1
|
|
2
|
#!KAMAILIO
|
3
|
#
|
4
|
#!define WITH_MYSQL
|
5
|
#!define WITH_AUTH
|
6
|
#!define WITH_USRLOCDB
|
7
|
#!define WITH_NAT
|
8
|
#!define WITH_ANTIFLOOD
|
9
|
#
|
10
|
#
|
11
|
# Kamailio (OpenSER) SIP Server v5.0 - default configuration script
|
12
|
# - web: http://www.kamailio.org
|
13
|
# - git: http://sip-router.org
|
14
|
#
|
15
|
# Direct your questions about this file to: <[email protected]>
|
16
|
#
|
17
|
# Refer to the Core CookBook at http://www.kamailio.org/wiki/
|
18
|
# for an explanation of possible statements, functions and parameters.
|
19
|
#
|
20
|
# Several features can be enabled using '#!define WITH_FEATURE' directives:
|
21
|
#
|
22
|
# *** To run in debug mode:
|
23
|
# - define WITH_DEBUG
|
24
|
#
|
25
|
# *** To enable mysql:
|
26
|
# - define WITH_MYSQL
|
27
|
#
|
28
|
# *** To enable authentication execute:
|
29
|
# - enable mysql
|
30
|
# - define WITH_AUTH
|
31
|
# - add users using 'kamctl'
|
32
|
#
|
33
|
# *** To enable IP authentication execute:
|
34
|
# - enable mysql
|
35
|
# - enable authentication
|
36
|
# - define WITH_IPAUTH
|
37
|
# - add IP addresses with group id '1' to 'address' table
|
38
|
#
|
39
|
# *** To enable persistent user location execute:
|
40
|
# - enable mysql
|
41
|
# - define WITH_USRLOCDB
|
42
|
#
|
43
|
# *** To enable presence server execute:
|
44
|
# - enable mysql
|
45
|
# - define WITH_PRESENCE
|
46
|
#
|
47
|
# *** To enable nat traversal execute:
|
48
|
# - define WITH_NAT
|
49
|
# - install RTPProxy: http://www.rtpproxy.org
|
50
|
# - start RTPProxy:
|
51
|
# rtpproxy -l _your_public_ip_ -s udp:localhost:7722
|
52
|
# - option for NAT SIP OPTIONS keepalives: WITH_NATSIPPING
|
53
|
#
|
54
|
# *** To enable PSTN gateway routing execute:
|
55
|
# - define WITH_PSTN
|
56
|
# - set the value of pstn.gw_ip
|
57
|
# - check route[PSTN] for regexp routing condition
|
58
|
#
|
59
|
# *** To enable database aliases lookup execute:
|
60
|
# - enable mysql
|
61
|
# - define WITH_ALIASDB
|
62
|
#
|
63
|
# *** To enable speed dial lookup execute:
|
64
|
# - enable mysql
|
65
|
# - define WITH_SPEEDDIAL
|
66
|
#
|
67
|
# *** To enable multi-domain support execute:
|
68
|
# - enable mysql
|
69
|
# - define WITH_MULTIDOMAIN
|
70
|
#
|
71
|
# *** To enable TLS support execute:
|
72
|
# - adjust CFGDIR/tls.cfg as needed
|
73
|
# - define WITH_TLS
|
74
|
#
|
75
|
# *** To enable XMLRPC support execute:
|
76
|
# - define WITH_XMLRPC
|
77
|
# - adjust route[XMLRPC] for access policy
|
78
|
#
|
79
|
# *** To enable anti-flood detection execute:
|
80
|
# - adjust pike and htable=>ipban settings as needed (default is
|
81
|
# block if more than 16 requests in 2 seconds and ban for 300 seconds)
|
82
|
# - define WITH_ANTIFLOOD
|
83
|
#
|
84
|
# *** To block 3XX redirect replies execute:
|
85
|
# - define WITH_BLOCK3XX
|
86
|
#
|
87
|
# *** To enable VoiceMail routing execute:
|
88
|
# - define WITH_VOICEMAIL
|
89
|
# - set the value of voicemail.srv_ip
|
90
|
# - adjust the value of voicemail.srv_port
|
91
|
#
|
92
|
# *** To enhance accounting execute:
|
93
|
# - enable mysql
|
94
|
# - define WITH_ACCDB
|
95
|
# - add following columns to database
|
96
|
#!ifdef ACCDB_COMMENT
|
97
|
ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
|
98
|
ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
|
99
|
ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
|
100
|
ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
|
101
|
ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
|
102
|
ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
|
103
|
ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
|
104
|
ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
|
105
|
ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
|
106
|
ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
|
107
|
ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
|
108
|
ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
|
109
|
#!endif
|
110
|
|
111
|
####### Include Local Config If Exists #########
|
112
|
import_file "kamailio-local.cfg"
|
113
|
|
114
|
####### Defined Values #########
|
115
|
|
116
|
# *** Value defines - IDs used later in config
|
117
|
#!ifdef WITH_MYSQL
|
118
|
# - database URL - used to connect to database server by modules such
|
119
|
# as: auth_db, acc, usrloc, a.s.o.
|
120
|
#!ifndef DBURL
|
121
|
#!define DBURL "mysql://kamailiou:kamailiou1234@localhost/kamailio"
|
122
|
#!endif
|
123
|
#!endif
|
124
|
#!ifdef WITH_MULTIDOMAIN
|
125
|
# - the value for 'use_domain' parameters
|
126
|
#!define MULTIDOMAIN 1
|
127
|
#!else
|
128
|
#!define MULTIDOMAIN 0
|
129
|
#!endif
|
130
|
|
131
|
# - flags
|
132
|
# FLT_ - per transaction (message) flags
|
133
|
# FLB_ - per branch flags
|
134
|
#!define FLT_ACC 1
|
135
|
#!define FLT_ACCMISSED 2
|
136
|
#!define FLT_ACCFAILED 3
|
137
|
#!define FLT_NATS 5
|
138
|
|
139
|
#!define FLB_NATB 6
|
140
|
#!define FLB_NATSIPPING 7
|
141
|
|
142
|
#!substdef "!MY_IP_ADDR!178.254.42.100!g"
|
143
|
#!substdef "!MY_DOMAIN!vaglxc01.goautodial.com!g"
|
144
|
#!substdef "!MY_WS_PORT!8080!g"
|
145
|
#!substdef "!MY_WSS_PORT!4443!g"
|
146
|
#!substdef "!MY_MSRP_PORT!9080!g"
|
147
|
#!substdef "!MY_WS_ADDR!tcp:MY_IP_ADDR:MY_WS_PORT!g"
|
148
|
#!substdef "!MY_WSS_ADDR!tls:MY_IP_ADDR:MY_WSS_PORT!g"
|
149
|
#!substdef "!MY_MSRP_ADDR!tls:MY_IP_ADDR:MY_MSRP_PORT!g"
|
150
|
#!substdef "!MSRP_MIN_EXPIRES!1800!g"
|
151
|
#!substdef "!MSRP_MAX_EXPIRES!3600!g"
|
152
|
|
153
|
#!define WITH_TLS
|
154
|
#!define WITH_WEBSOCKETS
|
155
|
#!define WITH_MSRP
|
156
|
|
157
|
####### Global Parameters #########
|
158
|
|
159
|
### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
|
160
|
#!ifdef WITH_DEBUG
|
161
|
debug=3
|
162
|
log_stderror=no
|
163
|
#!else
|
164
|
debug=2
|
165
|
log_stderror=no
|
166
|
#!endif
|
167
|
|
168
|
memdbg=5
|
169
|
memlog=5
|
170
|
|
171
|
log_facility=LOG_LOCAL0
|
172
|
|
173
|
fork=yes
|
174
|
children=4
|
175
|
|
176
|
/* uncomment the next line to disable TCP (default on) */
|
177
|
#disable_tcp=yes
|
178
|
|
179
|
/* uncomment the next line to disable the auto discovery of local aliases
|
180
|
based on reverse DNS on IPs (default on) */
|
181
|
#auto_aliases=no
|
182
|
|
183
|
/* add local domain aliases */
|
184
|
alias="178.254.42.100"
|
185
|
alias="vaglxc01.goautodial.com"
|
186
|
|
187
|
/* uncomment and configure the following line if you want Kamailio to
|
188
|
bind on a specific interface/port/proto (default bind on all available) */
|
189
|
listen=udp:127.0.0.1:5060
|
190
|
listen=udp:178.254.42.100:5060
|
191
|
|
192
|
/* port to listen to
|
193
|
* - can be specified more than once if needed to listen on many ports */
|
194
|
#port=5060
|
195
|
|
196
|
#!ifdef WITH_TLS
|
197
|
enable_tls=yes
|
198
|
#!endif
|
199
|
|
200
|
listen=MY_IP_ADDR
|
201
|
#!ifdef WITH_WEBSOCKETS
|
202
|
listen=MY_WS_ADDR
|
203
|
#!ifdef WITH_TLS
|
204
|
listen=MY_WSS_ADDR
|
205
|
#!endif
|
206
|
#!endif
|
207
|
#!ifdef WITH_MSRP
|
208
|
listen=MY_MSRP_ADDR
|
209
|
#!endif
|
210
|
|
211
|
tcp_connection_lifetime=3604
|
212
|
tcp_accept_no_cl=yes
|
213
|
tcp_rd_buf_size=16384
|
214
|
|
215
|
# life time of TCP connection when there is no traffic
|
216
|
# - a bit higher than registration expires to cope with UA behind NAT
|
217
|
#tcp_connection_lifetime=3605
|
218
|
|
219
|
####### Custom Parameters #########
|
220
|
|
221
|
# These parameters can be modified runtime via RPC interface
|
222
|
# - see the documentation of 'cfg_rpc' module.
|
223
|
#
|
224
|
# Format: group.id = value 'desc' description
|
225
|
# Access: $sel(cfg_get.group.id) or @cfg_get.group.id
|
226
|
#
|
227
|
|
228
|
#!ifdef WITH_PSTN
|
229
|
# PSTN GW Routing
|
230
|
#
|
231
|
# - pstn.gw_ip: valid IP or hostname as string value, example:
|
232
|
# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
|
233
|
#
|
234
|
# - by default is empty to avoid misrouting
|
235
|
pstn.gw_ip = "" desc "tos.cloud.goautodial.com GW Address"
|
236
|
pstn.gw_port = "" desc "PSTN GW Port"
|
237
|
#!endif
|
238
|
|
239
|
#!ifdef WITH_VOICEMAIL
|
240
|
# VoiceMail Routing on offline, busy or no answer
|
241
|
#
|
242
|
# - by default Voicemail server IP is empty to avoid misrouting
|
243
|
voicemail.srv_ip = "" desc "VoiceMail IP Address"
|
244
|
voicemail.srv_port = "5060" desc "VoiceMail Port"
|
245
|
#!endif
|
246
|
|
247
|
# don't advertise server headers
|
248
|
server_signature=no
|
249
|
sip_warning=0
|
250
|
|
251
|
####### Modules Section ########
|
252
|
|
253
|
# set paths to location of modules (to sources or installation folders)
|
254
|
#!ifdef WITH_SRCPATH
|
255
|
mpath="modules/"
|
256
|
#!else
|
257
|
mpath="/usr/lib64/kamailio/modules/"
|
258
|
#mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/"
|
259
|
#!endif
|
260
|
|
261
|
#!ifdef WITH_MYSQL
|
262
|
loadmodule "db_mysql.so"
|
263
|
#!endif
|
264
|
|
265
|
#loadmodule "topoh.so"
|
266
|
#loadmodule "mi_fifo.so"
|
267
|
loadmodule "jsonrpcs.so"
|
268
|
loadmodule "kex.so"
|
269
|
loadmodule "corex.so"
|
270
|
loadmodule "tm.so"
|
271
|
loadmodule "tmx.so"
|
272
|
loadmodule "sl.so"
|
273
|
loadmodule "rr.so"
|
274
|
loadmodule "pv.so"
|
275
|
loadmodule "maxfwd.so"
|
276
|
loadmodule "usrloc.so"
|
277
|
loadmodule "registrar.so"
|
278
|
loadmodule "textops.so"
|
279
|
loadmodule "siputils.so"
|
280
|
loadmodule "xlog.so"
|
281
|
loadmodule "sanity.so"
|
282
|
loadmodule "ctl.so"
|
283
|
loadmodule "cfg_rpc.so"
|
284
|
loadmodule "acc.so"
|
285
|
|
286
|
#!ifdef WITH_AUTH
|
287
|
loadmodule "auth.so"
|
288
|
loadmodule "auth_db.so"
|
289
|
#!ifdef WITH_IPAUTH
|
290
|
loadmodule "permissions.so"
|
291
|
#!endif
|
292
|
#!endif
|
293
|
|
294
|
#!ifdef WITH_ALIASDB
|
295
|
loadmodule "alias_db.so"
|
296
|
#!endif
|
297
|
|
298
|
#!ifdef WITH_SPEEDDIAL
|
299
|
loadmodule "speeddial.so"
|
300
|
#!endif
|
301
|
|
302
|
#!ifdef WITH_MULTIDOMAIN
|
303
|
loadmodule "domain.so"
|
304
|
#!endif
|
305
|
|
306
|
#!ifdef WITH_PRESENCE
|
307
|
loadmodule "presence.so"
|
308
|
loadmodule "presence_xml.so"
|
309
|
#!endif
|
310
|
|
311
|
#!ifdef WITH_NAT
|
312
|
loadmodule "nathelper.so"
|
313
|
loadmodule "rtpengine.so"
|
314
|
#loadmodule "rtpproxy.so"
|
315
|
#!endif
|
316
|
|
317
|
#!ifdef WITH_TLS
|
318
|
loadmodule "tls.so"
|
319
|
#!endif
|
320
|
|
321
|
#!ifdef WITH_MSRP
|
322
|
loadmodule "msrp.so"
|
323
|
#loadmodule "htable.so"
|
324
|
loadmodule "cfgutils.so"
|
325
|
#!endif
|
326
|
|
327
|
#!ifdef WITH_WEBSOCKETS
|
328
|
loadmodule "xhttp.so"
|
329
|
loadmodule "websocket.so"
|
330
|
loadmodule "sdpops.so"
|
331
|
loadmodule "textopsx.so"
|
332
|
loadmodule "dialog.so"
|
333
|
loadmodule "sst.so"
|
334
|
#!endif
|
335
|
|
336
|
#!ifdef WITH_ANTIFLOOD
|
337
|
loadmodule "htable.so"
|
338
|
loadmodule "pike.so"
|
339
|
#!endif
|
340
|
|
341
|
#!ifdef WITH_XMLRPC
|
342
|
loadmodule "xmlrpc.so"
|
343
|
#!endif
|
344
|
|
345
|
#!ifdef WITH_DEBUG
|
346
|
loadmodule "debugger.so"
|
347
|
#!endif
|
348
|
|
349
|
# ----------------- setting module-specific parameters ---------------
|
350
|
|
351
|
# ---- topoh params -----
|
352
|
#modparam("topoh", "mask_key", "Gu3ssWh@T1tS2016")
|
353
|
#modparam("topoh", "mask_ip", "10.0.0.1")
|
354
|
#modparam("topoh", "mask_callid", 1)
|
355
|
|
356
|
# ----- mi_fifo params -----
|
357
|
#modparam("mi_fifo", "fifo_name", "/var/run/kamailio/kamailio_fifo")
|
358
|
|
359
|
# ----- jsonrpcs params -----
|
360
|
modparam("jsonrpcs", "pretty_format", 1)
|
361
|
/* set the path to RPC fifo control file */
|
362
|
modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamailio_rpc.fifo")
|
363
|
/* set the path to RPC unix socket control file */
|
364
|
modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio/kamailio_rpc.sock")
|
365
|
|
366
|
# ----- tm params -----
|
367
|
# auto-discard branches from previous serial forking leg
|
368
|
modparam("tm", "failure_reply_mode", 3)
|
369
|
# default retransmission timeout: 30sec
|
370
|
modparam("tm", "fr_timer", 30000)
|
371
|
# default invite retransmission timeout after 1xx: 120sec
|
372
|
modparam("tm", "fr_inv_timer", 120000)
|
373
|
|
374
|
|
375
|
# ----- rr params -----
|
376
|
# set next param to 1 to add value to ;lr param (helps with some UAs)
|
377
|
modparam("rr", "enable_full_lr", 0)
|
378
|
# do not append from tag to the RR (no need for this script)
|
379
|
modparam("rr", "append_fromtag", 0)
|
380
|
|
381
|
|
382
|
# ----- registrar params -----
|
383
|
modparam("registrar", "method_filtering", 1)
|
384
|
/* uncomment the next line to disable parallel forking via location */
|
385
|
modparam("registrar", "append_branches", 0)
|
386
|
/* uncomment the next line not to allow more than 100 contacts per AOR */
|
387
|
modparam("registrar", "max_contacts", 100)
|
388
|
# max value for expires of registrations
|
389
|
modparam("registrar", "max_expires", 3600)
|
390
|
# set it to 1 to enable GRUU
|
391
|
modparam("registrar", "gruu_enabled", 0)
|
392
|
|
393
|
|
394
|
# ----- acc params -----
|
395
|
/* what special events should be accounted ? */
|
396
|
modparam("acc", "early_media", 0)
|
397
|
modparam("acc", "report_ack", 0)
|
398
|
modparam("acc", "report_cancels", 0)
|
399
|
/* by default ww do not adjust the direct of the sequential requests.
|
400
|
if you enable this parameter, be sure the enable "append_fromtag"
|
401
|
in "rr" module */
|
402
|
modparam("acc", "detect_direction", 0)
|
403
|
/* account triggers (flags) */
|
404
|
modparam("acc", "log_flag", FLT_ACC)
|
405
|
modparam("acc", "log_missed_flag", FLT_ACCMISSED)
|
406
|
modparam("acc", "log_extra",
|
407
|
"src_user=$fU;src_domain=$fd;src_ip=$si;"
|
408
|
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
|
409
|
modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
|
410
|
/* enhanced DB accounting */
|
411
|
#!ifdef WITH_ACCDB
|
412
|
modparam("acc", "db_flag", FLT_ACC)
|
413
|
modparam("acc", "db_missed_flag", FLT_ACCMISSED)
|
414
|
modparam("acc", "db_url", DBURL)
|
415
|
modparam("acc", "db_extra",
|
416
|
"src_user=$fU;src_domain=$fd;src_ip=$si;"
|
417
|
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
|
418
|
#!endif
|
419
|
|
420
|
|
421
|
# ----- usrloc params -----
|
422
|
/* enable DB persistency for location entries */
|
423
|
#!ifdef WITH_USRLOCDB
|
424
|
modparam("usrloc", "db_url", DBURL)
|
425
|
modparam("usrloc", "db_mode", 1)
|
426
|
modparam("usrloc", "use_domain", MULTIDOMAIN)
|
427
|
modparam("usrloc", "timer_interval", 60)
|
428
|
modparam("usrloc", "timer_procs", 4)
|
429
|
#!endif
|
430
|
|
431
|
|
432
|
# ----- auth_db params -----
|
433
|
#!ifdef WITH_AUTH
|
434
|
modparam("auth_db", "db_url", DBURL)
|
435
|
modparam("auth_db", "calculate_ha1", 0)
|
436
|
modparam("auth_db", "password_column", "ha1")
|
437
|
modparam("auth_db", "load_credentials", "")
|
438
|
modparam("auth_db", "use_domain", MULTIDOMAIN)
|
439
|
|
440
|
modparam("auth", "nonce_count", 1) # enable nonce_count support
|
441
|
modparam("auth", "qop", "auth") # enable qop=auth
|
442
|
modparam("auth", "nonce_expire", 60)
|
443
|
modparam("auth", "nonce_auth_max_drift", 2)
|
444
|
|
445
|
# For REGISTER requests we hash the Request-URI, Call-ID, and source IP of the
|
446
|
# request into the nonce string. This ensures that the generated credentials
|
447
|
# cannot be used with another registrar, user agent with another source IP
|
448
|
# address or Call-ID. Note that user agents that change Call-ID with every
|
449
|
# REGISTER message will not be able to register if you enable this.
|
450
|
modparam("auth", "auth_checks_register", 11)
|
451
|
|
452
|
# For dialog-establishing requests (such as the original INVITE, OPTIONS, etc)
|
453
|
# we hash the Request-URI and source IP. Hashing Call-ID and From tags takes
|
454
|
# some extra precaution, because these checks could render some UA unusable.
|
455
|
modparam("auth", "auth_checks_no_dlg", 9)
|
456
|
|
457
|
# For mid-dialog requests, such as re-INVITE, we can hash source IP and
|
458
|
# Request-URI just like in the previous case. In addition to that we can hash
|
459
|
# Call-ID and From tag because these are fixed within a dialog and are
|
460
|
# guaranteed not to change. This settings effectively restrict the usage of
|
461
|
# generated credentials to a single user agent within a single dialog.
|
462
|
modparam("auth", "auth_checks_in_dlg", 15)
|
463
|
|
464
|
# ----- permissions params -----
|
465
|
#!ifdef WITH_IPAUTH
|
466
|
modparam("permissions", "db_url", DBURL)
|
467
|
modparam("permissions", "db_mode", 1)
|
468
|
#!endif
|
469
|
|
470
|
#!endif
|
471
|
|
472
|
|
473
|
# ----- alias_db params -----
|
474
|
#!ifdef WITH_ALIASDB
|
475
|
modparam("alias_db", "db_url", DBURL)
|
476
|
modparam("alias_db", "use_domain", MULTIDOMAIN)
|
477
|
#!endif
|
478
|
|
479
|
|
480
|
# ----- speeddial params -----
|
481
|
#!ifdef WITH_SPEEDDIAL
|
482
|
modparam("speeddial", "db_url", DBURL)
|
483
|
modparam("speeddial", "use_domain", MULTIDOMAIN)
|
484
|
#!endif
|
485
|
|
486
|
|
487
|
# ----- domain params -----
|
488
|
#!ifdef WITH_MULTIDOMAIN
|
489
|
modparam("domain", "db_url", DBURL)
|
490
|
# register callback to match myself condition with domains list
|
491
|
modparam("domain", "register_myself", 1)
|
492
|
#!endif
|
493
|
|
494
|
|
495
|
#!ifdef WITH_PRESENCE
|
496
|
# ----- presence params -----
|
497
|
modparam("presence", "db_url", DBURL)
|
498
|
|
499
|
# ----- presence_xml params -----
|
500
|
modparam("presence_xml", "db_url", DBURL)
|
501
|
modparam("presence_xml", "force_active", 1)
|
502
|
#!endif
|
503
|
|
504
|
|
505
|
#!ifdef WITH_NAT
|
506
|
# ----- rtpengine params -----
|
507
|
modparam("rtpengine", "rtpengine_sock", "udp:127.0.0.1:5066")
|
508
|
modparam("rtpengine", "rtpengine_disable_tout", 20)
|
509
|
#modparam("rtpengine", "db_url", DBURL)
|
510
|
|
511
|
# ----- nathelper params -----
|
512
|
modparam("nathelper", "natping_interval", 30)
|
513
|
modparam("nathelper", "ping_nated_only", 1)
|
514
|
modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
|
515
|
modparam("nathelper", "sipping_from", "sip:[email protected]")
|
516
|
|
517
|
# params needed for NAT traversal in other modules
|
518
|
modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
|
519
|
modparam("usrloc", "nat_bflag", FLB_NATB)
|
520
|
#!endif
|
521
|
|
522
|
|
523
|
#!ifdef WITH_TLS
|
524
|
# ----- tls params -----
|
525
|
modparam("tls", "config", "/etc/kamailio/tls.cfg")
|
526
|
#modparam("tls", "private_key", "/etc/httpd/certs/essentialSSL/wildcard.goautodial.com.key")
|
527
|
#modparam("tls", "certificate", "/etc/httpd/certs/essentialSSL/wildcard.goautodial.com.crt")
|
528
|
#modparam("tls", "ca_list", "/etc/httpd/certs/essentialSSL/wildcard.goautodial.com.ca-bundle")
|
529
|
#!endif
|
530
|
|
531
|
#!ifdef WITH_WEBSOCKETS
|
532
|
# ----- nathelper params -----
|
533
|
modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
|
534
|
# Note: leaving NAT pings turned off here as nathelper is _only_ being used for
|
535
|
# WebSocket connections. NAT pings are not needed as WebSockets have
|
536
|
# their own keep-alives.
|
537
|
modparam("dialog", "dlg_flag", 10)
|
538
|
modparam("dialog", "track_cseq_updates", 0)
|
539
|
modparam("dialog", "dlg_match_mode", 2)
|
540
|
|
541
|
modparam("dialog", "timeout_avp", "$avp(i:10)")
|
542
|
# Set the sst modules timeout_avp to be the same value
|
543
|
modparam("sst", "timeout_avp", "$avp(i:10)")
|
544
|
modparam("sst", "sst_flag", 11)
|
545
|
#!endif
|
546
|
|
547
|
#!ifdef WITH_MSRP
|
548
|
# ----- htable params -----
|
549
|
modparam("htable", "htable", "msrp=>size=8;autoexpire=MSRP_MAX_EXPIRES;")
|
550
|
#!endif
|
551
|
|
552
|
#!ifdef WITH_ANTIFLOOD
|
553
|
# ----- pike params -----
|
554
|
modparam("pike", "sampling_time_unit", 2)
|
555
|
modparam("pike", "reqs_density_per_unit", 32)
|
556
|
modparam("pike", "remove_latency", 4)
|
557
|
|
558
|
# ----- htable params -----
|
559
|
# ip ban htable with autoexpire after 5 minutes
|
560
|
# modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
|
561
|
#!endif
|
562
|
|
563
|
#!ifdef WITH_XMLRPC
|
564
|
# ----- xmlrpc params -----
|
565
|
modparam("xmlrpc", "route", "XMLRPC");
|
566
|
modparam("xmlrpc", "url_match", "^/RPC")
|
567
|
#!endif
|
568
|
|
569
|
#!ifdef WITH_DEBUG
|
570
|
# ----- debugger params -----
|
571
|
modparam("debugger", "cfgtrace", 1)
|
572
|
modparam("debugger", "log_level_name", "exec")
|
573
|
#!endif
|
574
|
|
575
|
####### Routing Logic ########
|
576
|
|
577
|
|
578
|
# Main SIP request routing logic
|
579
|
# - processing of any incoming SIP request starts with this route
|
580
|
# - note: this is the same as route { ... }
|
581
|
request_route {
|
582
|
|
583
|
# per request initial checks
|
584
|
route(REQINIT);
|
585
|
|
586
|
#!ifdef WITH_WEBSOCKETS
|
587
|
if (nat_uac_test(64)) {
|
588
|
# Do NAT traversal stuff for requests from a WebSocket
|
589
|
# connection - even if it is not behind a NAT!
|
590
|
# This won't be needed in the future if Kamailio and the
|
591
|
# WebSocket client support Outbound and Path.
|
592
|
force_rport();
|
593
|
if (is_method("REGISTER")) {
|
594
|
fix_nated_register();
|
595
|
} else {
|
596
|
if (!add_contact_alias()) {
|
597
|
xlog("L_ERR", "Error aliasing contact <$ct>\n");
|
598
|
sl_send_reply("400", "Bad Request");
|
599
|
exit;
|
600
|
}
|
601
|
}
|
602
|
}
|
603
|
#!endif
|
604
|
|
605
|
# NAT detection
|
606
|
route(NATDETECT);
|
607
|
|
608
|
# CANCEL processing
|
609
|
if (is_method("CANCEL")) {
|
610
|
if (t_check_trans()) {
|
611
|
route(RELAY);
|
612
|
}
|
613
|
exit;
|
614
|
}
|
615
|
|
616
|
# handle requests within SIP dialogs
|
617
|
route(WITHINDLG);
|
618
|
|
619
|
### only initial requests (no To tag)
|
620
|
|
621
|
# handle retransmissions
|
622
|
if(t_precheck_trans()) {
|
623
|
t_check_trans();
|
624
|
exit;
|
625
|
}
|
626
|
t_check_trans();
|
627
|
|
628
|
# authentication
|
629
|
route(AUTH);
|
630
|
|
631
|
# record routing for dialog forming requests (in case they are routed)
|
632
|
# - remove preloaded route headers
|
633
|
remove_hf("Route");
|
634
|
if (is_method("INVITE|SUBSCRIBE"))
|
635
|
record_route();
|
636
|
|
637
|
# account only INVITEs
|
638
|
if (is_method("INVITE")) {
|
639
|
setflag(FLT_ACC); # do accounting
|
640
|
setflag(10); # set the dialog flag
|
641
|
setflag(11); # Set the sst flag
|
642
|
}
|
643
|
|
644
|
if (is_method("UPDATE")) {
|
645
|
setflag(FLT_ACC); # do accounting
|
646
|
setflag(10); # set the dialog flag
|
647
|
setflag(11); # Set the sst flag
|
648
|
}
|
649
|
|
650
|
# dispatch requests to foreign domains
|
651
|
route(SIPOUT);
|
652
|
|
653
|
### requests for my local domains
|
654
|
|
655
|
# handle presence related requests
|
656
|
route(PRESENCE);
|
657
|
|
658
|
# handle registrations
|
659
|
route(REGISTRAR);
|
660
|
|
661
|
if ($rU==$null) {
|
662
|
# request with no Username in RURI
|
663
|
sl_send_reply("484","Address Incomplete");
|
664
|
exit;
|
665
|
}
|
666
|
|
667
|
# dispatch destinations to PSTN
|
668
|
route(PSTN);
|
669
|
|
670
|
# user location service
|
671
|
route(LOCATION);
|
672
|
route(RELAY);
|
673
|
}
|
674
|
|
675
|
# Wrapper for relaying requests
|
676
|
route[RELAY] {
|
677
|
# enable additional event routes for forwarded requests
|
678
|
# - serial forking, RTP relaying handling, a.s.o.
|
679
|
if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
|
680
|
if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
|
681
|
}
|
682
|
if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
|
683
|
if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
|
684
|
}
|
685
|
if (is_method("INVITE")) {
|
686
|
dlg_manage();
|
687
|
route(SETUP_BY_TRANSPORT);
|
688
|
if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
|
689
|
}
|
690
|
if (!t_relay()) {
|
691
|
sl_reply_error();
|
692
|
}
|
693
|
exit;
|
694
|
}
|
695
|
|
696
|
route[SETUP_BY_TRANSPORT] {
|
697
|
if ($ru =~ "transport=ws") {
|
698
|
xlog("L_INFO", "Request going to WS");
|
699
|
if(sdp_with_transport("RTP/SAVPF")) {
|
700
|
xlog("L_INFO", "RTP/SAVPF detected");
|
701
|
rtpengine_manage("force trust-address replace-origin replace-session-connection ICE=force");
|
702
|
t_on_reply("REPLY_WS_TO_WS");
|
703
|
return;
|
704
|
}
|
705
|
rtpengine_manage("trust-address replace-origin replace-session-connection ICE=force RTP/SAVPF rtcp-mux-offer rtcp-mux-accept SDES-off");
|
706
|
t_on_reply("REPLY_FROM_WS");
|
707
|
}
|
708
|
else if ($proto =~ "ws") {
|
709
|
xlog("L_INFO", "Request coming from WS");
|
710
|
rtpengine_manage("RTP/AVP");
|
711
|
t_on_reply("REPLY_TO_WS");
|
712
|
}
|
713
|
else {
|
714
|
xlog("L_INFO", "This is a classic phone call");
|
715
|
rtpengine_manage("trust-address replace-origin replace-session-connection RTP/AVP");
|
716
|
t_on_reply("MANAGE_CLASSIC_REPLY");
|
717
|
}
|
718
|
}
|
719
|
|
720
|
onreply_route[REPLY_WS_TO_WS] {
|
721
|
xlog("L_INFO", "WS to WS");
|
722
|
if(status=~"[12][0-9][0-9]") {
|
723
|
rtpengine_manage("force trust-address replace-origin replace-session-connection ICE=force");
|
724
|
route(NATMANAGE);
|
725
|
}
|
726
|
}
|
727
|
|
728
|
onreply_route[REPLY_FROM_WS] {
|
729
|
xlog("L_INFO", "Reply from webrtc client: $rs");
|
730
|
if(status=~"[12][0-9][0-9]") {
|
731
|
rtpengine_manage("trust-address replace-origin replace-session-connection ICE=remove RTP/AVP rtcp-mux-offer rtcp-mux-accept SDES-off");
|
732
|
route(NATMANAGE);
|
733
|
}
|
734
|
}
|
735
|
|
736
|
onreply_route[REPLY_TO_WS] {
|
737
|
xlog("L_INFO", "Reply from softphone: $rs");
|
738
|
|
739
|
if (t_check_status("183")) {
|
740
|
change_reply_status("180", "Ringing");
|
741
|
remove_body();
|
742
|
exit;
|
743
|
}
|
744
|
|
745
|
if(!(status=~"[12][0-9][0-9]"))
|
746
|
return;
|
747
|
|
748
|
rtpengine_manage("froc+SP");
|
749
|
route(NATMANAGE);
|
750
|
}
|
751
|
|
752
|
onreply_route[MANAGE_CLASSIC_REPLY] {
|
753
|
xlog("L_INFO", "Boring reply from softphone: $rs");
|
754
|
|
755
|
if(status=~"[12][0-9][0-9]") {
|
756
|
xlog("L_INFO", "rtpengine_manage - trust-address replace-origin replace-session-connection RTP/AVP");
|
757
|
rtpengine_manage("trust-address replace-origin replace-session-connection RTP/AVP");
|
758
|
route(NATMANAGE);
|
759
|
}
|
760
|
}
|
761
|
|
762
|
# Per SIP request initial checks
|
763
|
route[REQINIT] {
|
764
|
#!ifdef WITH_ANTIFLOOD
|
765
|
# flood dection from same IP and traffic ban for a while
|
766
|
# be sure you exclude checking trusted peers, such as pstn gateways
|
767
|
# - local host excluded (e.g., loop to self)
|
768
|
if(src_ip!=myself) {
|
769
|
if($sht(ipban=>$si)!=$null) {
|
770
|
# ip is already blocked
|
771
|
xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
|
772
|
exit;
|
773
|
}
|
774
|
if (!pike_check_req()) {
|
775
|
xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
|
776
|
$sht(ipban=>$si) = 1;
|
777
|
exit;
|
778
|
}
|
779
|
}
|
780
|
if($ua =~ "friendly-scanner") {
|
781
|
sl_send_reply("200", "OK");
|
782
|
exit;
|
783
|
}
|
784
|
#!endif
|
785
|
|
786
|
if (!mf_process_maxfwd_header("10")) {
|
787
|
sl_send_reply("483","Too Many Hops");
|
788
|
exit;
|
789
|
}
|
790
|
|
791
|
if(is_method("OPTIONS") && uri==myself && $rU==$null) {
|
792
|
sl_send_reply("200","Keepalive");
|
793
|
exit;
|
794
|
}
|
795
|
|
796
|
if(!sanity_check("1511", "7")) {
|
797
|
xlog("Malformed SIP message from $si:$sp\n");
|
798
|
exit;
|
799
|
}
|
800
|
}
|
801
|
|
802
|
# Handle requests within SIP dialogs
|
803
|
route[WITHINDLG] {
|
804
|
if (!has_totag()) return;
|
805
|
|
806
|
# sequential request withing a dialog should
|
807
|
# take the path determined by record-routing
|
808
|
if (loose_route()) {
|
809
|
#!ifdef WITH_WEBSOCKETS
|
810
|
if ($du == "") {
|
811
|
if (!handle_ruri_alias()) {
|
812
|
xlog("L_ERR", "Bad alias <$ru>\n");
|
813
|
sl_send_reply("400", "Bad Request");
|
814
|
exit;
|
815
|
}
|
816
|
}
|
817
|
#!endif
|
818
|
route(DLGURI);
|
819
|
if (is_method("BYE")) {
|
820
|
setflag(FLT_ACC); # do accounting ...
|
821
|
setflag(FLT_ACCFAILED); # ... even if the transaction fails
|
822
|
}
|
823
|
else if ( is_method("ACK") ) {
|
824
|
# ACK is forwarded statelessy
|
825
|
route(NATMANAGE);
|
826
|
}
|
827
|
else if ( is_method("NOTIFY") ) {
|
828
|
# Add Record-Route for in-dialog NOTIFY as per RFC 6665.
|
829
|
record_route();
|
830
|
}
|
831
|
route(RELAY);
|
832
|
exit;
|
833
|
}
|
834
|
|
835
|
if (is_method("SUBSCRIBE") && uri == myself) {
|
836
|
# in-dialog subscribe requests
|
837
|
route(PRESENCE);
|
838
|
exit;
|
839
|
}
|
840
|
if ( is_method("ACK") ) {
|
841
|
if ( t_check_trans() ) {
|
842
|
# no loose-route, but stateful ACK;
|
843
|
# must be an ACK after a 487
|
844
|
# or e.g. 404 from upstream server
|
845
|
route(RELAY);
|
846
|
exit;
|
847
|
} else {
|
848
|
# ACK without matching transaction ... ignore and discard
|
849
|
exit;
|
850
|
}
|
851
|
}
|
852
|
sl_send_reply("404","Not here");
|
853
|
exit;
|
854
|
}
|
855
|
|
856
|
# Handle SIP registrations
|
857
|
route[REGISTRAR] {
|
858
|
if (!is_method("REGISTER")) return;
|
859
|
|
860
|
if(isflagset(FLT_NATS)) {
|
861
|
setbflag(FLB_NATB);
|
862
|
#!ifdef WITH_NATSIPPING
|
863
|
# do SIP NAT pinging
|
864
|
setbflag(FLB_NATSIPPING);
|
865
|
#!endif
|
866
|
}
|
867
|
if (!save("location", "0x04"))
|
868
|
sl_reply_error();
|
869
|
exit;
|
870
|
}
|
871
|
|
872
|
# User location service
|
873
|
route[LOCATION] {
|
874
|
|
875
|
#!ifdef WITH_SPEEDDIAL
|
876
|
# search for short dialing - 2-digit extension
|
877
|
if($rU=~"^[0-9][0-9]$")
|
878
|
if(sd_lookup("speed_dial"))
|
879
|
route(SIPOUT);
|
880
|
#!endif
|
881
|
|
882
|
#!ifdef WITH_ALIASDB
|
883
|
# search in DB-based aliases
|
884
|
if(alias_db_lookup("dbaliases"))
|
885
|
route(SIPOUT);
|
886
|
#!endif
|
887
|
|
888
|
$avp(oexten) = $rU;
|
889
|
if (!lookup("location")) {
|
890
|
$var(rc) = $rc;
|
891
|
route(TOVOICEMAIL);
|
892
|
t_newtran();
|
893
|
switch ($var(rc)) {
|
894
|
case -1:
|
895
|
case -3:
|
896
|
send_reply("404", "Not Found");
|
897
|
exit;
|
898
|
case -2:
|
899
|
send_reply("405", "Method Not Allowed");
|
900
|
exit;
|
901
|
}
|
902
|
}
|
903
|
|
904
|
# when routing via usrloc, log the missed calls also
|
905
|
if (is_method("INVITE")) {
|
906
|
setflag(FLT_ACCMISSED);
|
907
|
}
|
908
|
|
909
|
# t_on_failure("UA_FAILURE");
|
910
|
route(RELAY);
|
911
|
exit;
|
912
|
}
|
913
|
|
914
|
# Presence server processing
|
915
|
route[PRESENCE] {
|
916
|
if(!is_method("PUBLISH|SUBSCRIBE"))
|
917
|
return;
|
918
|
|
919
|
if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") {
|
920
|
route(TOVOICEMAIL);
|
921
|
# returns here if no voicemail server is configured
|
922
|
sl_send_reply("404", "No voicemail service");
|
923
|
exit;
|
924
|
}
|
925
|
|
926
|
#!ifdef WITH_PRESENCE
|
927
|
if (!t_newtran()) {
|
928
|
sl_reply_error();
|
929
|
exit;
|
930
|
}
|
931
|
|
932
|
if(is_method("PUBLISH")) {
|
933
|
handle_publish();
|
934
|
t_release();
|
935
|
} else if(is_method("SUBSCRIBE")) {
|
936
|
handle_subscribe();
|
937
|
t_release();
|
938
|
}
|
939
|
exit;
|
940
|
#!endif
|
941
|
|
942
|
# if presence enabled, this part will not be executed
|
943
|
if (is_method("PUBLISH") || $rU==$null) {
|
944
|
sl_send_reply("404", "Not here");
|
945
|
exit;
|
946
|
}
|
947
|
return;
|
948
|
}
|
949
|
|
950
|
# IP authorization and user uthentication
|
951
|
route[AUTH] {
|
952
|
#!ifdef WITH_AUTH
|
953
|
|
954
|
#!ifdef WITH_IPAUTH
|
955
|
if((!is_method("REGISTER")) && allow_source_address()) {
|
956
|
# source IP allowed
|
957
|
return;
|
958
|
}
|
959
|
#!endif
|
960
|
|
961
|
if (is_method("REGISTER") || from_uri==myself)
|
962
|
{
|
963
|
# authenticate requests
|
964
|
if (!auth_check("$fd", "subscriber", "1")) {
|
965
|
auth_challenge("$fd", "0");
|
966
|
exit;
|
967
|
}
|
968
|
# user authenticated - remove auth header
|
969
|
if(!is_method("REGISTER|PUBLISH"))
|
970
|
consume_credentials();
|
971
|
}
|
972
|
# if caller is not local subscriber, then check if it calls
|
973
|
# a local destination, otherwise deny, not an open relay here
|
974
|
if (from_uri!=myself && uri!=myself) {
|
975
|
sl_send_reply("403","Not relaying");
|
976
|
exit;
|
977
|
}
|
978
|
|
979
|
#!endif
|
980
|
return;
|
981
|
}
|
982
|
|
983
|
# Caller NAT detection
|
984
|
route[NATDETECT] {
|
985
|
#!ifdef WITH_NAT
|
986
|
force_rport();
|
987
|
if (nat_uac_test("19")) {
|
988
|
if (is_method("REGISTER")) {
|
989
|
fix_nated_register();
|
990
|
} else {
|
991
|
if(is_first_hop())
|
992
|
set_contact_alias();
|
993
|
}
|
994
|
setflag(FLT_NATS);
|
995
|
}
|
996
|
#!endif
|
997
|
return;
|
998
|
}
|
999
|
|
1000
|
# RTPengine control and singaling updates for NAT traversal
|
1001
|
route[NATMANAGE] {
|
1002
|
#!ifdef WITH_NAT
|
1003
|
if (is_request()) {
|
1004
|
if(has_totag()) {
|
1005
|
if(check_route_param("nat=yes")) {
|
1006
|
setbflag(FLB_NATB);
|
1007
|
}
|
1008
|
}
|
1009
|
}
|
1010
|
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
|
1011
|
return;
|
1012
|
|
1013
|
if (is_request()) {
|
1014
|
if (!has_totag()) {
|
1015
|
if(t_is_branch_route()) {
|
1016
|
add_rr_param(";nat=yes");
|
1017
|
}
|
1018
|
}
|
1019
|
}
|
1020
|
if (is_reply()) {
|
1021
|
if(isbflagset(FLB_NATB)) {
|
1022
|
if(is_first_hop())
|
1023
|
set_contact_alias();
|
1024
|
}
|
1025
|
}
|
1026
|
#!endif
|
1027
|
return;
|
1028
|
}
|
1029
|
|
1030
|
# URI update for dialog requests
|
1031
|
route[DLGURI] {
|
1032
|
#!ifdef WITH_NAT
|
1033
|
if(!isdsturiset()) {
|
1034
|
handle_ruri_alias();
|
1035
|
}
|
1036
|
#!endif
|
1037
|
return;
|
1038
|
}
|
1039
|
|
1040
|
# Routing to foreign domains
|
1041
|
route[SIPOUT] {
|
1042
|
if (uri==myself) return;
|
1043
|
|
1044
|
append_hf("P-hint: outbound\r\n");
|
1045
|
route(RELAY);
|
1046
|
exit;
|
1047
|
}
|
1048
|
|
1049
|
# PSTN GW routing
|
1050
|
route[PSTN] {
|
1051
|
#!ifdef WITH_PSTN
|
1052
|
# check if PSTN GW IP is defined
|
1053
|
if (strempty($sel(cfg_get.pstn.gw_ip))) {
|
1054
|
xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");
|
1055
|
return;
|
1056
|
}
|
1057
|
|
1058
|
# route to PSTN dialed numbers starting with '+' or '00'
|
1059
|
# (international format)
|
1060
|
# - update the condition to match your dialing rules for PSTN routing
|
1061
|
if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))
|
1062
|
return;
|
1063
|
|
1064
|
# only local users allowed to call
|
1065
|
if(from_uri!=myself) {
|
1066
|
sl_send_reply("403", "Not Allowed");
|
1067
|
exit;
|
1068
|
}
|
1069
|
|
1070
|
if (strempty($sel(cfg_get.pstn.gw_port))) {
|
1071
|
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
|
1072
|
} else {
|
1073
|
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) + ":"
|
1074
|
+ $sel(cfg_get.pstn.gw_port);
|
1075
|
}
|
1076
|
|
1077
|
route(RELAY);
|
1078
|
exit;
|
1079
|
#!endif
|
1080
|
|
1081
|
return;
|
1082
|
}
|
1083
|
|
1084
|
# XMLRPC routing
|
1085
|
#!ifdef WITH_XMLRPC
|
1086
|
route[XMLRPC] {
|
1087
|
# allow XMLRPC from localhost
|
1088
|
if ((method=="POST" || method=="GET")
|
1089
|
&& (src_ip==127.0.0.1)) {
|
1090
|
# close connection only for xmlrpclib user agents (there is a bug in
|
1091
|
# xmlrpclib: it waits for EOF before interpreting the response).
|
1092
|
if ($hdr(User-Agent) =~ "xmlrpclib")
|
1093
|
set_reply_close();
|
1094
|
set_reply_no_connect();
|
1095
|
dispatch_rpc();
|
1096
|
exit;
|
1097
|
}
|
1098
|
send_reply("403", "Forbidden");
|
1099
|
exit;
|
1100
|
}
|
1101
|
#!endif
|
1102
|
|
1103
|
# Routing to voicemail server
|
1104
|
route[TOVOICEMAIL] {
|
1105
|
#!ifdef WITH_VOICEMAIL
|
1106
|
if(!is_method("INVITE|SUBSCRIBE"))
|
1107
|
return;
|
1108
|
|
1109
|
# check if VoiceMail server IP is defined
|
1110
|
if (strempty($sel(cfg_get.voicemail.srv_ip))) {
|
1111
|
xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n");
|
1112
|
return;
|
1113
|
}
|
1114
|
if(is_method("INVITE")) {
|
1115
|
if($avp(oexten)==$null)
|
1116
|
return;
|
1117
|
$ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip)
|
1118
|
+ ":" + $sel(cfg_get.voicemail.srv_port);
|
1119
|
} else {
|
1120
|
if($rU==$null)
|
1121
|
return;
|
1122
|
$ru = "sip:" + $rU + "@" + $sel(cfg_get.voicemail.srv_ip)
|
1123
|
+ ":" + $sel(cfg_get.voicemail.srv_port);
|
1124
|
}
|
1125
|
route(RELAY);
|
1126
|
exit;
|
1127
|
#!endif
|
1128
|
|
1129
|
return;
|
1130
|
}
|
1131
|
|
1132
|
# Manage outgoing branches
|
1133
|
branch_route[MANAGE_BRANCH] {
|
1134
|
xdbg("new branch [$T_branch_idx] to $ru\n");
|
1135
|
route(NATMANAGE);
|
1136
|
}
|
1137
|
|
1138
|
# Manage incoming replies
|
1139
|
onreply_route[MANAGE_REPLY] {
|
1140
|
xdbg("incoming reply\n");
|
1141
|
if(status=~"[12][0-9][0-9]")
|
1142
|
route(NATMANAGE);
|
1143
|
}
|
1144
|
|
1145
|
# Manage failure routing cases
|
1146
|
failure_route[MANAGE_FAILURE] {
|
1147
|
route(NATMANAGE);
|
1148
|
|
1149
|
if (t_is_canceled()) {
|
1150
|
exit;
|
1151
|
}
|
1152
|
|
1153
|
#!ifdef WITH_BLOCK3XX
|
1154
|
# block call redirect based on 3xx replies.
|
1155
|
if (t_check_status("3[0-9][0-9]")) {
|
1156
|
t_reply("404","Not found");
|
1157
|
exit;
|
1158
|
}
|
1159
|
#!endif
|
1160
|
|
1161
|
#!ifdef WITH_VOICEMAIL
|
1162
|
# serial forking
|
1163
|
# - route to voicemail on busy or no answer (timeout)
|
1164
|
if (t_check_status("486|408")) {
|
1165
|
$du = $null;
|
1166
|
route(TOVOICEMAIL);
|
1167
|
exit;
|
1168
|
}
|
1169
|
#!endif
|
1170
|
}
|
1171
|
|
1172
|
#!ifdef WITH_WEBSOCKETS
|
1173
|
onreply_route {
|
1174
|
if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT)
|
1175
|
&& !(proto == WS || proto == WSS)) || $Rp == MY_MSRP_PORT) {
|
1176
|
xlog("L_WARN", "SIP response received on $Rp\n");
|
1177
|
drop;
|
1178
|
exit;
|
1179
|
}
|
1180
|
|
1181
|
if (nat_uac_test(64)) {
|
1182
|
# Do NAT traversal stuff for replies to a WebSocket connection
|
1183
|
# - even if it is not behind a NAT!
|
1184
|
# This won't be needed in the future if Kamailio and the
|
1185
|
# WebSocket client support Outbound and Path.
|
1186
|
add_contact_alias();
|
1187
|
}
|
1188
|
}
|
1189
|
|
1190
|
event_route[xhttp:request] {
|
1191
|
set_reply_close();
|
1192
|
set_reply_no_connect();
|
1193
|
|
1194
|
if ($Rp != MY_WS_PORT
|
1195
|
#!ifdef WITH_TLS
|
1196
|
&& $Rp != MY_WSS_PORT
|
1197
|
#!endif
|
1198
|
) {
|
1199
|
xlog("L_WARN", "HTTP request received on $Rp\n");
|
1200
|
xhttp_reply("403", "Forbidden", "", "");
|
1201
|
exit;
|
1202
|
}
|
1203
|
|
1204
|
xlog("L_DBG", "HTTP Request Received\n");
|
1205
|
|
1206
|
if ($hdr(Upgrade)=~"websocket"
|
1207
|
&& $hdr(Connection)=~"Upgrade"
|
1208
|
&& $rm=~"GET") {
|
1209
|
|
1210
|
# Validate Host - make sure the client is using the correct
|
1211
|
# alias for WebSockets
|
1212
|
# Sasa: commented out, see http://sip-router.1086192.n5.nabble.com/Testing-the-Websocket-module-with-sipml5-org-td65069.html
|
1213
|
#if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) {
|
1214
|
# xlog("L_WARN", "Bad host $hdr(Host)\n");
|
1215
|
# xhttp_reply("403", "Forbidden", "", "");
|
1216
|
# exit;
|
1217
|
#}
|
1218
|
|
1219
|
# Optional... validate Origin - make sure the client is from an
|
1220
|
# authorised website. For example,
|
1221
|
#
|
1222
|
# if ($hdr(Origin) != "http://communicator.MY_DOMAIN"
|
1223
|
# && $hdr(Origin) != "https://communicator.MY_DOMAIN") {
|
1224
|
# xlog("L_WARN", "Unauthorised client $hdr(Origin)\n");
|
1225
|
# xhttp_reply("403", "Forbidden", "", "");
|
1226
|
# exit;
|
1227
|
# }
|
1228
|
|
1229
|
# Optional... perform HTTP authentication
|
1230
|
|
1231
|
# ws_handle_handshake() exits (no further configuration file
|
1232
|
# processing of the request) when complete.
|
1233
|
if (ws_handle_handshake())
|
1234
|
{
|
1235
|
# Optional... cache some information about the
|
1236
|
# successful connection
|
1237
|
exit;
|
1238
|
}
|
1239
|
}
|
1240
|
|
1241
|
xhttp_reply("404", "Not Found", "", "");
|
1242
|
}
|
1243
|
|
1244
|
event_route[websocket:closed] {
|
1245
|
xlog("L_INFO", "WebSocket connection from $si:$sp has closed\n");
|
1246
|
}
|
1247
|
|
1248
|
failure_route[UA_FAILURE] {
|
1249
|
xlog("L_INFO", "Triggered UA_FAILURE\n");
|
1250
|
if (t_check_status("488") && sdp_content()) {
|
1251
|
if (sdp_get_line_startswith("$avp(mline)", "m=")) {
|
1252
|
if ($avp(mline) =~ "SAVPF") {
|
1253
|
$avp(rtpengine_offer_flags) = "froc-sp";
|
1254
|
$avp(rtpengine_answer_flags) = "froc+SP";
|
1255
|
} else {
|
1256
|
$avp(rtpengine_offer_flags) = "froc+SP";
|
1257
|
$avp(rtpengine_answer_flags) = "froc-sp";
|
1258
|
}
|
1259
|
}
|
1260
|
append_branch();
|
1261
|
rtpengine_offer($avp(rtpengine_offer_flags));
|
1262
|
t_on_reply("RTPPROXY_REPLY");
|
1263
|
route(RELAY);
|
1264
|
}
|
1265
|
}
|
1266
|
|
1267
|
onreply_route[RTPPROXY_REPLY] {
|
1268
|
xlog("L_INFO", "Triggered RTPPROXY_REPLY\n");
|
1269
|
if (status =~ "18[03]") {
|
1270
|
change_reply_status(180, "Ringing");
|
1271
|
remove_body();
|
1272
|
} else if (status =~ "2[0-9][0-9]" && sdp_content()) {
|
1273
|
rtpengine_answer($avp(rtpengine_answer_flags));
|
1274
|
}
|
1275
|
}
|
1276
|
#!endif
|
1277
|
|
1278
|
#!ifdef WITH_MSRP
|
1279
|
event_route[msrp:frame-in] {
|
1280
|
msrp_reply_flags("1");
|
1281
|
|
1282
|
if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT)
|
1283
|
&& !(proto == WS || proto == WSS)) && $Rp != MY_MSRP_PORT) {
|
1284
|
xlog("L_WARN", "MSRP request received on $Rp\n");
|
1285
|
msrp_reply("403", "Action-not-allowed");
|
1286
|
exit;
|
1287
|
}
|
1288
|
|
1289
|
if (msrp_is_reply()) {
|
1290
|
msrp_relay();
|
1291
|
} else if($msrp(method)=="AUTH") {
|
1292
|
if($msrp(nexthops)>0) {
|
1293
|
msrp_relay();
|
1294
|
exit;
|
1295
|
}
|
1296
|
|
1297
|
if (!www_authenticate("MY_DOMAIN", "subscriber",
|
1298
|
"$msrp(method)")) {
|
1299
|
if (auth_get_www_authenticate("MY_DOMAIN", "1",
|
1300
|
"$var(wauth)")) {
|
1301
|
msrp_reply("401", "Unauthorized",
|
1302
|
"$var(wauth)");
|
1303
|
} else {
|
1304
|
msrp_reply("500", "Server Error");
|
1305
|
}
|
1306
|
exit;
|
1307
|
}
|
1308
|
|
1309
|
if ($hdr(Expires) != $null) {
|
1310
|
$var(expires) = (int) $hdr(Expires);
|
1311
|
if ($var(expires) < MSRP_MIN_EXPIRES) {
|
1312
|
msrp_reply("423", "Interval Out-of-Bounds",
|
1313
|
"Min-Expires: MSRP_MIN_EXPIRES\r\n");
|
1314
|
exit;
|
1315
|
} else if ($var(expires) > MSRP_MAX_EXPIRES) {
|
1316
|
msrp_reply("423", "Interval Out-of-Bounds",
|
1317
|
"Max-Expires: MSRP_MAX_EXPIRES\r\n");
|
1318
|
exit;
|
1319
|
}
|
1320
|
} else {
|
1321
|
$var(expires) = MSRP_MAX_EXPIRES;
|
1322
|
}
|
1323
|
|
1324
|
$var(cnt) = $var(cnt) + 1;
|
1325
|
pv_printf("$var(sessid)", "s.$(pp).$(var(cnt)).$(RANDOM)");
|
1326
|
$sht(msrp=>$var(sessid)::srcaddr) = $msrp(srcaddr);
|
1327
|
$sht(msrp=>$var(sessid)::srcsock) = $msrp(srcsock);
|
1328
|
$shtex(msrp=>$var(sessid)) = $var(expires) + 5;
|
1329
|
# - Use-Path: the MSRP address for server + session id
|
1330
|
$var(hdrs) = "Use-Path: msrps://MY_IP_ADDR:MY_MSRP_PORT/"
|
1331
|
+ $var(sessid) + ";tcp\r\n"
|
1332
|
+ "Expires: " + $var(expires) + "\r\n";
|
1333
|
msrp_reply("200", "OK", "$var(hdrs)");
|
1334
|
} else if ($msrp(method)=="SEND" || $msrp(method)=="REPORT") {
|
1335
|
if ($msrp(nexthops)>1) {
|
1336
|
if ($msrp(method)!="REPORT") {
|
1337
|
msrp_reply("200", "OK");
|
1338
|
}
|
1339
|
msrp_relay();
|
1340
|
exit;
|
1341
|
}
|
1342
|
$var(sessid) = $msrp(sessid);
|
1343
|
if ($sht(msrp=>$var(sessid)::srcaddr) == $null) {
|
1344
|
# one more hop, but we don't have address in htable
|
1345
|
msrp_reply("481", "Session-does-not-exist");
|
1346
|
exit;
|
1347
|
} else if ($msrp(method)!="REPORT") {
|
1348
|
msrp_reply("200", "OK");
|
1349
|
}
|
1350
|
msrp_relay_flags("1");
|
1351
|
msrp_set_dst("$sht(msrp=>$var(sessid)::srcaddr)",
|
1352
|
"$sht(msrp=>$var(sessid)::srcsock)");
|
1353
|
msrp_relay();
|
1354
|
} else {
|
1355
|
msrp_reply("501", "Request-method-not-understood");
|
1356
|
}
|
1357
|
}
|
1358
|
#!endif
|