Hello,
I'd like to setup Kamailio to act as an SBC providing NAT
traversal, and security for multiple asterisk boxes on the
inside. Currently kamailio has two NIC's, one public and one
private. All traffic hits the external interface and is then
forwarded to an Asterisk box on the inside.
I'd like to modify the config from the tutorial above to
support multiple asterisk boxes. Authentication will be done
via MySQL and depending on the user domain, the request get's
forwarded to the proper Asterisk box. Here is what I've got so
far:
if (is_method("REGISTER") && from_uri=~
.*@10.55.55.5)
{
if(isflagset(FLT_NATS))
{
setbflag(FLB_NATB);
# uncomment next line to do SIP NAT
pinging
## setbflag(FLB_NATSIPPING);
}
if (!save("location"))
sl_reply_error();
route(REGFWD);
exit;
}
else if (is_method("REGISTER") &&
from_uri=~".*asterisk.domain.tld")
{
if(isflagset(FLT_NATS))
{
setbflag(FLB_NATB);
# uncomment next line to do SIP NAT
pinging
## setbflag(FLB_NATSIPPING);
}
if (!save("location"))
sl_reply_error();
route(REGFWDCLOUD);
exit;
}
}
Based on the domain I route the SIP message to another
route block which is esentally the same route block as the
origional route[FROMASTERISK] route[TOASTERISK] route[REGFWD].
I beleive there's an easier way of doing this though. Creating
separate route blocks per asterisk box would mean creating a
new route blocks for each asterisk box. Here's an example:
route[FROMASTERISK] {
if($si==$sel(cfg_get.asterisk.bindip)
&&
$sp==$sel(cfg_get.asterisk.bindport))
return 1;
return -1;
# Send to Asterisk
route[TOASTERISK] {
$du = "sip:" + $sel(cfg_get.asterisk.bindip) + ":"
+ $sel(cfg_get.asterisk.bindport);
route(RELAY);
exit;
# Forward REGISTER to Asterisk
route[REGFWD] {
if(!is_method("REGISTER"))
{
return;
}
$var(rip) = $sel(cfg_get.asterisk.bindip);
$uac_req(method)="REGISTER";
$uac_req(ruri)="sip:" + $var(rip) + ":" +
$sel(cfg_get.asterisk.bindport);
$uac_req(furi)="sip:" + $au + "@" + $var(rip);
$uac_req(turi)="sip:" + $au + "@" + $var(rip);
$uac_req(hdrs)="Contact: <sip:" + $au + "@"
+
$sel(cfg_get.kamailio.bindip)
+ ":" +
$sel(cfg_get.kamailio.bindport) + ">\r\n";
if($sel(contact.expires) != $null)
$uac_req(hdrs)= $uac_req(hdrs) + "Expires: " +
$sel(contact.expires) + "\r\n";
else
$uac_req(hdrs)= $uac_req(hdrs) + "Expires: " +
$hdr(Expires) + "\r\n";
uac_req_send();
}
route[FROMCLOUD] {
if($si==$sel(cfg_get.cloud.bindip)
&&
$sp==$sel(cfg_get.asterisk.bindport))
return 1;
return -1;
}
route[TOCLOUD] {
$du = "sip:" + $sel(cfg_get.cloud.bindip) + ":"
+ $sel(cfg_get.asterisk.bindport);
route(RELAY);
exit;
}
route[REGFWDCLOUD] {
if(!is_method("REGISTER"))
{
return;
}
$var(rip) = $sel(cfg_get.cloud.bindip);
$uac_req(method)="REGISTER";
$uac_req(ruri)="sip:" + $var(rip) + ":" +
$sel(cfg_get.asterisk.bindport);
$uac_req(furi)="sip:" + $au + "@" + $var(rip);
$uac_req(turi)="sip:" + $au + "@" + $var(rip);
$uac_req(hdrs)="Contact: <sip:" + $au + "@"
+
$sel(cfg_get.kamailio.bindip)
+ ":" +
$sel(cfg_get.kamailio.bindport) + ">\r\n";
if($sel(contact.expires) != $null)
$uac_req(hdrs)= $uac_req(hdrs) + "Expires: " +
$sel(contact.expires) + "\r\n";
else
$uac_req(hdrs)= $uac_req(hdrs) + "Expires: " +
$hdr(Expires) + "\r\n";
uac_req_send();
}
I'm sure their is any easier way of doing this alhthough
I'm not sure how. Can anyone point me in the right direction?
Lastly, is there a way to modify the DBURL string on the
fly so based on the domain for example, I coudl query a
different DB for user credentials?
Thanks!