API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 1st, 2017
363
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 11.28 KB | None | 0 0
raw download clone embed print report
  1. #
  2. # OpenSIPS residential configuration script
  3. #     by OpenSIPS Solutions <team@opensips-solutions.com>
  4. #
  5. # This script was generated via "make menuconfig", from
  6. #   the "Residential" scenario.
  7. # You can enable / disable more features / functionalities by
  8. #   re-generating the scenario with different options.#
  9. #
  10. # Please refer to the Core CookBook at:
  11. #      http://www.opensips.org/Resources/DocsCookbooks
  12. # for a explanation of possible statements, functions and parameters.
  13. #
  14.  
  15.  
  16. ####### Global Parameters #########
  17.  
  18. log_level=3
  19. log_stderror=no
  20. log_facility=LOG_LOCAL1
  21.  
  22. children=4
  23.  
  24. /* uncomment the following lines to enable debugging */
  25. #debug_mode=yes
  26.  
  27. /* uncomment the next line to enable the auto temporary blacklisting of
  28.    not available destinations (default disabled) */
  29. #disable_dns_blacklist=no
  30.  
  31. /* uncomment the next line to enable IPv6 lookup after IPv4 dns
  32.    lookup failures (default disabled) */
  33. #dns_try_ipv6=yes
  34.  
  35. /* comment the next line to enable the auto discovery of local aliases
  36.    based on revers DNS on IPs */
  37. auto_aliases=no
  38.  
  39.  
  40. listen=udp:XX.XX.XX.XX:5060   # CUSTOMIZE ME
  41.  
  42. listen=tcp:XX.XX.XX.XX:5060   # CUSTOMIZE ME
  43. # listen=tls:XX.XX.XX.XX:5061   # CUSTOMIZE ME
  44.  
  45. ####### Modules Section ########
  46.  
  47. #set module path
  48. mpath="/usr/local/lib/opensips/modules/"
  49.  
  50. #### SIGNALING module
  51. loadmodule "signaling.so"
  52.  
  53. #### StateLess module
  54. loadmodule "sl.so"
  55.  
  56. #### Transaction Module
  57. loadmodule "tm.so"
  58. modparam("tm", "fr_timeout", 60)
  59. modparam("tm", "fr_inv_timeout", 60)
  60. modparam("tm", "restart_fr_on_each_reply", 0)
  61. modparam("tm", "onreply_avp_mode", 1)
  62.  
  63. #### Record Route Module
  64. loadmodule "rr.so"
  65. /* do not append from tag to the RR (no need for this script) */
  66. modparam("rr", "append_fromtag", 0)
  67.  
  68. #### MAX ForWarD module
  69. loadmodule "maxfwd.so"
  70.  
  71. #### SIP MSG OPerationS module
  72. loadmodule "sipmsgops.so"
  73.  
  74. #### FIFO Management Interface
  75. loadmodule "mi_fifo.so"
  76. modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
  77. modparam("mi_fifo", "fifo_mode", 0666)
  78.  
  79.  
  80. #### URI module
  81. loadmodule "uri.so"
  82. modparam("uri", "use_uri_table", 0)
  83.  
  84.  
  85.  
  86.  
  87.  
  88.  
  89.  
  90. #### MYSQL module
  91. loadmodule "db_mysql.so"
  92.  
  93. # loadmodule "db_sqlite.so"
  94. # loadmodule "db_postgres.so""
  95.  
  96. #### HTTPD module
  97. #loadmodule "httpd.so"
  98. #modparam("httpd", "port", 8888)
  99.  
  100. #### USeR LOCation module
  101. loadmodule "usrloc.so"
  102. modparam("usrloc", "nat_bflag", "NAT")
  103. modparam("usrloc", "db_mode",   2)
  104. modparam("usrloc", "db_url",
  105.     "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
  106.  
  107.  
  108. #### AVP POPS
  109. loadmodule "avpops.so"
  110. modparam("avpops", "db_url",
  111.         "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
  112.  
  113. #### rest_client module
  114.  
  115. loadmodule "rest_client.so"
  116. modparam("rest_client", "connection_timeout", 300)
  117. modparam("rest_client", "curl_timeout", 300)
  118. modparam("rest_client", "ssl_verifypeer", 0)
  119. modparam("rest_client", "ssl_verifyhost", 0)
  120.  
  121. #### REGISTRAR module
  122. loadmodule "registrar.so"
  123. modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
  124. modparam("registrar", "received_avp", "$avp(received_nh)")
  125. /* uncomment the next line not to allow more than 10 contacts per AOR */
  126. #modparam("registrar", "max_contacts", 10)
  127.  
  128. #### ACCounting module
  129. loadmodule "acc.so"
  130. /* what special events should be accounted ? */
  131. modparam("acc", "early_media", 0)
  132. modparam("acc", "report_cancels", 0)
  133. /* by default we do not adjust the direct of the sequential requests.
  134.    if you enable this parameter, be sure the enable "append_fromtag"
  135.    in "rr" module */
  136. modparam("acc", "detect_direction", 0)
  137. modparam("acc", "db_url",
  138.     "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
  139.  
  140.  
  141. #### AUTHentication modules
  142. loadmodule "auth.so"
  143. loadmodule "auth_db.so"
  144. modparam("auth_db", "calculate_ha1", yes)
  145. modparam("auth_db", "password_column", "password")
  146. modparam("auth_db|uri", "db_url",
  147.     "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
  148. modparam("auth_db", "load_credentials", "")
  149.  
  150.  
  151. #### ALIAS module
  152. loadmodule "alias_db.so"
  153. modparam("alias_db", "db_url",
  154.     "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
  155.  
  156.  
  157.  
  158.  
  159.  
  160.  
  161. #### DIALOG module
  162. loadmodule "dialog.so"
  163. modparam("dialog", "dlg_match_mode", 1)
  164. modparam("dialog", "default_timeout", 21600)  # 6 hours timeout
  165. modparam("dialog", "db_mode", 2)
  166. modparam("dialog", "db_url",
  167.     "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
  168.  
  169.  
  170. ####  NAT modules
  171. loadmodule "nathelper.so"
  172. modparam("nathelper", "natping_interval", 10)
  173. modparam("nathelper", "ping_nated_only", 1)
  174. modparam("nathelper", "sipping_bflag", "SIP_PING_FLAG")
  175. modparam("nathelper", "sipping_from", "sip:pinger@127.0.0.1") #CUSTOMIZE ME
  176. modparam("nathelper", "received_avp", "$avp(received_nh)")
  177.  
  178. loadmodule "rtpproxy.so"
  179. modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:22222") # CUSTOMIZE ME
  180.  
  181.  
  182.  
  183.  
  184.  
  185.  
  186. ####  MI_HTTP module
  187. #loadmodule "mi_http.so"
  188.  
  189.  
  190. loadmodule "proto_udp.so"
  191.  
  192. loadmodule "proto_tcp.so"
  193. #loadmodule "proto_tls.so"
  194. #modparam("proto_tls","verify_cert", "1")
  195. #modparam("proto_tls","require_cert", "0")
  196. #modparam("proto_tls","tls_method", "TLSv1")
  197. #modparam("proto_tls","certificate", "/usr/local/etc/opensips/tls/user/user-cert.pem")
  198. #modparam("proto_tls","private_key", "/usr/local/etc/opensips/tls/user/user-privkey.pem")
  199. #modparam("proto_tls","ca_list", "/usr/local/etc/opensips/tls/user/user-calist.pem")
  200.  
  201.  
  202.  
  203. ####### Routing Logic ########
  204.  
  205. # main request routing logic
  206.  
  207. route{
  208.     #xlog("REQUEST [$rm]($ci) $fU :: $fu :: $fn -> $rU :: $ru :: $tn \n");
  209.     if (is_method("REGISTER"))
  210.     {
  211.         xlog("REQUEST [$rm]($ci) $fU :: $fu :: $fn -> $rU :: $ru :: $tn \n");
  212.     }
  213.  
  214.     if (is_method("INVITE"))
  215.     {
  216.         xlog("REQUEST [$rm]($ci) $fU :: $fu :: $fn -> $rU :: $ru :: $tn \n");
  217.         rest_post("path-to-host","to=$(rU{s.b64encode})&from=$(fn{s.b64encode})", ,"$var(body)", "$var(ct)", "$var(rcode)");
  218.         xlog("reply from server: $var(body), $var(ct), $var(rcode)");
  219.     }
  220.    
  221.     force_rport();
  222.     if (nat_uac_test("23")) {
  223.         if (is_method("REGISTER")) {
  224.             fix_nated_register();
  225.             setbflag(NAT);
  226.         } else {
  227.             fix_nated_contact();
  228.             setflag(NAT);
  229.         }
  230.     }
  231.    
  232.  
  233.     if (!mf_process_maxfwd_header("10")) {
  234.         sl_send_reply("483","Too Many Hops");
  235.         exit;
  236.     }
  237.  
  238.     if (has_totag()) {
  239.         # sequential request withing a dialog should
  240.         # take the path determined by record-routing
  241.         if (loose_route()) {
  242.            
  243.             # validate the sequential request against dialog
  244.             if ( $DLG_status!=NULL && !validate_dialog() ) {
  245.                 xlog("In-Dialog $rm from $si (callid=$ci) is not valid according to dialog\n");
  246.                 ## exit;
  247.             }
  248.            
  249.             if (is_method("BYE")) {
  250.                 # do accounting even if the transaction fails
  251.                 do_accounting("db","failed");
  252.                
  253.             } else if (is_method("INVITE")) {
  254.                 # even if in most of the cases is useless, do RR for
  255.                 # re-INVITEs alos, as some buggy clients do change route set
  256.                 # during the dialog.
  257.                 record_route();
  258.             }
  259.  
  260.             if (check_route_param("nat=yes"))
  261.                 setflag(NAT);
  262.  
  263.             # route it out to whatever destination was set by loose_route()
  264.             # in $du (destination URI).
  265.             route(relay);
  266.         } else {
  267.            
  268.             if ( is_method("ACK") ) {
  269.                 if ( t_check_trans() ) {
  270.                     # non loose-route, but stateful ACK; must be an ACK after
  271.                     # a 487 or e.g. 404 from upstream server
  272.                     t_relay();
  273.                     exit;
  274.                 } else {
  275.                     # ACK without matching transaction ->
  276.                     # ignore and discard
  277.                     exit;
  278.                 }
  279.             }
  280.             sl_send_reply("404","Not here");
  281.         }
  282.         exit;
  283.     }
  284.  
  285.     # CANCEL processing
  286.     if (is_method("CANCEL"))
  287.     {
  288.         if (t_check_trans())
  289.             t_relay();
  290.         exit;
  291.     }
  292.  
  293.     t_check_trans();
  294.  
  295.     if ( !(is_method("REGISTER")  ) ) {
  296.        
  297.         if (from_uri==myself)
  298.        
  299.         {
  300.            
  301.             # authenticate if from local subscriber
  302.             # authenticate all initial non-REGISTER request that pretend to be
  303.             # generated by local subscriber (domain from FROM URI is local)
  304.             if (!proxy_authorize("", "subscriber")) {
  305.                 proxy_challenge("", "0");
  306.                 exit;
  307.             }
  308.             if (!db_check_from()) {
  309.                 sl_send_reply("403","Forbidden auth ID");
  310.                 exit;
  311.             }
  312.        
  313.             consume_credentials();
  314.             # caller authenticated
  315.             xlog("REQUEST caller auth. $fU :: $fu :: $fn -> $rU :: $ru :: $tn\n")
  316.         } else {
  317.             # if caller is not local, then called number must be local
  318.            
  319.             if (!uri==myself) {
  320.                 send_reply("403","Rely forbidden");
  321.                 exit;
  322.             }
  323.         }
  324.  
  325.     }
  326.  
  327.     # preloaded route checking
  328.     if (loose_route()) {
  329.         xlog("L_ERR",
  330.         "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
  331.         if (!is_method("ACK"))
  332.             sl_send_reply("403","Preload Route denied");
  333.         exit;
  334.     }
  335.  
  336.     # record routing
  337.     if (!is_method("REGISTER|MESSAGE"))
  338.         record_route();
  339.  
  340.     # account only INVITEs
  341.     if (is_method("INVITE")) {
  342.        
  343.         # create dialog with timeout
  344.         if ( !create_dialog("B") ) {
  345.             send_reply("500","Internal Server Error");
  346.             exit;
  347.         }
  348.        
  349.         do_accounting("db");
  350.        
  351.     }
  352.  
  353.    
  354.     if (!uri==myself) {
  355.         append_hf("P-hint: outbound\r\n");
  356.        
  357.         # if you have some interdomain connections via TLS
  358.         ## CUSTOMIZE IF NEEDED
  359.         ##if ($rd=="tls_domain1.net"
  360.         ## || $rd=="tls_domain2.net"
  361.         ##) {
  362.         ##  force_send_socket(tls:127.0.0.1:5061); # CUSTOMIZE
  363.         ##}
  364.        
  365.         route(relay);
  366.     }
  367.  
  368.     # requests for my domain
  369.    
  370.     if (is_method("PUBLISH|SUBSCRIBE"))
  371.     {
  372.         sl_send_reply("503", "Service Unavailable");
  373.         exit;
  374.     }
  375.  
  376.     if (is_method("REGISTER"))
  377.     {
  378.         # authenticate the REGISTER requests
  379.         if (!www_authorize("", "subscriber"))
  380.         {
  381.             www_challenge("", "0");
  382.             exit;
  383.         }
  384.        
  385.         if (!db_check_to())
  386.         {
  387.             sl_send_reply("403","Forbidden auth ID");
  388.             exit;
  389.         }
  390.  
  391.         if ( proto==TCP || proto==TLS || 0 ) setflag(TCP_PERSISTENT);
  392.  
  393.         if (isflagset(NAT)) {
  394.             setbflag(SIP_PING_FLAG);
  395.         }
  396.  
  397.         if (!save("location"))
  398.             sl_reply_error();
  399.  
  400.         exit;
  401.     }
  402.  
  403.     if ($rU==NULL) {
  404.         # request with no Username in RURI
  405.         sl_send_reply("484","Address Incomplete");
  406.         exit;
  407.     }
  408.  
  409.    
  410.     # apply DB based aliases
  411.     alias_db_lookup("dbaliases");
  412.  
  413.    
  414.  
  415.      
  416.  
  417.     # do lookup with method filtering
  418.     if (!lookup("location","m")) {
  419.         if (!db_does_uri_exist()) {
  420.             send_reply("420","Bad Extension");
  421.             exit;
  422.         }
  423.        
  424.         t_newtran();
  425.         t_reply("404", "Not Found");
  426.         exit;
  427.     }
  428.  
  429.     if (isbflagset(NAT)) setflag(NAT);
  430.  
  431.     # when routing via usrloc, log the missed calls also
  432.     do_accounting("db","missed");
  433.    
  434.     route(relay);
  435. }
  436.  
  437.  
  438. route[relay] {
  439.     # for INVITEs enable some additional helper routes
  440.     if (is_method("INVITE")) {
  441.        
  442.         if (isflagset(NAT)) {
  443.             rtpproxy_offer("ro");
  444.         }
  445.  
  446.         t_on_branch("per_branch_ops");
  447.         t_on_reply("handle_nat");
  448.         t_on_failure("missed_call");
  449.     }
  450.  
  451.     if (isflagset(NAT)) {
  452.         add_rr_param(";nat=yes");
  453.         }
  454.  
  455.     if (!t_relay()) {
  456.         send_reply("500","Internal Error");
  457.     };
  458.     exit;
  459. }
  460.  
  461.  
  462.  
  463.  
  464. branch_route[per_branch_ops] {
  465.  
  466.     xlog("new branch at $rU :: $ru :: $tn -> $fU :: $fu :: $fn \n");
  467. }
  468.  
  469.  
  470. onreply_route[handle_nat] {
  471.     if (nat_uac_test("1"))
  472.         fix_nated_contact();
  473.     if ( isflagset(NAT) )
  474.         rtpproxy_answer("ro");
  475.     xlog("incoming reply $ru -> $fu\n");
  476. }
  477.  
  478.  
  479. failure_route[missed_call] {
  480.     if (t_was_cancelled()) {
  481.         exit;
  482.     }
  483.  
  484.     # uncomment the following lines if you want to block client
  485.     # redirect based on 3xx replies.
  486.     ##if (t_check_status("3[0-9][0-9]")) {
  487.     ##t_reply("404","Not found");
  488.     ##  exit;
  489.     ##}
  490.  
  491.    
  492. }
  493.  
  494.  
  495.  
  496. local_route {
  497.     if (is_method("BYE") && $DLG_dir=="UPSTREAM") {
  498.        
  499.         acc_db_request("200 Dialog Timeout", "acc");
  500.        
  501.     }
  502. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!