#!/bin/bash # # rtpengine Startup script for NGCP rtpengine # # chkconfig: 345 84 16 # description: NGCP rtpengine # # processname: rtpengine # config: /etc/sysconfig/rtpengine # pidfile: /var/run/rtpengine.pid # ### BEGIN INIT INFO # Provides: rtpengine # Required-Start: $local_fs $network # Short-Description: NGCP rtpengine # Description: NGCP rtpengine ### END INIT INFO # Source function library. . /etc/rc.d/init.d/functions if [ -f /etc/sysconfig/rtpengine ] then . /etc/sysconfig/rtpengine else echo "Error: /etc/sysconfig/mediproxy-ng not present" exit -1 fi rtpengine=/usr/sbin/rtpengine prog=rtpengine pidfile=${PIDFILE-/var/run/rtpengine.pid} lockfile=${LOCKFILE-/var/lock/subsys/rtpengine} cachefile=/var/lib/rtpengine/rtpengine.cfg RETVAL=0 OPTS="--pidfile $pidfile" MODULE=0 IP6=0 build_opts() { shopt -s nocasematch RPMS=`rpm -qa | grep rtpengine-kernel` if [[ "$KERNEL" == "yes" && -n "$TABLE" && -n "$RPMS" ]] then MODULE=1 OPTS+=" --table=$TABLE" else MODULE=0 OPTS+=" --table=-1" fi if [[ "$FALLBACK" != "yes" ]] then OPTS+=" --no-fallback" fi shopt -u nocasematch if [[ -n "$RTP_IP" ]] then for IP in "${RTP_IP[@]}" do OPTS+=" --interface=$IP" done fi if [[ -n "$RTP_ADV_IP" ]] then OPTS+="!$RTP_ADV_IP" fi if [[ -n "$RTP_IP6" ]] then for IP in "${RTP_IP6[@]}" do OPTS+=" --interface=$IP" done IP6=1 fi if [[ -n "$RTP_ADV_IP6" ]] then OPTS+="!$RTP_ADV_IP6" fi if [[ -n "$LISTEN_TCP" ]] then OPTS+=" --listen-tcp=$LISTEN_TCP" fi if [[ -n "$LISTEN_UDP" ]] then OPTS+=" --listen-udp=$LISTEN_UDP" fi if [[ -n "$LISTEN_NG" ]] then OPTS+=" --listen-ng=$LISTEN_NG" fi if [[ -n "$LISTEN_CLI" ]] then OPTS+=" --listen-cli=$LISTEN_CLI" fi if [[ -n "$TOS" ]] then OPTS+=" --tos=$TOS" fi if [[ -n "$TIMEOUT" ]] then OPTS+=" --timeout=$TIMEOUT" fi if [[ -n "$SILENT_TIMEOUT" ]] then OPTS+=" --silent-timeout=$SILENT_TIMEOUT" fi if [[ -n "$PORT_MIN" ]] then OPTS+=" --port-min=$PORT_MIN" fi if [[ -n "$PORT_MAX" ]] then OPTS+=" --port-max=$PORT_MAX" fi if [[ -n "$REDIS" ]] then OPTS+=" --redis=$REDIS" fi if [[ -n "$REDIS_DB" ]] then OPTS+=" --redis-db=$REDIS_DB" fi if [[ -n "$B2B_URL" ]] then OPTS+=" --b2b-url=$B2B_URL" fi if [[ -n "$LOG_LEVEL" ]] then OPTS+=" --log-level=$LOG_LEVEL" fi if [[ -n "$LOG_FACILITY" ]] then OPTS+=" --log-facility=$LOG_FACILITY" fi if [[ -n "$NUM_THREADS" ]] then OPTS+=" --num-threads=$NUM_THREADS" fi if [[ -n "$DELETE_DELAY" ]] then OPTS+=" --delete-delay=$DELETE_DELAY" fi if [[ -n "$GRAPHITE" ]] then OPTS+=" --graphite=$GRAPHITE" fi if [[ -n "$GRAPHITE_INTERVAL" ]] then OPTS+=" --graphite-interval=$GRAPHITE_INTERVAL" fi if [[ -n "$GRAPHITE_PREFIX" ]] then OPTS+=" --graphite-prefix=$GRAPHITE_PREFIX" fi if [[ -n "$LOG_FACILITY_CDR" ]] then OPTS+=" --log-facility-cdr=$LOG_FACILITY_CDR" fi if [[ -n "$LOG_FACILITY_RTCP" ]] then OPTS+=" --log-facility-rtcp=$LOG_FACILITY_RTCP" fi if [[ -n "$MAX_SESSIONS" ]] then OPTS+=" --max-sessions=$MAX_SESSIONS" fi } start() { build_opts if [[ $MODULE == 1 ]] then echo "Loading module for in-kernel packet forwarding" rmmod xt_RTPENGINE 2> /dev/null modprobe xt_RTPENGINE temp=`firewall-cmd --state 2>/dev/null` if [[ $? == 0 ]] then # Using firewalld # Need to check if the INPUT_prefilter chain is present (permanently) firewall-cmd --permanent --direct --query-chain ipv4 filter INPUT_prefilter > /dev/null if [[ $? != 0 ]] then firewall-cmd --permanent --direct --add-chain ipv4 filter INPUT_prefilter firewall-cmd --permanent --direct --passthrough ipv4 -t filter -I INPUT -j INPUT_prefilter firewall-cmd --reload fi firewall-cmd --direct --add-chain ipv4 filter rtpengine firewall-cmd --direct --add-rule ipv4 filter INPUT_prefilter 0 -j rtpengine firewall-cmd --direct --add-rule ipv4 filter rtpengine 0 -p udp -j RTPENGINE --id $TABLE if [[ $IP6 == 1 ]] then firewall-cmd --direct --add-rule ipv6 filter rtpengine 0 -p udp -j RTPENGINE --id $TABLE fi firewall-cmd --reload else iptables -N rtpengine # We insert the rtpengine rule at the top of the input chain iptables -t filter -I INPUT_prefilter -j rtpengine iptables -I rtpengine -p udp -j RTPENGINE --id $TABLE if [[ $IP6 == 1 ]] then ip6tables -I rtpengine -p udp -j RTPENGINE --id $TABLE fi fi cat < "$cachefile" CUR_TABLE=$TABLE CUR_IP6=$IP6 EOF fi echo -n $"Starting $prog: " daemon --pidfile=${pidfile} $rtpengine $OPTS RETVAL=$? echo [ $RETVAL = 0 ] && touch ${lockfile} return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p ${pidfile} $rtpengine RETVAL=$? echo if [ -f "$cachefile" ] then . "$cachefile" echo "Unloading module for in-kernel packet forwarding" echo "del $TABLE" > /proc/rtpengine/control temp=`firewall-cmd --state 2>/dev/null` if [[ $? == 0 ]] then firewall-cmd --direct --remove-rules ipv4 filter rtpengine if [[ $CUR_IP6 == 1 ]] then firewall-cmd --direct --remove-rules ipv6 filter rtpengine fi firewall-cmd --direct --remove-rule ipv4 filter INPUT_prefilter 0 -j rtpengine firewall-cmd --direct --remove-chain ipv4 filter rtpengine firewall-cmd --reload else iptables -D rtpengine -p udp -j RTPENGINE --id $CUR_TABLE if [[ $CUR_IP6 == 1 ]] then ip6tables -D rtpengine -p udp -j RTPENGINE --id $CUR_TABLE fi iptables -t filter -D INPUT -j rtpengine iptables -X rtpengine fi rmmod xt_RTPENGINE rm -f $cachefile fi [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status -p ${pidfile} $rtpengine RETVAL=$? ;; restart) stop start ;; condrestart|try-restart) if status -p ${pidfile} $rtpengine >&/dev/null; then stop start fi ;; *) echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|status}" RETVAL=2 esac exit $RETVAL