API tools faq
paste
Advertisement
Alexander_Jankowsky

Untitled

Alexander_Jankowsky
Dec 10th, 2024
80
0
170 days
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.88 KB | Software | 0 0
raw download clone embed print report
  1. #
  2. # OpenSIPS residential configuration script
  3. # by OpenSIPS Solutions <[email protected]>
  4. #
  5. # This script was generated via "make menuconfig", from
  6. # the "Residential" scenario.
  7. # You can enable / disable more features / functionalities by
  8. # re-generating the scenario with different options.#
  9. #
  10. # Please refer to the Core CookBook at:
  11. # https://opensips.org/Resources/DocsCookbooks
  12. # for a explanation of possible statements, functions and parameters.
  13. #
  14.  
  15.  
  16. ####### Global Parameters #########
  17.  
  18. /* uncomment the following lines to enable debugging */
  19. #debug_mode=yes
  20.  
  21. log_level=3
  22. xlog_level=3
  23. stderror_enabled=no
  24. syslog_enabled=yes
  25. syslog_facility=LOG_LOCAL0
  26.  
  27. udp_workers=4
  28.  
  29. /* uncomment the next line to enable the auto temporary blacklisting of
  30. not available destinations (default disabled) */
  31. #disable_dns_blacklist=no
  32.  
  33. /* uncomment the next line to enable IPv6 lookup after IPv4 dns
  34. lookup failures (default disabled) */
  35. #dns_try_ipv6=yes
  36.  
  37.  
  38. socket=udp:192.168.3.102:42060 as 11.11.11.11:42060
  39. socket=tcp:192.168.3.102:42060 as 11.11.11.11:42060
  40. socket=tls:192.168.3.102:42061 as 11.11.11.11:42061
  41.  
  42. ####### Modules Section ########
  43.  
  44. #set module path
  45. mpath="/usr/lib/x86_64-linux-gnu/opensips/modules/"
  46.  
  47. #### SIGNALING module
  48. loadmodule "signaling.so"
  49.  
  50. #### StateLess module
  51. loadmodule "sl.so"
  52.  
  53. #### Transaction Module
  54. loadmodule "tm.so"
  55. modparam("tm", "fr_timeout", 5)
  56. modparam("tm", "fr_inv_timeout", 30)
  57. modparam("tm", "restart_fr_on_each_reply", 0)
  58. modparam("tm", "onreply_avp_mode", 1)
  59.  
  60. #### Record Route Module
  61. loadmodule "rr.so"
  62. /* do not append from tag to the RR (no need for this script) */
  63. modparam("rr", "append_fromtag", 0)
  64.  
  65. #### MAX ForWarD module
  66. loadmodule "maxfwd.so"
  67.  
  68. #### SIP MSG OPerationS module
  69. loadmodule "sipmsgops.so"
  70.  
  71. #### FIFO Management Interface
  72. loadmodule "mi_fifo.so"
  73. modparam("mi_fifo", "fifo_name", "/run/opensips/opensips_fifo")
  74. modparam("mi_fifo", "fifo_mode", 0666)
  75.  
  76. #### USeR LOCation module
  77. loadmodule "usrloc.so"
  78. modparam("usrloc", "nat_bflag", "NAT")
  79. modparam("usrloc", "working_mode_preset", "single-instance-no-db")
  80.  
  81. #### REGISTRAR module
  82. loadmodule "registrar.so"
  83. modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
  84. modparam("registrar", "received_avp", "$avp(received_nh)")/* uncomment the next line not to allow more than 10 contacts per AOR */
  85. #modparam("registrar", "max_contacts", 10)
  86.  
  87. #### ACCounting module
  88. loadmodule "acc.so"
  89. /* what special events should be accounted ? */
  90. modparam("acc", "early_media", 0)
  91. modparam("acc", "report_cancels", 0)
  92. /* by default we do not adjust the direct of the sequential requests.
  93. if you enable this parameter, be sure to enable "append_fromtag"
  94. in "rr" module */
  95. modparam("acc", "detect_direction", 0)
  96.  
  97. #### NAT modules
  98. loadmodule "nathelper.so"
  99. modparam("nathelper", "natping_interval", 10)
  100. modparam("nathelper", "ping_nated_only", 1)
  101. modparam("nathelper", "sipping_bflag", "SIP_PING_FLAG")
  102. modparam("nathelper", "sipping_from", "sip:[email protected]") #CUSTOMIZE ME
  103. modparam("nathelper", "received_avp", "$avp(received_nh)")
  104.  
  105. #loadmodule "rtpproxy.so"
  106. #modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:12221") # CUSTOMIZE ME
  107.  
  108. loadmodule "proto_udp.so"
  109. loadmodule "proto_tcp.so"
  110. loadmodule "proto_tls.so"
  111. loadmodule "tls_wolfssl.so"
  112. loadmodule "tls_mgm.so"
  113. modparam("tls_mgm","server_domain", "default")
  114. modparam("tls_mgm","match_ip_address", "[default]*")
  115. modparam("tls_mgm","verify_cert", "[default]0")
  116. modparam("tls_mgm","require_cert", "[default]0")
  117. modparam("tls_mgm","tls_method", "[default]SSLv23")
  118. modparam("tls_mgm","certificate", "[default]/etc/opensips/tls/user/user-cert.pem")
  119. modparam("tls_mgm","private_key", "[default]/etc/opensips/tls/user/user-privkey.pem")
  120. modparam("tls_mgm","ca_list", "[default]/etc/opensips/tls/user/user-calist.pem")
  121. modparam("tls_mgm","client_tls_domain_avp", "tls_match_dom")
  122.  
  123.  
  124. #### STUN module
  125. loadmodule "stun.so"
  126. # Example of a STUN server within OpenSIPS which is behind NAT
  127. modparam("stun", "primary_ip", "192.168.3.102 / 11.11.11.11")
  128. modparam("stun", "primary_port", "42060")
  129. modparam("stun", "alternate_ip", "192.168.3.102 / 11.11.11.11")
  130. modparam("stun", "alternate_port","42060")
  131.  
  132. ####### Routing Logic ########
  133.  
  134. # main request routing logic
  135.  
  136. route{
  137.  
  138. # initial NAT handling; detect if the request comes from behind a NAT
  139. # and apply contact fixing
  140. force_rport();
  141. # if (nat_uac_test("diff-port-src-via,private-via,diff-ip-src-via,private-contact")) {
  142. if (nat_uac_test("diff-ip-src-via,private-contact")) {
  143. if (is_method("REGISTER")) {
  144.  
  145. xlog("L_INFO","TEST POINT 0\n");
  146. xlog("L_INFO","SIP Request Original URI = '$ou'\n");
  147. xlog("L_INFO","Source Port = '$sp'\n");
  148. xlog("L_INFO","Contact Instance = '$ct'\n");
  149. xlog("L_INFO","Original request domain = '$od'\n");
  150. xlog("L_INFO","Preffered identity domain = '$pd'\n");
  151. xlog("L_INFO","Domain of destination = '$dd'\n");
  152. xlog("L_INFO","Destination URI = '$du'\n");
  153. xlog("L_INFO","Sip request port = '$rp'\n");
  154. xlog("L_INFO","Sip request domain = '$rd'\n");
  155. xlog("L_INFO","Sip request URI = '$ru'\n");
  156. xlog("L_INFO","Sip request uri username = '$rU'\n");
  157. xlog("L_INFO","Port of original request = '$op'\n");
  158. xlog("L_INFO","Transport Protocol = '$oP'\n");
  159. xlog("L_INFO","Transport Protocol = '$rP'\n");
  160. xlog("L_INFO","Destination URI = '$dP'\n");
  161. xlog("L_INFO","Destination Port = '$dp'\n");
  162. xlog("L_INFO","From URI domain = '$fd'\n");
  163. xlog("L_INFO","From header URI = '$fu'\n");
  164. xlog("L_INFO","From header URI username = '$fU'\n");
  165. xlog("L_INFO","Received avp = '$avp(received_nh)'\n");
  166. xlog("L_INFO","ct fields received = '$ct.fields(received)'\n");
  167. xlog("L_INFO","TEST POINT 1\n");
  168. fix_nated_register();
  169. setbflag("NAT");
  170. } else {
  171. xlog("L_INFO","TEST POINT 11\n");
  172. fix_nated_contact();
  173. setflag("NAT");
  174.  
  175. }
  176. }
  177.  
  178. if (!mf_process_maxfwd_header(10)) {
  179. xlog("L_INFO","TEST POINT 12\n");
  180. send_reply(483,"Too Many Hops");
  181. exit;
  182. }
  183.  
  184. if (has_totag()) {
  185. xlog("L_INFO","TEST POINT 2\n");
  186. # handle hop-by-hop ACK (no routing required)
  187. if ( is_method("ACK") && t_check_trans() ) {
  188. xlog("L_INFO","TEST POINT 40\n");
  189. t_relay();
  190. exit;
  191. }
  192.  
  193. # sequential request within a dialog should
  194. # take the path determined by record-routing
  195. if ( !loose_route() ) {
  196. xlog("L_INFO","TEST POINT 13\n");
  197. # we do record-routing for all our traffic, so we should not
  198. # receive any sequential requests without Route hdr.
  199. send_reply(404,"Not here");
  200. exit;
  201. }
  202.  
  203. if (is_method("BYE")) {
  204. xlog("L_INFO","TEST POINT 14\n");
  205. # do accounting even if the transaction fails
  206. do_accounting("log","failed");
  207. }
  208.  
  209.  
  210. if (check_route_param("nat=yes")) ######
  211. setflag("NAT"); ######
  212. xlog("L_INFO","TEST POINT 3\n");
  213. # route it out to whatever destination was set by loose_route()
  214. # in $du (destination URI).
  215. route(relay);
  216. exit;
  217. }
  218.  
  219. # CANCEL processing
  220. if (is_method("CANCEL")) {
  221. xlog("L_INFO","TEST POINT 15\n");
  222. if (t_check_trans())
  223. t_relay();
  224. exit;
  225. }
  226.  
  227. # absorb retransmissions, but do not create transaction
  228. t_check_trans();
  229.  
  230. if ( !(is_method("REGISTER") ) ) {
  231. xlog("L_INFO","TEST POINT 4\n");
  232.  
  233. if (is_myself("$fd")) {
  234. xlog("L_INFO","TEST POINT 16\n");
  235. } else {
  236. xlog("L_INFO","TEST POINT 17\n");
  237. # if caller is not local, then called number must be local
  238. # AAA commented out testing this is preventing local calls on same network as opensips server - from here
  239. # This is preventing any external remote outside local network calls from calling into the local network
  240. # if (!is_myself("$rd")) {
  241. # send_reply(403,"Relay Forbidden");
  242. # exit;
  243. # }
  244. # AAA commented out testing this is preventing local calls on same network as opensips server - upto here
  245. }
  246.  
  247. }
  248.  
  249. # preloaded route checking
  250. if (loose_route()) {
  251. xlog("L_INFO","TEST POINT 18\n");
  252. xlog("L_ERR",
  253. "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
  254. if (!is_method("ACK"))
  255. xlog("L_INFO","TEST POINT 19\n");
  256. send_reply(403,"Preload Route denied");
  257. exit;
  258. }
  259.  
  260. # record routing
  261. if (!is_method("REGISTER|MESSAGE"))
  262. xlog("L_INFO","TEST POINT 20\n");
  263. record_route();
  264.  
  265. # account only INVITEs
  266. if (is_method("INVITE")) {
  267. xlog("L_INFO","TEST POINT 21\n");
  268. do_accounting("log");
  269. }
  270.  
  271.  
  272. if (!is_myself("$rd")) {
  273. append_hf("P-hint: outbound\r\n");
  274. xlog("L_INFO","TEST POINT 22\n");
  275. # if you have some interdomain connections via TLS
  276. ## CUSTOMIZE IF NEEDED
  277. ##if ($rd=="tls_domain1.net"
  278. ## || $rd=="tls_domain2.net"
  279. ##) {
  280. ## force_send_socket("tls:127.0.0.1:5061"); # CUSTOMIZE
  281. ##}
  282.  
  283. route(relay);
  284. }
  285.  
  286. # requests for my domain
  287.  
  288. if (is_method("PUBLISH|SUBSCRIBE")) {
  289. xlog("L_INFO","TEST POINT 23\n");
  290. send_reply(503, "Service Unavailable");
  291. exit;
  292. }
  293.  
  294. if (is_method("REGISTER")) {
  295. xlog("L_INFO","TEST POINT 5\n");
  296. if ($socket_in(proto) == "tcp" || $socket_in(proto) == "tls")
  297. xlog("L_INFO","TEST POINT 24\n");
  298. setflag("TCP_PERSISTENT");
  299. if (isflagset("NAT")) { ######
  300. xlog("L_INFO","TEST POINT 25\n"); ######
  301. setbflag("SIP_PING_FLAG"); ######
  302. } ######
  303. # store the registration and generate a SIP reply
  304. if (!save("location"))
  305. xlog("failed to register AoR $tu\n");
  306.  
  307. exit;
  308. }
  309.  
  310. if ($rU==NULL) {
  311. xlog("L_INFO","TEST POINT 27\n");
  312. # request with no Username in RURI
  313. send_reply(484,"Address Incomplete");
  314. exit;
  315. }
  316.  
  317.  
  318. # do lookup with method filtering
  319. if (!lookup("location", "method-filtering")) {
  320. xlog("L_INFO","TEST POINT 28\n");
  321.  
  322. t_reply(404, "Not Found");
  323. exit;
  324. }
  325.  
  326. if (isbflagset("NAT")) setflag("NAT"); ######
  327. xlog("L_INFO","TEST POINT 29\n");
  328. xlog("L_INFO","b flag set\n");
  329. # when routing via usrloc, log the missed calls also
  330. do_accounting("log","missed");
  331. route(relay);
  332. }
  333.  
  334.  
  335. route[relay] {
  336. # for INVITEs enable some additional helper routes
  337. if (is_method("INVITE")) {
  338. xlog("L_INFO","TEST POINT 6\n");
  339. if (isflagset("NAT") && has_body("application/sdp")) { ######
  340. xlog("L_INFO","TEST POINT 30\n");
  341. # rtpproxy_offer("ro"); ######
  342. } ######
  343.  
  344. t_on_branch("per_branch_ops");
  345. t_on_reply("handle_nat");
  346. t_on_failure("missed_call");
  347. }
  348.  
  349. if (isflagset("NAT")) { ######
  350. xlog("L_INFO","TEST POINT 31\n");
  351. add_rr_param(";nat=yes"); ######
  352. } ######
  353.  
  354. if (!t_relay()) {
  355. xlog("L_INFO","TEST POINT 32\n");
  356. send_reply(500,"Internal Error");
  357. }
  358. exit;
  359. }
  360.  
  361.  
  362.  
  363.  
  364. branch_route[per_branch_ops] {
  365. xlog("L_INFO","TEST POINT 33\n");
  366. xlog("new branch at $ru\n");
  367. }
  368.  
  369.  
  370. onreply_route[handle_nat] {
  371. if (nat_uac_test("private-contact")) ######
  372. fix_nated_contact(); ######
  373. xlog("L_INFO","TEST POINT 7\n"); ######
  374. if ( isflagset("NAT") && has_body("application/sdp") ) ######
  375. # rtpproxy_answer("ro"); ######
  376. xlog("L_INFO","TEST POINT 8\n"); ######
  377. xlog("incoming reply\n");
  378. }
  379.  
  380.  
  381. failure_route[missed_call] {
  382. xlog("L_INFO","TEST POINT 34\n");
  383. if (t_was_cancelled()) {
  384. xlog("L_INFO","TEST POINT 35\n");
  385. exit;
  386. }
  387.  
  388. # uncomment the following lines if you want to block client
  389. # redirect based on 3xx replies.
  390. ##if (t_check_status("3[0-9][0-9]")) {
  391. ##t_reply(404,"Not found");
  392. ## exit;
  393. ##}
  394.  
  395.  
  396. }
  397.  
  398.  
  399.  
  400.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!