mirror of https://github.com/sipwise/kamailio.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
428 lines
10 KiB
428 lines
10 KiB
#
|
|
# $Id$
|
|
#
|
|
# Kamailio basic configuration script
|
|
# by Anca Vamanu <anca@voice-system.ro>
|
|
#
|
|
# Please refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php
|
|
# for a explanation of possible statements, functions and parameters.
|
|
#
|
|
|
|
|
|
####### Global Parameters #########
|
|
|
|
debug=3
|
|
log_stderror=no
|
|
log_facility=LOG_LOCAL0
|
|
|
|
fork=yes
|
|
children=4
|
|
|
|
/* uncomment the following lines to enable debugging */
|
|
#debug=6
|
|
#fork=no
|
|
#log_stderror=yes
|
|
|
|
/* uncomment the next line to disable TCP (default on) */
|
|
#disable_tcp=yes
|
|
|
|
/* uncomment the next line to enable the auto temporary blacklisting of
|
|
not available destinations (default disabled) */
|
|
#disable_dns_blacklist=no
|
|
|
|
/* uncomment the next line to enable IPv6 lookup after IPv4 dns
|
|
lookup failures (default disabled) */
|
|
#dns_try_ipv6=yes
|
|
|
|
/* uncomment the next line to disable the auto discovery of local aliases
|
|
based on revers DNS on IPs (default on) */
|
|
#auto_aliases=no
|
|
|
|
/* uncomment the following lines to enable TLS support (default off) */
|
|
#disable_tls = no
|
|
#listen = tls:your_IP:5061
|
|
#tls_verify_server = 1
|
|
#tls_verify_client = 1
|
|
#tls_require_client_certificate = 0
|
|
#tls_method = TLSv1
|
|
#tls_certificate = "/usr/local/etc/kamailio/tls/user/user-cert.pem"
|
|
#tls_private_key = "/usr/local/etc/kamailio/tls/user/user-privkey.pem"
|
|
#tls_ca_list = "/usr/local/etc/kamailio/tls/user/user-calist.pem"
|
|
|
|
|
|
port=5060
|
|
|
|
/* uncomment and configure the following line if you want kamailio to
|
|
bind on a specific interface/port/proto (default bind on all available) */
|
|
#listen=udp:192.168.1.2:5060
|
|
|
|
|
|
####### Modules Section ########
|
|
|
|
#set module path
|
|
mpath="../../modules_k"
|
|
|
|
/* uncomment next line for MySQL DB support */
|
|
#loadmodule "db_mysql.so"
|
|
loadmodule "../../modules/tm/tm.so"
|
|
loadmodule "sl/sl.so"
|
|
loadmodule "rr/rr.so"
|
|
loadmodule "pv/pv.so"
|
|
loadmodule "maxfwd/maxfwd.so"
|
|
loadmodule "usrloc/usrloc.so"
|
|
loadmodule "registrar/registrar.so"
|
|
loadmodule "textops/textops.so"
|
|
loadmodule "mi_fifo/mi_fifo.so"
|
|
loadmodule "uri_db/uri_db.so"
|
|
loadmodule "siputils/siputils.so"
|
|
loadmodule "xlog/xlog.so"
|
|
loadmodule "acc/acc.so"
|
|
|
|
/* uncomment next lines for MySQL based authentication support
|
|
NOTE: a DB (like db_mysql) module must be also loaded */
|
|
#loadmodule "auth.so"
|
|
#loadmodule "auth_db.so"
|
|
/* uncomment next line for aliases support
|
|
NOTE: a DB (like db_mysql) module must be also loaded */
|
|
#loadmodule "alias_db.so"
|
|
/* uncomment next line for multi-domain support
|
|
NOTE: a DB (like db_mysql) module must be also loaded
|
|
NOTE: be sure and enable multi-domain support in all used modules
|
|
(see "multi-module params" section ) */
|
|
#loadmodule "domain.so"
|
|
/* uncomment the next two lines for presence server support
|
|
NOTE: a DB (like db_mysql) module must be also loaded */
|
|
#loadmodule "presence.so"
|
|
#loadmodule "presence_xml.so"
|
|
|
|
|
|
# ----------------- setting module-specific parameters ---------------
|
|
|
|
|
|
# ----- mi_fifo params -----
|
|
modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
|
|
|
|
|
|
# ----- rr params -----
|
|
# add value to ;lr param to cope with most of the UAs
|
|
modparam("rr", "enable_full_lr", 1)
|
|
# do not append from tag to the RR (no need for this script)
|
|
modparam("rr", "append_fromtag", 0)
|
|
|
|
|
|
# ----- rr params -----
|
|
modparam("registrar", "method_filtering", 1)
|
|
/* uncomment the next line to disable parallel forking via location */
|
|
# modparam("registrar", "append_branches", 0)
|
|
/* uncomment the next line not to allow more than 10 contacts per AOR */
|
|
#modparam("registrar", "max_contacts", 10)
|
|
|
|
|
|
# ----- uri_db params -----
|
|
/* by default we disable the DB support in the module as we do not need it
|
|
in this configuration */
|
|
modparam("uri_db", "use_uri_table", 0)
|
|
modparam("uri_db", "db_url", "")
|
|
|
|
|
|
# ----- acc params -----
|
|
/* what sepcial events should be accounted ? */
|
|
modparam("acc", "early_media", 1)
|
|
modparam("acc", "report_ack", 1)
|
|
modparam("acc", "report_cancels", 1)
|
|
/* by default ww do not adjust the direct of the sequential requests.
|
|
if you enable this parameter, be sure the enable "append_fromtag"
|
|
in "rr" module */
|
|
modparam("acc", "detect_direction", 0)
|
|
/* account triggers (flags) */
|
|
modparam("acc", "failed_transaction_flag", 3)
|
|
modparam("acc", "log_flag", 1)
|
|
modparam("acc", "log_missed_flag", 2)
|
|
/* uncomment the following lines to enable DB accounting also */
|
|
modparam("acc", "db_flag", 1)
|
|
modparam("acc", "db_missed_flag", 2)
|
|
|
|
|
|
# ----- usrloc params -----
|
|
modparam("usrloc", "db_mode", 0)
|
|
/* uncomment the following lines if you want to enable DB persistency
|
|
for location entries */
|
|
#modparam("usrloc", "db_mode", 2)
|
|
#modparam("usrloc", "db_url",
|
|
# "mysql://kamailio:kamailiorw@192.168.1.3/kamailio_1_3")
|
|
|
|
|
|
# ----- auth_db params -----
|
|
/* uncomment the following lines if you want to enable the DB based
|
|
authentication */
|
|
#modparam("auth_db", "calculate_ha1", yes)
|
|
#modparam("auth_db", "password_column", "password")
|
|
#modparam("auth_db", "db_url",
|
|
# "mysql://kamailio:kamailiorw@192.168.1.3/kamailio_1_3")
|
|
#modparam("auth_db", "load_credentials", "")
|
|
|
|
|
|
# ----- alias_db params -----
|
|
/* uncomment the following lines if you want to enable the DB based
|
|
aliases */
|
|
#modparam("alias_db", "db_url",
|
|
# "mysql://kamailio:kamailiorw@192.168.1.3/kamailio_1_3")
|
|
|
|
|
|
# ----- domain params -----
|
|
/* uncomment the following lines to enable multi-domain detection
|
|
support */
|
|
#modparam("domain", "db_url",
|
|
# "mysql://kamailio:kamailiorw@192.168.1.3/kamailio_1_3")
|
|
#modparam("domain", "db_mode", 1) # Use caching
|
|
|
|
|
|
# ----- multi-module params -----
|
|
/* uncomment the following line if you want to enable multi-domain support
|
|
in the modules (dafault off) */
|
|
#modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)
|
|
|
|
|
|
# ----- presence params -----
|
|
/* uncomment the following lines if you want to enable presence */
|
|
#modparam("presence|presence_xml", "db_url",
|
|
# "mysql://kamailio:kamailiorw@192.168.1.3/kamailio_1_3")
|
|
#modparam("presence_xml", "force_active", 1)
|
|
#modparam("presence", "server_address", "sip:192.168.1.2:5060")
|
|
|
|
|
|
####### Routing Logic ########
|
|
|
|
|
|
# main request routing logic
|
|
|
|
route{
|
|
|
|
if (!mf_process_maxfwd_header("10")) {
|
|
sl_send_reply("483","Too Many Hops");
|
|
exit;
|
|
}
|
|
|
|
if (has_totag()) {
|
|
# sequential request withing a dialog should
|
|
# take the path determined by record-routing
|
|
if (loose_route()) {
|
|
if (is_method("BYE")) {
|
|
setflag(1); # do accouting ...
|
|
setflag(3); # ... even if the transaction fails
|
|
}
|
|
route(1);
|
|
} else {
|
|
/* uncomment the following lines if you want to enable presence */
|
|
##if (is_method("SUBSCRIBE") && $rd == "your.server.ip.address") {
|
|
## # in-dialog subscribe requests
|
|
## route(2);
|
|
## exit;
|
|
##}
|
|
if ( is_method("ACK") ) {
|
|
if ( t_check_trans() ) {
|
|
# non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server
|
|
t_relay();
|
|
exit;
|
|
} else {
|
|
# ACK without matching transaction ... ignore and discard.\n");
|
|
exit;
|
|
}
|
|
}
|
|
sl_send_reply("404","Not here");
|
|
}
|
|
exit;
|
|
}
|
|
|
|
#initial requests
|
|
|
|
# CANCEL processing
|
|
if (is_method("CANCEL"))
|
|
{
|
|
if (t_check_trans())
|
|
t_relay();
|
|
exit;
|
|
}
|
|
|
|
t_check_trans();
|
|
|
|
# authenticate if from local subscriber (uncomment to enable auth)
|
|
##if (!(method=="REGISTER") && from_uri==myself)
|
|
##{
|
|
## if (!proxy_authorize("", "subscriber")) {
|
|
## proxy_challenge("", "0");
|
|
## exit;
|
|
## }
|
|
## if (!check_from()) {
|
|
## sl_send_reply("403","Forbidden auth ID");
|
|
## exit;
|
|
## }
|
|
##
|
|
## consume_credentials();
|
|
## # caller authenticated
|
|
##}
|
|
|
|
# record routing
|
|
if (!is_method("REGISTER|MESSAGE"))
|
|
record_route();
|
|
|
|
# account only INVITEs
|
|
if (is_method("INVITE")) {
|
|
setflag(1); # do accouting
|
|
}
|
|
if (!uri==myself)
|
|
/* replace with following line if multi-domain support is used */
|
|
##if (!is_uri_host_local())
|
|
{
|
|
append_hf("P-hint: outbound\r\n");
|
|
# if you have some interdomain connections via TLS
|
|
##if($rd=="tls_domain1.net") {
|
|
## t_relay("tls:domain1.net");
|
|
## exit;
|
|
##} else if($rd=="tls_domain2.net") {
|
|
## t_relay("tls:domain2.net");
|
|
## exit;
|
|
##}
|
|
route(1);
|
|
}
|
|
|
|
# requests for my domain
|
|
|
|
/* uncomment this if you want to enable presence server
|
|
and comment the next 'if' block
|
|
NOTE: uncomment also the definition of route[2] from below */
|
|
##if( is_method("PUBLISH|SUBSCRIBE"))
|
|
## route(2);
|
|
|
|
if (is_method("PUBLISH"))
|
|
{
|
|
sl_send_reply("503", "Service Unavailable");
|
|
exit;
|
|
}
|
|
|
|
|
|
if (is_method("REGISTER"))
|
|
{
|
|
# authenticate the REGISTER requests (uncomment to enable auth)
|
|
##if (!www_authorize("", "subscriber"))
|
|
##{
|
|
## www_challenge("", "0");
|
|
## exit;
|
|
##}
|
|
##
|
|
##if (!check_to())
|
|
##{
|
|
## sl_send_reply("403","Forbidden auth ID");
|
|
## exit;
|
|
##}
|
|
|
|
if (!save("location"))
|
|
sl_reply_error();
|
|
|
|
exit;
|
|
}
|
|
|
|
if ($rU==NULL) {
|
|
# request with no Username in RURI
|
|
sl_send_reply("484","Address Incomplete");
|
|
exit;
|
|
}
|
|
|
|
# apply DB based aliases (uncomment to enable)
|
|
##alias_db_lookup("dbaliases");
|
|
|
|
if (!lookup("location")) {
|
|
switch ($retcode) {
|
|
case -1:
|
|
case -3:
|
|
t_newtran();
|
|
t_reply("404", "Not Found");
|
|
exit;
|
|
case -2:
|
|
sl_send_reply("405", "Method Not Allowed");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
# when routing via usrloc, log the missed calls also
|
|
setflag(2);
|
|
|
|
route(1);
|
|
}
|
|
|
|
|
|
route[1] {
|
|
# for INVITEs enable some additional helper routes
|
|
if (is_method("INVITE")) {
|
|
t_on_branch("2");
|
|
t_on_reply("2");
|
|
t_on_failure("1");
|
|
}
|
|
|
|
if (!t_relay()) {
|
|
sl_reply_error();
|
|
};
|
|
exit;
|
|
}
|
|
|
|
|
|
# Presence route
|
|
/* uncomment the whole following route for enabling presence
|
|
NOTE: do not forget to enable the call of this route from the main
|
|
route */
|
|
##route[2]
|
|
##{
|
|
## if (!t_newtran())
|
|
## {
|
|
## sl_reply_error();
|
|
## exit;
|
|
## };
|
|
##
|
|
## if(is_method("PUBLISH"))
|
|
## {
|
|
## handle_publish();
|
|
## t_release();
|
|
## }
|
|
## else
|
|
## if( is_method("SUBSCRIBE"))
|
|
## {
|
|
## handle_subscribe();
|
|
## t_release();
|
|
## }
|
|
##
|
|
## exit;
|
|
##}
|
|
|
|
|
|
branch_route[2] {
|
|
xlog("new branch at $ru\n");
|
|
}
|
|
|
|
|
|
onreply_route[2] {
|
|
xlog("incoming reply\n");
|
|
}
|
|
|
|
|
|
failure_route[1] {
|
|
if (t_was_cancelled()) {
|
|
exit;
|
|
}
|
|
|
|
# uncomment the following lines if you want to block client
|
|
# redirect based on 3xx replies.
|
|
##if (t_check_status("3[0-9][0-9]")) {
|
|
##t_reply("404","Not found");
|
|
## exit;
|
|
##}
|
|
|
|
# uncomment the following lines if you want to redirect the failed
|
|
# calls to a different new destination
|
|
##if (t_check_status("486|408")) {
|
|
## sethostport("192.168.2.100:5060");
|
|
## append_branch();
|
|
## # do not set the missed call flag again
|
|
## t_relay();
|
|
##}
|
|
}
|