# # sample config file to be used with nathelper/rtpproxy # # start RTPProxy with: rtpproxy -l your_public_ip -s udp:localhost:8899 # # ----------- global configuration parameters ------------------------ debug=7 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode fork=no log_stderror=no */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 children=4 # --- module loading mpath="//lib64/kamailio/modules/" loadmodule "mi_fifo.so" loadmodule "db_mysql.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "nathelper.so" loadmodule "auth.so" loadmodule "auth_db.so" loadmodule "avpops.so" loadmodule "pv.so" loadmodule "siputils.so" loadmodule "xlog.so" loadmodule "uri_db.so" loadmodule "domain.so" loadmodule "permissions.so" loadmodule "group.so" loadmodule "lcr.so" loadmodule "acc.so" # --- setting module parameters ####avpops parameter modparam("avpops","db_url","mysql://databaseuser:blabla@localhost/openser") modparam("avpops", "avp_table", "usr_preferences") # -- mi_fifo params -- modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo") ####tm module modparam("tm", "fr_timer",10) modparam("tm", "fr_inv_timer", 200) modparam("tm", "wt_timer", 10) modparam("tm", "fr_inv_timer_avp", "$avp(i:25)") #modparam("tm", "fr_inv_timer_avp", "ram("tm", "fr_inv_timer_avp", "$avp(i:704)")25") #modparam("tm", "fr_inv_timer_avp", "s:hg_invite_timer") modparam("uri_db|usrloc|auth_db|permissions","db_url","mysql://databaseuser:blabla@127.0.0.1/openser") # -- usrloc params -- modparam("usrloc", "db_mode", 2) modparam("usrloc", "nat_bflag", 6) # -- registrar params -- modparam("registrar|nathelper", "received_avp", "$avp(i:42)") # -- auth params -- modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") # -- rr params -- modparam("rr", "enable_full_lr", 1) # -- nathelper modparam("nathelper", "rtpproxy_sock", "udp:localhost:8899") modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org") # --- Permissions module modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "trusted") ##lcr module ####lcr module #modparam("lcr","db_url","dbdriver://databaseuser:blabla@localhost/openser") modparam("lcr","gw_table","gw") modparam("lcr","gw_name_column","gw_name") modparam("lcr","grp_id_column","grp_id") modparam("lcr","ip_addr_column","ip_addr") modparam("lcr","hostname_column","hostname") modparam("lcr","port_column","port") modparam("lcr","uri_scheme_column","uri_scheme") modparam("lcr","transport_column","transport") modparam("lcr","strip_column","strip") modparam("lcr","tag_column","tag") modparam("lcr","weight_column","weight") modparam("lcr","flags_column","flags") modparam("lcr","lcr_table","lcr") modparam("lcr","prefix_column","prefix") modparam("lcr","from_uri_column","from_uri") modparam("lcr","priority_column","priority") modparam("lcr","gw_uri_avp", "$avp(i:709)") modparam("^auth$|lcr", "rpid_avp", "$avp(i:302)") modparam("lcr", "ruri_user_avp", "$avp(i:500)") modparam("lcr", "flags_avp", "$avp(i:712)") # --- main routing logic route{ # # # if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too many Hops"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message too big"); exit; }; # # # if (!method=="REGISTER") record_route(); ##Loose_route packets if (loose_route()) { append_hf("P-hint: rr-enforced\r\n"); route(1); }; # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; }; t_check_trans(); # # # if (method=="REGISTER") { route(2); } else { route(3); }; } route [1] { if (!t_relay()) { sl_reply_error(); }; exit; } route [2] { ## Register request handler if (is_uri_host_local()) { if (!www_authorize("", "subscriber")) { www_challenge("", "1"); exit; }; if (!check_to()) { sl_send_reply("403", "Forbidden"); exit; }; save("location"); exit; } else if { sl_send_reply("403", "Forbidden"); }; } route[3] { ## INVITE request handler if (is_from_local()) { if(!allow_trusted()) { if (!proxy_authorize("", "subscriber")) { proxy_challenge("","1"); exit; } else if (!check_from()) { sl_send_reply("403", "Forbidden, use From=ID"); exit; }; } else { log("Request bypassed the auth.using allow_trsuted"); }; consume_credentials(); lookup("aliases"); if (is_uri_host_local()) { # -- inbound to inbound route(10); } else { # -- onbound to outbound route(11); }; } else { lookup("aliases"); if (is_uri_host_local()) { route(12) ; } else { route (13); }; }; } route [4] { rewritehostport("65.39.213.204"); route(1); } route [10] { append_hf("p-hist: inbound -> inbound \r\n"); if (uri=~"^sip:[2-9][0-9] {6}@") { if (is_user_in("credentials","local")) { route(4); exit; } else { sl_send_reply("403", "No permissions for local calls"); exit; }; }; if (uri=~"^sip:1[0-9]*@") { if (is_user_in("credentials","ld")) { route(4); exit; } else { sl_send_reply("403", "No permissions for long distance"); exit; }; }; if (uri=~"^sip:011[0-9]*@") { if (is_user_in("credentials", "int")) { route(4); exit; } else { sl_send_reply("403", "No permissions for international calls"); }; }; if (!lookup("location")) { sl_send_reply("404", "not Found"); exit; }; route(1); } route[11] { append_hf("P-hist: inbound-> ourbound \r\n"); route(1); } route[12] { lookup("aliases"); if (!lookup("location")) { sl_send_reply("404", "Not Found"); exit; }; route(1); } route[13] { append_hf("P-hint: Outbound-> inbound \r\n"); sl_send_reply("403", "Forbidden"); exit; } #failure_route[1] { # if(!next_gw()) { # t_reply("503", "Services not available, no more gateways"); # exit; ## } # # t_on_failure("1"); # t_relay(); # }