(); 872. } 873. setflag(FLT_NATS); 874. 875. } 876. #!endif 877. return; 878. } 879. 880. # RTPProxy control 881. route[NATMANAGE] { 882. #!ifdef WITH_NAT 883. if (is_request()) { 884. if(has_totag()) { 885. if(check_route_param("nat=yes")) { 886. setbflag(FLB_NATB); 887. } 888. } 889. } 890. if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) 891. return; 892. 893. rtpproxy_manage(); 894. 895. if (is_request()) { 896. if (!has_totag()) { 897. if(t_is_branch_route()) { 898. add_rr_param(";nat=yes"); 899. } 900. } 901. } 902. if (is_reply()) { 903. if(isbflagset(FLB_NATB)) { 904. if(is_first_hop()) 905. set_contact_alias(); 906. } 907. 908. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) in route[NATMANAGE] RTPproxy with EI Flags\n"); 909. 910. } 911. #!endif 912. return; 913. } 914. 915. # URI update for dialog requests 916. route[DLGURI] { 917. #!ifdef WITH_NAT 918. if(!isdsturiset()) { 919. handle_ruri_alias(); 920. 921. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) in route[DLGURI] RTPproxy with EI Flags\n"); 922. 923. } 924. #!endif 925. return; 926. } 927. 928. # Routing to foreign domains 929. route[SIPOUT] { 930. if (!uri==myself) 931. { 932. append_hf("P-hint: outbound\r\n"); 933. route(RELAY); 934. } 935. } 936. 937. # PSTN GW routing 938. route[PSTN] { 939. #!ifdef WITH_PSTN 940. # check if PSTN GW IP is defined 941. if (strempty($sel(cfg_get.pstn.gw_ip))) { 942. xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n"); 943. return; 944. } 945. 946. # route to PSTN dialed numbers starting with '+' or '00' 947. # (international format) 948. # - update the condition to match your dialing rules for PSTN routing 949. if(!($rU=~"^(+|00)[1-9][0-9]{3,20}$")) 950. return; 951. 952. # only local users allowed to call 953. if(from_uri!=myself) { 954. sl_send_reply("403", "Not Allowed"); 955. exit; 956. } 957. 958. if (strempty($sel(cfg_get.pstn.gw_port))) { 959. $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip); 960. } else { 961. $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) + ":" 962. + $sel(cfg_get.pstn.gw_port); 963. } 964. 965. route(RELAY); 966. exit; 967. #!endif 968. 969. return; 970. } 971. 972. # XMLRPC routing 973. #!ifdef WITH_XMLRPC 974. route[XMLRPC] { 975. # allow XMLRPC from localhost 976. if ((method=="POST" || method=="GET") 977. && (src_ip==127.0.0.1)) { 978. # close connection only for xmlrpclib user agents (there is a bug in 979. # xmlrpclib: it waits for EOF before interpreting the response). 980. if ($hdr(User-Agent) =~ "xmlrpclib") 981. set_reply_close(); 982. set_reply_no_connect(); 983. dispatch_rpc(); 984. exit; 985. } 986. send_reply("403", "Forbidden"); 987. exit; 988. } 989. #!endif 990. 991. # route to voicemail server 992. route[TOVOICEMAIL] { 993. #!ifdef WITH_VOICEMAIL 994. if(!is_method("INVITE|SUBSCRIBE")) 995. return; 996. 997. # check if VoiceMail server IP is defined 998. if (strempty($sel(cfg_get.voicemail.srv_ip))) { 999. xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n"); 1000. return; 1001. } 1002. if(is_method("INVITE")) { 1003. if($avp(oexten)==$null) 1004. return; 1005. $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip) 1006. + ":" + $sel(cfg_get.voicemail.srv_port); 1007. } else { 1008. if($rU==$null) 1009. return; 1010. $ru = "sip:" + $rU + "@" + $sel(cfg_get.voicemail.srv_ip) 1011. + ":" + $sel(cfg_get.voicemail.srv_port); 1012. } 1013. route(RELAY); 1014. exit; 1015. #!endif 1016. 1017. return; 1018. } 1019. 1020. # manage outgoing branches 1021. branch_route[MANAGE_BRANCH] { 1022. xdbg("new branch [$T_branch_idx] to $ru\n"); 1023. route(NATMANAGE); 1024. } 1025. 1026. # manage incoming replies 1027. onreply_route[MANAGE_REPLY] { 1028. xdbg("incoming reply\n"); 1029. if(status=~"[12][0-9][0-9]") 1030. route(NATMANAGE); 1031. } 1032. 1033. # manage failure routing cases 1034. failure_route[MANAGE_FAILURE] { 1035. route(NATMANAGE); 1036. 1037. if (t_is_canceled()) { 1038. exit; 1039. } 1040. 1041. #!ifdef WITH_BLOCK3XX 1042. # block call redirect based on 3xx replies. 1043. if (t_check_status("3[0-9][0-9]")) { 1044. t_reply("404","Not found"); 1045. exit; 1046. } 1047. #!endif 1048. 1049. #!ifdef WITH_VOICEMAIL 1050. # serial forking 1051. # - route to voicemail on busy or no answer (timeout) 1052. if (t_check_status("486|408")) { 1053. $du = $null; 1054. route(TOVOICEMAIL); 1055. exit; 1056. } 1057. #!endif 1058. } 1059. 1060. 1061. route[DEBUG] { 1062. if (method==("PUBLISH|SUBSCRIBE|REGISTER|OPTIONS")) { 1063. return; 1064. } 1065. xlog("[$mi] Received SIP Message (method: $rm) ($ml bytes) to $Ri:$Rp from $si:$sp:\n$mb\n"); 1066. }
-
*sm1Ly