# # $Id: opensips.cfg 8141 2011-07-08 12:17:13Z vladut-paiu $ # # OpenSIPS basic configuration script # by Anca Vamanu # # Please refer to the Core CookBook at: # http://www.opensips.org/Resources/DocsCookbooks # for a explanation of possible statements, functions and parameters. # ####### Global Parameters ######### debug=3 log_stderror=no log_facility=LOG_LOCAL0 fork=yes children=4 alias=220.130.6.180 /* uncomment the following lines to enable debugging */ #debug=6 #fork=no #log_stderror=yes /* uncomment the next line to disable TCP (default on) */ #disable_tcp=yes /* uncomment the next line to enable the auto temporary blacklisting of not available destinations (default disabled) */ #disable_dns_blacklist=no /* uncomment the next line to enable IPv6 lookup after IPv4 dns lookup failures (default disabled) */ #dns_try_ipv6=yes /* uncomment the next line to disable the auto discovery of local aliases based on revers DNS on IPs (default on) */ #auto_aliases=no /* uncomment the following lines to enable TLS support (default off) */ #disable_tls = no #listen = tls:your_IP:5061 #tls_verify_server = 1 #tls_verify_client = 1 #tls_require_client_certificate = 0 #tls_method = TLSv1 #tls_certificate = "/usr/local/etc/opensips/tls/user/user-cert.pem" #tls_private_key = "/usr/local/etc/opensips/tls/user/user-privkey.pem" #tls_ca_list = "/usr/local/etc/opensips/tls/user/user-calist.pem" # default db_url to be used by modules requiring DB connection db_default_url="mysql://opensips:opensipsrw@localhost/Titan" port=5060 /* uncomment and configure the following line if you want opensips to bind on a specific interface/port/proto (default bind on all available) */ #listen=udp:192.168.1.2:5060 ####### Modules Section ######## #set module path mpath="/usr/local/lib/opensips/modules/" /* uncomment next line for MySQL DB support */ loadmodule "db_mysql.so" loadmodule "signaling.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "mi_fifo.so" loadmodule "mi_datagram.so" loadmodule "uri.so" loadmodule "acc.so" loadmodule "uac_auth.so" /* uncomment next lines for MySQL based authentication support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "auth.so" loadmodule "auth_db.so" /* uncomment next line for aliases support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "alias_db.so" /* uncomment next line for multi-domain support NOTE: a DB (like db_mysql) module must be also loaded NOTE: be sure and enable multi-domain support in all used modules (see "multi-module params" section ) */ loadmodule "domain.so" /* uncomment the next two lines for presence server support NOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "presence.so" loadmodule "presence_xml.so" loadmodule "group.so" loadmodule "drouting.so" loadmodule "avpops.so" #loadmodule "mi_xmlrpc.so" loadmodule "dialplan.so" loadmodule "dialog.so" loadmodule "rtpproxy.so" loadmodule "nathelper.so" loadmodule "call_control.so" loadmodule "siptrace.so" loadmodule "aaa_radius.so" loadmodule "sst.so" # ----------------- setting module-specific parameters --------------- #modparam("dialog", "default_timeout", 5) modparam("dialog", "timeout_avp", "$avp(i:10)") # Set the sst modules timeout_avp to be the same value modparam("sst", "timeout_avp", "$avp(i:10)") modparam("sst", "sst_flag", 6) modparam("sst", "min_se", 90) modparam("sst", "sst_interval", 30) modparam("registrar","received_avp", "$avp(i:42)") modparam("nathelper","received_avp", "$avp(i:42)") modparam("usrloc","nat_bflag",6) #modparam("rtpproxy","rtpproxy_sock","udp:127.0.0.1:19999") modparam("nathelper","natping_interval",5) modparam("nathelper","ping_nated_only",1) modparam("nathelper","sipping_bflag",7) modparam("nathelper","sipping_from","sip:pinger@192.168.20.118:5060") modparam("rtpproxy", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") # ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") # ----- rr params ----- # do not append from tag to the RR (no need for this script) modparam("rr", "append_fromtag", 0) # ----- registrar params ----- /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10) # ----- usrloc params ----- #modparam("usrloc", "db_mode", 0) /* uncomment the following lines if you want to enable DB persistency for location entries */ modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") # ----- uri params ----- modparam("uri", "use_uri_table", 0) # ----- acc params ----- /* what sepcial events should be accounted ? */ modparam("acc", "early_media", 0) modparam("acc", "report_cancels", 0) /* by default ww do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) /* account triggers (flags) */ modparam("acc", "failed_transaction_flag", 3) modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) /* uncomment the following lines to enable DB accounting also */ modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2) modparam("acc", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") modparam("acc", "db_extra", "caller_id=$avp(caller);callee_id=$avp(callee)") modparam("aaa_radius", "radius_config", "/etc/raddb/client.conf") modparam("acc", "aaa_flag", 1) modparam("acc", "aaa_missed_flag", 1) modparam("acc", "aaa_extra", "User-Name=$Au; \ Calling-Station-Id=$from; \ Called-Station-Id=$to; \ Sip-Translated-Request-URI=$ru; \ Sip-RPid=$avp(s:rpid); \ Source-IP=$avp(s:source_ip); \ Source-Port=$avp(s:source_port); \ SIP-Proxy-IP=$avp(s:sip_proxy_ip); \ Canonical-URI=$avp(s:can_uri); \ Billing-Party=$avp(billing_party); \ Divert-Reason=$avp(s:divert_reason); \ User-Agent=$hdr(user-agent); \ Contact=$hdr(contact); \ Event=$hdr(event); \ ENUM-TLD=$avp(s:enum_tld); \ From-Header=$hdr(from); \ SIP-Application-Type=$avp(s:sip_application_type)") modparam("siptrace", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") modparam("siptrace", "traced_user_avp", "$avp(s:traced_user)") modparam("siptrace", "trace_on", 1) modparam("siptrace", "trace_flag", 2) # ----- auth_db params ----- /* uncomment the following lines if you want to enable the DB based authentication */ modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") # ----- alias_db params ----- /* uncomment the following lines if you want to enable the DB based aliases */ modparam("alias_db", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") # ----- domain params ----- /* uncomment the following lines to enable multi-domain detection support */ modparam("domain", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") modparam("domain", "db_mode", 1) # Use caching # ----- group parameters ---- # modparam("group", "use_domain", 1) modparam("group", "table", "grp") modparam("group", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") # ----- multi-module params ----- /* uncomment the following line if you want to enable multi-domain support in the modules (dafault off) */ modparam("auth_db|usrloc|uri", "use_domain", 1) # ----- drouting params ----- modparam("drouting", "use_domain", 1) modparam("drouting","db_url", "mysql://opensips:opensipsrw@localhost/Titan") # ---- dialplan params ---- modparam("auth_db", "load_credentials", "") modparam("dialplan", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") ## attribute of the matched line will be store in the $avp(dest) modparam("dialplan", "attrs_pvar", "$avp(dest)") #------ avpops params ----- modparam("avpops", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") modparam("avpops", "avp_table", "usr_preferences") #------ tm params ---- modparam("tm", "fr_inv_timer",20) modparam("tm", "fr_timer", 5) # ----- presence params ----- /* uncomment the following lines if you want to enable presence */ modparam("presence|presence_xml", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") modparam("presence_xml", "force_active", 1) modparam("presence", "server_address", "sip:192.168.20.118:5090") # ----- presence params ----- modparam("dialog", "db_url", "mysql://opensips:opensipsrw@localhost/Titan") modparam("dialog", "dlg_match_mode", 1) modparam("dialog", "db_mode", 1) # ----- call control params ---- modparam("call_control", "disable", 0) # ----- mi_datagram params ----- modparam("mi_datagram", "socket_name", "/var/run/opensips.sock") ####### Routing Logic ######## # main request routing logic route{ $avp(caller) = $fu; xlog("ROUTE BEGIN $fu"); if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } #---- NAT Detection ----# force_rport(); if (nat_uac_test("19")) { if (is_method("REGISTER")) { fix_nated_register(); } else { fix_nated_contact(); #---- Insert nat=yes at the end of the Contact header ----# #---- This helps with REINVITEs, ----# #--- nat=yes will be included in the R-URI for sequential requests ---# #search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); } setflag(5); } #---- Sequential requests section ----# if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } else if (is_method("INVITE")) { # even if in most of the cases is useless, do RR for # re-INVITEs alos, as some buggy clients do change route set # during the dialog. record_route(); } # route it out to whatever destination was set by loose_route() # in $du (destination URI). route(1); } else { /* uncomment the following lines if you want to enable presence */ if (is_method("SUBSCRIBE") && $rd == "192.168.20.118") { # in-dialog subscribe requests route(presence_handling); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after # a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction -> # ignore and discard exit; } } sl_send_reply("404","Not here"); } exit; } #initial requests # CANCEL processing if (is_method("CANCEL")) { xlog("CANCEL METHOD CALLED"); if (t_check_trans()) t_relay(); exit; } t_check_trans(); #---- check request relaying ----# if ( !is_from_local() && !is_uri_host_local() ) { send_reply("403","No relaying"); exit; } # authenticate if from local subscriber (uncomment to enable auth) # authenticate all initial non-REGISTER request that pretend to be # generated by local subscriber (domain from FROM URI is local) ##if (!(method=="REGISTER") && from_uri==myself) /*no multidomain version*/ if (!is_method("REGISTER") && is_from_local()) /*multidomain version*/ { if(!is_from_gw()) { if (!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); exit; } if (!db_check_from()) { sl_send_reply("403","Forbidden auth ID"); exit; } consume_credentials(); } # caller authenticated } # preloaded route checking if (loose_route()) { xlog("L_ERR", "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]"); if (!is_method("ACK")) sl_send_reply("403","Preload Route denied"); exit; } # record routing if (!is_method("REGISTER|MESSAGE")) record_route(); # account only INVITEs if (is_method("INVITE") && !has_totag()) { setflag(1); # do accounting $avp(caller) = $fu; create_dialog("BPp"); call_control(); $var(cc_retcode) = $retcode; switch ($var(cc_retcode)) { case 2: # Call with no limit case 1: # Call with a limit under callcontrol management (either prepaid or postpaid) break; case -1: # Not enough credit (prepaid call) xlog("L_INFO", "Call control: not enough credit for prepaid call\n"); sl_send_reply("402", "Not enough credit"); exit; break; case -2: # Locked by call in progress (prepaid call) xlog("L_INFO", "Call control: prepaid call locked by another call in progress\n"); sl_send_reply("403", "Call locked by another call in progress"); exit; break; case -3: # Duplicated callid xlog("L_INFO", "Call control: Duplicated call id\n"); sl_send_reply("400", "Duplicated callid"); exit; break; case -4: # Call limit reached xlog("L_INFO", "Call control: Call limit reached\n"); sl_send_reply("503", "Too many concurrent calls"); exit; break; default: # Internal error (message parsing, communication, ...) xlog("L_INFO", "Call control: internal server error\n"); sl_send_reply("500", "Internal server error"); exit; } } ##if (!uri==myself) ## replace with following line if multi-domain support is used if (!is_uri_host_local()) { ##append_hf("P-hint: outbound\r\n"); # if you have some interdomain connections via TLS ##if($rd=="tls_domain1.net") { ## t_relay("tls:domain1.net"); ## exit; ##} else if($rd=="tls_domain2.net") { ## t_relay("tls:domain2.net"); ## exit; ##} $avp(callee) = $ru; route(1); exit; } # requests for my domain ## uncomment this if you want to enable presence server ## and comment the next 'if' block ## NOTE: uncomment also the definition of route[2] from below if( is_method("PUBLISH|SUBSCRIBE")) { route(presence_handling); exit; } # if (is_method("PUBLISH")) # { # sl_send_reply("503", "Service Unavailable"); # exit; # } if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; } if (!db_check_to()) { sl_send_reply("403","Forbidden auth ID"); exit; } #---- Request is behind NAT(flag5) save with bflag 6 ----# #---- Use bflag 7 to start SIP pinging (Options) ----# if (isflagset(5)) { setbflag(6); setbflag(7); }; if (!save("location")) sl_reply_error(); exit; } if ($rU==NULL) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } # apply DB based aliases (uncomment to enable) alias_db_lookup("dbaliases"); #--- handle local numbers ----# if(!dp_translate("0","$ruri.user/$ruri.user")){ send_reply("420", "Invalid Destination"); exit; } xlog("$avp(dest)"); $avp(callee) = $ru; if ($avp(dest)=="usrloc") { #Route to usrloc route(user_location); } # if ($avp(dest)=="pstn") { # #route to pstn # route(pstn_routing); # } # if ($avp(dest)=="media") { #route to media server route(media_routing); } send_reply("420", "Invalid Extension"); exit; } route[1] { $avp(caller) = $fu; xlog("ROUTE 1 $fu"); # for INVITEs enable some additional helper routes #---- Helper route, if nat=yes in the R-URI set flag 6 ----# #---- This is used to Process REINVITES ----# if (subst_uri('/((sip:.*)||(sip:.*:.*));nat=yes/\1/')){ setbflag(6); }; #---- If caller(flag 5) or callee(flag 6) are behind NAT ---# #---- Call the route(6) to force the use of the RTP Proxy ---# if (isflagset(5)||isbflagset(6)) { route(nat_fixups); }; if (!t_relay()) { sl_reply_error(); }; exit; } route[user_location]{ xlog("ROUTE USER LOCATION"); if (!lookup("location", "m")) { switch ($retcode) { case -1: case -3: t_newtran(); send_reply("404", "Not Found"); exit; case -2: send_reply("405", "Method Not Allowed"); exit; } } # when routing via usrloc, log the missed calls also setflag(2); # Account missed calls t_on_failure("user_failure"); route(1); } route[nat_fixups] { xlog("ROUTE NAT_FIXUPS"); #---- RTP Proxy handling ---# if (is_method("BYE|CANCEL")) { unforce_rtp_proxy(); } else if (is_method("INVITE")){ #---- Activates the RTP Proxy for the CALLEE ---# rtpproxy_offer(); t_on_failure("user_failure"); }; # catch and fix replies t_on_reply("2"); } # Presence route /* uncomment the whole following route for enabling presence NOTE: do not forget to enable the call of this route from the main route */ route[presence_handling] { xlog("HANDLING PRESENCE"); if (!t_newtran()) { sl_reply_error(); exit; }; if(is_method("PUBLISH")) { handle_publish(); } else if( is_method("SUBSCRIBE")) { handle_subscribe(); } exit; } route[media_routing] { xlog("MEDIA ROUTING"); #---- Route to media servers ----# #xlog("route to media servers"); rewritehostport("192.168.20.118:5080"); route(1); } branch_route[2] { xlog("new branch at $ru\n"); } # CANCEL and BYE Message Handling # ---------------------------------- #route[4]{ #xlog("ROUTE 4"); # setflag(7); # force_rport(); # fix_nated_contact(); # exit; #} onreply_route[2] { # xlog("incoming reply\n"); xlog("ONREPLY ROUTE 2"); # if (is_method ( "BYE|CANCEL")) { # route(4); # } #---- Handling of the SDP for the 200 or 183 reply ----# #---- If behind nat (flags 5 or 6) start RTP Proxy ----# #---- Activates the RTP Proxy for the CALLER ----# if ( is_method("INVITE") && (isflagset(5) || isbflagset(6)) && has_body("application/sdp") ){ rtpproxy_answer(); } if ((isflagset(5) || isbflagset(6)) && status=~"(183)|(2[0-9][0-9])"){ #force_rtp_proxy(); append_hf("P-hint: onreply_route|force_rtp_proxy \r\n"); } #---- If the CALLEE is behind NAT, fix the CONTACT HF ----# if (isbflagset(6)) { search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); fix_nated_contact(); } exit; } failure_route[user_failure] { xlog("FAIL USER ROUTE"); #---- If a failure has ocurred, deactivate the RTP Proxy ----# if (isflagset(5) || isbflagset(6)){ unforce_rtp_proxy(); } if (t_was_cancelled()) { xlog("FAIL USER ROUTE CANCEL"); exit; } if ( db_is_user_in("from","voicemail") ) { # Redirect busy calls to a media server $ru = $avp(callee); sethostport("192.168.20.118:5080"); t_relay(); } } #failure_route[miss_call] { #Miss Call Status check fail route ##if (t_check_status("480|408")) { ## sethostport("192.168.2.100:5060"); ## # do not set the missed call flag again ## t_relay(); ##} #}