3 Feb
2014
3 Feb
'14
12:36 p.m.
hello all. this is my kamailio conf: http://pastebin.com/jGCak01E when I
try to register any sip device. it looks like. device -> ext IP kamailio ->
int IP kamailio -> asterisk. so I trying to nat something to lan. but on
asterisk I see that register, it answer 401, than register again and it
again answer 401. but on my sip device I see register and than kamailio
answer 200 !! why ???
1. #!KAMAILIO
2. #
3. # Kamailio (OpenSER) SIP Server v4.1 - default configuration script
4. # - web: http://www.kamailio.org
5. # - git: http://sip-router.org
6. #
7. # Direct your questions about this file to: <
sr-users(a)lists.sip-router.org>
8. #
9. # Refer to the Core CookBook at http://www.kamailio.org/wiki/
10. # for an explanation of possible statements, functions and
parameters.
11. #
12. # Several features can be enabled using '#!define WITH_FEATURE'
directives:
13. #
14. # *** To run in debug mode:
15. # - define WITH_DEBUG
16. #
17. # *** To enable mysql:
18. # - define WITH_MYSQL
19. #
20. # *** To enable authentication execute:
21. # - enable mysql
22. # - define WITH_AUTH
23. # - add users using 'kamctl'
24. #
25. # *** To enable IP authentication execute:
26. # - enable mysql
27. # - enable authentication
28. # - define WITH_IPAUTH
29. # - add IP addresses with group id '1' to 'address' table
30. #
31. # *** To enable persistent user location execute:
32. # - enable mysql
33. # - define WITH_USRLOCDB
34. #
35. # *** To enable presence server execute:
36. # - enable mysql
37. # - define WITH_PRESENCE
38. #
39. # *** To enable nat traversal execute:
40. # - define WITH_NAT
41. # - install RTPProxy: http://www.rtpproxy.org
42. # - start RTPProxy:
43. # rtpproxy -l _your_public_ip_ -s udp:localhost:7722
44. #
45. # *** To enable PSTN gateway routing execute:
46. # - define WITH_PSTN
47. # - set the value of pstn.gw_ip
48. # - check route[PSTN] for regexp routing condition
49. #
50. # *** To enable database aliases lookup execute:
51. # - enable mysql
52. # - define WITH_ALIASDB
53. #
54. # *** To enable speed dial lookup execute:
55. # - enable mysql
56. # - define WITH_SPEEDDIAL
57. #
58. # *** To enable multi-domain support execute:
59. # - enable mysql
60. # - define WITH_MULTIDOMAIN
61. #
62. # *** To enable TLS support execute:
63. # - adjust CFGDIR/tls.cfg as needed
64. # - define WITH_TLS
65. #
66. # *** To enable XMLRPC support execute:
67. # - define WITH_XMLRPC
68. # - adjust route[XMLRPC] for access policy
69. #
70. # *** To enable anti-flood detection execute:
71. # - adjust pike and htable=>ipban settings as needed (default is
72. # block if more than 16 requests in 2 seconds and ban for 300
seconds)
73. # - define WITH_ANTIFLOOD
74. #
75. # *** To block 3XX redirect replies execute:
76. # - define WITH_BLOCK3XX
77. #
78. # *** To enable VoiceMail routing execute:
79. # - define WITH_VOICEMAIL
80. # - set the value of voicemail.srv_ip
81. # - adjust the value of voicemail.srv_port
82. #
83. # *** To enhance accounting execute:
84. # - enable mysql
85. # - define WITH_ACCDB
86. # - add following columns to database
87. #!ifdef ACCDB_COMMENT
88. ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT
'';
89. ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL
DEFAULT '';
90. ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
91. ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT
'';
92. ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT
'';
93. ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL
DEFAULT '';
94. ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL
DEFAULT '';
95. ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT
NULL DEFAULT '';
96. ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL
default '';
97. ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL
DEFAULT '';
98. ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL
DEFAULT '';
99. ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT
NULL DEFAULT '';
100. #!endif
101.
102. # #!define WITH_MYSQL
103. # #!define WITH_AUTH
104. # #!define WITH_USRLOCDB
105. #!define WITH_NAT
106. #!define WITH_ASTERISK
107. # #!define WITH_DEBUG
108.
109. ####### Include Local Config If Exists #########
110. import_file "kamailio-local.cfg"
111.
112. ####### Defined Values #########
113.
114. # *** Value defines - IDs used later in config
115. #!ifdef WITH_MYSQL
116. # - database URL - used to connect to database server by modules
such
117. # as: auth_db, acc, usrloc, a.s.o.
118. #!ifndef DBURL
119. #!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio"
120. #!endif
121. #!endif
122. #!ifdef WITH_MULTIDOMAIN
123. # - the value for 'use_domain' parameters
124. #!define MULTIDOMAIN 1
125. #!else
126. #!define MULTIDOMAIN 0
127. #!endif
128.
129. # - flags
130. # FLT_ - per transaction (message) flags
131. # FLB_ - per branch flags
132. #!define FLT_ACC 1
133. #!define FLT_ACCMISSED 2
134. #!define FLT_ACCFAILED 3
135. #!define FLT_NATS 5
136.
137. #!define FLB_NATB 6
138. #!define FLB_NATSIPPING 7
139.
140. ####### Global Parameters #########
141.
142. ### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
143. #!ifdef WITH_DEBUG
144. debug=4
145. log_stderror=yes
146. #!else
147. debug=3
148. log_stderror=no
149. #!endif
150.
151. memdbg=5
152. memlog=5
153.
154. log_facility=LOG_LOCAL0
155.
156. fork=yes
157. children=4
158.
159. /* uncomment the next line to disable TCP (default on) */
160. #disable_tcp=yes
161.
162. /* uncomment the next line to disable the auto discovery of local
aliases
163. based on reverse DNS on IPs (default on) */
164. #auto_aliases=no
165.
166. /* add local domain aliases */
167. #alias="sip.mydomain.com"
168.
169. /* uncomment and configure the following line if you want Kamailio
to
170. bind on a specific interface/port/proto (default bind on all
available) */
171.
172. #listen=udp:50.0.0.1:5060 advertise 194.190.8.171:5060
173. listen=udp:194.190.8.171:5060 advertise 50.0.0.1:5060
174.
175. /* port to listen to
176. * - can be specified more than once if needed to listen on many
ports */
177. port=5060
178.
179. mhomed=1
180.
181. #!ifdef WITH_TLS
182. enable_tls=yes
183. #!endif
184.
185. # life time of TCP connection when there is no traffic
186. # - a bit higher than registration expires to cope with UA behind
NAT
187. tcp_connection_lifetime=3605
188.
189. ####### Custom Parameters #########
190.
191. # These parameters can be modified runtime via RPC interface
192. # - see the documentation of 'cfg_rpc' module.
193. #
194. # Format: group.id = value 'desc' description
195. # Access: $sel(cfg_get.group.id) or @cfg_get.group.id
196. #
197.
198. #!ifdef WITH_PSTN
199. # PSTN GW Routing
200. #
201. # - pstn.gw_ip: valid IP or hostname as string value, example:
202. # pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
203. #
204. # - by default is empty to avoid misrouting
205. #pstn.gw_ip = "" desc "PSTN GW Address"
206. #pstn.gw_port = "" desc "PSTN GW Port"
207. #!endif
208.
209. #!ifdef WITH_VOICEMAIL
210. # VoiceMail Routing on offline, busy or no answer
211. #
212. # - by default Voicemail server IP is empty to avoid misrouting
213. #voicemail.srv_ip = "" desc "VoiceMail IP Address"
214. #voicemail.srv_port = "5060" desc "VoiceMail Port"
215. #!endif
216.
217. #!ifdef WITH_ASTERISK
218. asterisk.bindip = "50.0.0.10" desc "Asterisk IP Address"
219. asterisk.bindport = "5060" desc "Asterisk Port"
220. kamailio.bindip = "50.0.0.1" desc "Kamailio IP Address"
221. kamailio.bindport = "5060" desc "Kamailio Port"
222. #!endif
223.
224. ####### Modules Section ########
225.
226. # set paths to location of modules (to sources or installation
folders)
227. #!ifdef WITH_SRCPATH
228. mpath="modules/"
229. #!else
230. mpath="/usr/lib64/kamailio/modules/"
231. #!endif
232.
233. #!ifdef WITH_MYSQL
234. loadmodule "db_mysql.so"
235. #!endif
236.
237. loadmodule "mi_fifo.so"
238. loadmodule "kex.so"
239. loadmodule "tm.so"
240. loadmodule "tmx.so"
241. loadmodule "sl.so"
242. loadmodule "rr.so"
243. loadmodule "pv.so"
244. loadmodule "maxfwd.so"
245. loadmodule "usrloc.so"
246. loadmodule "registrar.so"
247. loadmodule "textops.so"
248. loadmodule "siputils.so"
249. loadmodule "xlog.so"
250. loadmodule "sanity.so"
251. loadmodule "ctl.so"
252. loadmodule "cfg_rpc.so"
253. loadmodule "mi_rpc.so"
254. loadmodule "acc.so"
255.
256. #!ifdef WITH_AUTH
257. loadmodule "auth.so"
258. loadmodule "auth_db.so"
259. #!ifdef WITH_IPAUTH
260. loadmodule "permissions.so"
261. #!endif
262. #!endif
263.
264. #!ifdef WITH_ALIASDB
265. loadmodule "alias_db.so"
266. #!endif
267.
268. #!ifdef WITH_SPEEDDIAL
269. loadmodule "speeddial.so"
270. #!endif
271.
272. #!ifdef WITH_MULTIDOMAIN
273. loadmodule "domain.so"
274. #!endif
275.
276. #!ifdef WITH_PRESENCE
277. loadmodule "presence.so"
278. loadmodule "presence_xml.so"
279. #!endif
280.
281. #!ifdef WITH_NAT
282. loadmodule "nathelper.so"
283. loadmodule "rtpproxy.so"
284. #!endif
285.
286. #!ifdef WITH_TLS
287. loadmodule "tls.so"
288. #!endif
289.
290. #!ifdef WITH_ANTIFLOOD
291. loadmodule "htable.so"
292. loadmodule "pike.so"
293. #!endif
294.
295. #!ifdef WITH_XMLRPC
296. loadmodule "xmlrpc.so"
297. #!endif
298.
299. #!ifdef WITH_DEBUG
300. loadmodule "debugger.so"
301. #!endif
302.
303. #!ifdef WITH_ASTERISK
304. loadmodule "uac.so"
305. #!endif
306.
307.
308. #loadmodule "topoh.so"
309. #modparam("topoh", "mask_key", "balalayka")
310. #modparam("topoh", "mask_ip", "50.0.0.1")
311.
312. # ----------------- setting module-specific parameters
---------------
313.
314.
315. # ----- mi_fifo params -----
316. modparam("mi_fifo", "fifo_name",
"/tmp/kamailio_fifo")
317.
318.
319. # ----- tm params -----
320. # auto-discard branches from previous serial forking leg
321. modparam("tm", "failure_reply_mode", 3)
322. # default retransmission timeout: 30sec
323. modparam("tm", "fr_timer", 30000)
324. # default invite retransmission timeout after 1xx: 120sec
325. modparam("tm", "fr_inv_timer", 120000)
326.
327.
328. # ----- rr params -----
329. # add value to ;lr param to cope with most of the UAs
330. modparam("rr", "enable_full_lr", 1)
331. # do not append from tag to the RR (no need for this script)
332. #!ifdef WITH_ASTERISK
333. modparam("rr", "append_fromtag", 1)
334. #!else
335. modparam("rr", "append_fromtag", 0)
336. #!endif
337.
338.
339. # ----- registrar params -----
340. modparam("registrar", "method_filtering", 1)
341. /* uncomment the next line to disable parallel forking via location
*/
342. # modparam("registrar", "append_branches", 0)
343. /* uncomment the next line not to allow more than 10 contacts per
AOR */
344. #modparam("registrar", "max_contacts", 10)
345. # max value for expires of registrations
346. modparam("registrar", "max_expires", 3600)
347. # set it to 1 to enable GRUU
348. modparam("registrar", "gruu_enabled", 0)
349.
350.
351. # ----- acc params -----
352. /* what special events should be accounted ? */
353. modparam("acc", "early_media", 0)
354. modparam("acc", "report_ack", 0)
355. modparam("acc", "report_cancels", 0)
356. /* by default ww do not adjust the direct of the sequential
requests.
357. if you enable this parameter, be sure the enable "append_fromtag"
358. in "rr" module */
359. modparam("acc", "detect_direction", 0)
360. /* account triggers (flags) */
361. modparam("acc", "log_flag", FLT_ACC)
362. modparam("acc", "log_missed_flag", FLT_ACCMISSED)
363. modparam("acc", "log_extra",
364. "src_user=$fU;src_domain=$fd;src_ip=$si;"
365. "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
366. modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
367. /* enhanced DB accounting */
368. #!ifdef WITH_ACCDB
369. modparam("acc", "db_flag", FLT_ACC)
370. modparam("acc", "db_missed_flag", FLT_ACCMISSED)
371. modparam("acc", "db_url", DBURL)
372. modparam("acc", "db_extra",
373. "src_user=$fU;src_domain=$fd;src_ip=$si;"
374. "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
375. #!endif
376.
377.
378. # ----- usrloc params -----
379. /* enable DB persistency for location entries */
380. #!ifdef WITH_USRLOCDB
381. modparam("usrloc", "db_url", DBURL)
382. modparam("usrloc", "db_mode", 2)
383. modparam("usrloc", "use_domain", MULTIDOMAIN)
384. #!endif
385.
386.
387. # ----- auth_db params -----
388. #!ifdef WITH_AUTH
389. modparam("auth_db", "db_url", DBURL)
390. modparam("auth_db", "calculate_ha1", yes)
391. modparam("auth_db", "password_column", "password")
392. modparam("auth_db", "load_credentials", "")
393. modparam("auth_db", "use_domain", MULTIDOMAIN)
394.
395. # ----- permissions params -----
396. #!ifdef WITH_IPAUTH
397. modparam("permissions", "db_url", DBURL)
398. modparam("permissions", "db_mode", 1)
399. #!endif
400.
401. #!endif
402.
403.
404. # ----- alias_db params -----
405. #!ifdef WITH_ALIASDB
406. modparam("alias_db", "db_url", DBURL)
407. modparam("alias_db", "use_domain", MULTIDOMAIN)
408. #!endif
409.
410.
411. # ----- speeddial params -----
412. #!ifdef WITH_SPEEDDIAL
413. modparam("speeddial", "db_url", DBURL)
414. modparam("speeddial", "use_domain", MULTIDOMAIN)
415. #!endif
416.
417.
418. # ----- domain params -----
419. #!ifdef WITH_MULTIDOMAIN
420. modparam("domain", "db_url", DBURL)
421. # register callback to match myself condition with domains list
422. modparam("domain", "register_myself", 1)
423. #!endif
424.
425.
426. #!ifdef WITH_PRESENCE
427. # ----- presence params -----
428. modparam("presence", "db_url", DBURL)
429.
430. # ----- presence_xml params -----
431. modparam("presence_xml", "db_url", DBURL)
432. modparam("presence_xml", "force_active", 1)
433. #!endif
434.
435.
436. #!ifdef WITH_NAT
437. # ----- rtpproxy params -----
438. modparam("rtpproxy", "rtpproxy_sock",
"udp:127.0.0.1:7722")
439.
440. # ----- nathelper params -----
441. modparam("nathelper", "natping_interval", 30)
442. modparam("nathelper", "ping_nated_only", 1)
443. modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
444. modparam("nathelper", "sipping_from",
"sip:pinger@kamaz")
445.
446. # params needed for NAT traversal in other modules
447. modparam("nathelper|registrar", "received_avp",
"$avp(RECEIVED)")
448. modparam("usrloc", "nat_bflag", FLB_NATB)
449. #!endif
450.
451.
452. #!ifdef WITH_TLS
453. # ----- tls params -----
454. modparam("tls", "config", "//etc/kamailio/tls.cfg")
455. #!endif
456.
457. #!ifdef WITH_ANTIFLOOD
458. # ----- pike params -----
459. modparam("pike", "sampling_time_unit", 2)
460. modparam("pike", "reqs_density_per_unit", 16)
461. modparam("pike", "remove_latency", 4)
462.
463. # ----- htable params -----
464. # ip ban htable with autoexpire after 5 minutes
465. modparam("htable", "htable",
"ipban=>size=8;autoexpire=300;")
466. #!endif
467.
468. #!ifdef WITH_XMLRPC
469. # ----- xmlrpc params -----
470. modparam("xmlrpc", "route", "XMLRPC");
471. modparam("xmlrpc", "url_match", "^/RPC")
472. #!endif
473.
474. #!ifdef WITH_DEBUG
475. # ----- debugger params -----
476. modparam("debugger", "cfgtrace", 1)
477. #!endif
478.
479. ####### Routing Logic ########
480.
481.
482. # Main SIP request routing logic
483. # - processing of any incoming SIP request starts with this route
484. # - note: this is the same as route { ... }
485. request_route {
486.
487. # per request initial checks
488. route(REQINIT);
489.
490. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) Main Route
before ---NAT---\n");
491. route(DEBUG);
492. # NAT detection
493. route(NATDETECT);
494.
495. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) in
Route[NATDETECT] fix_nat-register\n");
496. route(DEBUG);
497.
498. # CANCEL processing
499. if (is_method("CANCEL"))
500. {
501. if (t_check_trans()) {
502. route(RELAY);
503. }
504. exit;
505. }
506.
507. route(DEBUG);
508.
509. # handle requests within SIP dialogs
510. route(WITHINDLG);
511.
512. route(DEBUG);
513.
514. ### only initial requests (no To tag)
515.
516. t_check_trans();
517.
518. route(DEBUG);
519.
520. # authentication
521. route(AUTH);
522.
523. route(DEBUG);
524.
525. # record routing for dialog forming requests (in case they
are routed)
526. # - remove preloaded route headers
527. remove_hf("Route");
528. if (is_method("INVITE|SUBSCRIBE"))
529. record_route();
530.
531. # account only INVITEs
532. if (is_method("INVITE"))
533. {
534. setflag(FLT_ACC); # do accounting
535. }
536.
537. # dispatch requests to foreign domains
538. route(SIPOUT);
539.
540. ### requests for my local domains
541.
542. # handle presence related requests
543. route(PRESENCE);
544.
545. route(DEBUG);
546.
547. # handle registrations
548. route(REGISTRAR);
549.
550. route(DEBUG);
551.
552. if ($rU==$null)
553. {
554. # request with no Username in RURI
555. sl_send_reply("484","Address Incomplete");
556. exit;
557. }
558.
559. # dispatch destinations to PSTN
560. # route(PSTN);
561.
562. route(DEBUG);
563.
564. # user location service
565. route(LOCATION);
566.
567. route(DEBUG);
568.
569. route(RELAY);
570.
571. }
572.
573.
574. route[RELAY] {
575.
576. # enable additional event routes for forwarded requests
577. # - serial forking, RTP relaying handling, a.s.o.
578. if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
579. if(!t_is_set("branch_route"))
t_on_branch("MANAGE_BRANCH");
580. }
581. if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
582. if(!t_is_set("onreply_route"))
t_on_reply("MANAGE_REPLY");
583. }
584. if (is_method("INVITE")) {
585. if(!t_is_set("failure_route"))
t_on_failure("MANAGE_FAILURE");
586. }
587.
588. if (!t_relay()) {
589. sl_reply_error();
590. }
591. exit;
592. }
593.
594. # Per SIP request initial checks
595. route[REQINIT] {
596. #!ifdef WITH_ANTIFLOOD
597. # flood dection from same IP and traffic ban for a while
598. # be sure you exclude checking trusted peers, such as pstn
gateways
599. # - local host excluded (e.g., loop to self)
600. if(src_ip!=myself)
601. {
602. if($sht(ipban=>$si)!=$null)
603. {
604. # ip is already blocked
605. xdbg("request from blocked IP - $rm from
$fu (IP:$si:$sp)\n");
606. exit;
607. }
608. if (!pike_check_req())
609. {
610. xlog("L_ALERT","ALERT: pike blocking $rm
from $fu (IP:$si:$sp)\n");
611. $sht(ipban=>$si) = 1;
612. exit;
613. }
614. }
615. #!endif
616.
617. if (!mf_process_maxfwd_header("10")) {
618. sl_send_reply("483","Too Many Hops");
619. exit;
620. }
621.
622. if(!sanity_check("1511", "7"))
623. {
624. xlog("Malformed SIP message from $si:$sp\n");
625. exit;
626. }
627. }
628.
629. # Handle requests within SIP dialogs
630. route[WITHINDLG] {
631. if (has_totag()) {
632. # sequential request withing a dialog should
633. # take the path determined by record-routing
634. if (loose_route()) {
635. route(DLGURI);
636. if (is_method("BYE")) {
637. setflag(FLT_ACC); # do accounting
...
638. setflag(FLT_ACCFAILED); # ... even
if the transaction fails
639. }
640. else if ( is_method("ACK") ) {
641. # ACK is forwarded statelessy
642. route(NATMANAGE);
643. }
644. else if ( is_method("NOTIFY") ) {
645. # Add Record-Route for in-dialog
NOTIFY as per RFC 6665.
646. record_route();
647. }
648. route(RELAY);
649. } else {
650. if (is_method("SUBSCRIBE") && uri ==
myself) {
651. # in-dialog subscribe requests
652. route(PRESENCE);
653. exit;
654. }
655. if ( is_method("ACK") ) {
656. if ( t_check_trans() ) {
657. # no loose-route, but
stateful ACK;
658. # must be an ACK after a 487
659. # or e.g. 404 from upstream
server
660. route(RELAY);
661. exit;
662. } else {
663. # ACK without matching
transaction ... ignore and discard
664. exit;
665. }
666. }
667. sl_send_reply("404","Not here");
668. }
669. exit;
670. }
671. }
672.
673. # Handle SIP registrations
674. route[REGISTRAR] {
675. if (is_method("REGISTER"))
676. {
677. if(isflagset(FLT_NATS))
678. {
679. setbflag(FLB_NATB);
680. # uncomment next line to do SIP NAT pinging
681. setbflag(FLB_NATSIPPING);
682. }
683. if (!save("location"))
684. sl_reply_error();
685.
686.
687. #!ifdef WITH_ASTERISK
688. route(REGFWD);
689. #!endif
690.
691. exit;
692. }
693. }
694.
695.
696. #!ifdef WITH_ASTERISK
697. # Test if coming from Asterisk
698. route[FROMASTERISK] {
699. if($si==$sel(cfg_get.asterisk.bindip) &&
$sp==$sel(cfg_get.asterisk.bindport)) return 1;
700. return -1;
701. }
702.
703.
704. # Send to Asterisk
705. route[TOASTERISK] {
706. $du = "sip:" + $sel(cfg_get.asterisk.bindip) + ":" +
$sel(cfg_get.asterisk.bindport);
707. xlog("L_INFO","[$fU@$si:$sp]{$rm} From Outside World to
Asterisk Box $du\n");
708. route(RELAY);
709. exit;
710. }
711.
712. # Forward REGISTER to Asterisk
713. route[REGFWD] {
714. if(!is_method("REGISTER"))
715. {
716. return;
717. }
718.
719. xlog("[$mi] PRINT AU: $au PRINT fU: $fU Received SIP
Message (method: $rm) ($ml bytes) to $Ri:$Rp from $si:$sp:\n$mb\n");
720.
721. t_relay_to_udp("50.0.0.10", "5060");
722.
723. xlog("[$mi] PRINT AU: $au PRINT fU: $fU Sended SIP Message
(method: $rm) ($ml bytes) to $Ri:$Rp from $si:$sp:\n$mb\n");
724.
725. }
726. #!endif
727.
728. # USER location service
729. route[LOCATION] {
730.
731. #!ifdef WITH_SPEEDDIAL
732. # search for short dialing - 2-digit extension
733. if($rU=~"^[0-9][0-9]$")
734. if(sd_lookup("speed_dial"))
735. route(SIPOUT);
736. #!endif
737.
738. #!ifdef WITH_ALIASDB
739. # search in DB-based aliases
740. if(alias_db_lookup("dbaliases"))
741. route(SIPOUT);
742. #!endif
743.
744. #!ifdef WITH_ASTERISK
745. if(is_method("INVITE") && (!route(FROMASTERISK))) {
746. # if new call from out there - send to Asterisk
747. # - non-INVITE request are routed directly by
Kamailio
748. # - traffic from Asterisk is routed also directy by
Kamailio
749. route(TOASTERISK);
750. exit;
751. }
752. #!endif
753.
754. $avp(oexten) = $rU;
755. if (!lookup("location")) {
756. $var(rc) = $rc;
757. route(TOVOICEMAIL);
758. t_newtran();
759. switch ($var(rc)) {
760. case -1:
761. case -3:
762. send_reply("404", "Not
Found");
763. exit;
764. case -2:
765. send_reply("405", "Method Not
Allowed");
766. exit;
767. }
768. }
769.
770. # when routing via usrloc, log the missed calls also
771. if (is_method("INVITE"))
772. {
773. setflag(FLT_ACCMISSED);
774. }
775.
776. route(RELAY);
777. exit;
778. }
779.
780. # Presence server route
781. route[PRESENCE] {
782. if(!is_method("PUBLISH|SUBSCRIBE"))
783. return;
784.
785. if(is_method("SUBSCRIBE") &&
$hdr(Event)=="message-summary") {
786. route(TOVOICEMAIL);
787. # returns here if no voicemail server is configured
788. sl_send_reply("404", "No voicemail service");
789. exit;
790. }
791.
792. #!ifdef WITH_PRESENCE
793. if (!t_newtran())
794. {
795. sl_reply_error();
796. exit;
797. }
798.
799. if(is_method("PUBLISH"))
800. {
801. handle_publish();
802. t_release();
803. } else if(is_method("SUBSCRIBE")) {
804. handle_subscribe();
805. t_release();
806. }
807. exit;
808. #!endif
809.
810. # if presence enabled, this part will not be executed
811. if (is_method("PUBLISH") || $rU==$null)
812. {
813. sl_send_reply("404", "Not here");
814. exit;
815. }
816. return;
817. }
818.
819. # Authentication route
820. route[AUTH] {
821.
822. #!ifdef WITH_ASTERISK
823. # do not auth traffic from Asterisk - trusted!
824. if(route(FROMASTERISK))
825. return;
826. #!endif
827.
828.
829. #!ifdef WITH_AUTH
830.
831. #!ifdef WITH_IPAUTH
832. if((!is_method("REGISTER")) && allow_source_address())
833. {
834. # source IP allowed
835. return;
836. }
837. #!endif
838.
839. if (is_method("REGISTER") || from_uri==myself)
840. {
841. # authenticate requests
842. if (!auth_check("$fd", "subscriber",
"1")) {
843. auth_challenge("$fd", "0");
844. exit;
845. }
846. # user authenticated - remove auth header
847. if(!is_method("REGISTER|PUBLISH"))
848. consume_credentials();
849. }
850. # if caller is not local subscriber, then check if it calls
851. # a local destination, otherwise deny, not an open relay
here
852. if (from_uri!=myself && uri!=myself)
853. {
854. sl_send_reply("403","Not relaying");
855. exit;
856. }
857.
858. #!endif
859. return;
860. }
861.
862. # Caller NAT detection route
863. route[NATDETECT] {
864. #!ifdef WITH_NAT
865. force_rport();
866. if (nat_uac_test("19")) {
867. if (is_method("REGISTER")) {
868. fix_nated_register();
869. } else {
870. if(is_first_hop())
871. set_contact_alias();
872. }
873. setflag(FLT_NATS);
874.
875. }
876. #!endif
877. return;
878. }
879.
880. # RTPProxy control
881. route[NATMANAGE] {
882. #!ifdef WITH_NAT
883. if (is_request()) {
884. if(has_totag()) {
885. if(check_route_param("nat=yes")) {
886. setbflag(FLB_NATB);
887. }
888. }
889. }
890. if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
891. return;
892.
893. rtpproxy_manage();
894.
895. if (is_request()) {
896. if (!has_totag()) {
897. if(t_is_branch_route()) {
898. add_rr_param(";nat=yes");
899. }
900. }
901. }
902. if (is_reply()) {
903. if(isbflagset(FLB_NATB)) {
904. if(is_first_hop())
905. set_contact_alias();
906. }
907.
908. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) in
route[NATMANAGE] RTPproxy with EI Flags\n");
909.
910. }
911. #!endif
912. return;
913. }
914.
915. # URI update for dialog requests
916. route[DLGURI] {
917. #!ifdef WITH_NAT
918. if(!isdsturiset()) {
919. handle_ruri_alias();
920.
921. xlog("L_NOTICE","$rm from $fu (IP:$si:$sp) in
route[DLGURI]
RTPproxy with EI Flags\n");
922.
923. }
924. #!endif
925. return;
926. }
927.
928. # Routing to foreign domains
929. route[SIPOUT] {
930. if (!uri==myself)
931. {
932. append_hf("P-hint: outbound\r\n");
933. route(RELAY);
934. }
935. }
936.
937. # PSTN GW routing
938. route[PSTN] {
939. #!ifdef WITH_PSTN
940. # check if PSTN GW IP is defined
941. if (strempty($sel(cfg_get.pstn.gw_ip))) {
942. xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip
not defined\n");
943. return;
944. }
945.
946. # route to PSTN dialed numbers starting with '+' or '00'
947. # (international format)
948. # - update the condition to match your dialing rules for
PSTN routing
949. if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))
950. return;
951.
952. # only local users allowed to call
953. if(from_uri!=myself) {
954. sl_send_reply("403", "Not Allowed");
955. exit;
956. }
957.
958. if (strempty($sel(cfg_get.pstn.gw_port))) {
959. $ru = "sip:" + $rU + "@" +
$sel(cfg_get.pstn.gw_ip);
960. } else {
961. $ru = "sip:" + $rU + "@" +
$sel(cfg_get.pstn.gw_ip)
+ ":"
962. +
$sel(cfg_get.pstn.gw_port);
963. }
964.
965. route(RELAY);
966. exit;
967. #!endif
968.
969. return;
970. }
971.
972. # XMLRPC routing
973. #!ifdef WITH_XMLRPC
974. route[XMLRPC] {
975. # allow XMLRPC from localhost
976. if ((method=="POST" || method=="GET")
977. && (src_ip==127.0.0.1)) {
978. # close connection only for xmlrpclib user agents
(there is a bug in
979. # xmlrpclib: it waits for EOF before interpreting
the response).
980. if ($hdr(User-Agent) =~ "xmlrpclib")
981. set_reply_close();
982. set_reply_no_connect();
983. dispatch_rpc();
984. exit;
985. }
986. send_reply("403", "Forbidden");
987. exit;
988. }
989. #!endif
990.
991. # route to voicemail server
992. route[TOVOICEMAIL] {
993. #!ifdef WITH_VOICEMAIL
994. if(!is_method("INVITE|SUBSCRIBE"))
995. return;
996.
997. # check if VoiceMail server IP is defined
998. if (strempty($sel(cfg_get.voicemail.srv_ip))) {
999. xlog("SCRIPT: VoiceMail rotuing enabled but IP not
defined\n");
1000. return;
1001. }
1002. if(is_method("INVITE")) {
1003. if($avp(oexten)==$null)
1004. return;
1005. $ru = "sip:" + $avp(oexten) + "@" +
$sel(cfg_get.voicemail.srv_ip)
1006. + ":" +
$sel(cfg_get.voicemail.srv_port);
1007. } else {
1008. if($rU==$null)
1009. return;
1010. $ru = "sip:" + $rU + "@" +
$sel(cfg_get.voicemail.srv_ip)
1011. + ":" +
$sel(cfg_get.voicemail.srv_port);
1012. }
1013. route(RELAY);
1014. exit;
1015. #!endif
1016.
1017. return;
1018. }
1019.
1020. # manage outgoing branches
1021. branch_route[MANAGE_BRANCH] {
1022. xdbg("new branch [$T_branch_idx] to $ru\n");
1023. route(NATMANAGE);
1024. }
1025.
1026. # manage incoming replies
1027. onreply_route[MANAGE_REPLY] {
1028. xdbg("incoming reply\n");
1029. if(status=~"[12][0-9][0-9]")
1030. route(NATMANAGE);
1031. }
1032.
1033. # manage failure routing cases
1034. failure_route[MANAGE_FAILURE] {
1035. route(NATMANAGE);
1036.
1037. if (t_is_canceled()) {
1038. exit;
1039. }
1040.
1041. #!ifdef WITH_BLOCK3XX
1042. # block call redirect based on 3xx replies.
1043. if (t_check_status("3[0-9][0-9]")) {
1044. t_reply("404","Not found");
1045. exit;
1046. }
1047. #!endif
1048.
1049. #!ifdef WITH_VOICEMAIL
1050. # serial forking
1051. # - route to voicemail on busy or no answer (timeout)
1052. if (t_check_status("486|408")) {
1053. $du = $null;
1054. route(TOVOICEMAIL);
1055. exit;
1056. }
1057. #!endif
1058. }
1059.
1060.
1061. route[DEBUG] {
1062. if (method==("PUBLISH|SUBSCRIBE|REGISTER|OPTIONS")) {
1063. return;
1064. }
1065. xlog("[$mi] Received SIP Message (method: $rm) ($ml bytes)
to $Ri:$Rp from $si:$sp:\n$mb\n");
1066. }
--
С уважением, Александр Васин.
8 926 1437200
icq: 9906064
3945
days inactive
3945
days old
0 comments
1 participants
participants (1)
-
*sm1Ly