Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #
- # OpenSIPS residential configuration script
- # by OpenSIPS Solutions <team@opensips-solutions.com>
- #
- # Please refer to the Core CookBook at:
- # http://www.opensips.org/Resources/DocsCookbooks
- # for a explanation of possible statements, functions and parameters.
- #
- ####### Global Parameters #########
- debug_mode=yes
- log_level=2
- xlog_level=2
- log_stderror=yes
- log_facility=LOG_LOCAL0
- udp_workers=2
- # Set up listeners
- socket = bin:172.xx.xx.xx:5566
- socket = udp:172.xx.xx.xx:5066
- socket = udp:172.xx.xx.xx:5077
- socket = udp:172.xx.xx.xx:5067
- socket = ws:172.xx.xx.xx:6060 as os.sip.xxxx.cloud
- socket = wss:172.xx.xx.xx:443 as os.sip.xxxx.cloud
- ####### Modules Section ########
- # set module path
- mpath="/usr/lib/x86_64-linux-gnu/opensips/modules/"
- loadmodule "tls_mgm.so"
- #### SIGNALING module
- loadmodule "signaling.so"
- #### StateLess module
- loadmodule "sl.so"
- #### Transaction Module
- loadmodule "tm.so"
- modparam("tm", "fr_timeout", 5)
- modparam("tm", "fr_inv_timeout", 30)
- modparam("tm", "restart_fr_on_each_reply", 0)
- modparam("tm", "onreply_avp_mode", 1)
- #### DB Modules
- loadmodule "db_mysql.so"
- modparam("db_mysql", "exec_query_threshold", 60000)
- modparam("db_mysql", "max_db_queries", 20)
- #### MOngoDB Module
- loadmodule "cachedb_mongodb.so"
- modparam("cachedb_mongodb", "cachedb_url", "mongodb://user:pwd@XXXXXX-shard-00-00.okdm0.mongodb.net:27017,XXXXXXX-shard-00-01.okdm0.mongodb.net:27017,XXXX-shard-00-02.okdm0.mongodb.net:27017/myFirstDatabase.userlocation?ssl=true&authSource=admin&retryWrites=true&w=majority")
- #### Record Route Module
- loadmodule "rr.so"
- modparam("rr", "enable_double_rr", 1)
- modparam("rr", "append_fromtag", 0)
- #### MAX ForWarD module
- loadmodule "maxfwd.so"
- #### SIP MSG OPerationS module
- loadmodule "sipmsgops.so"
- #### FIFO Management Interface
- loadmodule "mi_fifo.so"
- modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
- modparam("mi_fifo", "fifo_mode", 0666)
- #### USeR LOCation module
- loadmodule "usrloc.so"
- # modparam("usrloc", "nat_bflag", "NAT")
- # modparam("usrloc", "db_mode", 0)
- modparam("usrloc", "use_domain", 1)
- modparam("usrloc", "working_mode_preset", "federation-cachedb-cluster")
- modparam("usrloc", "location_cluster", 1)
- modparam("usrloc", "cachedb_url", "mongodb://user:pwd@XXXXXX-shard-00-00.okdm0.mongodb.net:27017,XXXXXX-shard-00-01.okdm0.mongodb.net:27017,XXXXXX-shard-00-02.okdm0.mongodb.net:27017/myFirstDatabase.userlocation?ssl=true&authSource=admin&retryWrites=true&w=majority")
- #### REGISTRAR module
- loadmodule "registrar.so"
- modparam("registrar", "default_expires", 1800)
- modparam("registrar", "attr_avp", "$avp(attr)")
- modparam("registrar", "max_contacts", 2)
- ##max_contacts
- #### RTPengine protocol
- loadmodule "rtpengine.so"
- modparam("rtpengine", "rtpengine_sock", "udp:172.xx.xx.102:2223")
- #### Nathelper protocol
- loadmodule "nathelper.so"
- modparam("nathelper", "natping_interval", 30)
- modparam("nathelper", "sipping_from", "sip:pinger@localhost")
- modparam("nathelper", "sipping_bflag", "SIPPING_ENABLE")
- modparam("nathelper", "remove_on_timeout_bflag", "SIPPING_RTO")
- modparam("nathelper", "max_pings_lost", 5)
- modparam("nathelper", "cluster_id", 1)
- ### Load Binary Protocol
- loadmodule "proto_bin.so"
- modparam("proto_bin", "bin_port", 5566)
- #### UDP protocol
- loadmodule "proto_udp.so"
- #### WebSocket and WebSocketSecure protocol
- loadmodule "proto_wss.so"
- loadmodule "proto_ws.so"
- # Certificate management
- modparam("tls_mgm", "server_domain", "dom")
- modparam("tls_mgm", "match_sip_domain", "[dom]os.sip.xxx.cloud")
- modparam("tls_mgm", "certificate", "[dom]/etc/opensips/os.sip.xxxx.cloud/cert.pem")
- modparam("tls_mgm", "private_key", "[dom]/etc/opensips/os.sip.xxxx.cloud/privkey.pem")
- modparam("tls_mgm", "ca_list", "[dom]/etc/opensips/os.sip.xxxx.cloud/chain.pem")
- modparam("tls_mgm", "verify_cert", "[dom]0")
- modparam("tls_mgm", "require_cert", "[dom]0")
- modparam("tls_mgm", "tls_method", "[dom]TLSv1-")
- ### Load Custer module
- loadmodule "clusterer.so"
- modparam("clusterer", "my_node_id", 1)
- modparam("clusterer", "db_mode", 0)
- modparam("clusterer", "my_node_info", "cluster_id=1, url=bin:172.xx.xx.60:5566, sip_addr=172.xx.xx.60:5067, flags=seed")
- modparam("clusterer", "neighbor_node_info", "cluster_id=1,node_id=2,url=bin:172.xx.yy.60:5566")
- modparam("clusterer", "neighbor_node_info", "cluster_id=1,node_id=2,url=bin:172.xx.yy.60:5566")
- #### Load dialog module
- loadmodule "dialog.so"
- modparam("dialog", "db_mode", 0)
- modparam("dialog", "db_update_period", 20)
- ### Load account module
- loadmodule "acc.so"
- modparam("acc", "early_media", 0)
- modparam("acc", "report_cancels", 0)
- modparam("acc", "detect_direction", 0)
- ####### Routing Logic ########
- # main request routing logic
- route{
- if (!mf_process_maxfwd_header(10)) {
- send_reply(483,"Too Many Hops");
- exit;
- }
- if (has_totag()) {
- # sequential requests within a dialog should
- # take the path determined by record-routing
- if (loose_route()) {
- if (is_method("INVITE")) {
- # even if in most of the cases is useless, do RR for
- # re-INVITEs alos, as some buggy clients do change route set
- # during the dialog.
- record_route();
- }
- # route it out to whatever destination was set by loose_route()
- # in $du (destination URI).
- route(relay);
- } else {
- if ( is_method("ACK") ) {
- if ( t_check_trans() ) {
- # non loose-route, but stateful ACK; must be an ACK after
- # a 487 or e.g. 404 from upstream server
- t_relay();
- exit;
- } else {
- # ACK without matching transaction ->
- # ignore and discard
- exit;
- }
- }
- send_reply(404,"Not here");
- }
- exit;
- }
- # CANCEL processing
- if (is_method("CANCEL")) {
- if (t_check_trans())
- t_relay();
- exit;
- }
- t_check_trans();
- if (!is_method("REGISTER")) {
- if (!is_myself("$fd")) {
- if (!is_myself("$rd")) {
- send_reply(403,"Relay Forbidden");
- exit;
- }
- }
- }
- # preloaded route checking
- if (loose_route()) {
- xlog("L_ERR",
- "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
- if (!is_method("ACK"))
- send_reply(403,"Preload Route denied");
- exit;
- }
- # record routing
- if (!is_method("REGISTER|MESSAGE"))
- record_route();
- if (!is_myself("$rd")) {
- append_hf("P-hint: outbound\r\n");
- route(relay);
- }
- # requests for my domain
- if (is_method("PUBLISH|SUBSCRIBE")) {
- send_reply(503,"Service Unavailable");
- exit;
- }
- # check if the clients are using WebSockets or WebSocketSecure
- if ($socket_in(proto) == "WS"|| $socket_in(proto) == "WSS"){
- setflag("SRC_WS");
- }
- # consider the client is behind NAT - always fix the contact
- fix_nated_contact();
- if (is_method("REGISTER")) {
- # indicate that the client supports DTLS
- # so we know when he is called
- if (isflagset("SRC_WS")){
- setbflag("DST_WS");
- }
- fix_nated_register();
- if (!save("os.sip.xxxx.cloud")){
- sl_reply_error();
- }
- exit;
- }
- if ($rU==NULL) {
- # request with no Username in RURI
- send_reply(484,"Address Incomplete");
- exit;
- }
- # do lookup with method filtering
- $var(lookup_flags) = "m";
- $var(rd_backup) = $rd;
- #sethost("os.sip.xxxx.cloud");
- if(cluster_check_addr(1, "$si")){
- xlog("\033[36m>>>>>>>>Local---- SorceIP $si >>>-\033[0m--\n");
- xlog("$rm from cluster, doing local lookup only\n");
- }else{
- xlog("\033[36m>>>>>>>>Global---- SorceIP $si >>>-\033[0m--\n");
- xlog("$rm from outside, doing global lookup\n");
- $var(lookup_flags) = $var(lookup_flags) + "g";
- xlog("\033[36m>>>>>>>>-lookup_flags -- $var(lookup_flags) --->>> >>>-\033[0m--\n");
- }
- $var(aor) = "sip:" + $rU + "@" + "os.sip.xxxx.cloud";
- if (!lookup("os.sip.xxxx.cloud", "$var(lookup_flags)", "$var(aor)")) {
- t_reply(404, "Not Found");
- exit;
- }
- #sethost($var(rd_backup));
- do_accounting("log","missed");
- route(relay);
- }
- route[relay] {
- # for INVITEs enable some additional helper routes
- if (is_method("INVITE")) {
- t_on_branch("handle_nat");
- t_on_reply("handle_nat");
- } else if (is_method("BYE|CANCEL")) {
- rtpengine_delete();
- }
- if (!t_relay()) {
- send_reply(500,"Internal Error");
- };
- exit;
- }
- branch_route[handle_nat] {
- xlog("\033[31m>>>>>>>>branch_route ------------------- >>>-\033[0m--\n");
- if (!is_method("INVITE") || !has_body("application/sdp"))
- return;
- if(isbflagset("DST_WS"))
- xlog("\033[31m>>>>>>>>branch_route Protocol DST_WS ---- set >>>-\033[0m--\n");
- if(isflagset("SRC_WS"))
- xlog("\033[31m>>>>>>>>branch_route Protocol SRC_WS ---- set >>>-\033[0m--\n");
- if (isflagset("SRC_WS") && isbflagset("DST_WS"))
- $var(rtpengine_flags) = "ICE=force-relay DTLS=passive";
- else if (isflagset("SRC_WS") && !isbflagset("DST_WS"))
- $var(rtpengine_flags) = "RTP/AVP replace-session-connection replace-origin ICE=remove rtcp-mux-demux";
- else if (!isflagset("SRC_WS") && isbflagset("DST_WS"))
- $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force SDES-off rtcp-mux-offer";
- else if (!isflagset("SRC_WS") && !isbflagset("DST_WS"))
- $var(rtpengine_flags) = "RTP/AVP replace-session-connection replace-origin ICE=remove";
- xlog("\033[31m>>>>>>>>offer flag is ------------------- $var(rtpengine_flags) >>>-\033[0m--\n");
- rtpengine_offer("$var(rtpengine_flags)");
- }
- onreply_route[handle_nat] {
- xlog("\033[31m>>>>>>>>onreply_route ------------------- >>>-\033[0m--\n");
- fix_nated_contact();
- if (!has_body("application/sdp"))
- return;
- if(isbflagset("DST_WS"))
- xlog("\033[31m>>>>>>>>onreply_route Protocol DST_WS ---- set >>>-\033[0m--\n");
- if(isflagset("SRC_WS"))
- xlog("\033[31m>>>>>>>>onreply_route Protocol SRC_WS ---- set >>>-\033[0m--\n");
- if (isflagset("SRC_WS") && isbflagset("DST_WS DTLS=passive"))
- $var(rtpengine_flags) = "ICE=force-relay DTLS=passive";
- else if (isflagset("SRC_WS") && !isbflagset("DST_WS"))
- $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
- else if (!isflagset("SRC_WS") && isbflagset("DST_WS"))
- $var(rtpengine_flags) = "RTP/AVP replace-session-connection replace-origin ICE=remove";
- else if (!isflagset("SRC_WS") && !isbflagset("DST_WS"))
- $var(rtpengine_flags) = "RTP/AVP replace-session-connection replace-origin ICE=remove";
- xlog("\033[31m>>>>>>>>answer flag is ------------------- $var(rtpengine_flags) >>>-\033[0m--\n");
- rtpengine_answer("$var(rtpengine_flags)");
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement