mirror of https://gerrit.osmocom.org/osmo-dev
420 lines
9.4 KiB
INI
420 lines
9.4 KiB
INI
#!KAMAILIO
|
|
|
|
#!define WITH_DEBUG
|
|
#!define WITH_PSTN
|
|
|
|
####### Defined Values #########
|
|
|
|
# - flags
|
|
# FLT_ - per transaction (message) flags
|
|
# FLB_ - per branch flags
|
|
#!define FLT_ACC 1
|
|
#!define FLT_ACCMISSED 2
|
|
#!define FLT_ACCFAILED 3
|
|
#!define FLT_NATS 5
|
|
#!define FLB_NATB 6
|
|
#!define FLB_NATSIPPING 7
|
|
|
|
####### Global Parameters #########
|
|
|
|
### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
|
|
#!ifdef WITH_DEBUG
|
|
debug=2
|
|
log_stderror=yes
|
|
#!else
|
|
debug=2
|
|
log_stderror=no
|
|
#!endif
|
|
|
|
memdbg=5
|
|
memlog=5
|
|
|
|
log_facility=LOG_LOCAL0
|
|
rundir="${NET_DIR}/kamailio_rundir"
|
|
|
|
fork=yes
|
|
children=4
|
|
|
|
/* uncomment the next line to disable TCP (default on) */
|
|
disable_tcp=yes
|
|
|
|
/* uncomment the next line to disable the auto discovery of local aliases
|
|
based on reverse DNS on IPs (default on) */
|
|
auto_aliases=no
|
|
|
|
/* add local domain aliases */
|
|
#alias="sip.mydomain.com"
|
|
|
|
/* uncomment and configure the following line if you want Kamailio to
|
|
bind on a specific interface/port/proto (default bind on all available) */
|
|
listen=${PBX_SIP}:${PBX_SIP_PORT}
|
|
|
|
/* port to listen to
|
|
* - can be specified more than once if needed to listen on many ports */
|
|
port=${PBX_SIP_PORT}
|
|
|
|
# life time of TCP connection when there is no traffic
|
|
# - a bit higher than registration expires to cope with UA behind NAT
|
|
tcp_connection_lifetime=3605
|
|
|
|
####### Custom Parameters #########
|
|
|
|
# These parameters can be modified runtime via RPC interface
|
|
# - see the documentation of 'cfg_rpc' module.
|
|
#
|
|
# Format: group.id = value 'desc' description
|
|
# Access: $sel(cfg_get.group.id) or @cfg_get.group.id
|
|
#
|
|
|
|
#!ifdef WITH_PSTN
|
|
# PSTN GW Routing
|
|
#
|
|
# - pstn.gw_ip: valid IP or hostname as string value, example:
|
|
# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
|
|
#
|
|
# - by default is empty to avoid misrouting
|
|
pstn.gw_ip = "${SIPCON_SIP}:${SIPCON_SIP_PORT}" desc "osmo-sip-connector Address"
|
|
#!endif
|
|
|
|
|
|
####### Modules Section ########
|
|
|
|
# set paths to location of modules (to sources or installation folders)
|
|
#!ifdef WITH_SRCPATH
|
|
mpath="modules"
|
|
#!else
|
|
mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/"
|
|
#!endif
|
|
|
|
# loadmodule "mi_fifo.so"
|
|
loadmodule "kex.so"
|
|
loadmodule "corex.so"
|
|
loadmodule "tm.so"
|
|
loadmodule "tmx.so"
|
|
loadmodule "sl.so"
|
|
loadmodule "rr.so"
|
|
loadmodule "pv.so"
|
|
loadmodule "maxfwd.so"
|
|
loadmodule "usrloc.so"
|
|
loadmodule "registrar.so"
|
|
loadmodule "textops.so"
|
|
loadmodule "siputils.so"
|
|
loadmodule "xlog.so"
|
|
loadmodule "sanity.so"
|
|
# loadmodule "ctl.so"
|
|
# loadmodule "cfg_rpc.so"
|
|
# loadmodule "mi_rpc.so"
|
|
loadmodule "acc.so"
|
|
|
|
#!ifdef WITH_NAT
|
|
loadmodule "nathelper.so"
|
|
loadmodule "rtpproxy.so"
|
|
#!endif
|
|
|
|
#!ifdef WITH_DEBUG
|
|
loadmodule "debugger.so"
|
|
#!endif
|
|
|
|
# ----------------- setting module-specific parameters ---------------
|
|
|
|
# ----- mi_fifo params -----
|
|
#modparam("mi_fifo", "fifo_name", "/var/run/kamailio/kamailio_fifo")
|
|
|
|
# ----- ctl params -----
|
|
#modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")
|
|
|
|
# ----- tm params -----
|
|
# auto-discard branches from previous serial forking leg
|
|
modparam("tm", "failure_reply_mode", 3)
|
|
# default retransmission timeout: 30sec
|
|
modparam("tm", "fr_timer", 30000)
|
|
# default invite retransmission timeout after 1xx: 120sec
|
|
modparam("tm", "fr_inv_timer", 120000)
|
|
|
|
# ----- rr params -----
|
|
# add value to ;lr param to cope with most of the UAs
|
|
modparam("rr", "enable_full_lr", 1)
|
|
# do not append from tag to the RR (no need for this script)
|
|
modparam("rr", "append_fromtag", 0)
|
|
|
|
# ----- registrar params -----
|
|
modparam("registrar", "method_filtering", 1)
|
|
/* uncomment the next line to disable parallel forking via location */
|
|
# modparam("registrar", "append_branches", 0)
|
|
/* uncomment the next line not to allow more than 10 contacts per AOR */
|
|
#modparam("registrar", "max_contacts", 10)
|
|
# max value for expires of registrations
|
|
modparam("registrar", "max_expires", 3600)
|
|
# set it to 1 to enable GRUU
|
|
modparam("registrar", "gruu_enabled", 0)
|
|
|
|
# ----- acc params -----
|
|
/* what special events should be accounted ? */
|
|
modparam("acc", "early_media", 0)
|
|
modparam("acc", "report_ack", 0)
|
|
modparam("acc", "report_cancels", 0)
|
|
/* by default ww do not adjust the direct of the sequential requests.
|
|
if you enable this parameter, be sure the enable "append_fromtag"
|
|
in "rr" module */
|
|
modparam("acc", "detect_direction", 0)
|
|
/* account triggers (flags) */
|
|
modparam("acc", "log_flag", FLT_ACC)
|
|
modparam("acc", "log_missed_flag", FLT_ACCMISSED)
|
|
modparam("acc", "log_extra",
|
|
"src_user=$fU;src_domain=$fd;src_ip=$si;"
|
|
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
|
|
modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
|
|
|
|
|
|
#!ifdef WITH_NAT
|
|
# ----- rtpproxy params -----
|
|
modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
|
|
|
|
# ----- nathelper params -----
|
|
modparam("nathelper", "natping_interval", 30)
|
|
modparam("nathelper", "ping_nated_only", 1)
|
|
modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
|
|
modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
|
|
|
|
# params needed for NAT traversal in other modules
|
|
modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
|
|
modparam("usrloc", "nat_bflag", FLB_NATB)
|
|
#!endif
|
|
|
|
|
|
#!ifdef WITH_DEBUG
|
|
# ----- debugger params -----
|
|
modparam("debugger", "cfgtrace", 0)
|
|
#!endif
|
|
|
|
####### Routing Logic ########
|
|
|
|
|
|
# Main SIP request routing logic
|
|
# - processing of any incoming SIP request starts with this route
|
|
# - note: this is the same as route { ... }
|
|
request_route {
|
|
|
|
xlog("GOT SIP $rm from $fu: $ru\n");
|
|
# per request initial checks
|
|
route(REQINIT);
|
|
|
|
# CANCEL processing
|
|
if (is_method("CANCEL")) {
|
|
if (t_check_trans()) {
|
|
route(RELAY);
|
|
}
|
|
exit;
|
|
}
|
|
# handle requests within SIP dialogs
|
|
route(WITHINDLG);
|
|
|
|
### only initial requests (no To tag)
|
|
|
|
# handle retransmissions
|
|
if(t_precheck_trans()) {
|
|
t_check_trans();
|
|
exit;
|
|
}
|
|
t_check_trans();
|
|
|
|
if ("600" == $rU) {
|
|
route(ECHO);
|
|
}
|
|
|
|
if ("500" == $rU) {
|
|
route(TEST);
|
|
}
|
|
|
|
route(PSTN);
|
|
}
|
|
|
|
|
|
route[RELAY] {
|
|
# enable additional event routes for forwarded requests
|
|
# - serial forking, RTP relaying handling, a.s.o.
|
|
if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
|
|
if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
|
|
}
|
|
if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
|
|
if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
|
|
}
|
|
if (is_method("INVITE")) {
|
|
if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
|
|
}
|
|
|
|
if (!t_relay()) {
|
|
sl_reply_error();
|
|
}
|
|
exit;
|
|
}
|
|
|
|
# Per SIP request initial checks
|
|
route[REQINIT] {
|
|
#!ifdef WITH_ANTIFLOOD
|
|
# flood dection from same IP and traffic ban for a while
|
|
# be sure you exclude checking trusted peers, such as pstn gateways
|
|
# - local host excluded (e.g., loop to self)
|
|
if(src_ip!=myself) {
|
|
if($sht(ipban=>$si)!=$null) {
|
|
# ip is already blocked
|
|
xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
|
|
exit;
|
|
}
|
|
if (!pike_check_req()) {
|
|
xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
|
|
$sht(ipban=>$si) = 1;
|
|
exit;
|
|
}
|
|
}
|
|
#!endif
|
|
|
|
if (!mf_process_maxfwd_header("2")) {
|
|
sl_send_reply("483","Too Many Hops");
|
|
exit;
|
|
}
|
|
|
|
if(is_method("OPTIONS") && uri==myself && $rU==$null) {
|
|
sl_send_reply("200","Keepalive");
|
|
exit;
|
|
}
|
|
|
|
if(!sanity_check("1511", "7")) {
|
|
xlog("Malformed SIP message from $si:$sp\n");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
# Handle requests within SIP dialogs
|
|
route[WITHINDLG] {
|
|
if (!has_totag()) return;
|
|
|
|
# sequential request withing a dialog should
|
|
# take the path determined by record-routing
|
|
if (loose_route()) {
|
|
if (is_method("BYE")) {
|
|
setflag(FLT_ACC); # do accounting ...
|
|
setflag(FLT_ACCFAILED); # ... even if the transaction fails
|
|
}
|
|
else if ( is_method("ACK") ) {
|
|
# ACK is forwarded statelessy
|
|
route(NATMANAGE);
|
|
}
|
|
else if ( is_method("NOTIFY") ) {
|
|
# Add Record-Route for in-dialog NOTIFY as per RFC 6665.
|
|
record_route();
|
|
}
|
|
route(RELAY);
|
|
exit;
|
|
}
|
|
if ( is_method("ACK") ) {
|
|
if ( t_check_trans() ) {
|
|
# no loose-route, but stateful ACK;
|
|
# must be an ACK after a 487
|
|
# or e.g. 404 from upstream server
|
|
route(RELAY);
|
|
exit;
|
|
} else {
|
|
# ACK without matching transaction ... ignore and discard
|
|
exit;
|
|
}
|
|
}
|
|
sl_send_reply("404", "Not here");
|
|
exit;
|
|
}
|
|
|
|
# RTPProxy control
|
|
route[NATMANAGE] {
|
|
#!ifdef WITH_NAT
|
|
if (is_request()) {
|
|
if(has_totag()) {
|
|
if(check_route_param("nat=yes")) {
|
|
setbflag(FLB_NATB);
|
|
}
|
|
}
|
|
}
|
|
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
|
|
return;
|
|
|
|
rtpproxy_manage("co");
|
|
|
|
if (is_request()) {
|
|
if (!has_totag()) {
|
|
if(t_is_branch_route()) {
|
|
add_rr_param(";nat=yes");
|
|
}
|
|
}
|
|
}
|
|
if (is_reply()) {
|
|
if(isbflagset(FLB_NATB)) {
|
|
set_contact_alias();
|
|
}
|
|
}
|
|
#!endif
|
|
return;
|
|
}
|
|
|
|
# PSTN GW routing
|
|
route[PSTN] {
|
|
#!ifdef WITH_PSTN
|
|
# check if PSTN GW IP is defined
|
|
if (strempty($sel(cfg_get.pstn.gw_ip))) {
|
|
xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");
|
|
return;
|
|
}
|
|
|
|
# route to PSTN dialed numbers starting with '+' or '00'
|
|
# (international format)
|
|
# - update the condition to match your dialing rules for PSTN routing
|
|
#if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))
|
|
# return;
|
|
|
|
# only local users allowed to call
|
|
#if(from_uri!=myself) {
|
|
# sl_send_reply("403", "Not Allowed");
|
|
# exit;
|
|
#}
|
|
|
|
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
|
|
|
|
route(RELAY);
|
|
exit;
|
|
#!endif
|
|
|
|
return;
|
|
}
|
|
|
|
route[ECHO] {
|
|
$ru = "sip:echo@iptel.org";
|
|
route(RELAY);
|
|
exit;
|
|
}
|
|
|
|
route[TEST] {
|
|
$ru = "sip:music@iptel.org";
|
|
route(RELAY);
|
|
exit;
|
|
}
|
|
|
|
# Manage outgoing branches
|
|
branch_route[MANAGE_BRANCH] {
|
|
xdbg("new branch [$T_branch_idx] to $ru\n");
|
|
route(NATMANAGE);
|
|
}
|
|
|
|
# Manage incoming replies
|
|
onreply_route[MANAGE_REPLY] {
|
|
xdbg("incoming reply\n");
|
|
if(status=~"[12][0-9][0-9]")
|
|
route(NATMANAGE);
|
|
}
|
|
|
|
# Manage failure routing cases
|
|
failure_route[MANAGE_FAILURE] {
|
|
route(NATMANAGE);
|
|
|
|
if (t_is_canceled()) {
|
|
exit;
|
|
}
|
|
}
|