[sr-dev] git:master: Make XML-RCP configurable in example scripts

admin at sip-router.org admin at sip-router.org
Fri May 3 18:46:59 CEST 2013


Module: sip-router
Branch: master
Commit: 86d706bd4a1e31160883a4f094f3e04f9380de04
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=86d706bd4a1e31160883a4f094f3e04f9380de04

Author: Carsten Bock <carsten at ng-voice.com>
Committer: Carsten Bock <carsten at ng-voice.com>
Date:   Fri May  3 18:45:07 2013 +0200

Make XML-RCP configurable in example scripts
- Improvement: Automatically enable TCP, if XML-RPC is requested
- Improvement: Allow the configuration of TCP-Children (especially for XML-RPC)
- Improvement: Add missing configuration information

---

 examples/icscf/icscf.cfg    |   12 ++++++++----
 examples/icscf/kamailio.cfg |   27 ++++++++++++++++++++++-----
 examples/pcscf/kamailio.cfg |   35 ++++++++++++++++++++++++++++++++---
 examples/pcscf/pcscf.cfg    |   23 ++++++++++++++++++++++-
 examples/scscf/kamailio.cfg |   33 +++++++++++++++++++++++++++------
 examples/scscf/scscf.cfg    |   13 ++++++++++++-
 6 files changed, 123 insertions(+), 20 deletions(-)

diff --git a/examples/icscf/icscf.cfg b/examples/icscf/icscf.cfg
index e782557..a8cea37 100644
--- a/examples/icscf/icscf.cfg
+++ b/examples/icscf/icscf.cfg
@@ -17,16 +17,20 @@
 # Set a forced CX/DX-Peer, do not try to find one
 #!define CXDX_FORCED_PEER "hss.kamailio-ims.org"
 
+# Allowed IPs for XML-RPC-Queries
+#!define XMLRPC_WHITELIST_1 "127.0.0.1"
+##!define XMLRPC_WHITELIST_2 "127.0.0.1"
+##!define XMLRPC_WHITELIST_3 "127.0.0.1"
+
 # *** To run in debug mode: 
 #     - define WITH_DEBUG
 #
-# *** To enable TLS support execute:
-#     - adjust CFGDIR/tls.cfg as needed
-#     - define WITH_TLS
+# *** To enable TCP support execute:
+#     - define WITH_TCP
 #
 # *** To enable XMLRPC support execute:
 #     - define WITH_XMLRPC
-#     - adjust route[XMLRPC] for access policy
+#     - this will automagically enable TCP
 #
 # *** To enable a Homer SIP-Capter-Node:
 #     - define CAPTURE_NODE with a proper address
diff --git a/examples/icscf/kamailio.cfg b/examples/icscf/kamailio.cfg
index c68f83f..c66cb25 100644
--- a/examples/icscf/kamailio.cfg
+++ b/examples/icscf/kamailio.cfg
@@ -60,16 +60,23 @@ dns_srv_lb=yes
 # Always: Also try IPv6:
 dns_try_ipv6=yes
 
-#!ifdef WITH_TLS
+#!ifdef WITH_XMLRPC
+#!ifndef WITH_TCP
 #!define WITH_TCP
-enable_tls=yes
+#!endif
+#!ifndef TCP_PROCESSES
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+#!endif
 #!endif
 
-/* uncomment the next line to disable TCP (default on) */
 #!ifdef WITH_TCP
 # life time of TCP connection when there is no traffic
 # - a bit higher than registration expires to cope with UA behind NAT
 tcp_connection_lifetime=3615
+#!ifdef TCP_PROCESSES
+tcp_children=TCP_PROCESSES
+#!endif
 #!else
 disable_tcp=yes
 #!endif
@@ -260,8 +267,18 @@ route[REQINIT] {
 ######################################################################
 #!ifdef WITH_XMLRPC
 route[XMLRPC] {
-	# allow XMLRPC from localhost
-	if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) {
+	if ((method=="POST" || method=="GET")
+#!ifdef XMLRPC_WHITELIST_1
+&& ((src_ip == XMLRPC_WHITELIST_1)
+#!ifdef XMLRPC_WHITELIST_2
+ || (src_ip == XMLRPC_WHITELIST_2)
+#!endif
+#!ifdef XMLRPC_WHITELIST_3
+ || (src_ip == XMLRPC_WHITELIST_3)
+#!endif
+)
+#!endif
+) {
 		# close connection only for xmlrpclib user agents (there is a bug in
 		# xmlrpclib: it waits for EOF before interpreting the response).
 		if ($hdr(User-Agent) =~ "xmlrpclib")
diff --git a/examples/pcscf/kamailio.cfg b/examples/pcscf/kamailio.cfg
index 8daf8b1..b15b4c0 100644
--- a/examples/pcscf/kamailio.cfg
+++ b/examples/pcscf/kamailio.cfg
@@ -90,10 +90,19 @@ auto_aliases=no
 #!ifndef WITH_TCP
 #!define WITH_TCP
 #!endif
-
 enable_tls=yes
 #!endif
 
+#!ifdef WITH_XMLRPC
+#!ifndef WITH_TCP
+#!define WITH_TCP
+#!endif
+#!ifndef TCP_PROCESSES
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+#!endif
+#!endif
+
 # Check, if NAT is enabled (in case you want to Force all calls through the RTPProxy)
 #!ifdef FORCE_RTPRELAY
 #!ifndef WITH_NAT
@@ -101,6 +110,13 @@ enable_tls=yes
 #!endif
 #!endif
 
+# Check, if NAT is enabled (in case you want to Force all calls through the RTPProxy)
+#!ifdef WITH_RTPIPV4
+#!ifndef WITH_NAT
+#!define WITH_NAT
+#!endif
+#!endif
+
 #!ifdef WITH_TCP
 # life time of TCP connection when there is no traffic
 # - a bit higher than registration expires to cope with UA behind NAT
@@ -115,6 +131,9 @@ tcp_connection_lifetime=3615
 tcp_accept_aliases=no
 # Enable SIP outbound TCP keep-alive using PING-PONG (CRLFCRLF - CRLF).
 tcp_crlf_ping=yes
+#!ifdef TCP_PROCESSES
+tcp_children=TCP_PROCESSES
+#!endif
 #!else
 disable_tcp=yes
 #!endif
@@ -455,8 +474,18 @@ route[REQINIT] {
 ######################################################################
 #!ifdef WITH_XMLRPC
 route[XMLRPC] {
-	# allow XMLRPC from localhost
-	if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) {
+	if ((method=="POST" || method=="GET")
+#!ifdef XMLRPC_WHITELIST_1
+&& ((src_ip == XMLRPC_WHITELIST_1)
+#!ifdef XMLRPC_WHITELIST_2
+ || (src_ip == XMLRPC_WHITELIST_2)
+#!endif
+#!ifdef XMLRPC_WHITELIST_3
+ || (src_ip == XMLRPC_WHITELIST_3)
+#!endif
+)
+#!endif
+) {
 		# close connection only for xmlrpclib user agents (there is a bug in
 		# xmlrpclib: it waits for EOF before interpreting the response).
 		if ($hdr(User-Agent) =~ "xmlrpclib")
diff --git a/examples/pcscf/pcscf.cfg b/examples/pcscf/pcscf.cfg
index 69c8cb8..5e38d7f 100644
--- a/examples/pcscf/pcscf.cfg
+++ b/examples/pcscf/pcscf.cfg
@@ -13,6 +13,11 @@
 # SIP-Address of capturing node, if not set, capturing is disabled.
 ##!define CAPTURE_NODE "sip:10.0.6.1"
 
+# Allowed IPs for XML-RPC-Queries
+#!define XMLRPC_WHITELIST_1 "127.0.0.1"
+##!define XMLRPC_WHITELIST_2 "127.0.0.1"
+##!define XMLRPC_WHITELIST_3 "127.0.0.1"
+
 # IP-Adress(es) of the RTP-Proxy
 #!define RTPPROXY_ADDRESS "udp:127.0.0.1:22222"
 #
@@ -28,13 +33,25 @@
 #     - start RTPProxy:
 #        rtpproxy -l _your_public_ip_ -s udp:localhost:7722
 #
+# *** To force alls calls through the RTP-Proxy
+#     - this will automagically enable NAT-Traversal
+#     - define FORCE_RTPRELAY
+#
+# *** To enable IPv4/IPv6 Translation (RTPProxy)
+#     - this will automagically enable NAT-Traversal
+#     - define WITH_RTPIPV4
+#
+# *** To enable TCP support execute:
+#     - define WITH_TCP
+#
 # *** To enable TLS support execute:
 #     - adjust CFGDIR/tls.cfg as needed
 #     - define WITH_TLS
+#     - this will automagically enable TCP
 #
 # *** To enable XMLRPC support execute:
 #     - define WITH_XMLRPC
-#     - adjust route[XMLRPC] for access policy
+#     - this will automagically enable TCP
 #
 # *** To enable anti-flood detection execute:
 #     - adjust pike and htable=>ipban settings as needed (default is
@@ -51,8 +68,12 @@
 # Enabled Features for this host:
 ##!define WITH_DEBUG
 ##!define WITH_NAT
+##!define FORCE_RTPRELAY
 ##!define WITH_TLS
 #!define WITH_XMLRPC
 #!define WITH_ANTIFLOOD
 ##!define WITH_RX
+##!define WITH_TCP
+##!define WITH_RTPIPV4
+
 
diff --git a/examples/scscf/kamailio.cfg b/examples/scscf/kamailio.cfg
index 444cd74..d8da8ab 100644
--- a/examples/scscf/kamailio.cfg
+++ b/examples/scscf/kamailio.cfg
@@ -73,15 +73,23 @@ dns_try_ipv6=yes
 # Try onle IPv6:
 dns_cache_flags=6
 
-#!ifdef WITH_TLS
+#!ifdef WITH_XMLRPC
+#!ifndef WITH_TCP
 #!define WITH_TCP
-enable_tls=yes
+#!endif
+#!ifndef TCP_PROCESSES
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+#!endif
 #!endif
 
 #!ifdef WITH_TCP
 # life time of TCP connection when there is no traffic
 # - a bit higher than registration expires to cope with UA behind NAT
 tcp_connection_lifetime=3615
+#!ifdef TCP_PROCESSES
+tcp_children=TCP_PROCESSES
+#!endif
 #!else
 disable_tcp=yes
 #!endif
@@ -286,9 +294,9 @@ modparam("dispatcher", "ds_probing_mode", 1)
 # - processing of any incoming SIP request starts with this route
 
 route {
-#!ifdef WITH_DEBUG
+##!ifdef WITH_DEBUG
 	xlog("L_ERR", "$rm ($fu ($si:$sp) to $tu, $ci)\n");
-#!endif
+##!endif
 
 	# per request initial checks
 	route(REQINIT);
@@ -411,8 +419,18 @@ route[subscribe]
 ######################################################################
 #!ifdef WITH_XMLRPC
 route[XMLRPC] {
-	# allow XMLRPC from localhost
-	if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) {
+	if ((method=="POST" || method=="GET")
+#!ifdef XMLRPC_WHITELIST_1
+&& ((src_ip == XMLRPC_WHITELIST_1)
+#!ifdef XMLRPC_WHITELIST_2
+ || (src_ip == XMLRPC_WHITELIST_2)
+#!endif
+#!ifdef XMLRPC_WHITELIST_3
+ || (src_ip == XMLRPC_WHITELIST_3)
+#!endif
+)
+#!endif
+) {
 		# close connection only for xmlrpclib user agents (there is a bug in
 		# xmlrpclib: it waits for EOF before interpreting the response).
 		if ($hdr(User-Agent) =~ "xmlrpclib")
@@ -463,8 +481,11 @@ route[REGISTER] {
                         exit;
                 }
 	} else {
+		xlog("L_ERR", "Auth succeeded\n");
+		setdebug("9");
 		# We need to check if this user is registered or not
 		if (!impu_registered("location")) {
+			xlog("L_ERR", "Not REGISTERED\n");
 			save("location");
 			if ($avp(saa_return_code) == 1) {
 				isc_match_filter_reg("0","location");
diff --git a/examples/scscf/scscf.cfg b/examples/scscf/scscf.cfg
index 5da0b25..b1ffdc1 100644
--- a/examples/scscf/scscf.cfg
+++ b/examples/scscf/scscf.cfg
@@ -26,14 +26,25 @@
 # Let the HSS decide
 ##!define REG_AUTH_DEFAULT_ALG "HSS-Selected"
 
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+
+# Allowed IPs for XML-RPC-Queries
+#!define XMLRPC_WHITELIST_1 "127.0.0.1"
+##!define XMLRPC_WHITELIST_2 "127.0.0.1"
+##!define XMLRPC_WHITELIST_3 "127.0.0.1"
+
 # Several features can be enabled using '#!define WITH_FEATURE' directives:
 #
 # *** To run in debug mode: 
 #     - define WITH_DEBUG
 #
+# *** To enable TCP support execute:
+#     - define WITH_TCP
+#
 # *** To enable XMLRPC support execute:
 #     - define WITH_XMLRPC
-#     - adjust route[XMLRPC] for access policy
+#     - this will automagically enable TCP
 #
 # *** To enable basic dialplan support:
 #     - define WITH_DIALPLAN




More information about the sr-dev mailing list