[sr-dev] git:master: Make XML-RCP configurable in example scripts
admin at sip-router.org
admin at sip-router.org
Fri May 3 18:46:59 CEST 2013
Module: sip-router
Branch: master
Commit: 86d706bd4a1e31160883a4f094f3e04f9380de04
URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=86d706bd4a1e31160883a4f094f3e04f9380de04
Author: Carsten Bock <carsten at ng-voice.com>
Committer: Carsten Bock <carsten at ng-voice.com>
Date: Fri May 3 18:45:07 2013 +0200
Make XML-RCP configurable in example scripts
- Improvement: Automatically enable TCP, if XML-RPC is requested
- Improvement: Allow the configuration of TCP-Children (especially for XML-RPC)
- Improvement: Add missing configuration information
---
examples/icscf/icscf.cfg | 12 ++++++++----
examples/icscf/kamailio.cfg | 27 ++++++++++++++++++++++-----
examples/pcscf/kamailio.cfg | 35 ++++++++++++++++++++++++++++++++---
examples/pcscf/pcscf.cfg | 23 ++++++++++++++++++++++-
examples/scscf/kamailio.cfg | 33 +++++++++++++++++++++++++++------
examples/scscf/scscf.cfg | 13 ++++++++++++-
6 files changed, 123 insertions(+), 20 deletions(-)
diff --git a/examples/icscf/icscf.cfg b/examples/icscf/icscf.cfg
index e782557..a8cea37 100644
--- a/examples/icscf/icscf.cfg
+++ b/examples/icscf/icscf.cfg
@@ -17,16 +17,20 @@
# Set a forced CX/DX-Peer, do not try to find one
#!define CXDX_FORCED_PEER "hss.kamailio-ims.org"
+# Allowed IPs for XML-RPC-Queries
+#!define XMLRPC_WHITELIST_1 "127.0.0.1"
+##!define XMLRPC_WHITELIST_2 "127.0.0.1"
+##!define XMLRPC_WHITELIST_3 "127.0.0.1"
+
# *** To run in debug mode:
# - define WITH_DEBUG
#
-# *** To enable TLS support execute:
-# - adjust CFGDIR/tls.cfg as needed
-# - define WITH_TLS
+# *** To enable TCP support execute:
+# - define WITH_TCP
#
# *** To enable XMLRPC support execute:
# - define WITH_XMLRPC
-# - adjust route[XMLRPC] for access policy
+# - this will automagically enable TCP
#
# *** To enable a Homer SIP-Capter-Node:
# - define CAPTURE_NODE with a proper address
diff --git a/examples/icscf/kamailio.cfg b/examples/icscf/kamailio.cfg
index c68f83f..c66cb25 100644
--- a/examples/icscf/kamailio.cfg
+++ b/examples/icscf/kamailio.cfg
@@ -60,16 +60,23 @@ dns_srv_lb=yes
# Always: Also try IPv6:
dns_try_ipv6=yes
-#!ifdef WITH_TLS
+#!ifdef WITH_XMLRPC
+#!ifndef WITH_TCP
#!define WITH_TCP
-enable_tls=yes
+#!endif
+#!ifndef TCP_PROCESSES
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+#!endif
#!endif
-/* uncomment the next line to disable TCP (default on) */
#!ifdef WITH_TCP
# life time of TCP connection when there is no traffic
# - a bit higher than registration expires to cope with UA behind NAT
tcp_connection_lifetime=3615
+#!ifdef TCP_PROCESSES
+tcp_children=TCP_PROCESSES
+#!endif
#!else
disable_tcp=yes
#!endif
@@ -260,8 +267,18 @@ route[REQINIT] {
######################################################################
#!ifdef WITH_XMLRPC
route[XMLRPC] {
- # allow XMLRPC from localhost
- if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) {
+ if ((method=="POST" || method=="GET")
+#!ifdef XMLRPC_WHITELIST_1
+&& ((src_ip == XMLRPC_WHITELIST_1)
+#!ifdef XMLRPC_WHITELIST_2
+ || (src_ip == XMLRPC_WHITELIST_2)
+#!endif
+#!ifdef XMLRPC_WHITELIST_3
+ || (src_ip == XMLRPC_WHITELIST_3)
+#!endif
+)
+#!endif
+) {
# close connection only for xmlrpclib user agents (there is a bug in
# xmlrpclib: it waits for EOF before interpreting the response).
if ($hdr(User-Agent) =~ "xmlrpclib")
diff --git a/examples/pcscf/kamailio.cfg b/examples/pcscf/kamailio.cfg
index 8daf8b1..b15b4c0 100644
--- a/examples/pcscf/kamailio.cfg
+++ b/examples/pcscf/kamailio.cfg
@@ -90,10 +90,19 @@ auto_aliases=no
#!ifndef WITH_TCP
#!define WITH_TCP
#!endif
-
enable_tls=yes
#!endif
+#!ifdef WITH_XMLRPC
+#!ifndef WITH_TCP
+#!define WITH_TCP
+#!endif
+#!ifndef TCP_PROCESSES
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+#!endif
+#!endif
+
# Check, if NAT is enabled (in case you want to Force all calls through the RTPProxy)
#!ifdef FORCE_RTPRELAY
#!ifndef WITH_NAT
@@ -101,6 +110,13 @@ enable_tls=yes
#!endif
#!endif
+# Check, if NAT is enabled (in case you want to Force all calls through the RTPProxy)
+#!ifdef WITH_RTPIPV4
+#!ifndef WITH_NAT
+#!define WITH_NAT
+#!endif
+#!endif
+
#!ifdef WITH_TCP
# life time of TCP connection when there is no traffic
# - a bit higher than registration expires to cope with UA behind NAT
@@ -115,6 +131,9 @@ tcp_connection_lifetime=3615
tcp_accept_aliases=no
# Enable SIP outbound TCP keep-alive using PING-PONG (CRLFCRLF - CRLF).
tcp_crlf_ping=yes
+#!ifdef TCP_PROCESSES
+tcp_children=TCP_PROCESSES
+#!endif
#!else
disable_tcp=yes
#!endif
@@ -455,8 +474,18 @@ route[REQINIT] {
######################################################################
#!ifdef WITH_XMLRPC
route[XMLRPC] {
- # allow XMLRPC from localhost
- if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) {
+ if ((method=="POST" || method=="GET")
+#!ifdef XMLRPC_WHITELIST_1
+&& ((src_ip == XMLRPC_WHITELIST_1)
+#!ifdef XMLRPC_WHITELIST_2
+ || (src_ip == XMLRPC_WHITELIST_2)
+#!endif
+#!ifdef XMLRPC_WHITELIST_3
+ || (src_ip == XMLRPC_WHITELIST_3)
+#!endif
+)
+#!endif
+) {
# close connection only for xmlrpclib user agents (there is a bug in
# xmlrpclib: it waits for EOF before interpreting the response).
if ($hdr(User-Agent) =~ "xmlrpclib")
diff --git a/examples/pcscf/pcscf.cfg b/examples/pcscf/pcscf.cfg
index 69c8cb8..5e38d7f 100644
--- a/examples/pcscf/pcscf.cfg
+++ b/examples/pcscf/pcscf.cfg
@@ -13,6 +13,11 @@
# SIP-Address of capturing node, if not set, capturing is disabled.
##!define CAPTURE_NODE "sip:10.0.6.1"
+# Allowed IPs for XML-RPC-Queries
+#!define XMLRPC_WHITELIST_1 "127.0.0.1"
+##!define XMLRPC_WHITELIST_2 "127.0.0.1"
+##!define XMLRPC_WHITELIST_3 "127.0.0.1"
+
# IP-Adress(es) of the RTP-Proxy
#!define RTPPROXY_ADDRESS "udp:127.0.0.1:22222"
#
@@ -28,13 +33,25 @@
# - start RTPProxy:
# rtpproxy -l _your_public_ip_ -s udp:localhost:7722
#
+# *** To force alls calls through the RTP-Proxy
+# - this will automagically enable NAT-Traversal
+# - define FORCE_RTPRELAY
+#
+# *** To enable IPv4/IPv6 Translation (RTPProxy)
+# - this will automagically enable NAT-Traversal
+# - define WITH_RTPIPV4
+#
+# *** To enable TCP support execute:
+# - define WITH_TCP
+#
# *** To enable TLS support execute:
# - adjust CFGDIR/tls.cfg as needed
# - define WITH_TLS
+# - this will automagically enable TCP
#
# *** To enable XMLRPC support execute:
# - define WITH_XMLRPC
-# - adjust route[XMLRPC] for access policy
+# - this will automagically enable TCP
#
# *** To enable anti-flood detection execute:
# - adjust pike and htable=>ipban settings as needed (default is
@@ -51,8 +68,12 @@
# Enabled Features for this host:
##!define WITH_DEBUG
##!define WITH_NAT
+##!define FORCE_RTPRELAY
##!define WITH_TLS
#!define WITH_XMLRPC
#!define WITH_ANTIFLOOD
##!define WITH_RX
+##!define WITH_TCP
+##!define WITH_RTPIPV4
+
diff --git a/examples/scscf/kamailio.cfg b/examples/scscf/kamailio.cfg
index 444cd74..d8da8ab 100644
--- a/examples/scscf/kamailio.cfg
+++ b/examples/scscf/kamailio.cfg
@@ -73,15 +73,23 @@ dns_try_ipv6=yes
# Try onle IPv6:
dns_cache_flags=6
-#!ifdef WITH_TLS
+#!ifdef WITH_XMLRPC
+#!ifndef WITH_TCP
#!define WITH_TCP
-enable_tls=yes
+#!endif
+#!ifndef TCP_PROCESSES
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+#!endif
#!endif
#!ifdef WITH_TCP
# life time of TCP connection when there is no traffic
# - a bit higher than registration expires to cope with UA behind NAT
tcp_connection_lifetime=3615
+#!ifdef TCP_PROCESSES
+tcp_children=TCP_PROCESSES
+#!endif
#!else
disable_tcp=yes
#!endif
@@ -286,9 +294,9 @@ modparam("dispatcher", "ds_probing_mode", 1)
# - processing of any incoming SIP request starts with this route
route {
-#!ifdef WITH_DEBUG
+##!ifdef WITH_DEBUG
xlog("L_ERR", "$rm ($fu ($si:$sp) to $tu, $ci)\n");
-#!endif
+##!endif
# per request initial checks
route(REQINIT);
@@ -411,8 +419,18 @@ route[subscribe]
######################################################################
#!ifdef WITH_XMLRPC
route[XMLRPC] {
- # allow XMLRPC from localhost
- if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) {
+ if ((method=="POST" || method=="GET")
+#!ifdef XMLRPC_WHITELIST_1
+&& ((src_ip == XMLRPC_WHITELIST_1)
+#!ifdef XMLRPC_WHITELIST_2
+ || (src_ip == XMLRPC_WHITELIST_2)
+#!endif
+#!ifdef XMLRPC_WHITELIST_3
+ || (src_ip == XMLRPC_WHITELIST_3)
+#!endif
+)
+#!endif
+) {
# close connection only for xmlrpclib user agents (there is a bug in
# xmlrpclib: it waits for EOF before interpreting the response).
if ($hdr(User-Agent) =~ "xmlrpclib")
@@ -463,8 +481,11 @@ route[REGISTER] {
exit;
}
} else {
+ xlog("L_ERR", "Auth succeeded\n");
+ setdebug("9");
# We need to check if this user is registered or not
if (!impu_registered("location")) {
+ xlog("L_ERR", "Not REGISTERED\n");
save("location");
if ($avp(saa_return_code) == 1) {
isc_match_filter_reg("0","location");
diff --git a/examples/scscf/scscf.cfg b/examples/scscf/scscf.cfg
index 5da0b25..b1ffdc1 100644
--- a/examples/scscf/scscf.cfg
+++ b/examples/scscf/scscf.cfg
@@ -26,14 +26,25 @@
# Let the HSS decide
##!define REG_AUTH_DEFAULT_ALG "HSS-Selected"
+# Number of TCP Processes
+#!define TCP_PROCESSES 3
+
+# Allowed IPs for XML-RPC-Queries
+#!define XMLRPC_WHITELIST_1 "127.0.0.1"
+##!define XMLRPC_WHITELIST_2 "127.0.0.1"
+##!define XMLRPC_WHITELIST_3 "127.0.0.1"
+
# Several features can be enabled using '#!define WITH_FEATURE' directives:
#
# *** To run in debug mode:
# - define WITH_DEBUG
#
+# *** To enable TCP support execute:
+# - define WITH_TCP
+#
# *** To enable XMLRPC support execute:
# - define WITH_XMLRPC
-# - adjust route[XMLRPC] for access policy
+# - this will automagically enable TCP
#
# *** To enable basic dialplan support:
# - define WITH_DIALPLAN
More information about the sr-dev
mailing list