Browse code

modified ser.cfg to work with all the new functions and code. this new version contains a lot more "features" but mainly for demonstration purposes so that the users get an idea what you can do with the config script language/commands. ser-simple.cfg is the successor of the original ser.cfg. ser-simple.cfg contains only the very basic commands for a proxy and regitrar.

Nils Ohlmeier authored on 05/11/2006 18:32:38
Showing 2 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,137 @@
0
+#
1
+# $Id$
2
+#
3
+# This a very basic config file w aliases and anamed route but
4
+# w/o authentication, accouting, database, multi-domain support etc.
5
+# Please refer to ser.cfg for a more complete example
6
+#
7
+
8
+# ----------- global configuration parameters ------------------------
9
+
10
+debug=3         # debug level (cmd line: -dddddddddd)
11
+#memdbg=10 # memory debug message level
12
+#memlog=10 # memory statistics log level
13
+#log_facility=LOG_LOCAL0 # sets the facility used for logging (see syslog(3))
14
+
15
+/* Uncomment these lines to enter debugging mode 
16
+fork=no
17
+log_stderror=yes
18
+*/
19
+
20
+check_via=no    # (cmd. line: -v)
21
+dns=no          # (cmd. line: -r)
22
+rev_dns=no      # (cmd. line: -R)
23
+#port=5060
24
+#children=4
25
+#user=ser
26
+#group=ser
27
+#fifo_user=ser # owner of the ser fifo
28
+#fifo_group=ser
29
+#fifo_mode=0660 # fifo's permissions
30
+#disable_core=yes #disables core dumping
31
+#open_fd_limit=1024 # sets the open file descriptors limit
32
+#mhomed=yes  # usefull for multihomed hosts, small performance penalty
33
+#disable_tcp=yes 
34
+#tcp_accept_aliases=yes # accepts the tcp alias via option (see NEWS)
35
+
36
+#
37
+
38
+# ------------------ module loading ----------------------------------
39
+
40
+loadmodule "/usr/local/lib/ser/modules/sl.so"
41
+loadmodule "/usr/local/lib/ser/modules/tm.so"
42
+loadmodule "/usr/local/lib/ser/modules/rr.so"
43
+loadmodule "/usr/local/lib/ser/modules/textops.so"
44
+loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
45
+loadmodule "/usr/local/lib/ser/modules/usrloc.so"
46
+loadmodule "/usr/local/lib/ser/modules/registrar.so"
47
+loadmodule "/usr/local/lib/ser/modules/ctl.so"
48
+
49
+# ----------------- setting module-specific parameters ---------------
50
+
51
+# -- usrloc params --
52
+
53
+modparam("usrloc", "db_mode",   0)
54
+
55
+# -- rr params --
56
+# add value to ;lr param to make some broken UAs happy
57
+modparam("rr", "enable_full_lr", 1)
58
+
59
+# ctl params
60
+# by default ctl listens on unixs:/tmp/ser_ctl if no other address is
61
+# specified in modparams; this is also the default for sercmd
62
+modparam("ctl", "binrpc", "unixs:/tmp/ser_ctl")
63
+# listen on the "standard" fifo for backward compatibility
64
+modparam("ctl", "fifo", "fifo:/tmp/ser_fifo")
65
+# listen on tcp, localhost
66
+#modparam("ctl", "binrpc", "tcp:localhost:2046")
67
+
68
+# -------------------------  request routing logic -------------------
69
+
70
+# main routing logic
71
+
72
+route{
73
+
74
+	# initial sanity checks -- messages with
75
+	# max_forwards==0, or excessively long requests
76
+	if (!mf_process_maxfwd_header("10")) {
77
+		sl_send_reply("483","Too Many Hops");
78
+		break;
79
+	};
80
+	if (msg:len >=  max_len ) {
81
+		sl_send_reply("513", "Message too big");
82
+		break;
83
+	};
84
+	
85
+	# we record-route all messages -- to make sure that
86
+	# subsequent messages will go through our proxy; that's
87
+	# particularly good if upstream and downstream entities
88
+	# use different transport protocol
89
+	if (!method=="REGISTER") record_route();	
90
+
91
+	# subsequent messages withing a dialog should take the
92
+	# path determined by record-routing
93
+	if (loose_route()) {
94
+		# mark routing logic in request
95
+		append_hf("P-hint: rr-enforced\r\n"); 
96
+		route(FORWARD);
97
+		break;
98
+	};
99
+
100
+	if (!uri==myself) {
101
+		# mark routing logic in request
102
+		append_hf("P-hint: outbound\r\n"); 
103
+		route(FORWARD);
104
+		break;
105
+	};
106
+
107
+	# if the request is for other domain use UsrLoc
108
+	# (in case, it does not work, use the following command
109
+	# with proper names and addresses in it)
110
+	if (uri==myself) {
111
+
112
+		if (method=="REGISTER") {
113
+
114
+			save_contacts("location");
115
+			break;
116
+		};
117
+
118
+		# native SIP destinations are handled using our USRLOC DB
119
+		if (!lookup_contacts("location")) {
120
+			sl_send_reply("404", "Not Found");
121
+			break;
122
+		};
123
+		append_hf("P-hint: usrloc applied\r\n"); 
124
+	};
125
+	route(FORWARD);
126
+}
127
+
128
+route[FORWARD] 
129
+{
130
+	# send it out now; use stateful forwarding as it works reliably
131
+	# even for UDP2TCP
132
+	if (!t_relay()) {
133
+		sl_reply_error();
134
+	};
135
+}
136
+
... ...
@@ -1,15 +1,32 @@
1 1
 #
2 2
 # $Id$
3 3
 #
4
-# simple quick-start config script
4
+
5
+# First start SER sample config script with:
6
+#   database, accounting, authentication, multi-domain support
7
+#   PSTN GW section, named flags, named routes, global-,
8
+#   domain- and user-preferences with AVPs
9
+# Several of these features are only here for demonstration purpose
10
+# what can be achieved with the SER config script language.
5 11
 #
12
+# If you look for a simpler version with a lot less dependencies
13
+# please refer to the ser-simple.cfg file in your SER distribution.
14
+
15
+# To get this config running you need to execute the following commands
16
+# with the new serctl (the capital word are just place holders)
17
+# - ser_ctl domain add DOMAINNAME
18
+# - ser_ctl user add USERNAME@DOMAINNAME -p PASSWORD
19
+# If you want to have PID header for your user
20
+# - ser_attr add uid=UID asserted_id="PID"
21
+# If you want to have gateway support
22
+# - ser_db add attr_types name=gw_ip rich_type=string raw_type=2 description="The gateway IP for the default ser.cfg" default_flags=33
23
+# - ser_attr add global gw_ip=GATEWAY-IP
6 24
 
7 25
 # ----------- global configuration parameters ------------------------
8 26
 
9
-#debug=3         # debug level (cmd line: -dddddddddd)
10
-#fork=yes
11
-#log_stderror=no	# (cmd line: -E)
12
-#memlog=5 # memory debug log level
27
+debug=3         # debug level (cmd line: -dddddddddd)
28
+#memdbg=10 # memory debug log level
29
+#memlog=10 # memory statistics log level
13 30
 #log_facility=LOG_LOCAL0 # sets the facility used for logging (see syslog(3))
14 31
 
15 32
 /* Uncomment these lines to enter debugging mode 
... ...
@@ -17,8 +34,8 @@ fork=no
17 17
 log_stderror=yes
18 18
 */
19 19
 
20
-check_via=no	# (cmd. line: -v)
21
-dns=no           # (cmd. line: -r)
20
+check_via=no    # (cmd. line: -v)
21
+dns=no          # (cmd. line: -r)
22 22
 rev_dns=no      # (cmd. line: -R)
23 23
 #port=5060
24 24
 #children=4
... ...
@@ -37,8 +54,8 @@ rev_dns=no      # (cmd. line: -R)
37 37
 
38 38
 # ------------------ module loading ----------------------------------
39 39
 
40
-# Uncomment this if you want to use SQL database
41
-#loadmodule "/usr/local/lib/ser/modules/mysql.so"
40
+# load a SQL database for authentication, domains, user AVPs etc.
41
+loadmodule "/usr/local/lib/ser/modules/mysql.so"
42 42
 
43 43
 loadmodule "/usr/local/lib/ser/modules/sl.so"
44 44
 loadmodule "/usr/local/lib/ser/modules/tm.so"
... ...
@@ -46,40 +63,62 @@ loadmodule "/usr/local/lib/ser/modules/rr.so"
46 46
 loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
47 47
 loadmodule "/usr/local/lib/ser/modules/usrloc.so"
48 48
 loadmodule "/usr/local/lib/ser/modules/registrar.so"
49
+loadmodule "/usr/local/lib/ser/modules/xlog.so"
49 50
 loadmodule "/usr/local/lib/ser/modules/textops.so"
50 51
 loadmodule "/usr/local/lib/ser/modules/ctl.so"
51
-#loadmodule "/usr/local/lib/ser/modules/fifo.so"
52
+loadmodule "/usr/local/lib/ser/modules/fifo.so"
53
+loadmodule "/usr/local/lib/ser/modules/auth.so"
54
+loadmodule "/usr/local/lib/ser/modules/auth_db.so"
55
+loadmodule "/usr/local/lib/ser/modules/gflags.so"
56
+loadmodule "/usr/local/lib/ser/modules/domain.so"
57
+loadmodule "/usr/local/lib/ser/modules/uri_db.so"
58
+loadmodule "/usr/local/lib/ser/modules/avp.so"
59
+loadmodule "/usr/local/lib/ser/modules/avp_db.so"
60
+loadmodule "/usr/local/lib/ser/modules/acc_db.so"
61
+loadmodule "/usr/local/lib/ser/modules/xmlrpc.so"
62
+
63
+# ----------------- setting script FLAGS -----------------------------
64
+flags
65
+  FLAG_ACC         : 1  # include message in accouting
52 66
 
53
-# Uncomment this if you want digest authentication
54
-# mysql.so must be loaded !
55
-#loadmodule "/usr/local/lib/ser/modules/auth.so"
56
-#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
67
+avpflags
68
+  dialog_cookie;        # handled by rr module
57 69
 
58 70
 # ----------------- setting module-specific parameters ---------------
59 71
 
60
-# -- usrloc params --
72
+# specify the path to you database here
73
+modparam("acc_db|auth_db|domain|gflags|usrloc|uri_db", "db_url", "mysql://ser:heslo@127.0.0.1/ser")
61 74
 
62
-modparam("usrloc", "db_mode",   0)
75
+# -- usrloc params --
63 76
 
64
-# Uncomment this if you want to use SQL database 
65
-# for persistent storage and comment the previous line
66
-#modparam("usrloc", "db_mode", 2)
77
+# as we use the database anyway we will use it for usrloc as well
78
+modparam("usrloc", "db_mode", 1)
67 79
 
68 80
 # -- auth params --
69
-# Uncomment if you are using auth module
70
-#
71
-#modparam("auth_db", "calculate_ha1", yes)
72
-#
73
-# If you set "calculate_ha1" parameter to yes (which true in this config), 
74
-# uncomment also the following parameter)
75
-#
76
-#modparam("auth_db", "password_column", "password")
81
+modparam("auth_db", "calculate_ha1", yes)
82
+modparam("auth_db", "password_column", "password")
77 83
 
78 84
 # -- rr params --
79 85
 # add value to ;lr param to make some broken UAs happy
80 86
 modparam("rr", "enable_full_lr", 1)
87
+#
88
+# limit the length of the AVP cookie to only necessary ones
89
+modparam("rr", "cookie_filter", "(account)")
90
+#
91
+# you probably do not want that someone can simply read and change
92
+# the AVP cookie in your Routes, thus should really change this
93
+# secret value below
94
+modparam("rr", "cookie_secret", "MyRRAVPcookiesecret")
95
+
96
+# -- gflags params --
97
+# load the global AVPs
98
+modparam("gflags", "load_global_attrs", 1)
99
+
100
+# -- domain params --
101
+# load the domain AVPs
102
+modparam("domain", "load_domain_attrs", 1)
81 103
 
82
-# ctl params
104
+# -- ctl params --
83 105
 # by default ctl listens on unixs:/tmp/ser_ctl if no other address is
84 106
 # specified in modparams; this is also the default for sercmd
85 107
 modparam("ctl", "binrpc", "unixs:/tmp/ser_ctl")
... ...
@@ -88,85 +127,320 @@ modparam("ctl", "fifo", "fifo:/tmp/ser_fifo")
88 88
 # listen on tcp, localhost
89 89
 #modparam("ctl", "binrpc", "tcp:localhost:2046")
90 90
 
91
+# -- acc_db params --
92
+modparam("acc_db", "failed_transactions", 1)
93
+
94
+# comment the next line if you dont want to have accouting to DB
95
+modparam("acc_db", "log_flag", "FLAG_ACC")
96
+
91 97
 # -------------------------  request routing logic -------------------
92 98
 
93 99
 # main routing logic
94 100
 
95 101
 route{
102
+	# if you have a PSTN gateway just un-comment the follwoing line and 
103
+	# specify the IP address of it to route calls to it
104
+	#$gw_ip = "1.2.3.4"
105
+
106
+	# first do some initial sanity checks
107
+	route(INIT);
108
+
109
+	# check if the request is routed via Route header or
110
+	# needs a Record-Route header
111
+	route(RR);
112
+
113
+	# check if the request belongs to our proxy
114
+	route(DOMAIN);
115
+
116
+	# handle REGISTER requests
117
+	route(REGISTRAR);
118
+
119
+	# from here on we want to know you is calling
120
+	route(AUTHENTICATION);
121
+
122
+	# check if we should be outbound proxy for a local user
123
+	route(OUTBOUND);
124
+
125
+	# check if the request is for a local user
126
+	route(INBOUND);
127
+
128
+	# here you coud for example try to an ENUM lookup before
129
+	# the call gets routed to the PSTN
130
+	#route(ENUM);
131
+
132
+	# lets see if someone wants to call a PSTN number
133
+	route(PSTN);
134
+
135
+	# nothing matched, reject it finally
136
+	sl_send_reply("404", "No route matched");
137
+}
138
+
139
+route[FORWARD]
140
+{
141
+	# here you could decide wether this call needs a RTP relay or not
142
+
143
+	# send it out now; use stateful forwarding as it works reliably
144
+	# even for UDP2TCP
145
+	if (!t_relay()) {
146
+		sl_reply_error();
147
+	};
148
+	drop;
149
+}
150
+
151
+route[INIT]
152
+{
153
+	# as soon as it is save to distinguish HTTP from SIP
154
+	# we can un-comment the next line
155
+	route(RPC);
96 156
 
97 157
 	# initial sanity checks -- messages with
98 158
 	# max_forwards==0, or excessively long requests
99 159
 	if (!mf_process_maxfwd_header("10")) {
100 160
 		sl_send_reply("483","Too Many Hops");
101
-		break;
161
+		drop;
102 162
 	};
163
+
103 164
 	if (msg:len >=  max_len ) {
104 165
 		sl_send_reply("513", "Message too big");
105
-		break;
166
+		drop;
106 167
 	};
107
-	
108
-	# we record-route all messages -- to make sure that
109
-	# subsequent messages will go through our proxy; that's
110
-	# particularly good if upstream and downstream entities
111
-	# use different transport protocol
112
-	if (!method=="REGISTER") record_route();	
113 168
 
169
+	# you could add some NAT detection here for example
170
+
171
+	# or you cuold call here some of the check from the sanity module
172
+
173
+	# lets account all initial INVITEs and the BYEs
174
+	# if (method=="INVITE" && @to.tag=="" || method=="BYE") {
175
+	if (method=="INVITE" && @to.tag=="") {
176
+		setflag(FLAG_ACC);
177
+	}
178
+}
179
+
180
+route[RPC]
181
+{
182
+	# allow XMLRPC from localhost
183
+	if ((method=="POST" || method=="GET") &&
184
+		src_ip==127.0.0.1) {
185
+
186
+		# add a Via header to the HTTP
187
+		create_via();
188
+
189
+		if (msg:len >= 8192) {
190
+			sl_send_reply("513", "Request to big");
191
+			drop;
192
+		}
193
+
194
+		# lets see if a module want to answer this
195
+		dispatch_rpc();
196
+		drop;
197
+	}
198
+}
199
+
200
+route[RR]
201
+{
114 202
 	# subsequent messages withing a dialog should take the
115 203
 	# path determined by record-routing
116 204
 	if (loose_route()) {
117 205
 		# mark routing logic in request
118 206
 		append_hf("P-hint: rr-enforced\r\n"); 
119
-		route(1);
120
-		break;
121
-	};
122 207
 
123
-	if (!uri==myself) {
124
-		# mark routing logic in request
125
-		append_hf("P-hint: outbound\r\n"); 
126
-		route(1);
127
-		break;
128
-	};
208
+		# if the Route contained the accounting AVP cookie we
209
+		# set the accounting flag for the acc_db module.
210
+		# this is more for demonstration purpose as this could
211
+		# also be solved without RR cookies.
212
+		# Note: this means all in-dialog request will show up in the
213
+		# accouting tables, so prepare your accounting software for this ;-)
214
+		if ($account == "yes") {
215
+			setflag(FLAG_ACC);
216
+		}
129 217
 
130
-	# if the request is for other domain use UsrLoc
131
-	# (in case, it does not work, use the following command
132
-	# with proper names and addresses in it)
133
-	if (uri==myself) {
218
+		# for broken devices which overwrite their Route's with each
219
+		# (not present) RR from within dialog requests it is better
220
+		# to repeat the RRing
221
+		# and if we call rr after loose_route the AVP cookies are restored
222
+		# automatically :)
223
+		record_route();
134 224
 
135
-		if (method=="REGISTER") {
225
+		route(FORWARD);
226
+	} else if (!method=="REGISTER") {
227
+		# we record-route all messages -- to make sure that
228
+		# subsequent messages will go through our proxy; that's
229
+		# particularly good if upstream and downstream entities
230
+		# use different transport protocol
136 231
 
137
-# Uncomment this if you want to use digest authentication
138
-#			if (!www_authorize("iptel.org", "subscriber")) {
139
-#				www_challenge("iptel.org", "0");
140
-#				break;
141
-#			};
232
+		# if the inital INVITE got the ACC flag store this in
233
+		# an RR AVP cookie. this is more for demonstration purpose
234
+		if (isflagset(FLAG_ACC)) {
235
+			$account = "yes";
236
+			setavpflag($account, "dialog_cookie");
237
+		}
142 238
 
143
-			save("location");
144
-			break;
145
-		};
239
+		record_route();
240
+	}
241
+}
146 242
 
147
-		lookup("aliases");
148
-		if (!uri==myself) {
149
-			append_hf("P-hint: outbound alias\r\n"); 
150
-			route(1);
151
-			break;
152
-		};
243
+route[DOMAIN]
244
+{
245
+	# check if the caller is from a local domain
246
+	lookup_domain("$fd", "@from.uri.host");
153 247
 
154
-		# native SIP destinations are handled using our USRLOC DB
155
-		if (!lookup("location")) {
156
-			sl_send_reply("404", "Not Found");
157
-			break;
248
+	# check if the callee is at a local domain
249
+	lookup_domain("$td", "@ruri.host");
250
+
251
+	# we dont know the domain of the caller and also not
252
+	# the domain of the callee -> somone uses our proxy as
253
+	# a relay
254
+	if (!$t.did && !$f.did) {
255
+		sl_send_reply("403", "Relaying Forbidden");
256
+		drop;
257
+	}
258
+}
259
+
260
+route[REGISTRAR]
261
+{
262
+	# if the request is a REGISTER lets take care of it
263
+	if (method=="REGISTER") {
264
+		# check if the REGISTER if for one of our local domains
265
+		if (!$t.did) {
266
+			sl_send_reply("403", "Register forwarding forbidden");
267
+			drop;
268
+		}
269
+
270
+		# we want only authenticated users to be registered
271
+		if (!www_authenticate("$fd.digest_realm", "credentials")) {
272
+			if ($? == -2) {
273
+				sl_send_reply("500", "Internal Server Error");
274
+			} else if ($? == -3) {
275
+				sl_send_reply("400", "Bad Request");
276
+			} else {
277
+				if ($digest_challenge) {
278
+					append_to_reply("%$digest_challenge");
279
+				}
280
+				sl_send_reply("401", "Unauthorized");
281
+			}
282
+			drop;
158 283
 		};
284
+
285
+		# check if the authenticated user is the same as the target user
286
+		if (!lookup_user("$tu", "@from.uri")) {
287
+			sl_send_reply("404", "Unknown user");
288
+			drop;
289
+		}
290
+
291
+		if ($f.uid != $t.uid) {
292
+			sl_send_reply("403", "3rd Party regsitration rejected");
293
+			drop;
294
+		}
295
+
296
+		# everyhting is fine so lets store the binding
297
+		save_contacts("location");
298
+		drop;
159 299
 	};
160
-	append_hf("P-hint: usrloc applied\r\n"); 
161
-	route(1);
162 300
 }
163 301
 
164
-route[1] 
302
+route[AUTHENTICATION]
165 303
 {
166
-	# send it out now; use stateful forwarding as it works reliably
167
-	# even for UDP2TCP
168
-	if (!t_relay()) {
169
-		sl_reply_error();
304
+	if (method=="CANCEL" || method=="ACK") {
305
+		# you are not allowed to challenge these methods
306
+		break;
307
+	}
308
+
309
+	# requests from non-local to local domains should be permitted
310
+	# remove this if you want a walled garden
311
+	if (! $f.did) {
312
+		break;
313
+	}
314
+
315
+	# as gateways are usually not able to authenticate for their
316
+	# requests you will have trust them base on some other information
317
+	# like the source IP address. WARNING: if at all this is only safe
318
+	# in a local network!!!
319
+	#if (src_ip==a.b.c.d) {
320
+	#	break;
321
+	#}
322
+
323
+	if (!proxy_authenticate("$fd.digest_realm", "credentials")) {
324
+		if ($? == -2) {
325
+			sl_send_reply("500", "Internal Server Error");
326
+		} else if ($? == -3) {
327
+			sl_send_reply("400", "Bad Request");
328
+		} else {
329
+			if ($digest_challenge) {
330
+				append_to_reply("%$digest_challenge");
331
+			}
332
+			sl_send_reply("407", "Proxy Authentication Required");
333
+		}
334
+		drop;
335
+	}
336
+
337
+	# check if the UID from the authentication meets the From header
338
+	$authuid = $uid;
339
+	if (!lookup_user("$fu", "@from.uri")) {
340
+		del_attr("$uid");
341
+	}
342
+	if (! ($uid == $authuid)) {
343
+		sl_send_reply("403", "Fake Identity");
344
+		drop;
345
+	}
346
+	# load the user AVPs (preferences) of the caller, e.g. for RPID header
347
+	load_attrs("$fu", "$f.uid");
348
+}
349
+
350
+route[OUTBOUND]
351
+{
352
+	# if a local user calls to a foreign domain we play outbound proxy for him
353
+	# comment this out if you want a walled garden
354
+	if ($f.did && ! $t.did) {
355
+		append_hf("P-hint: outbound\r\n");
356
+		route(FORWARD);
357
+	}
358
+}
359
+
360
+route[INBOUND]
361
+{
362
+	# lets see if know the callee
363
+	if (lookup_user("$tu", "@ruri")) {
364
+
365
+		# maybe you want to consider the preferences of the callee,
366
+		# e.g. voicemail, then load his attributes here
367
+		#load_attrs("$tu", "$t.uid");
368
+
369
+		# if you want to know if the callee username was alias
370
+		# check it like this
371
+		#if (! $tu.uri_canonical) { }
372
+
373
+		# native SIP destinations are handled using our USRLOC DB
374
+		if (lookup_contacts("location")) {
375
+			append_hf("P-hint: usrloc applied\r\n");
376
+			route(FORWARD);
377
+		} else {
378
+			sl_send_reply("480", "User temporarily not available");
379
+			drop;
380
+		}
170 381
 	};
171 382
 }
172 383
 
384
+route[PSTN]
385
+{
386
+	# Only if the AVP 'gw_ip' is set and the request URI contains
387
+	# only a number we consider sending this to the PSTN GW.
388
+	# Only users from a local domain are permitted to make calls.
389
+	# Additionally you might want to check the acl AVP to verify
390
+	# that the user is allowed to make such expensives calls.
391
+	if ($f.did && $gw_ip &&
392
+		uri=~"sips?:\+?[0-9]{3,18}@.*") {
393
+		# probably you need to convert the number in the request
394
+		# URI according to the requirements of your gateway here
395
+
396
+		# if an AVP 'asserted_id' is set we insert an RPID header
397
+		if ($asserted_id) {
398
+			xlset_attr("$rpidheader", "<sip:%$asserted_id@%@ruri.host>;screen=yes");
399
+			replace_attr_hf("Remote-Party-ID", "$rpidheader");
400
+		}
401
+
402
+		# just replace the domain part of the RURI with the
403
+		# value from the AVP and send it out
404
+		attr2uri("$gw_ip", "domain");
405
+		route(FORWARD);
406
+	}
407
+}