# # $Id: opensips.cfg 5503 2009-12-9 12:10 max robert muehlbronner $ # # by Max M. # # Please refer to the Core CookBook at: # http://www.opensips.org/index.php?n=Resources.DocsCookbooks # for a explanation of possible statements, functions and parameters. # ####### Global Parameters ######### debug=3 log_stderror=no log_facility=LOG_LOCAL7 fork=yes children=4 /* uncomment the next line to disable TCP (default on) */ #disable_tcp=yes #disable_dns_blacklist=no #dns_try_ipv6=yes #auto_aliases=no port=5060 /* uncomment and configure the following line if you want opensips to bind on a specific interface/port/proto (default bind on all available) */ listen=udp:62.133.33.33:5060 ####### Modules Section ######## #set module path mpath="//lib/opensips/modules/" loadmodule "db_mysql.so" loadmodule "signaling.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" #B2BUA Module loadmodule "b2b_entities.so" loadmodule "b2b_logic.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "mi_fifo.so" #loadmodule "uri_db.so" #migration 1.6 loadmodule "uri.so" loadmodule "xlog.so" loadmodule "acc.so" loadmodule "auth.so" loadmodule "auth_db.so" loadmodule "alias_db.so" loadmodule "domain.so" loadmodule "presence.so" loadmodule "presence_xml.so" loadmodule "pua.so" loadmodule "pua_usrloc.so" loadmodule "pua_mi.so" loadmodule "drouting.so" loadmodule "avpops.so" loadmodule "dialplan.so" loadmodule "permissions.so" loadmodule "group.so" loadmodule "siptrace.so" loadmodule "dialog.so" loadmodule "sst.so" loadmodule "nathelper.so" #needed for uac operations loadmodule "uac.so" # ----------------- setting module-specific parameters --------------- modparam("dialog", "dlg_flag", 13) modparam("dialog", "db_mode", 1) modparam("dialog", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") modparam("dialog", "timeout_avp", "$avp(i:4242)") modparam("dialog", "bye_on_timeout_flag", 14) ##### modparam("sst", "sst_flag", 6) modparam("sst", "timeout_avp", "$avp(i:4242)") #modparam("sst", "min_se", 2400) # Must be >= 90 modparam("sst", "min_se", 1800) # Must be >= 90 # minimum = 1800 (1799 = ERR 422 value too small) ##### #### B2BUA ############################################################### #The functionality is obvious from the name and what this service does is #to hide the network topology from the parties that establish a dialog. #To achieve this, the B2BUA poses itself in the middle and established dialogs with both parties. #Then all it will do next will be to translate a receipt request or reply into the dialog from the other side and forward it to the peer entity. ########################################################################## modparam("b2b_entities", "server_address", "sip:sa@62.133.33.33:5060") #modparam("b2b_logic", "script_scenario", "/home/anca/work/opensips/modules/b2b_logic/scenario_script.xml") #modparam("b2b_logic", "extern_scenario", "/home/anca/work/opensips/modules/b2b_logic/scenario_extern.xml") #modparam("b2b_entities", "script_req_route", "b2b_request") #modparam("b2b_entities", "script_reply_route", "b2b_reply") # ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") modparam("mi_fifo", "fifo_mode", 0666) # ----- rr params ----- # add value to ;lr param to cope with most of the UAs modparam("rr", "enable_full_lr", 1) # do not append from tag to the RR (no need for this script) #modparam("rr", "append_fromtag", 0) ###needed for uac module modparam("rr", "append_fromtag", 1) # ----- registrar params ----- #migration 1.6 #modparam("registrar", "method_filtering", 1) /* uncomment the next line to disable parallel forking via location */ # modparam("registrar", "append_branches", 0) /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10) # ----- usrloc params ----- modparam("usrloc", "db_mode", 0) /* uncomment the following lines if you want to enable DB persistency for location entries */ modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") # ----- uri_db params ----- /* by default we disable the DB support in the module as we do not need it in this configuration */ #modparam("uri_db", "use_uri_table", 0) modparam("uri", "use_uri_table", 0) #migration 1.6 (uri_radius uri_db merged with uri module) #modparam("uri_db", "db_url", "") # ----- acc params ----- /* what sepcial events should be accounted ? */ modparam("acc", "early_media", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) /* by default ww do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) /* account triggers (flags) */ modparam("acc", "failed_transaction_flag", 3) #modparam("acc", "log_flag", 1) #modparam("acc", "log_missed_flag", 2) /* uncomment the following lines to enable DB accounting also */ modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2) modparam("acc", "db_extra", "caller_id=$fU; callee_id=$rU; leg_type=$avp(s:legtype)") modparam("acc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") #$var(a) = 2; # sets the value of variable 'a' to integer '2' #$var(a) = "2"; # sets the value of variable 'a' to string '2' #$var(a) = 3 + (7&(~2)); # arithemetic and bitwise operation #$var(a) = "sip:" + $au + "@" + $fd; # compose a value from authentication username and From URI # using a script variable for tests #if( [ $var(a) & 4 ] ) { # xlog("var a has third bit set\n"); #} # ----- auth_db params ----- /* uncomment the following lines if you want to enable the DB based authentication */ modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") # ----- alias_db params ----- /* uncomment the following lines if you want to enable the DB based aliases */ #modparam("alias_db", "db_url", # "mysql://opensips:opensipsrw@localhost/opensips16") # ----- domain params ----- /* uncomment the following lines to enable multi-domain detection support */ modparam("domain", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") modparam("domain", "db_mode", 1) # Use caching # ----- multi-module params ----- /* uncomment the following line if you want to enable multi-domain support in the modules (default off) */ #modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1) modparam("auth_db|usrloc|uri_db", "use_domain", 1) # ----- presence params ----- /* uncomment the following lines if you want to enable presence */ modparam("presence|presence_xml", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") modparam("presence_xml", "force_active", 1) modparam("presence", "server_address", "sip:192.168.1.2:5060") # ----- permission params ----- #modparam("permissions","db_mode", 1) #modparam("permissions","trusted_table", "trusted") modparam("permissions","db_url", "mysql://opensips:opensipsrw@localhost/opensips16") # ----- drouting params ----- #migration 1.6 #modparam("drouting", "sort_order", 0) modparam("drouting", "use_domain", 0) modparam("drouting","db_url", "mysql://opensips:opensipsrw@localhost/opensips16") # ----- tm params ----- modparam("tm", "fr_timer", 4) modparam("tm", "fr_inv_timer", 35) modparam("tm", "onreply_avp_mode", 1) #### neded for B2BUA modparam("tm", "pass_provisional_replies", 1) #### ####################################### # Calculate Time for Call Setup # define "tmp" as alias for "i:17" avp_aliases="tmp=i:17" ####################################### #------ avpops params ----- modparam("avpops", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") modparam("avpops", "avp_table", "usr_preferences") #------ load the dpid field to a pseudo-variable $avp(s:dpid) ------ modparam("auth_db", "load_credentials", "$avp(s:rpid)=rpid ;$avp(s:dpid)= dpid") # rpid/dpid aus der DB holen modparam("dialplan", "db_url","mysql://opensips:opensipsrw@localhost/opensips16") ## attribute of the matched line will be store in the $avp(s:dest) modparam("dialplan", "attrs_pvar", "$avp(s:dest)") # -- pua and pua_usrloc parameters -- modparam("pua", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") modparam("pua_usrloc", "default_domain", "62.133.33.33") modparam("usrloc","nat_bflag",6) # Nathelper Parameters modparam("registrar","received_avp", "$avp(i:42)") modparam("nathelper","received_avp", "$avp(i:42)") modparam("nathelper","rtpproxy_sock", "udp:127.0.0.1:7890") modparam("nathelper","force_socket", "udp:127.0.0.1:7890") modparam("nathelper","natping_interval", 30) modparam("nathelper","ping_nated_only", 1) modparam("nathelper","sipping_bflag", 7) modparam("nathelper","sipping_from", "sip:pinger@62.133.33.33") # SIPTrace Parameters modparam("siptrace", "db_url", "mysql://opensips:opensipsrw@localhost/opensips16") modparam("siptrace", "trace_flag", 22) modparam("siptrace", "traced_user_avp", "$avp(s:traceuser)") ####### Routing Logic ######## # main request routing logic route{ if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } $avp(tmp) = $Ts ; # store the current time (at request processing) ## NAT Detection #force_rport() : it rewrites the ip port (the private ip port of the device sent with it's #contact info is replaced with the ip port of the public address of that #related client) force_rport(); if (nat_uac_test("18")){ ### #nat_uac_test: Tries to guess if client's request originated behind a nat. The parameter determines what heuristics is used. #Meaning of the flags is as follows: ### # 1 - Contact header field is searched for occurrence of RFC1918 addresses. # 2 - the "received" test is used: address in Via is compared against source IP address of signaling # 4 - Top Most VIA is searched for occurrence of RFC1918 addresses # 8 - SDP is searched for occurrence of RFC1918 addresses #16 - test if the source port is different from the port in Via ### if(method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); }; setflag(5); }; if(is_method("OPTIONS")) { # send reply for each options request sl_send_reply("200", "OK"); xlog("L_INFO","OPTIONS - Sending 200 - OK : Packet from: $fu"); exit(); } #trace only INVITEs / no OPTIONS ... #if(method!="OPTIONS") { if(!is_method("OPTIONS")) { ## SIPTrace for marked users #if(avp_db_load("$fu","$avp(s:trace)")) { $avp(s:traceuser)=$fu; setflag(22); sip_trace(); xlog("L_INFO","siptrace for: $fu"); #} else { # xlog("L_INFO","siptrace :NO INVITE - NO TRACE: $fu"); #}; }; ################################################################### #sst - Session timers check if (method=="INVITE") { if (sstCheckMin("1")) { xlog("L_ERR", "422 Session Timer Too Small reply sent.\n"); exit; } # track the session timers via the dialog module setflag(6); # dialog flag setflag(13); # sst flag setflag(14); # sst flag - bye_on_timeout_flag } ################################################################### if (has_totag()) { # sequential request within a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } else if (is_method("INVITE")) { # even if in most of the cases is useless, do RR for # re-INVITEs also, as some buggy clients do change route set # during the dialog. record_route(); } # route it out to whatever destination was set by loose_route() # in $du (destination URI). route(1); } else { /* uncomment the following lines if you want to enable presence */ if (is_method("SUBSCRIBE") && $rd == "62.133.33.33") { # in-dialog subscribe requests route(2); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after # a 487 or e.g. 404 from upstream server xlog("L_INFO", "INFO: relaying $rm"); t_relay(); exit; } else { # ACK without matching transaction -> # ignore and discard exit; } } sl_send_reply("404","Not here"); } exit; } #initial requests #hide topology from partners --> crash opensips?! --> bug #if (is_method("INVITE") && src_ip!="62.133.33.33") { #xlog("L_INFO", "INFO: RURI - $ru entering: topology hiding scenario"); #b2b_init_request("top hiding"); #exit; #} # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; } t_check_trans(); #test rtpproxy - setzen if (is_method("BYE|CANCEL")) { unforce_rtp_proxy(); } else if (is_method("INVITE")) { #force_rtp_proxy(); force_rtp_proxy("o"); #change o= line in sdp (origin) xlog("L_INFO", "INFO: RURI - $ru forcing: rtp_proxy"); }; #authenticate all initial non-REGISTER request that pretend to be #generated by local subscriber (domain from FROM URI is local) <-- any #migration 1.6 if (!(method=="REGISTER") && !check_address("0","$si","$sp","$proto") ) { #if(!is_from_gw()){ #fix for presence-scripts (publish.sh) xlog("L_INFO", "SIP REQUEST: $ru entering: proxy auth"); if(!is_from_gw() && src_ip!=62.133.33.33){ xlog("L_INFO", "SIP REQUEST from: $fu to $tu [$ua] - not from trusted gw!"); if (!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); exit; } #migration 1.6 if (!db_check_from()) { sl_send_reply("403","Forbidden auth ID"); exit; } } consume_credentials(); #caller authenticated #hide topology from partners --> crash opensips?! --> bug #if (is_method("INVITE")) { #xlog("L_INFO", "INFO: RURI - $ru entering: topology hiding scenario"); #b2b_init_request("top hiding"); #exit; #} } # preloaded route checking if (loose_route()) { xlog("L_ERR", "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]"); if (!is_method("ACK")) sl_send_reply("403","Preload Route denied"); exit; } # record routing if (!is_method("REGISTER|MESSAGE")) record_route(); # account only INVITEs if (is_method("INVITE")) { setflag(1); # do accounting } ##testing rpid / sender orientated #if (check_address("0","$si","$sp","$proto","$avp(s:presentation)")) { #xlog("The Value for presentation is set to: $avp(i:10)\n"); #} #if (!uri==myself) ## replace with following line if multi-domain support is used if (!is_uri_host_local()) { append_hf("P-hint: outbound\r\n"); # if you have some interdomain connections via TLS ##if($rd=="tls_domain1.net") { ## t_relay("tls:domain1.net"); ## exit; ##} else if($rd=="tls_domain2.net") { ## t_relay("tls:domain2.net"); ## exit; ##} route(1); } # requests for my domain ## uncomment this if you want to enable presence server ## and comment the next 'if' block ## NOTE: uncomment also the definition of route[2] from below if( is_method("PUBLISH|SUBSCRIBE")) route(2); #if (is_method("PUBLISH")) #{ # sl_send_reply("503", "Service Unavailable"); # exit; # if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; } #migration 1.6 if (!db_check_to()) { sl_send_reply("403","Forbidden auth ID"); exit; } # make pua_usrloc send PUBLISH for phones which do # not support presence # filter after User-Agent header if(!search("^User-Agent: X-Lite")) pua_set_publish(); if (isflagset(5)) { setbflag(6); setbflag(7); }; if (!save("location")) sl_reply_error(); exit; } if ($rU==NULL) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # apply DB based aliases (uncomment to enable) alias_db_lookup("dbaliases"); if(avp_db_load("$ru/username","$avp(s:callfwd)")) { avp_pushto("$ru", "$avp(s:callfwd)"); xlog("L_INFO","forwarded to: $avp(s:callfwd)"); } ## Dial plan processing - looks for dpid pvar in Database #dp_translate("$avp(s:dpid)","$ruri.user/$ruri.user"); # - below is a fix for non-local users (use dpid 0 for every incoming call) dp_translate("1","$ruri.user/$ruri.user"); #xlog("L_INFO", "Dialplan: Subscriber dpid $avp(s:dpid)"); #xlog("L_INFO", "Dialplan: Subscriber dpid 1"); #xlog("L_INFO", "Dialplan: Destination $avp(s:dest)"); if ($avp(s:dest)=="3") { #Route to usrloc route(3); } if ($avp(s:dest)=="4") { xlog("L_INFO", "Dialplan: Going to carriers: $avp(s:dest)"); #route to drouting ### S2 ### # set legtype of call (in acc module we are accounting only "pstn" calls) $avp(s:legtype)="pstn"; setflag(1); setflag(3); route(4); ### S2 ### } if ($avp(s:dest)=="5") { xlog("L_INFO", "Dialplan: Going to media server: $avp(s:dest)"); #route to media server route(5); } if ($avp(s:dest)=="null") { xlog("L_INFO", "Dialplan: no Destination found: $avp(s:dest)"); #route to media server } xlog("L_INFO", "Dialplan: sending 420 - invalid Extension"); sl_send_reply("420", "Invalid Extension - Please try carrierprefix-cc-lac"); exit; } route[1] { # for INVITEs enable some additional helper routes if (isflagset(5)||isbflagset(6)) { if (subst_uri('/(sip:.*);nat=yes/\1/')) { setbflag(6); }; route(6); }; # for INVITEs enable some additional helper routes if (is_method("INVITE")) { t_on_branch("2"); t_on_reply("2"); t_on_failure("1"); } if (!t_relay()) { sl_reply_error(); }; exit; } # Presence route /* uncomment the whole following route for enabling presence NOTE: do not forget to enable the call of this route from the main route */ route[2] { if (!t_newtran()) { sl_reply_error(); exit; }; if(is_method("PUBLISH")) { handle_publish(); } else if( is_method("SUBSCRIBE")) { handle_subscribe(); } exit; } route[3]{ if (!lookup("location")) { switch ($retcode) { case -1: case -3: t_newtran(); t_reply("404", "Not Found"); exit; case -2: sl_send_reply("405", "Method Not Allowed"); exit; } } # when routing via usrloc, log the missed calls also setflag(2); route(1); } route[5]{ # Route to the IP Address of your Media Server (Asterisk) rewritehostport("62.190.190.190:5060"); xlog("L_INFO", "sending call to media server"); t_relay(); } route[4] { # routing to the pstn do_routing("0"); #finding rpid/p-asserted preferences for incoming call from gw if (goes_to_gw("1")) { xlog("L_INFO", "Sending to type: 1 - doing nothing special"); xlog("L_INFO", "SIP REQUEST: $ru - Call from: $fu to $tu [$ua]"); } if (goes_to_gw("4")) { xlog("L_INFO", "Sending to type: 4 - doing rpid"); xlog("L_INFO", "SIP REQUEST: $ru - Call from: $fu to $tu [$ua]"); } if (goes_to_gw("5")) { xlog("L_INFO", "Sending to type: 5 - doing p-asserted"); if ($fU=="Unknown|UNKNOWN") { xlog("L_INFO", "Sending to type: 5 - doing p-asserted : Unknown CallerID!!"); } #append_hf("P-Asserted-Identity: ; \r\nPrivacy: id\r\n"); append_hf("P-Asserted-Identity: \r\n"); #append_hf("Privacy: id\r\n"); #append_hf("P-Asserted-Identity: ; \r\n"); #above works #append_hf("P-Asserted-Identity: ; \r\n"); xlog("L_INFO", "CallerID: $fU to $tu - [$ua]"); uac_replace_from("ANONYMOUS","sip:ANONYMOUS@$rd"); } ## for INVITEs enable some additional helper routes if (is_method("INVITE")) { t_on_branch("2"); t_on_reply("2"); t_on_failure("2"); } if (!t_relay()) { sl_reply_error(); }; exit; } route[6] { if (is_method("BYE|CANCEL")) { unforce_rtp_proxy(); } else if (is_method("INVITE")) { force_rtp_proxy(); t_on_failure("1"); }; } ##B2BUA #route[b2b_request] { # xlog("b2b_request ($ci)\n"); # force_rtp_proxy(); #} #route[b2b_reply] { # xlog("b2b_reply ($ci)\n"); # force_rtp_proxy(); #} ## branch_route[2] { xlog("new branch at $ru\n"); xlog("L_INFO", "In branch route 1 - request domain is $rd \n"); switch($rd) { case "80.1111": xlog("Carrier: number1"); case "217.11113": xlog("Carrier: number2"); return; break; case "62.1111": xlog("Carrier: number3"); return; break; case "87.1111": xlog("Carrier: number4"); #append_hf("P-Asserted-Identity: ;privacy=id\r\n"); #append_hf("P-Asserted-Identity: ;privacy=id;screen=no\r\n"); return; break; default: } return; } onreply_route[2] { # -- on-reply block routing -- # if (t_check_status("200")) { # calculate the setup time $var(setup_time) = $Ts - $avp(tmp); xlog("L_INFO","Call Setup Time : $var(setup_time) Seconds"); } #force rtp_proxy for every call #fix_nated_contact(); #force_rtp_proxy(); if (!search("^Content-Length:\ 0")){ force_rtp_proxy("o"); xlog("L_INFO", "onreply_route[2] : RURI - $ru forcing: rtp_proxy"); }; if ((isflagset(5) || isbflagset(6)) && status=~"(183)|(2[0-9][0-9])"){ force_rtp_proxy(); append_hf("P-hint: onreply_route|force_rtp_proxy \r\n"); search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); } if (isbflagset(6)) { append_hf("P-hint: Onreply-route - fixcontact \r\n"); fix_nated_contact(); } exit; } failure_route[1] { ## S10 ## if (isbflagset(6) || isflagset(5)) { unforce_rtp_proxy(); } ## S10 ## if (t_was_cancelled()) { exit; } # uncomment the following lines if you want to block client # redirect based on 3xx replies. ##if (t_check_status("3[0-9][0-9]")) { ##t_reply("404","Not found"); ## exit; ##} ##-- ##-- If busy send to the media server, prefix the "b" ##-- character to indicate busy. ##-- if (t_check_status("486")) { prefix("b"); xlog("L_ERR","Passed into the 486 ruri=<$ru>"); route(5); route(1); exit; }; ##-- ##-- If timeout (408) or unavailable temporarily (480), ##-- prefix the uri with the "u"character to indicate ##-- unanswered and send to the media server ##-- if (t_check_status("408") || t_check_status("480")) { prefix("u"); xlog("L_ERR","Passed into the 480 ruri=<$ru>"); route(5); route(1); exit; }; # uncomment the following lines if you want to redirect the failed # calls to a different new destination ##if (t_check_status("486|408")) { ## sethostport("192.168.2.100:5060"); ## # do not set the missed call flag again ## t_relay(); ##} } failure_route[2] { if (isbflagset(6) || isflagset(5)) { unforce_rtp_proxy(); } xlog("failure route 2\n"); if (use_next_gw()) { xlog ("next gateway $ru \n"); t_on_failure("2"); t_relay(); exit; } t_reply("503", "Service not available, no more gateways"); xlog("L_INFO", "503 - Service unavailable for: $tU call from: $fu"); exit; }