Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[6657] branches/1.0
|
From: <abe...@us...> - 2014-08-25 19:52:54
|
Revision: 6657
http://sourceforge.net/p/astlinux/code/6657
Author: abelbeck
Date: 2014-08-25 19:52:42 +0000 (Mon, 25 Aug 2014)
Log Message:
-----------
kamailio, add kamailio user/group, enable tls and a few more modules, configure kamctlrc. Devs, be sure to do a clean rebuild and update /mnt/kd/kamailio/kamctlrc because of the new kamailio user/group
Modified Paths:
--------------
branches/1.0/package/kamailio/kamailio.init
branches/1.0/package/kamailio/kamailio.mk
branches/1.0/project/astlinux/target_skeleton/etc/group
branches/1.0/project/astlinux/target_skeleton/etc/init.d/FIRSTRUN
branches/1.0/project/astlinux/target_skeleton/etc/passwd
branches/1.0/project/astlinux/target_skeleton/etc/shadow
branches/1.0/project/astlinux/target_skeleton/etc/shadow-
Added Paths:
-----------
branches/1.0/package/kamailio/etc/
branches/1.0/package/kamailio/etc/kamailio-basic.cfg
branches/1.0/package/kamailio/etc/kamailio.cfg
branches/1.0/package/kamailio/etc/tls.cfg
Removed Paths:
-------------
branches/1.0/package/kamailio/kamailio.cfg
Added: branches/1.0/package/kamailio/etc/kamailio-basic.cfg
===================================================================
--- branches/1.0/package/kamailio/etc/kamailio-basic.cfg (rev 0)
+++ branches/1.0/package/kamailio/etc/kamailio-basic.cfg 2014-08-25 19:52:42 UTC (rev 6657)
@@ -0,0 +1,613 @@
+#!KAMAILIO
+#
+# Kamailio (OpenSER) SIP Server v4.0 - default configuration script
+# - web: http://www.kamailio.org
+# - git: http://sip-router.org
+#
+# Direct your questions about this file to: <sr-...@li...>
+#
+# Refer to the Core CookBook at http://www.kamailio.org/wiki/
+# for an explanation of possible statements, functions and parameters.
+#
+# Several features can be enabled using '#!define WITH_FEATURE' directives:
+#
+# *** To run in debug mode:
+# - define WITH_DEBUG
+#
+# *** To enable mysql:
+# - define WITH_MYSQL
+#
+# *** To enable authentication execute:
+# - enable mysql
+# - define WITH_AUTH
+# - add users using 'kamctl'
+#
+# *** To enable IP authentication execute:
+# - enable mysql
+# - enable authentication
+# - define WITH_IPAUTH
+# - add IP addresses with group id '1' to 'address' table
+#
+# *** To enable persistent user location execute:
+# - enable mysql
+# - define WITH_USRLOCDB
+#
+# *** To enable nat traversal execute:
+# - define WITH_NAT
+# - install RTPProxy: http://www.rtpproxy.org
+# - start RTPProxy:
+# rtpproxy -l _your_public_ip_ -s udp:localhost:7722
+#
+# *** To enable TLS support execute:
+# - adjust CFGDIR/tls.cfg as needed
+# - define WITH_TLS
+#
+# *** To enhance accounting execute:
+# - enable mysql
+# - define WITH_ACCDB
+# - add following columns to database
+#!ifdef ACCDB_COMMENT
+ ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
+ ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
+ ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
+#!endif
+
+####### Include Local Config If Exists #########
+import_file "kamailio-local.cfg"
+
+####### Defined Values #########
+
+# *** Value defines - IDs used later in config
+#!define DBURL "sqlite:///mnt/kd/kamailio.sqlite3"
+#!ifdef WITH_MYSQL
+# - database URL - used to connect to database server by modules such
+# as: auth_db, acc, usrloc, a.s.o.
+#!ifndef DBURL
+#!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio"
+#!endif
+#!endif
+#!define MULTIDOMAIN 0
+
+# - flags
+# FLT_ - per transaction (message) flags
+# FLB_ - per branch flags
+#!define FLT_ACC 1
+#!define FLT_ACCMISSED 2
+#!define FLT_ACCFAILED 3
+#!define FLT_NATS 5
+
+#!define FLB_NATB 6
+#!define FLB_NATSIPPING 7
+
+####### Global Parameters #########
+
+### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
+#!ifdef WITH_DEBUG
+debug=4
+log_stderror=yes
+#!else
+debug=2
+log_stderror=no
+#!endif
+
+memdbg=5
+memlog=5
+
+log_facility=LOG_LOCAL0
+
+fork=yes
+children=4
+
+/* uncomment the next line to disable TCP (default on) */
+#disable_tcp=yes
+
+/* uncomment the next line to disable the auto discovery of local aliases
+ based on reverse DNS on IPs (default on) */
+#auto_aliases=no
+
+/* add local domain aliases */
+#alias="sip.mydomain.com"
+
+/* uncomment and configure the following line if you want Kamailio to
+ bind on a specific interface/port/proto (default bind on all available) */
+listen=udp:127.0.0.1:5065 # CUSTOMIZE ME
+
+/* port to listen to
+ * - can be specified more than once if needed to listen on many ports */
+port=5060
+
+#!ifdef WITH_TLS
+enable_tls=yes
+#!endif
+
+# life time of TCP connection when there is no traffic
+# - a bit higher than registration expires to cope with UA behind NAT
+tcp_connection_lifetime=3605
+
+####### Modules Section ########
+
+# set paths to location of modules (to sources or installation folders)
+#!ifdef WITH_SRCPATH
+mpath="modules_k:modules"
+#!else
+mpath="/lib/kamailio/modules/"
+#!endif
+
+#!ifdef WITH_MYSQL
+loadmodule "db_mysql.so"
+#!endif
+
+loadmodule "mi_fifo.so"
+loadmodule "kex.so"
+loadmodule "corex.so"
+loadmodule "tm.so"
+loadmodule "tmx.so"
+loadmodule "sl.so"
+loadmodule "rr.so"
+loadmodule "pv.so"
+loadmodule "maxfwd.so"
+loadmodule "usrloc.so"
+loadmodule "registrar.so"
+loadmodule "textops.so"
+loadmodule "siputils.so"
+loadmodule "xlog.so"
+loadmodule "sanity.so"
+loadmodule "ctl.so"
+loadmodule "cfg_rpc.so"
+loadmodule "mi_rpc.so"
+loadmodule "acc.so"
+
+#!ifdef WITH_AUTH
+loadmodule "auth.so"
+loadmodule "auth_db.so"
+#!ifdef WITH_IPAUTH
+loadmodule "permissions.so"
+#!endif
+#!endif
+
+#!ifdef WITH_NAT
+loadmodule "nathelper.so"
+loadmodule "rtpproxy.so"
+#!endif
+
+#!ifdef WITH_TLS
+loadmodule "tls.so"
+#!endif
+
+#!ifdef WITH_DEBUG
+loadmodule "debugger.so"
+#!endif
+
+# ----------------- setting module-specific parameters ---------------
+
+
+# ----- mi_fifo params -----
+modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
+
+
+# ----- tm params -----
+# auto-discard branches from previous serial forking leg
+modparam("tm", "failure_reply_mode", 3)
+# default retransmission timeout: 30sec
+modparam("tm", "fr_timer", 30000)
+# default invite retransmission timeout after 1xx: 120sec
+modparam("tm", "fr_inv_timer", 120000)
+
+
+# ----- rr params -----
+# add value to ;lr param to cope with most of the UAs
+modparam("rr", "enable_full_lr", 1)
+# do not append from tag to the RR (no need for this script)
+modparam("rr", "append_fromtag", 0)
+
+
+# ----- registrar params -----
+modparam("registrar", "method_filtering", 1)
+/* uncomment the next line to disable parallel forking via location */
+# modparam("registrar", "append_branches", 0)
+/* uncomment the next line not to allow more than 10 contacts per AOR */
+#modparam("registrar", "max_contacts", 10)
+# max value for expires of registrations
+modparam("registrar", "max_expires", 3600)
+# set it to 1 to enable GRUU
+modparam("registrar", "gruu_enabled", 0)
+
+
+# ----- acc params -----
+/* what special events should be accounted ? */
+modparam("acc", "early_media", 0)
+modparam("acc", "report_ack", 0)
+modparam("acc", "report_cancels", 0)
+/* by default ww do not adjust the direct of the sequential requests.
+ if you enable this parameter, be sure the enable "append_fromtag"
+ in "rr" module */
+modparam("acc", "detect_direction", 0)
+/* account triggers (flags) */
+modparam("acc", "log_flag", FLT_ACC)
+modparam("acc", "log_missed_flag", FLT_ACCMISSED)
+modparam("acc", "log_extra",
+ "src_user=$fU;src_domain=$fd;src_ip=$si;"
+ "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
+modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
+/* enhanced DB accounting */
+#!ifdef WITH_ACCDB
+modparam("acc", "db_flag", FLT_ACC)
+modparam("acc", "db_missed_flag", FLT_ACCMISSED)
+modparam("acc", "db_url", DBURL)
+modparam("acc", "db_extra",
+ "src_user=$fU;src_domain=$fd;src_ip=$si;"
+ "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
+#!endif
+
+
+# ----- usrloc params -----
+/* enable DB persistency for location entries */
+#!ifdef WITH_USRLOCDB
+modparam("usrloc", "db_url", DBURL)
+modparam("usrloc", "db_mode", 2)
+modparam("usrloc", "use_domain", MULTIDOMAIN)
+#!endif
+
+
+# ----- auth_db params -----
+#!ifdef WITH_AUTH
+modparam("auth_db", "db_url", DBURL)
+modparam("auth_db", "calculate_ha1", yes)
+modparam("auth_db", "password_column", "password")
+modparam("auth_db", "load_credentials", "")
+modparam("auth_db", "use_domain", MULTIDOMAIN)
+
+# ----- permissions params -----
+#!ifdef WITH_IPAUTH
+modparam("permissions", "db_url", DBURL)
+modparam("permissions", "db_mode", 1)
+#!endif
+
+#!endif
+
+
+#!ifdef WITH_NAT
+# ----- rtpproxy params -----
+modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
+
+# ----- nathelper params -----
+modparam("nathelper", "natping_interval", 30)
+modparam("nathelper", "ping_nated_only", 1)
+modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
+modparam("nathelper", "sipping_from", "sip:pi...@ka...")
+
+# params needed for NAT traversal in other modules
+modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
+modparam("usrloc", "nat_bflag", FLB_NATB)
+#!endif
+
+
+#!ifdef WITH_TLS
+# ----- tls params -----
+modparam("tls", "config", "/etc/kamailio/tls.cfg")
+#!endif
+
+#!ifdef WITH_DEBUG
+# ----- debugger params -----
+modparam("debugger", "cfgtrace", 1)
+#!endif
+
+####### Routing Logic ########
+
+
+# Main SIP request routing logic
+# - processing of any incoming SIP request starts with this route
+# - note: this is the same as route { ... }
+request_route {
+
+ # per request initial checks
+ route(REQINIT);
+
+ # NAT detection
+ route(NATDETECT);
+
+ # CANCEL processing
+ if (is_method("CANCEL")) {
+ if (t_check_trans()) {
+ route(RELAY);
+ }
+ exit;
+ }
+
+ # handle requests within SIP dialogs
+ route(WITHINDLG);
+
+ ### only initial requests (no To tag)
+
+ t_check_trans();
+
+ # authentication
+ route(AUTH);
+
+ # record routing for dialog forming requests (in case they are routed)
+ # - remove preloaded route headers
+ remove_hf("Route");
+ if (is_method("INVITE|SUBSCRIBE"))
+ record_route();
+
+ # account only INVITEs
+ if (is_method("INVITE")) {
+ setflag(FLT_ACC); # do accounting
+ }
+
+ # dispatch requests to foreign domains
+ route(SIPOUT);
+
+ ### requests for my local domains
+
+ # handle registrations
+ route(REGISTRAR);
+
+ if ($rU==$null) {
+ # request with no Username in RURI
+ sl_send_reply("484","Address Incomplete");
+ exit;
+ }
+
+ # user location service
+ route(LOCATION);
+}
+
+
+route[RELAY] {
+ # enable additional event routes for forwarded requests
+ # - serial forking, RTP relaying handling, a.s.o.
+ if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
+ if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
+ }
+ if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
+ if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
+ }
+ if (is_method("INVITE")) {
+ if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
+ }
+
+ if (!t_relay()) {
+ sl_reply_error();
+ }
+ exit;
+}
+
+# Per SIP request initial checks
+route[REQINIT] {
+#!ifdef WITH_ANTIFLOOD
+ # flood dection from same IP and traffic ban for a while
+ # be sure you exclude checking trusted peers, such as pstn gateways
+ # - local host excluded (e.g., loop to self)
+ if(src_ip!=myself) {
+ if($sht(ipban=>$si)!=$null) {
+ # ip is already blocked
+ xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
+ exit;
+ }
+ if (!pike_check_req()) {
+ xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
+ $sht(ipban=>$si) = 1;
+ exit;
+ }
+ }
+#!endif
+
+ if (!mf_process_maxfwd_header("10")) {
+ sl_send_reply("483","Too Many Hops");
+ exit;
+ }
+
+ if(!sanity_check("1511", "7")) {
+ xlog("Malformed SIP message from $si:$sp\n");
+ exit;
+ }
+}
+
+# Handle requests within SIP dialogs
+route[WITHINDLG] {
+ if (has_totag()) {
+ # sequential request withing a dialog should
+ # take the path determined by record-routing
+ if (loose_route()) {
+ route(DLGURI);
+ if (is_method("BYE")) {
+ setflag(FLT_ACC); # do accounting ...
+ setflag(FLT_ACCFAILED); # ... even if the transaction fails
+ }
+ else if ( is_method("ACK") ) {
+ # ACK is forwarded statelessy
+ route(NATMANAGE);
+ }
+ else if ( is_method("NOTIFY") ) {
+ # Add Record-Route for in-dialog NOTIFY as per RFC 6665.
+ record_route();
+ }
+ route(RELAY);
+ } else {
+ if ( is_method("ACK") ) {
+ if ( t_check_trans() ) {
+ # no loose-route, but stateful ACK;
+ # must be an ACK after a 487
+ # or e.g. 404 from upstream server
+ route(RELAY);
+ exit;
+ } else {
+ # ACK without matching transaction ... ignore and discard
+ exit;
+ }
+ }
+ sl_send_reply("404","Not here");
+ }
+ exit;
+ }
+}
+
+# Handle SIP registrations
+route[REGISTRAR] {
+ if (is_method("REGISTER")) {
+ if(isflagset(FLT_NATS)) {
+ setbflag(FLB_NATB);
+ # uncomment next line to do SIP NAT pinging
+ ## setbflag(FLB_NATSIPPING);
+ }
+ if (!save("location"))
+ sl_reply_error();
+
+ exit;
+ }
+}
+
+# USER location service
+route[LOCATION] {
+ if (!lookup("location")) {
+ $var(rc) = $rc;
+ t_newtran();
+ switch ($var(rc)) {
+ case -1:
+ case -3:
+ send_reply("404", "Not Found");
+ exit;
+ case -2:
+ send_reply("405", "Method Not Allowed");
+ exit;
+ }
+ }
+
+ # when routing via usrloc, log the missed calls also
+ if (is_method("INVITE")) {
+ setflag(FLT_ACCMISSED);
+ }
+
+ route(RELAY);
+ exit;
+}
+
+
+# Authentication route
+route[AUTH] {
+#!ifdef WITH_AUTH
+
+#!ifdef WITH_IPAUTH
+ if((!is_method("REGISTER")) && allow_source_address()) {
+ # source IP allowed
+ return;
+ }
+#!endif
+
+ if (is_method("REGISTER") || from_uri==myself) {
+ # authenticate requests
+ if (!auth_check("$fd", "subscriber", "1")) {
+ auth_challenge("$fd", "0");
+ exit;
+ }
+ # user authenticated - remove auth header
+ if(!is_method("REGISTER|PUBLISH"))
+ consume_credentials();
+ }
+ # if caller is not local subscriber, then check if it calls
+ # a local destination, otherwise deny, not an open relay here
+ if (from_uri!=myself && uri!=myself) {
+ sl_send_reply("403","Not relaying");
+ exit;
+ }
+
+#!endif
+ return;
+}
+
+# Caller NAT detection route
+route[NATDETECT] {
+#!ifdef WITH_NAT
+ force_rport();
+ if (nat_uac_test("19")) {
+ if (is_method("REGISTER")) {
+ fix_nated_register();
+ } else {
+ add_contact_alias();
+ }
+ setflag(FLT_NATS);
+ }
+#!endif
+ return;
+}
+
+# RTPProxy control
+route[NATMANAGE] {
+#!ifdef WITH_NAT
+ if (is_request()) {
+ if(has_totag()) {
+ if(check_route_param("nat=yes")) {
+ setbflag(FLB_NATB);
+ }
+ }
+ }
+ if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
+ return;
+
+ rtpproxy_manage("co");
+
+ if (is_request()) {
+ if (!has_totag()) {
+ if(t_is_branch_route()) {
+ add_rr_param(";nat=yes");
+ }
+ }
+ }
+ if (is_reply()) {
+ if(isbflagset(FLB_NATB)) {
+ add_contact_alias();
+ }
+ }
+#!endif
+ return;
+}
+
+# URI update for dialog requests
+route[DLGURI] {
+#!ifdef WITH_NAT
+ if(!isdsturiset()) {
+ handle_ruri_alias();
+ }
+#!endif
+ return;
+}
+
+# Routing to foreign domains
+route[SIPOUT] {
+ if (!uri==myself) {
+ append_hf("P-hint: outbound\r\n");
+ route(RELAY);
+ }
+}
+
+# manage outgoing branches
+branch_route[MANAGE_BRANCH] {
+ xdbg("new branch [$T_branch_idx] to $ru\n");
+ route(NATMANAGE);
+}
+
+# manage incoming replies
+onreply_route[MANAGE_REPLY] {
+ xdbg("incoming reply\n");
+ if(status=~"[12][0-9][0-9]")
+ route(NATMANAGE);
+}
+
+# manage failure routing cases
+failure_route[MANAGE_FAILURE] {
+ route(NATMANAGE);
+
+ if (t_is_canceled()) {
+ exit;
+ }
+}
Copied: branches/1.0/package/kamailio/etc/kamailio.cfg (from rev 6656, branches/1.0/package/kamailio/kamailio.cfg)
===================================================================
--- branches/1.0/package/kamailio/etc/kamailio.cfg (rev 0)
+++ branches/1.0/package/kamailio/etc/kamailio.cfg 2014-08-25 19:52:42 UTC (rev 6657)
@@ -0,0 +1,942 @@
+#!KAMAILIO
+#
+# Kamailio (OpenSER) SIP Server v4.1 - default configuration script
+# - web: http://www.kamailio.org
+# - git: http://sip-router.org
+#
+# Direct your questions about this file to: <sr-...@li...>
+#
+# Refer to the Core CookBook at http://www.kamailio.org/wiki/
+# for an explanation of possible statements, functions and parameters.
+#
+# Several features can be enabled using '#!define WITH_FEATURE' directives:
+#
+# *** To run in debug mode:
+# - define WITH_DEBUG
+#
+# *** To enable mysql:
+# - define WITH_MYSQL
+#
+# *** To enable authentication execute:
+# - enable mysql
+# - define WITH_AUTH
+# - add users using 'kamctl'
+#
+# *** To enable IP authentication execute:
+# - enable mysql
+# - enable authentication
+# - define WITH_IPAUTH
+# - add IP addresses with group id '1' to 'address' table
+#
+# *** To enable persistent user location execute:
+# - enable mysql
+# - define WITH_USRLOCDB
+#
+# *** To enable presence server execute:
+# - enable mysql
+# - define WITH_PRESENCE
+#
+# *** To enable nat traversal execute:
+# - define WITH_NAT
+# - install RTPProxy: http://www.rtpproxy.org
+# - start RTPProxy:
+# rtpproxy -l _your_public_ip_ -s udp:localhost:7722
+#
+# *** To enable PSTN gateway routing execute:
+# - define WITH_PSTN
+# - set the value of pstn.gw_ip
+# - check route[PSTN] for regexp routing condition
+#
+# *** To enable database aliases lookup execute:
+# - enable mysql
+# - define WITH_ALIASDB
+#
+# *** To enable speed dial lookup execute:
+# - enable mysql
+# - define WITH_SPEEDDIAL
+#
+# *** To enable multi-domain support execute:
+# - enable mysql
+# - define WITH_MULTIDOMAIN
+#
+# *** To enable TLS support execute:
+# - adjust CFGDIR/tls.cfg as needed
+# - define WITH_TLS
+#
+# *** To enable XMLRPC support execute:
+# - define WITH_XMLRPC
+# - adjust route[XMLRPC] for access policy
+#
+# *** To enable anti-flood detection execute:
+# - adjust pike and htable=>ipban settings as needed (default is
+# block if more than 16 requests in 2 seconds and ban for 300 seconds)
+# - define WITH_ANTIFLOOD
+#
+# *** To block 3XX redirect replies execute:
+# - define WITH_BLOCK3XX
+#
+# *** To enable VoiceMail routing execute:
+# - define WITH_VOICEMAIL
+# - set the value of voicemail.srv_ip
+# - adjust the value of voicemail.srv_port
+#
+# *** To enhance accounting execute:
+# - enable mysql
+# - define WITH_ACCDB
+# - add following columns to database
+#!ifdef ACCDB_COMMENT
+ ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
+ ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
+ ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
+ ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
+#!endif
+
+####### Include Local Config If Exists #########
+import_file "kamailio-local.cfg"
+
+####### Defined Values #########
+
+# *** Value defines - IDs used later in config
+#!define DBURL "sqlite:///mnt/kd/kamailio.sqlite3"
+#!ifdef WITH_MYSQL
+# - database URL - used to connect to database server by modules such
+# as: auth_db, acc, usrloc, a.s.o.
+#!ifndef DBURL
+#!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio"
+#!endif
+#!endif
+#!ifdef WITH_MULTIDOMAIN
+# - the value for 'use_domain' parameters
+#!define MULTIDOMAIN 1
+#!else
+#!define MULTIDOMAIN 0
+#!endif
+
+# - flags
+# FLT_ - per transaction (message) flags
+# FLB_ - per branch flags
+#!define FLT_ACC 1
+#!define FLT_ACCMISSED 2
+#!define FLT_ACCFAILED 3
+#!define FLT_NATS 5
+
+#!define FLB_NATB 6
+#!define FLB_NATSIPPING 7
+
+####### Global Parameters #########
+
+### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
+#!ifdef WITH_DEBUG
+debug=4
+log_stderror=yes
+#!else
+debug=2
+log_stderror=no
+#!endif
+
+memdbg=5
+memlog=5
+
+log_facility=LOG_LOCAL0
+
+fork=yes
+children=4
+
+/* uncomment the next line to disable TCP (default on) */
+#disable_tcp=yes
+
+/* uncomment the next line to disable the auto discovery of local aliases
+ based on reverse DNS on IPs (default on) */
+#auto_aliases=no
+
+/* add local domain aliases */
+#alias="sip.mydomain.com"
+
+/* uncomment and configure the following line if you want Kamailio to
+ bind on a specific interface/port/proto (default bind on all available) */
+listen=udp:127.0.0.1:5065 # CUSTOMIZE ME
+
+/* port to listen to
+ * - can be specified more than once if needed to listen on many ports */
+port=5060
+
+#!ifdef WITH_TLS
+enable_tls=yes
+#!endif
+
+# life time of TCP connection when there is no traffic
+# - a bit higher than registration expires to cope with UA behind NAT
+tcp_connection_lifetime=3605
+
+####### Custom Parameters #########
+
+# These parameters can be modified runtime via RPC interface
+# - see the documentation of 'cfg_rpc' module.
+#
+# Format: group.id = value 'desc' description
+# Access: $sel(cfg_get.group.id) or @cfg_get.group.id
+#
+
+#!ifdef WITH_PSTN
+# PSTN GW Routing
+#
+# - pstn.gw_ip: valid IP or hostname as string value, example:
+# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
+#
+# - by default is empty to avoid misrouting
+pstn.gw_ip = "" desc "PSTN GW Address"
+pstn.gw_port = "" desc "PSTN GW Port"
+#!endif
+
+#!ifdef WITH_VOICEMAIL
+# VoiceMail Routing on offline, busy or no answer
+#
+# - by default Voicemail server IP is empty to avoid misrouting
+voicemail.srv_ip = "" desc "VoiceMail IP Address"
+voicemail.srv_port = "5060" desc "VoiceMail Port"
+#!endif
+
+####### Modules Section ########
+
+# set paths to location of modules (to sources or installation folders)
+#!ifdef WITH_SRCPATH
+mpath="modules/"
+#!else
+mpath="/lib/kamailio/modules/"
+#!endif
+
+#!ifdef WITH_MYSQL
+loadmodule "db_mysql.so"
+#!endif
+
+loadmodule "mi_fifo.so"
+loadmodule "kex.so"
+loadmodule "corex.so"
+loadmodule "tm.so"
+loadmodule "tmx.so"
+loadmodule "sl.so"
+loadmodule "rr.so"
+loadmodule "pv.so"
+loadmodule "maxfwd.so"
+loadmodule "usrloc.so"
+loadmodule "registrar.so"
+loadmodule "textops.so"
+loadmodule "siputils.so"
+loadmodule "xlog.so"
+loadmodule "sanity.so"
+loadmodule "ctl.so"
+loadmodule "cfg_rpc.so"
+loadmodule "mi_rpc.so"
+loadmodule "acc.so"
+
+#!ifdef WITH_AUTH
+loadmodule "auth.so"
+loadmodule "auth_db.so"
+#!ifdef WITH_IPAUTH
+loadmodule "permissions.so"
+#!endif
+#!endif
+
+#!ifdef WITH_ALIASDB
+loadmodule "alias_db.so"
+#!endif
+
+#!ifdef WITH_SPEEDDIAL
+loadmodule "speeddial.so"
+#!endif
+
+#!ifdef WITH_MULTIDOMAIN
+loadmodule "domain.so"
+#!endif
+
+#!ifdef WITH_PRESENCE
+loadmodule "presence.so"
+loadmodule "presence_xml.so"
+#!endif
+
+#!ifdef WITH_NAT
+loadmodule "nathelper.so"
+loadmodule "rtpproxy.so"
+#!endif
+
+#!ifdef WITH_TLS
+loadmodule "tls.so"
+#!endif
+
+#!ifdef WITH_ANTIFLOOD
+loadmodule "htable.so"
+loadmodule "pike.so"
+#!endif
+
+#!ifdef WITH_XMLRPC
+loadmodule "xmlrpc.so"
+#!endif
+
+#!ifdef WITH_DEBUG
+loadmodule "debugger.so"
+#!endif
+
+# ----------------- setting module-specific parameters ---------------
+
+
+# ----- mi_fifo params -----
+modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
+
+
+# ----- tm params -----
+# auto-discard branches from previous serial forking leg
+modparam("tm", "failure_reply_mode", 3)
+# default retransmission timeout: 30sec
+modparam("tm", "fr_timer", 30000)
+# default invite retransmission timeout after 1xx: 120sec
+modparam("tm", "fr_inv_timer", 120000)
+
+
+# ----- rr params -----
+# add value to ;lr param to cope with most of the UAs
+modparam("rr", "enable_full_lr", 1)
+# do not append from tag to the RR (no need for this script)
+modparam("rr", "append_fromtag", 0)
+
+
+# ----- registrar params -----
+modparam("registrar", "method_filtering", 1)
+/* uncomment the next line to disable parallel forking via location */
+# modparam("registrar", "append_branches", 0)
+/* uncomment the next line not to allow more than 10 contacts per AOR */
+#modparam("registrar", "max_contacts", 10)
+# max value for expires of registrations
+modparam("registrar", "max_expires", 3600)
+# set it to 1 to enable GRUU
+modparam("registrar", "gruu_enabled", 0)
+
+
+# ----- acc params -----
+/* what special events should be accounted ? */
+modparam("acc", "early_media", 0)
+modparam("acc", "report_ack", 0)
+modparam("acc", "report_cancels", 0)
+/* by default ww do not adjust the direct of the sequential requests.
+ if you enable this parameter, be sure the enable "append_fromtag"
+ in "rr" module */
+modparam("acc", "detect_direction", 0)
+/* account triggers (flags) */
+modparam("acc", "log_flag", FLT_ACC)
+modparam("acc", "log_missed_flag", FLT_ACCMISSED)
+modparam("acc", "log_extra",
+ "src_user=$fU;src_domain=$fd;src_ip=$si;"
+ "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
+modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
+/* enhanced DB accounting */
+#!ifdef WITH_ACCDB
+modparam("acc", "db_flag", FLT_ACC)
+modparam("acc", "db_missed_flag", FLT_ACCMISSED)
+modparam("acc", "db_url", DBURL)
+modparam("acc", "db_extra",
+ "src_user=$fU;src_domain=$fd;src_ip=$si;"
+ "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
+#!endif
+
+
+# ----- usrloc params -----
+/* enable DB persistency for location entries */
+#!ifdef WITH_USRLOCDB
+modparam("usrloc", "db_url", DBURL)
+modparam("usrloc", "db_mode", 2)
+modparam("usrloc", "use_domain", MULTIDOMAIN)
+#!endif
+
+
+# ----- auth_db params -----
+#!ifdef WITH_AUTH
+modparam("auth_db", "db_url", DBURL)
+modparam("auth_db", "calculate_ha1", yes)
+modparam("auth_db", "password_column", "password")
+modparam("auth_db", "load_credentials", "")
+modparam("auth_db", "use_domain", MULTIDOMAIN)
+
+# ----- permissions params -----
+#!ifdef WITH_IPAUTH
+modparam("permissions", "db_url", DBURL)
+modparam("permissions", "db_mode", 1)
+#!endif
+
+#!endif
+
+
+# ----- alias_db params -----
+#!ifdef WITH_ALIASDB
+modparam("alias_db", "db_url", DBURL)
+modparam("alias_db", "use_domain", MULTIDOMAIN)
+#!endif
+
+
+# ----- speeddial params -----
+#!ifdef WITH_SPEEDDIAL
+modparam("speeddial", "db_url", DBURL)
+modparam("speeddial", "use_domain", MULTIDOMAIN)
+#!endif
+
+
+# ----- domain params -----
+#!ifdef WITH_MULTIDOMAIN
+modparam("domain", "db_url", DBURL)
+# register callback to match myself condition with domains list
+modparam("domain", "register_myself", 1)
+#!endif
+
+
+#!ifdef WITH_PRESENCE
+# ----- presence params -----
+modparam("presence", "db_url", DBURL)
+
+# ----- presence_xml params -----
+modparam("presence_xml", "db_url", DBURL)
+modparam("presence_xml", "force_active", 1)
+#!endif
+
+
+#!ifdef WITH_NAT
+# ----- rtpproxy params -----
+modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
+
+# ----- nathelper params -----
+modparam("nathelper", "natping_interval", 30)
+modparam("nathelper", "ping_nated_only", 1)
+modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
+modparam("nathelper", "sipping_from", "sip:pi...@ka...")
+
+# params needed for NAT traversal in other modules
+modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
+modparam("usrloc", "nat_bflag", FLB_NATB)
+#!endif
+
+
+#!ifdef WITH_TLS
+# ----- tls params -----
+modparam("tls", "config", "/etc/kamailio/tls.cfg")
+#!endif
+
+#!ifdef WITH_ANTIFLOOD
+# ----- pike params -----
+modparam("pike", "sampling_time_unit", 2)
+modparam("pike", "reqs_density_per_unit", 16)
+modparam("pike", "remove_latency", 4)
+
+# ----- htable params -----
+# ip ban htable with autoexpire after 5 minutes
+modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
+#!endif
+
+#!ifdef WITH_XMLRPC
+# ----- xmlrpc params -----
+modparam("xmlrpc", "route", "XMLRPC");
+modparam("xmlrpc", "url_match", "^/RPC")
+#!endif
+
+#!ifdef WITH_DEBUG
+# ----- debugger params -----
+modparam("debugger", "cfgtrace", 1)
+#!endif
+
+####### Routing Logic ########
+
+
+# Main SIP request routing logic
+# - processing of any incoming SIP request starts with this route
+# - note: this is the same as route { ... }
+request_route {
+
+ # per request initial checks
+ route(REQINIT);
+
+ # NAT detection
+ route(NATDETECT);
+
+ # CANCEL processing
+ if (is_method("CANCEL"))
+ {
+ if (t_check_trans()) {
+ route(RELAY);
+ }
+ exit;
+ }
+
+ # handle requests within SIP dialogs
+ route(WITHINDLG);
+
+ ### only initial requests (no To tag)
+
+ t_check_trans();
+
+ # authentication
+ route(AUTH);
+
+ # record routing for dialog forming requests (in case they are routed)
+ # - remove preloaded route headers
+ remove_hf("Route");
+ if (is_method("INVITE|SUBSCRIBE"))
+ record_route();
+
+ # account only INVITEs
+ if (is_method("INVITE"))
+ {
+ setflag(FLT_ACC); # do accounting
+ }
+
+ # dispatch requests to foreign domains
+ route(SIPOUT);
+
+ ### requests for my local domains
+
+ # handle presence related requests
+ route(PRESENCE);
+
+ # handle registrations
+ route(REGISTRAR);
+
+ if ($rU==$null)
+ {
+ # request with no Username in RURI
+ sl_send_reply("484","Address Incomplete");
+ exit;
+ }
+
+ # dispatch destinations to PSTN
+ route(PSTN);
+
+ # user location service
+ route(LOCATION);
+}
+
+
+route[RELAY] {
+
+ # enable additional event routes for forwarded requests
+ # - serial forking, RTP relaying handling, a.s.o.
+ if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
+ if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
+ }
+ if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
+ if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
+ }
+ if (is_method("INVITE")) {
+ if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
+ }
+
+ if (!t_relay()) {
+ sl_reply_error();
+ }
+ exit;
+}
+
+# Per SIP request initial checks
+route[REQINIT] {
+#!ifdef WITH_ANTIFLOOD
+ # flood dection from same IP and traffic ban for a while
+ # be sure you exclude checking trusted peers, such as pstn gateways
+ # - local host excluded (e.g., loop to self)
+ if(src_ip!=myself)
+ {
+ if($sht(ipban=>$si)!=$null)
+ {
+ # ip is already blocked
+ xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
+ exit;
+ }
+ if (!pike_check_req())
+ {
+ xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
+ $sht(ipban=>$si) = 1;
+ exit;
+ }
+ }
+#!endif
+
+ if (!mf_process_maxfwd_header("10")) {
+ sl_send_reply("483","Too Many Hops");
+ exit;
+ }
+
+ if(!sanity_check("1511", "7"))
+ {
+ xlog("Malformed SIP message from $si:$sp\n");
+ exit;
+ }
+}
+
+# Handle requests within SIP dialogs
+route[WITHINDLG] {
+ if (has_totag()) {
+ # sequential request withing a dialog should
+ # take the path determined by record-routing
+ if (loose_route()) {
+ route(DLGURI);
+ if (is_method("BYE")) {
+ setflag(FLT_ACC); # do accounting ...
+ setflag(FLT_ACCFAILED); # ... even if the transaction fails
+ }
+ else if ( is_method("ACK") ) {
+ # ACK is forwarded statelessy
+ route(NATMANAGE);
+ }
+ else if ( is_method("NOTIFY") ) {
+ # Add Record-Route for in-dialog NOTIFY as per RFC 6665.
+ record_route();
+ }
+ route(RELAY);
+ } else {
+ if (is_method("SUBSCRIBE") && uri == myself) {
+ # in-dialog subscribe requests
+ route(PRESENCE);
+ exit;
+ }
+ if ( is_method("ACK") ) {
+ if ( t_check_trans() ) {
+ # no loose-route, but stateful ACK;
+ # must be an ACK after a 487
+ # or e.g. 404 from upstream server
+ route(RELAY);
+ exit;
+ } else {
+ # ACK without matching transaction ... ignore and discard
+ exit;
+ }
+ }
+ sl_send_reply("404","Not here");
+ }
+ exit;
+ }
+}
+
+# Handle SIP registrations
+route[REGISTRAR] {
+ if (is_method("REGISTER"))
+ {
+ if(isflagset(FLT_NATS))
+ {
+ setbflag(FLB_NATB);
+ # uncomment next line to do SIP NAT pinging
+ ## setbflag(FLB_NATSIPPING);
+ }
+ if (!save("location"))
+ sl_reply_error();
+
+ exit;
+ }
+}
+
+# USER location service
+route[LOCATION] {
+
+#!ifdef WITH_SPEEDDIAL
+ # search for short dialing - 2-digit extension
+ if($rU=~"^[0-9][0-9]$")
+ if(sd_lookup("speed_dial"))
+ route(SIPOUT);
+#!endif
+
+#!ifdef WITH_ALIASDB
+ # search in DB-based aliases
+ if(alias_db_lookup("dbaliases"))
+ route(SIPOUT);
+#!endif
+
+ $avp(oexten) = $rU;
+ if (!lookup("location")) {
+ $var(rc) = $rc;
+ route(TOVOICEMAIL);
+ t_newtran();
+ switch ($var(rc)) {
+ case -1:
+ case -3:
+ send_reply("404", "Not Found");
+ exit;
+ case -2:
+ send_reply("405", "Method Not Allowed");
+ exit;
+ }
+ }
+
+ # when routing via usrloc, log the missed calls also
+ if (is_method("INVITE"))
+ {
+ setflag(FLT_ACCMISSED);
+ }
+
+ route(RELAY);
+ exit;
+}
+
+# Presence server route
+route[PRESENCE] {
+ if(!is_method("PUBLISH|SUBSCRIBE"))
+ return;
+
+ if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") {
+ route(TOVOICEMAIL);
+ # returns here if no voicemail server is configured
+ sl_send_reply("404", "No voicemail service");
+ exit;
+ }
+
+#!ifdef WITH_PRESENCE
+ if (!t_newtran())
+ {
+ sl_reply_error();
+ exit;
+ }
+
+ if(is_method("PUBLISH"))
+ {
+ handle_publish();
+ t_release();
+ } else if(is_method("SUBSCRIBE")) {
+ handle_subscribe();
+ t_release();
+ }
+ exit;
+#!endif
+
+ # if presence enabled, this part will not be executed
+ if (is_method("PUBLISH") || $rU==$null)
+ {
+ sl_send_reply("404", "Not here");
+ exit;
+ }
+ return;
+}
+
+# Authentication route
+route[AUTH] {
+#!ifdef WITH_AUTH
+
+#!ifdef WITH_IPAUTH
+ if((!is_method("REGISTER")) && allow_source_address())
+ {
+ # source IP allowed
+ return;
+ }
+#!endif
+
+ if (is_method("REGISTER") || from_uri==myself)
+ {
+ # authenticate requests
+ if (!auth_check("$fd", "subscriber", "1")) {
+ auth_challenge("$fd", "0");
+ exit;
+ }
+ # user authenticated - remove auth header
+ if(!is_method("REGISTER|PUBLISH"))
+ consume_credentials();
+ }
+ # if caller is not local subscriber, then check if it calls
+ # a local destination, otherwise deny, not an open relay here
+ if (from_uri!=myself && uri!=myself)
+ {
+ sl_send_reply("403","Not relaying");
+ exit;
+ }
+
+#!endif
+ return;
+}
+
+# Caller NAT detection route
+route[NATDETECT] {
+#!ifdef WITH_NAT
+ force_rport();
+ if (nat_uac_test("19")) {
+ if (is_method("REGISTER")) {
+ fix_nated_register();
+ } else {
+ if(is_first_hop())
+ set_contact_alias();
+ }
+ setflag(FLT_NATS);
+ }
+#!endif
+ return;
+}
+
+# RTPProxy control
+route[NATMANAGE] {
+#!ifdef WITH_NAT
+ if (is_request()) {
+ if(has_totag()) {
+ if(check_route_param("nat=yes")) {
+ setbflag(FLB_NATB);
+ }
+ }
+ }
+ if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
+ return;
+
+ rtpproxy_manage("co");
+
+ if (is_request()) {
+ if (!has_totag()) {
+ if(t_is_branch_route()) {
+ add_rr_param(";nat=yes");
+ }
+ }
+ }
+ if (is_reply()) {
+ if(isbflagset(FLB_NATB)) {
+ if(is_first_hop())
+ set_contact_alias();
+ }
+ }
+#!endif
+ return;
+}
+
+# URI update for dialog requests
+route[DLGURI] {
+#!ifdef WITH_NAT
+ if(!isdsturiset()) {
+ handle_ruri_alias();
+ }
+#!endif
+ return;
+}
+
+# Routing to foreign domains
+route[SIPOUT] {
+ if (!uri==myself)
+ {
+ append_hf("P-hint: outbound\r\n");
+ route(RELAY);
+ }
+}
+
+# PSTN GW routing
+route[PSTN] {
+#!ifdef WITH_PSTN
+ # check if PSTN GW IP is defined
+ if (strempty($sel(cfg_get.pstn.gw_ip))) {
+ xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");
+ return;
+ }
+
+ # route to PSTN dialed numbers starting with '+' or '00'
+ # (international format)
+ # - update the condition to match your dialing rules for PSTN routing
+ if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))
+ return;
+
+ # only local users allowed to call
+ if(from_uri!=myself) {
+ sl_send_reply("403", "Not Allowed");
+ exit;
+ }
+
+ if (strempty($sel(cfg_get.pstn.gw_port))) {
+ $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
+ } else {
+ $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) + ":"
+ + $sel(cfg_get.pstn.gw_port);
+ }
+
+ route(RELAY);
+ exit;
+#!endif
+
+ return;
+}
+
+# XMLRPC routing
+#!ifdef WITH_XMLRPC
+route[XMLRPC] {
+ # allow XMLRPC from localhost
+ if ((method=="POST" || method=="GET")
+ && (src_ip==127.0.0.1)) {
+ # close connection only for xmlrpclib user agents (there is a bug in
+ # xmlrpclib: it waits for EOF before interpreting the response).
+ if ($hdr(User-Agent) =~ "xmlrpclib")
+ set_reply_close();
+ set_reply_no_connect();
+ dispatch_rpc();
+ exit;
+ }
+ send_reply("403", "Forbidden");
+ exit;
+}
+#!endif
+
+# route to voicemail server
+route[TOVOICEMAIL] {
+#!ifdef WITH_VOICEMAIL
+ if(!is_method("INVITE|SUBSCRIBE"))
+ return;
+
+ # check if VoiceMail server IP is defined
+ if (strempty($sel(cfg_get.voicemail.srv_ip))) {
+ xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n");
+ return;
+ }
+ if(is_method("INVITE")) {
+ if($avp(oexten)==$null)
+ return;
+ $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip)
+ + ":" + $sel(cfg_get.voicemail.srv_port);
+ } else {
+ if($rU==$null)
+ return;
+ $ru = "sip:" + $rU + "@" + $sel(cfg_get.voicemail.srv_ip)
+ + ":" + $sel(cfg_get.voicemail.srv_port);
+ }
+ route(RELAY);
+ exit;
+#!endif
+
+ return;
+}
+
+# manage outgoing branches
+branch_route[MANAGE_BRANCH] {
+ xdbg("new branch [$T_branch_idx] to $ru\n");
+ route(NATMANAGE);
+}
+
+# manage incoming replies
+onreply_route[MANAGE_REPLY] {
+ xdbg("incoming reply\n");
+ if(status=~"[12][0-9][0-9]")
+ route(NATMANAGE);
+}
+
+# manage failure routing cases
+failure_route[MANAGE_FAILURE] {
+ route(NATMANAGE);
+
+ if (t_is_canceled()) {
+ exit;
+ }
+
+#!ifdef WITH_BLOCK3XX
+ # block call redirect based on 3xx replies.
+ if (t_check_status("3[0-9][0-9]")) {
+ t_reply("404","Not found");
+ exit;
+ }
+#!endif
+
+#!ifdef WITH_VOICEMAIL
+ # serial forking
+ # - route to voicemail on busy or no answer (timeout)
+ if (t_check_status("486|408")) {
+ $du = $null;
+ route(TOVOICEMAIL);
+ exit;
+ }
+#!endif
+}
Added: branches/1.0/package/kamailio/etc/tls.cfg
===================================================================
--- branches/1.0/package/kamailio/etc/tls.cfg (rev 0)
+++ branches/1.0/package/kamailio/etc/tls.cfg 2014-08-25 19:52:42 UTC (rev 6657)
@@ -0,0 +1,65 @@
+#
+# $Id$
+#
+# Example Kamailio TLS Configuration File
+#
+
+# This is the default server domain, settings
+# in this domain will be used for all incoming
+# connections that do not match any other server
+# domain in this configuration file.
+#
+# We do not enable anything else than TLSv1
+# over the public internet. Clients do not have
+# to present client certificates by default.
+#
+[server:default]
+method = TLSv1
+verify_certificate = no
+require_certificate = no
+private_key = /mnt/kd/kamailio/certs/server.key
+certificate = /mnt/kd/kamailio/certs/server.crt
+#ca_list = /mnt/kd/kamailio/certs/ca.crt
+#crl = /mnt/kd/kamailio/certs/crl.pem
+
+# This is the default client domain, settings
+# in this domain will be used for all outgoing
+# TLS connections that do not match any other
+# client domain in this configuration file.
+# We require that servers present valid certificate.
+#
+[client:default]
+verify_certificate = yes
+require_certificate = yes
+
+# This is an example server domain for TLS connections
+# received from the loopback interface. We allow
+# the use of SSLv2 and SSLv3 protocols here, we do
+# not require that clients present client certificates
+# but if they present it it must be valid. We also use
+# a special certificate and CA list for loopback
+# interface.
+#
+#[server:127.0.0.1:5061]
+#method = SSLv23
+#verify_certificate = yes
+#require_certificate = no
+#private_key = /mnt/kd/kamailio/certs/local_key.pem
+#certificate = /mnt/kd/kamailio/certs/local_cert.pem
+#verify_depth = 3
+#ca_list = local_ca.pem
+#crl = local_crl.pem
+
+# Special settings for the iptel.org public SIP
+# server. We do not verify the certificate of the
+# server because it can be expired. The server
+# implements authentication using SSL client
+# certificates so configure the client certificate
+# that was given to use by iptel.org staff here.
+#
+#[client:195.37.77.101:5061]
+#verify_certificate = no
+#certificate = /mnt/kd/kamailio/certs/iptel_client.pem
+#private_key = /mnt/kd/kamailio/certs/iptel_key.pem
+#ca_list = /mnt/kd/kamailio/certs/iptel_ca.pem
+#crl = /mnt/kd/kamailio/certs/iptel_crl.pem
Deleted: branches/1.0/package/kamailio/kamailio.cfg
===================================================================
--- branches/1.0/package/kamailio/kamailio.cfg 2014-08-24 21:12:21 UTC (rev 6656)
+++ branches/1.0/package/kamailio/kamailio.cfg 2014-08-25 19:52:42 UTC (rev 6657)
@@ -1,941 +0,0 @@
-#!KAMAILIO
-#
-# Kamailio (OpenSER) SIP Server v4.1 - default configuration script
-# - web: http://www.kamailio.org
-# - git: http://sip-router.org
-#
-# Direct your questions about this file to: <sr-...@li...>
-#
-# Refer to the Core CookBook at http://www.kamailio.org/wiki/
-# for an explanation of possible statements, functions and parameters.
-#
-# Several features can be enabled using '#!define WITH_FEATURE' directives:
-#
-# *** To run in debug mode:
-# - define WITH_DEBUG
-#
-# *** To enable mysql:
-# - define WITH_MYSQL
-#
-# *** To enable authentication execute:
-# - enable mysql
-# - define WITH_AUTH
-# - add users using 'kamctl'
-#
-# *** To enable IP authentication execute:
-# - enable mysql
-# - enable authentication
-# - define WITH_IPAUTH
-# - add IP addresses with group id '1' to 'address' table
-#
-# *** To enable persistent user location execute:
-# - enable mysql
-# - define WITH_USRLOCDB
-#
-# *** To enable presence server execute:
-# - enable mysql
-# - define WITH_PRESENCE
-#
-# *** To enable nat traversal execute:
-# - define WITH_NAT
-# - install RTPProxy: http://www.rtpproxy.org
-# - start RTPProxy:
-# rtpproxy -l _your_public_ip_ -s udp:localhost:7722
-#
-# *** To enable PSTN gateway routing execute:
-# - define WITH_PSTN
-# - set the value of pstn.gw_ip
-# - check route[PSTN] for regexp routing condition
-#
-# *** To enable database aliases lookup execute:
-# - enable mysql
-# - define WITH_ALIASDB
-#
-# *** To enable speed dial lookup execute:
-# - enable mysql
-# - define WITH_SPEEDDIAL
-#
-# *** To enable multi-domain support execute:
-# - enable mysql
-# - define WITH_MULTIDOMAIN
-#
-# *** To enable TLS support execute:
-# - adjust CFGDIR/tls.cfg as needed
-# - define WITH_TLS
-#
-# *** To enable XMLRPC support execute:
-# - define WITH_XMLRPC
-# - adjust route[XMLRPC] for access policy
-#
-# *** To enable anti-flood detection execute:
-# - adjust pike and htable=>ipban settings as needed (default is
-# block if more than 16 requests in 2 seconds and ban for 300 seconds)
-# - define WITH_ANTIFLOOD
-#
-# *** To block 3XX redirect replies execute:
-# - define WITH_BLOCK3XX
-#
-# *** To enable VoiceMail routing execute:
-# - define WITH_VOICEMAIL
-# - set the value of voicemail.srv_ip
-# - adjust the value of voicemail.srv_port
-#
-# *** To enhance accounting execute:
-# - enable mysql
-# - define WITH_ACCDB
-# - add following columns to database
-#!ifdef ACCDB_COMMENT
- ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
- ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
- ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
- ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
- ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
- ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
- ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
- ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
- ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
- ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
- ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
- ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
-#!endif
-
-####### Include Local Config If Exists #########
-import_file "kamailio-local.cfg"
-
-####### Defined Values #########
-
-# *** Value defines - IDs used later in config
-#!ifdef WITH_MYSQL
-# - database URL - used to connect to database server by modules such
-# as: auth_db, acc, usrloc, a.s.o.
-#!ifndef DBURL
-#!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio"
-#!endif
-#!endif
-#!ifdef WITH_MULTIDOMAIN
-# - the value for 'use_domain' parameters
-#!define MULTIDOMAIN 1
-#!else
-#!define MULTIDOMAIN 0
-#!endif
-
-# - flags
-# FLT_ - per transaction (message) flags
-# FLB_ - per branch flags
-#!define FLT_ACC 1
-#!define FLT_ACCMISSED 2
-#!define FLT_ACCFAILED 3
-#!define FLT_NATS 5
-
-#!define FLB_NATB 6
-#!define FLB_NATSIPPING 7
-
-####### Global Parameters #########
-
-### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
-#!ifdef WITH_DEBUG
-debug=4
-log_stderror=yes
-#!else
-debug=2
-log_stderror=no
-#!endif
-
-memdbg=5
-memlog=5
-
-log_facility=LOG_LOCAL0
-
-fork=yes
-children=4
-
-/* uncomment the next line to disable TCP (default on) */
-#disable_tcp=yes
-
-/* uncomment the next line to disable the auto discovery of local aliases
- based on reverse DNS on IPs (default on) */
-#auto_aliases=no
-
-/* add local domain aliases */
-#alias="sip.mydomain.com"
-
-/* uncomment and configure the following line if you want Kamailio to
- bind on a specific interface/port/proto (default bind on all available) */
-listen=udp:127.0.0.1:5065 # CUSTOMIZE ME
-
-/* port to listen to
- * - can be specified more than once if needed to listen on many ports */
-port=5060
-
-#!ifdef WITH_TLS
-enable_tls=yes
-#!endif
-
-# life time of TCP connection when there is no traffic
-# - a bit higher than registration expires to cope with UA behind NAT
-tcp_connection_lifetime=3605
-
-####### Custom Parameters #########
-
-# These parameters can be modified runtime via RPC interface
-# - see the documentation of 'cfg_rpc' module.
-#
-# Format: group.id = value 'desc' description
-# Access: $sel(cfg_get.group.id) or @cfg_get.group.id
-#
-
-#!ifdef WITH_PSTN
-# PSTN GW Routing
-#
-# - pstn.gw_ip: valid IP or hostname as string value, example:
-# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
-#
-# - by default is empty to avoid misrouting
-pstn.gw_ip = "" desc "PSTN GW Address"
-pstn.gw_port = "" desc "PSTN GW Port"
-#!endif
-
-#!ifdef WITH_VOICEMAIL
-# VoiceMail Routing on offline, busy or no answer
-#
-# - by default Voicemail server IP is empty to avoid misrouting
-voicemail.srv_ip = "" desc "VoiceMail IP Address"
-voicemail.srv_port = "5060" desc "VoiceMail Port"
-#!endif
-
-####### Modules Section ########
-
-# set paths to location of modules (to sources or installation folders)
-#!ifdef WITH_SRCPATH
-mpath="modules/"
-#!else
-mpath="/lib/kamailio/modules/"
-#!endif
-
-#!ifdef WITH_MYSQL
-loadmodule "db_mysql.so"
-#!endif
-
-loadmodule "mi_fifo.so"
-loadmodule "kex.so"
-loadmodule "corex.so"
-loadmodule "tm.so"
-loadmodule "tmx.so"
-loadmodule "sl.so"
-loadmodule "rr.so"
-loadmodule "pv.so"
-loadmodule "maxfwd.so"
-loadmodule "usrloc.so"
-loadmodule "registrar.so"
-loadmodule "textops.so"
-loadmodule "siputils.so"
-loadmodule "xlog.so"
-loadmodule "sanity.so"
-loadmodule "ctl.so"
-loadmodule "cfg_rpc.so"
-loadmodule "mi_rpc.so"
-loadmodule "acc.so"
-
-#!ifdef WITH_AUTH
-loadmodule "auth.so"
-loadmodule "auth_db.so"
-#!ifdef WITH_IPAUTH
-loadmodule "permissions.so"
-#!endif
-#!endif
-
-#!ifdef WITH_ALIASDB
-loadmodule "alias_db.so"
-#!endif
-
-#!ifdef WITH_SPEEDDIAL
-loadmodule "speeddial.so"
-#!endif
-
-#!ifdef WITH_MULTIDOMAIN
-loadmodule "domain.so"
-#!endif
-
-#!ifdef WITH_PRESENCE
-loadmodule "presence.so"
-loadmodule "presence_xml.so"
-#!endif
-
-#!ifdef WITH_NAT
-loadmodule "nathelper.so"
-loadmodule "rtpproxy.so"
-#!endif
-
-#!ifdef WITH_TLS
-loadmodule "tls.so"
-#!endif
-
-#!ifdef WITH_ANTIFLOOD
-loadmodule "htable.so"
-loadmodule "pike.so"
-#!endif
-
-#!ifdef WITH_XMLRPC
-loadmodule "xmlrpc.so"
-#!endif
-
-#!ifdef WITH_DEBUG
-loadmodule "debugger.so"
-#!endif
-
-# ----------------- setting module-specific parameters ---------------
-
-
-# ----- mi_fifo params -----
-modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
-
-
-# ----- tm params -----
-# auto-discard branches from previous serial forking leg
-modparam("tm", "failure_reply_mode", 3)
-# default retransmission timeout: 30sec
-modparam("tm", "fr_timer", 30000)
-# default invite retransmission timeout after 1xx: 120sec
-modparam("tm", "fr_inv_timer", 120000)
-
-
-# ----- rr params -----
-# add value to ;lr param to cope with most of the UAs
-modparam("rr", "enable_full_lr", 1)
-# do not append from tag to the RR (no need for this script)
-modparam("rr", "append_fromtag", 0)
-
-
-# ----- registrar params -----
-modparam("registrar", "method_filtering", 1)
-/* uncomment the next line to disable parallel forking via location */
-# modparam("registrar", "append_branches", 0)
-/* uncomment the next line not to allow more than 10 contacts per AOR */
-#modparam("registrar", "max_contacts", 10)
-# max value for expires of registrations
-modparam("registrar", "max_expires", 3600)
-# set it to 1 to enable GRUU
-modparam("registrar", "gruu_enabled", 0)
-
-
-# ----- acc params -----
-/* what special events should be accounted ? */
-modparam("acc", "early_media", 0)
-modparam("acc", "report_ack", 0)
-modparam("acc", "report_cancels", 0)
-/* by default ww do not adjust the direct of the sequential requests.
- if you enable this parameter, be sure the enable "append_fromtag"
- in "rr" module */
-modparam("acc", "detect_direction", 0)
-/* account triggers (flags) */
-modparam("acc", "log_flag", FLT_ACC)
-modparam("acc", "log_missed_flag", FLT_ACCMISSED)
-modparam("acc", "log_extra",
- "src_user=$fU;src_domain=$fd;src_ip=$si;"
- "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
-modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
-/* enhanced DB accounting */
-#!ifdef WITH_ACCDB
-modparam("acc", "db_flag", FLT_ACC)
-modparam("acc", "db_missed_flag", FLT_ACCMISSED)
-modparam("acc", "db_url", DBURL)
-modparam("acc", "db_extra",
- "src_user=$fU;src_domain=$fd;src_ip=$si;"
- "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
-#!endif
-
-
-# ----- usrloc params -----
-/* enable DB persistency for location entries */
-#!ifdef WITH_USRLOCDB
-modparam("usrloc", "db_url", DBURL)
-modparam("usrloc", "db_mode", 2)
-modparam("usrloc", "use_domain", MULTIDOMAIN)
-#!endif
-
-
-# ----- auth_db params -----
-#!ifdef WITH_AUTH
-modparam("auth_db", "db_url", DBURL)
-modparam("auth_db", "calculate_ha1", yes)
-modparam("auth_db", "password_column", "password")
-modparam("auth_db", "load_credentials", "")
-modparam("auth_db", "use_domain", MULTIDOMAIN)
-
-# ----- permissions params -----
-#!ifdef WITH_IPAUTH
-modparam("permissions", "db_url", DBURL)
-modparam("permissions", "db_mode", 1)
-#!endif
-
-#!endif
-
-
-# ----- alias_db params -----
-#!ifdef WITH_ALIASDB
-modparam("alias_db", "db_url", DBURL)
-modparam("alias_db", "use_domain", MULTIDOMAIN)
-#!endif
-
-
-# ----- speeddial params -----
-#!ifdef WITH_SPEEDDIAL
-modparam("speeddial", "db_url", DBURL)
-modparam("speeddial", "use_domain", MULTIDOMAIN)
-#!endif
-
-
-# ----- domain params -----
-#!ifdef WITH_MULTIDOMAIN
-modparam("domain", "db_url", DBURL)
-# register callback to match myself condition with domains list
-modparam("domain", "register_myself", 1)
-#!endif
-
-
-#!ifdef WITH_PRESENCE
-# ----- presence params -----
-modparam("presence", "db_url", DBURL)
-
-# ----- presence_xml params -----
-modparam("presence_xml", "db_url", DBURL)
-modparam("presence_xml", "force_active", 1)
-#!endif
-
-
-#!ifdef WITH_NAT
-# ----- rtpproxy params -----
-modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
-
-# ----- nathelper params -----
-modparam("nathelper", "natping_interval", 30)
-modparam("nathelper", "ping_nated_only", 1)
-modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
-modparam("nathelper", "sipping_from", "sip:pi...@ka...")
-
-# params needed for NAT traversal in other modules
-modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
-modparam("usrloc", "nat_bflag", FLB_NATB)
-#!endif
-
-
-#!ifdef WITH_TLS
-# ----- tls params -----
-modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")
-#!endif
-
-#!ifdef WITH_ANTIFLOOD
-# ----- pike params -----
-modparam("pike", "sampling_time_unit", 2)
-modparam("pike", "reqs_density_per_unit", 16)
-modparam("pike", "remove_latency", 4)
-
-# ----- htable params -----
-# ip ban htable with autoexpire after 5 minutes
-modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
-#!endif
-
-#!ifdef WITH_XMLRPC
-# ----- xmlrpc params -----
-modparam("xmlrpc", "route", "XMLRPC");
-modparam("xmlrpc", "url_match", "^/RPC")
-#!endif
-
-#!ifdef WITH_DEBUG
-# ----- debugger params -----
-modparam("debugger", "cfgtrace", 1)
-#!endif
-
-####### Routing Logic ########
-
-
-# Main SIP request routing logic
-# - processing of any incoming SIP request starts with this route
-# - note: this is the same as route { ... }
-request_route {
-
- # per request initial checks
- route(REQINIT);
-
- # NAT detection
- route(NATDETECT);
-
- # CANCEL processing
- if (is_method("CANCEL"))
- {
- if (t_check_trans()) {
- route(RELAY);
- }
- exit;
- }
-
- # handle requests within SIP dialogs
- route(WITHINDLG);
-
- ### only initial requests (no To tag)
-
- t_check_trans();
-
- # authentication
- route(AUTH);
-
- # record routing for dialog forming requests (in case they are routed)
- # - remove preloaded route headers
- remove_hf("Route");
- if (is_method("INVITE|SUBSCRIBE"))
- record_route();
-
- # account only INVITEs
- if (is_method("INVITE"))
- {
- setflag(FLT_ACC); # do accounting
- }
-
- # dispatch requests to foreign domains
- route(SIPOUT);
-
- ### requests for my local domains
-
- # handle presence related requests
- route(PRESENCE);
-
- # handle registrations
- route(REGISTRAR);
-
- if ($rU==$null)
- {
- # request with no Username in RURI
- sl_send_reply("484","Address Incomplete");
- exit;
- }
-
- # dispatch destinations to PSTN
- route(PSTN);
-
- # user location service
- route(LOCATION);
-}
-
-
-route[RELAY] {
-
- # enable additional event routes for forwarded requests
- # - serial forking, RTP relaying handling, a.s.o.
- if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
- if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
- }
- if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
- if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
- }
- if (is_method("INVITE")) {
- if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
- }
-
- if (!t_relay()) {
- sl_reply_error();
- }
- exit;
-}
-
-# Per SIP request initial checks
-route[REQINIT] {
-#!ifdef WITH_ANTIFLOOD
- # flood dection from same IP and traffic ban for a while
- # be sure you exclude checking trusted peers, such as pstn gateways
- # - local host excluded (e.g., loop to self)
- if(src_ip!=myself)
- {
- if($sht(ipban=>$si)!=$null)
- {
- # ip is already blocked
- xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
- exit;
- }
- if (!pike_check_req())
- {
- xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
- $sht(ipban=>$si) = 1;
- exit;
- }
- }
-#!endif
-
- if (!mf_process_maxfwd_header("10")) {
- sl_send_reply("483","Too Many Hops");
- exit;
- }
-
- if(!sanity_check("1511", "7"))
- {
- xlog("Malformed SIP message from $si:$sp\n");
- exit;
- }
-}
-
-# Handle requests within SIP dialogs
-route[WITHINDLG] {
- if (has_totag()) {
- # sequential request withing a dialog should
- # take the path determined by record-routing
- if (loose_route()) {
- route(DLGURI);
- if (is_method("BYE")) {
- setflag(FLT_ACC); # do accounting ...
- setflag(FLT_ACCFAILED); # ... even if the transaction fails
- }
- else if ( is_method("ACK") ) {
- # ACK is forwarded statelessy
- route(NATMANAGE);
- }
- else if ( is_method("NOTIFY") ) {
- # Add Record-Route for in-dialog NOTIFY as per RFC 6665.
- record_route();
- }
- route(RELAY);
- } else {
- if (is_method("SUBSCRIBE") && uri == myself) {
- # in-dialog subscribe requests
- route(PRESENCE);
- exit;
- }
- if ( is_method("ACK") ) {
- if ( t_check_trans() ) {
- # no loose-route, but stateful ACK;
- # must be an ACK after a 487
- # or e.g. 404 from upstream server
- route(RELAY);
- exit;
- } else {
- # ACK without matching transaction ... ignore and discard
- exit;
- }
- }
- sl_send_reply("404","Not here");
- }
- exit;
- }
-}
-
-# Handle SIP registrations
-route[REGISTRAR] {
- if (is_method("REGISTER"))
- {
- if(isflagset(FLT_NATS))
- {
- setbflag(FLB_NATB);
- # uncomment next line to do SIP NAT pinging
- ## setbflag(FLB_NATSIPPING);
- }
- if (!save("location"))
- sl_reply_error();
-
- exit;
- }
-}
-
-# USER location service
-route[LOCATION] {
-
-#!ifdef WITH_SPEEDDIAL
- # search for short dialing - 2-digit extension
- if($rU=~"^[0-9][0-9]$")
- if(sd_lookup("speed_dial"))
- route(SIPOUT);
-#!endif
-
-#!ifdef WITH_ALIASDB
- # search in DB-based aliases
- if(alias_db_lookup("dbaliases"))
- route(SIPOUT);
-#!endif
-
- $avp(oexten) = $rU;
- if (!lookup("location")) {
- $var(rc) = $rc;
- route(TOVOICEMAIL);
- t_newtran();
- switch ($var(rc)) {
- case -1:
- case -3:
- send_reply("404", "Not Found");
- exit;
- case -2:
- send_reply("405", "Method Not Allowed");
- exit;
- }
- }
-
- # when routing via usrloc, log the missed calls also
- if (is_method("INVITE"))
- {
- setflag(FLT_ACCMISSED);
- }
-
- route(RELAY);
- exit;
-}
-
-# Presence server route
-route[PRESENCE] {
- if(!is_method("PUBLISH|SUBSCRIBE"))
- return;
-
- if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") {
- route(TOVOICEMAIL);
- # returns here if no voicemail server is configured
- sl_send_reply("404", "No voicemail service");
- exit;
- }
-
-#!ifdef WITH_PRESENCE
- if (!t_newtran())
- {
- sl_reply_error();
- exit;
- }
-
- if(is_method("PUBLISH"))
- {
- handle_publish();
- t_release();
- } else if(is_method("SUBSCRIBE")) {
- handle_subscribe();
- t_release();
- }
- exit;
-#!endif
-
- # if presence enabled, this part will not be executed
- if (is_method("PUBLISH") || $rU==$null)
- {
- sl_send_reply("404", "Not here");
- exit;
- }
- return;
-}
-
-# Authentication route
-route[AUTH] {
-#!ifdef WITH_AUTH
-
-#!ifdef WITH_IPAUTH
- if((!is_method("REGISTER")) && allow_source_address())
- {
- # source IP allowed
- return;
- }
-#!endif
-
- if (is_method("REGISTER") || from_uri==myself)
- {
- # authenticate requests
- if (!auth_check("$fd", "subscriber", "1")) {
- auth_challenge("$fd", "0");
- exit;
- }
- # user authenticated - remove auth header
- if(!is_method("REGISTER|PUBLISH"))
- consume_credentials();
- }
- # if caller is not local subscriber, then check if it calls
- # a local destination, otherwise deny, not an open relay here
- if (from_uri!=myself && uri!=myself)
- {
- ...
[truncated message content] |
