Oliver Smith | d9f3d34 | 2018-09-26 16:29:00 +0200 | [diff] [blame] | 1 | #!KAMAILIO |
| 2 | |
| 3 | #!define WITH_DEBUG |
| 4 | #!define WITH_PSTN |
| 5 | |
| 6 | ####### Defined Values ######### |
| 7 | |
| 8 | # - flags |
| 9 | # FLT_ - per transaction (message) flags |
| 10 | # FLB_ - per branch flags |
| 11 | #!define FLT_ACC 1 |
| 12 | #!define FLT_ACCMISSED 2 |
| 13 | #!define FLT_ACCFAILED 3 |
| 14 | #!define FLT_NATS 5 |
| 15 | #!define FLB_NATB 6 |
| 16 | #!define FLB_NATSIPPING 7 |
| 17 | |
| 18 | ####### Global Parameters ######### |
| 19 | |
| 20 | ### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR |
| 21 | #!ifdef WITH_DEBUG |
| 22 | debug=2 |
| 23 | log_stderror=yes |
| 24 | #!else |
| 25 | debug=2 |
| 26 | log_stderror=no |
| 27 | #!endif |
| 28 | |
| 29 | memdbg=5 |
| 30 | memlog=5 |
| 31 | |
| 32 | log_facility=LOG_LOCAL0 |
| 33 | rundir="${NET_DIR}/kamailio_rundir" |
| 34 | |
| 35 | fork=yes |
| 36 | children=4 |
| 37 | |
| 38 | /* uncomment the next line to disable TCP (default on) */ |
| 39 | disable_tcp=yes |
| 40 | |
| 41 | /* uncomment the next line to disable the auto discovery of local aliases |
| 42 | based on reverse DNS on IPs (default on) */ |
| 43 | auto_aliases=no |
| 44 | |
| 45 | /* add local domain aliases */ |
| 46 | #alias="sip.mydomain.com" |
| 47 | |
| 48 | /* uncomment and configure the following line if you want Kamailio to |
| 49 | bind on a specific interface/port/proto (default bind on all available) */ |
| 50 | listen=${SIPCON_REMOTE}:${SIPCON_REMOTE_PORT} |
| 51 | |
| 52 | /* port to listen to |
| 53 | * - can be specified more than once if needed to listen on many ports */ |
| 54 | port=${SIPCON_REMOTE_PORT} |
| 55 | |
| 56 | # life time of TCP connection when there is no traffic |
| 57 | # - a bit higher than registration expires to cope with UA behind NAT |
| 58 | tcp_connection_lifetime=3605 |
| 59 | |
| 60 | ####### Custom Parameters ######### |
| 61 | |
| 62 | # These parameters can be modified runtime via RPC interface |
| 63 | # - see the documentation of 'cfg_rpc' module. |
| 64 | # |
| 65 | # Format: group.id = value 'desc' description |
| 66 | # Access: $sel(cfg_get.group.id) or @cfg_get.group.id |
| 67 | # |
| 68 | |
| 69 | #!ifdef WITH_PSTN |
| 70 | # PSTN GW Routing |
| 71 | # |
| 72 | # - pstn.gw_ip: valid IP or hostname as string value, example: |
| 73 | # pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" |
| 74 | # |
| 75 | # - by default is empty to avoid misrouting |
| 76 | pstn.gw_ip = "${SIPCON_LOCAL}:${SIPCON_LOCAL_PORT}" desc "osmo-sip-connector Address" |
| 77 | #!endif |
| 78 | |
| 79 | |
| 80 | ####### Modules Section ######## |
| 81 | |
| 82 | # set paths to location of modules (to sources or installation folders) |
| 83 | #!ifdef WITH_SRCPATH |
| 84 | mpath="modules" |
| 85 | #!else |
| 86 | mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/" |
| 87 | #!endif |
| 88 | |
| 89 | # loadmodule "mi_fifo.so" |
| 90 | loadmodule "kex.so" |
| 91 | loadmodule "corex.so" |
| 92 | loadmodule "tm.so" |
| 93 | loadmodule "tmx.so" |
| 94 | loadmodule "sl.so" |
| 95 | loadmodule "rr.so" |
| 96 | loadmodule "pv.so" |
| 97 | loadmodule "maxfwd.so" |
| 98 | loadmodule "usrloc.so" |
| 99 | loadmodule "registrar.so" |
| 100 | loadmodule "textops.so" |
| 101 | loadmodule "siputils.so" |
| 102 | loadmodule "xlog.so" |
| 103 | loadmodule "sanity.so" |
| 104 | # loadmodule "ctl.so" |
| 105 | loadmodule "cfg_rpc.so" |
| 106 | loadmodule "mi_rpc.so" |
| 107 | loadmodule "acc.so" |
| 108 | |
| 109 | #!ifdef WITH_NAT |
| 110 | loadmodule "nathelper.so" |
| 111 | loadmodule "rtpproxy.so" |
| 112 | #!endif |
| 113 | |
| 114 | #!ifdef WITH_DEBUG |
| 115 | loadmodule "debugger.so" |
| 116 | #!endif |
| 117 | |
| 118 | # ----------------- setting module-specific parameters --------------- |
| 119 | |
| 120 | # ----- mi_fifo params ----- |
| 121 | #modparam("mi_fifo", "fifo_name", "/var/run/kamailio/kamailio_fifo") |
| 122 | |
| 123 | # ----- ctl params ----- |
| 124 | #modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl") |
| 125 | |
| 126 | # ----- tm params ----- |
| 127 | # auto-discard branches from previous serial forking leg |
| 128 | modparam("tm", "failure_reply_mode", 3) |
| 129 | # default retransmission timeout: 30sec |
| 130 | modparam("tm", "fr_timer", 30000) |
| 131 | # default invite retransmission timeout after 1xx: 120sec |
| 132 | modparam("tm", "fr_inv_timer", 120000) |
| 133 | |
| 134 | # ----- rr params ----- |
| 135 | # add value to ;lr param to cope with most of the UAs |
| 136 | modparam("rr", "enable_full_lr", 1) |
| 137 | # do not append from tag to the RR (no need for this script) |
| 138 | modparam("rr", "append_fromtag", 0) |
| 139 | |
| 140 | # ----- registrar params ----- |
| 141 | modparam("registrar", "method_filtering", 1) |
| 142 | /* uncomment the next line to disable parallel forking via location */ |
| 143 | # modparam("registrar", "append_branches", 0) |
| 144 | /* uncomment the next line not to allow more than 10 contacts per AOR */ |
| 145 | #modparam("registrar", "max_contacts", 10) |
| 146 | # max value for expires of registrations |
| 147 | modparam("registrar", "max_expires", 3600) |
| 148 | # set it to 1 to enable GRUU |
| 149 | modparam("registrar", "gruu_enabled", 0) |
| 150 | |
| 151 | # ----- acc params ----- |
| 152 | /* what special events should be accounted ? */ |
| 153 | modparam("acc", "early_media", 0) |
| 154 | modparam("acc", "report_ack", 0) |
| 155 | modparam("acc", "report_cancels", 0) |
| 156 | /* by default ww do not adjust the direct of the sequential requests. |
| 157 | if you enable this parameter, be sure the enable "append_fromtag" |
| 158 | in "rr" module */ |
| 159 | modparam("acc", "detect_direction", 0) |
| 160 | /* account triggers (flags) */ |
| 161 | modparam("acc", "log_flag", FLT_ACC) |
| 162 | modparam("acc", "log_missed_flag", FLT_ACCMISSED) |
| 163 | modparam("acc", "log_extra", |
| 164 | "src_user=$fU;src_domain=$fd;src_ip=$si;" |
| 165 | "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") |
| 166 | modparam("acc", "failed_transaction_flag", FLT_ACCFAILED) |
| 167 | |
| 168 | |
| 169 | #!ifdef WITH_NAT |
| 170 | # ----- rtpproxy params ----- |
| 171 | modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722") |
| 172 | |
| 173 | # ----- nathelper params ----- |
| 174 | modparam("nathelper", "natping_interval", 30) |
| 175 | modparam("nathelper", "ping_nated_only", 1) |
| 176 | modparam("nathelper", "sipping_bflag", FLB_NATSIPPING) |
| 177 | modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org") |
| 178 | |
| 179 | # params needed for NAT traversal in other modules |
| 180 | modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") |
| 181 | modparam("usrloc", "nat_bflag", FLB_NATB) |
| 182 | #!endif |
| 183 | |
| 184 | |
| 185 | #!ifdef WITH_DEBUG |
| 186 | # ----- debugger params ----- |
| 187 | modparam("debugger", "cfgtrace", 0) |
| 188 | #!endif |
| 189 | |
| 190 | ####### Routing Logic ######## |
| 191 | |
| 192 | |
| 193 | # Main SIP request routing logic |
| 194 | # - processing of any incoming SIP request starts with this route |
| 195 | # - note: this is the same as route { ... } |
| 196 | request_route { |
| 197 | |
| 198 | xlog("GOT SIP $rm from $fu: $ru\n"); |
| 199 | # per request initial checks |
| 200 | route(REQINIT); |
| 201 | |
| 202 | # CANCEL processing |
| 203 | if (is_method("CANCEL")) { |
| 204 | if (t_check_trans()) { |
| 205 | route(RELAY); |
| 206 | } |
| 207 | exit; |
| 208 | } |
| 209 | # handle requests within SIP dialogs |
| 210 | route(WITHINDLG); |
| 211 | |
| 212 | ### only initial requests (no To tag) |
| 213 | |
| 214 | # handle retransmissions |
| 215 | if(t_precheck_trans()) { |
| 216 | t_check_trans(); |
| 217 | exit; |
| 218 | } |
| 219 | t_check_trans(); |
| 220 | |
| 221 | if ("600" == $rU) { |
| 222 | route(ECHO); |
| 223 | } |
| 224 | |
| 225 | if ("500" == $rU) { |
| 226 | route(TEST); |
| 227 | } |
| 228 | |
| 229 | route(PSTN); |
| 230 | } |
| 231 | |
| 232 | |
| 233 | route[RELAY] { |
| 234 | # enable additional event routes for forwarded requests |
| 235 | # - serial forking, RTP relaying handling, a.s.o. |
| 236 | if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { |
| 237 | if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH"); |
| 238 | } |
| 239 | if (is_method("INVITE|SUBSCRIBE|UPDATE")) { |
| 240 | if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY"); |
| 241 | } |
| 242 | if (is_method("INVITE")) { |
| 243 | if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE"); |
| 244 | } |
| 245 | |
| 246 | if (!t_relay()) { |
| 247 | sl_reply_error(); |
| 248 | } |
| 249 | exit; |
| 250 | } |
| 251 | |
| 252 | # Per SIP request initial checks |
| 253 | route[REQINIT] { |
| 254 | #!ifdef WITH_ANTIFLOOD |
| 255 | # flood dection from same IP and traffic ban for a while |
| 256 | # be sure you exclude checking trusted peers, such as pstn gateways |
| 257 | # - local host excluded (e.g., loop to self) |
| 258 | if(src_ip!=myself) { |
| 259 | if($sht(ipban=>$si)!=$null) { |
| 260 | # ip is already blocked |
| 261 | xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n"); |
| 262 | exit; |
| 263 | } |
| 264 | if (!pike_check_req()) { |
| 265 | xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n"); |
| 266 | $sht(ipban=>$si) = 1; |
| 267 | exit; |
| 268 | } |
| 269 | } |
| 270 | #!endif |
| 271 | |
| 272 | if (!mf_process_maxfwd_header("2")) { |
| 273 | sl_send_reply("483","Too Many Hops"); |
| 274 | exit; |
| 275 | } |
| 276 | |
| 277 | if(is_method("OPTIONS") && uri==myself && $rU==$null) { |
| 278 | sl_send_reply("200","Keepalive"); |
| 279 | exit; |
| 280 | } |
| 281 | |
| 282 | if(!sanity_check("1511", "7")) { |
| 283 | xlog("Malformed SIP message from $si:$sp\n"); |
| 284 | exit; |
| 285 | } |
| 286 | } |
| 287 | |
| 288 | # Handle requests within SIP dialogs |
| 289 | route[WITHINDLG] { |
| 290 | if (!has_totag()) return; |
| 291 | |
| 292 | # sequential request withing a dialog should |
| 293 | # take the path determined by record-routing |
| 294 | if (loose_route()) { |
| 295 | if (is_method("BYE")) { |
| 296 | setflag(FLT_ACC); # do accounting ... |
| 297 | setflag(FLT_ACCFAILED); # ... even if the transaction fails |
| 298 | } |
| 299 | else if ( is_method("ACK") ) { |
| 300 | # ACK is forwarded statelessy |
| 301 | route(NATMANAGE); |
| 302 | } |
| 303 | else if ( is_method("NOTIFY") ) { |
| 304 | # Add Record-Route for in-dialog NOTIFY as per RFC 6665. |
| 305 | record_route(); |
| 306 | } |
| 307 | route(RELAY); |
| 308 | exit; |
| 309 | } |
| 310 | if ( is_method("ACK") ) { |
| 311 | if ( t_check_trans() ) { |
| 312 | # no loose-route, but stateful ACK; |
| 313 | # must be an ACK after a 487 |
| 314 | # or e.g. 404 from upstream server |
| 315 | route(RELAY); |
| 316 | exit; |
| 317 | } else { |
| 318 | # ACK without matching transaction ... ignore and discard |
| 319 | exit; |
| 320 | } |
| 321 | } |
| 322 | sl_send_reply("404", "Not here"); |
| 323 | exit; |
| 324 | } |
| 325 | |
| 326 | # RTPProxy control |
| 327 | route[NATMANAGE] { |
| 328 | #!ifdef WITH_NAT |
| 329 | if (is_request()) { |
| 330 | if(has_totag()) { |
| 331 | if(check_route_param("nat=yes")) { |
| 332 | setbflag(FLB_NATB); |
| 333 | } |
| 334 | } |
| 335 | } |
| 336 | if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) |
| 337 | return; |
| 338 | |
| 339 | rtpproxy_manage("co"); |
| 340 | |
| 341 | if (is_request()) { |
| 342 | if (!has_totag()) { |
| 343 | if(t_is_branch_route()) { |
| 344 | add_rr_param(";nat=yes"); |
| 345 | } |
| 346 | } |
| 347 | } |
| 348 | if (is_reply()) { |
| 349 | if(isbflagset(FLB_NATB)) { |
| 350 | set_contact_alias(); |
| 351 | } |
| 352 | } |
| 353 | #!endif |
| 354 | return; |
| 355 | } |
| 356 | |
| 357 | # PSTN GW routing |
| 358 | route[PSTN] { |
| 359 | #!ifdef WITH_PSTN |
| 360 | # check if PSTN GW IP is defined |
| 361 | if (strempty($sel(cfg_get.pstn.gw_ip))) { |
| 362 | xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n"); |
| 363 | return; |
| 364 | } |
| 365 | |
| 366 | # route to PSTN dialed numbers starting with '+' or '00' |
| 367 | # (international format) |
| 368 | # - update the condition to match your dialing rules for PSTN routing |
| 369 | #if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$")) |
| 370 | # return; |
| 371 | |
| 372 | # only local users allowed to call |
| 373 | #if(from_uri!=myself) { |
| 374 | # sl_send_reply("403", "Not Allowed"); |
| 375 | # exit; |
| 376 | #} |
| 377 | |
| 378 | $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip); |
| 379 | |
| 380 | route(RELAY); |
| 381 | exit; |
| 382 | #!endif |
| 383 | |
| 384 | return; |
| 385 | } |
| 386 | |
| 387 | route[ECHO] { |
| 388 | $ru = "sip:echo@iptel.org"; |
| 389 | route(RELAY); |
| 390 | exit; |
| 391 | } |
| 392 | |
| 393 | route[TEST] { |
| 394 | $ru = "sip:music@iptel.org"; |
| 395 | route(RELAY); |
| 396 | exit; |
| 397 | } |
| 398 | |
| 399 | # Manage outgoing branches |
| 400 | branch_route[MANAGE_BRANCH] { |
| 401 | xdbg("new branch [$T_branch_idx] to $ru\n"); |
| 402 | route(NATMANAGE); |
| 403 | } |
| 404 | |
| 405 | # Manage incoming replies |
| 406 | onreply_route[MANAGE_REPLY] { |
| 407 | xdbg("incoming reply\n"); |
| 408 | if(status=~"[12][0-9][0-9]") |
| 409 | route(NATMANAGE); |
| 410 | } |
| 411 | |
| 412 | # Manage failure routing cases |
| 413 | failure_route[MANAGE_FAILURE] { |
| 414 | route(NATMANAGE); |
| 415 | |
| 416 | if (t_is_canceled()) { |
| 417 | exit; |
| 418 | } |
| 419 | } |