diff -r 255a25bcf7b0 -r 8f552d1cd671 opensips/opensips.cfg --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/opensips/opensips.cfg Wed Sep 21 14:02:13 2011 +0200 @@ -0,0 +1,198 @@ +## +## opensips.cfg -- OpenSIPS server configuration +## + +# +# GLOBAL CONFIGURATION PARAMETERS +# + +# process configuration +debug=1 +log_stderror=no +fork=yes +check_via=no +dns=no +rev_dns=no +children=4 +user="@l_rusr@" +group="@l_rgrp@" +fifo="@l_prefix@/var/opensips/opensips.fifo" +workdir="@l_prefix@/var/opensips" + +# network configuration +alias="sip.example.com" +listen="127.0.0.1" +port=5060 + +# +# EXTENSION MODULE LOADING +# + +#loadmodule "@l_prefix@/lib/opensips/modules/dbtext.so" + +loadmodule "@l_prefix@/lib/opensips/modules/sl.so" +loadmodule "@l_prefix@/lib/opensips/modules/tm.so" +loadmodule "@l_prefix@/lib/opensips/modules/rr.so" +loadmodule "@l_prefix@/lib/opensips/modules/maxfwd.so" +loadmodule "@l_prefix@/lib/opensips/modules/usrloc.so" +loadmodule "@l_prefix@/lib/opensips/modules/registrar.so" +loadmodule "@l_prefix@/lib/opensips/modules/textops.so" + +#loadmodule "@l_prefix@/lib/opensips/modules/auth.so" +#loadmodule "@l_prefix@/lib/opensips/modules/auth_db.so" + +#loadmodule "@l_prefix@/lib/opensips/modules/nathelper.so" + +# +# EXTENSION MODULE CONFIGURATION +# + +# module rr: +modparam("rr", "enable_full_lr", 1) + +# module usrloc: +modparam("usrloc", "db_mode", 0) +#modparam("usrloc", "db_mode", 2) +#modparam("usrloc|auth_db", "db_url", "dbtext://@l_prefix@/var/opensips/db") + +# module auth: +#modparam("auth_db", "calculate_ha1", 1) +#modparam("auth_db", "password_column", "password") +#modparam("auth_db", "user_column", "username") +#modparam("auth_db", "domain_column", "domain") + +# module nathelper: +#modparam("registrar", "nat_flag", 6) +#modparam("nathelper", "natping_interval", 30) +#modparam("nathelper", "ping_nated_only", 1) +#modparam("nathelper", "rtpproxy_sock", "unix:@l_prefix@/var/opensips/opensips_rtpproxy.sock") +#modparam("nathelper", "rtpproxy_disable", 0) +#modparam("nathelper", "rtpproxy_disable_tout", 20) +#modparam("nathelper", "sipping_from", "sip:pinger@sip.example.com") + +# +# MAIN ROUTING LOGIC +# + +route{ + # initial sanity checks -- messages with + # max_forwards==0, or excessively long requests + if (!mf_process_maxfwd_header("10")) { + sl_send_reply("483", "Too Many Hops"); + exit; + }; + if (msg:len >= max_len) { + sl_send_reply("513", "Message too big"); + exit; + }; + + #if (method == "INVITE" && uri != myself) { + # sl_send_reply("403", "No relaying"); + # exit; + #}; + + # NAT: special handling for NAT'ed clients; first, NAT test is + # executed: it looks for via!=received and RFC1918 addresses in + # Contact (may fail if line-folding is used); also, the received + # test should, if completed, should check all vias for presence of + # received. + #if (nat_uac_test("3")) { + # # allow RR-ed requests, as these may indicate that NAT-enabled + # # aproxy takes care of it; unless it is REGISTER + # if (method == "REGISTER" || ! search("^Record-Route:")) { + # log("LOG: Someone trying to register from private IP, rewriting\n"); + # fix_nated_contact(); # rewrite contact with source IP of signalling + # if (method == "INVITE") { + # fix_nated_sdp("1"); # add direction=active to SDP + # }; + # force_rport(); # add rport parameter to topmost Via + # setflag(6); # mark as NAT'ed + # }; + #}; + + # we record-route all messages -- to make sure that + # subsequent messages will go through our proxy; that's + # particularly good if upstream and downstream entities + # use different transport protocol + if (method != "REGISTER") { + record_route(); + }; + + # subsequent messages withing a dialog should take the + # path determined by record-routing + if (loose_route()) { + # mark routing logic in request + append_hf("P-hint: rr-enforced\r\n"); + route(1); + }; + + if (uri != myself) { + # mark routing logic in request + append_hf("P-hint: outbound\r\n"); + route(1); + }; + + # if the request is for other domain use USRLOC + # (in case, it does not work, use the following command + # with proper names and addresses in it) + if (uri == myself) { + if (method == "REGISTER") { + # uncomment this if you want to use digest authentication + #if (!www_authorize("sip.example.com", "subscriber")) { + # www_challenge("sip.example.com", "0"); + # exit; + #}; + save("location"); + exit; + }; + + lookup("aliases"); + if (uri != myself) { + append_hf("P-hint: outbound alias\r\n"); + route(1); + }; + + # native SIP destinations are handled using our USRLOC DB + if (!lookup("location")) { + sl_send_reply("404", "Not Found"); + exit; + }; + append_hf("P-hint: usrloc applied\r\n"); + }; + + route(1); +} + +route[1] { + # disable RFC1918 peers + if (uri =~ "[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")) { + sl_send_reply("479", "We don't forward to RFC 1918 IPv4 addresses"); + exit; + }; + + # NAT: if client or server know to be behind a NAT, enable relay + #if (isflagset(6)) { + # force_rtp_proxy(); + #}; + + # NAT: processing of replies; apply to all transactions + #t_on_reply("1"); + + # send it out now; use stateful forwarding as it works reliably even for UDP2TCP + if (!t_relay()) { + sl_reply_error(); + }; +} + +#onreply_route[1] { + # NAT: is it a NAT'ed transaction ? + # otherwise, is it a transaction behind a NAT and we did not + # know at time of request processing ? (RFC1918 contacts) + #if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { + # fix_nated_contact(); + # force_rtp_proxy(); + #} else if (nat_uac_test("1")) { + # fix_nated_contact(); + #}; +#} +