Browse code

examples: moved to misc directory

Daniel-Constantin Mierla authored on 07/12/2016 13:56:54
Showing 1 changed files
1 1
deleted file mode 100644
... ...
@@ -1,145 +0,0 @@
1
-#
2
-# $Id$
3
-#
4
-# example: ser configured as PSTN gateway guard; PSTN gateway is located
5
-# at 192.168.0.10
6
-#
7
-
8
-# ------------------ module loading ----------------------------------
9
-
10
-loadmodule "modules/sl/sl.so"
11
-loadmodule "modules/tm/tm.so"
12
-loadmodule "modules/acc/acc.so"
13
-loadmodule "modules/rr/rr.so"
14
-loadmodule "modules/maxfwd/maxfwd.so"
15
-loadmodule "modules/mysql/mysql.so"
16
-loadmodule "modules/auth/auth.so"
17
-loadmodule "modules/auth_db/auth_db.so"
18
-loadmodule "modules/group/group.so"
19
-loadmodule "modules/uri/uri.so"
20
-
21
-# ----------------- setting module-specific parameters ---------------
22
-
23
-modparam("auth_db", "db_url","mysql://ser:heslo@localhost/ser")
24
-modparam("auth_db", "calculate_ha1", yes)
25
-modparam("auth_db", "password_column", "password")
26
-
27
-# -- acc params --
28
-modparam("acc", "log_level", 1)
29
-# that is the flag for which we will account -- don't forget to
30
-# set the same one :-)
31
-modparam("acc", "log_flag", 1 )
32
-
33
-# -------------------------  request routing logic -------------------
34
-
35
-# main routing logic
36
-
37
-route{
38
-
39
-	/* ********* ROUTINE CHECKS  ********************************** */
40
-
41
-	# filter too old messages
42
-	if (!mf_process_maxfwd_header("10")) {
43
-		log("LOG: Too many hops\n");
44
-		sl_send_reply("483","Too Many Hops");
45
-		break;
46
-	};
47
-	if (len_gt( max_len )) {
48
-		sl_send_reply("513", "Wow -- Message too large");
49
-		break;
50
-	};
51
-
52
-	/* ********* RR ********************************** */
53
-
54
-	/* grant Route routing if route headers present */
55
-	if (loose_route()) { t_relay(); break; };
56
-	
57
-	/* record-route INVITEs -- all subsequent requests must visit us */
58
-	if (method=="INVITE") {
59
-		record_route();
60
-	};
61
-
62
-	# now check if it really is a PSTN destination which should be handled
63
-	# by our gateway; if not, and the request is an invitation, drop it --
64
-	# we cannot terminate it in PSTN; relay non-INVITE requests -- it may
65
-	# be for example BYEs sent by gateway to call originator
66
-	if (!uri=~"sip:\+?[0-9]+@.*") {
67
-		if (method=="INVITE") {
68
-			sl_send_reply("403", "Call cannot be served here");
69
-		} else {
70
-			forward(uri:host, uri:port);
71
-		};
72
-		break;
73
-	}; 
74
-
75
-	# account completed transactions via syslog
76
-	setflag(1);
77
-
78
-	# free call destinations ... no authentication needed
79
-	if ( is_user_in("Request-URI", "free-pstn")  /* free destinations */
80
-			|  uri=~"sip:[79][0-9][0-9][0-9]@.*"  /* local PBX */
81
-			| uri=~"sip:98[0-9][0-9][0-9][0-9]") {
82
-		log("free call");
83
-	} else if (src_ip==192.168.0.10) {
84
-		# our gateway doesn't support digest authentication;
85
-		# verify that a request is coming from it by source
86
-		# address
87
-		log("gateway-originated request");
88
-	} else {
89
-		# in all other cases, we need to check the request against
90
-		# access control lists; first of all, verify request
91
-		# originator's identity
92
-
93
-		if (!proxy_authorize(	"gateway" /* realm */,
94
-				"subscriber" /* table name */))  {
95
-			proxy_challenge( "gateway" /* realm */, "0" /* no qop */ );
96
-			break;
97
-		};
98
-
99
-		# authorize only for INVITEs -- RR/Contact may result in weird
100
-		# things showing up in d-uri that would break our logic; our
101
-		# major concern is INVITE which causes PSTN costs 
102
-
103
-		if (method=="INVITE") {
104
-
105
-			# does the authenticated user have a permission for local
106
-			# calls (destinations beginning with a single zero)? 
107
-			# (i.e., is he in the "local" group?)
108
-			if (uri=~"sip:0[1-9][0-9]+@.*") {
109
-				if (!is_user_in("credentials", "local")) {
110
-					sl_send_reply("403", "No permission for local calls"); 
111
-					break;
112
-				};
113
-			# the same for long-distance (destinations begin with two zeros")
114
-			} else if (uri=~"sip:00[1-9][0-9]+@.*") {
115
-				if (!is_user_in("credentials", "ld")) {
116
-					sl_send_reply("403", " no permission for LD ");
117
-					break;
118
-				};
119
-			# the same for international calls (three zeros)
120
-			} else if (uri=~"sip:000[1-9][0-9]+@.*") {
121
-				if (!is_user_in("credentials", "int")) {
122
-					sl_send_reply("403", "International permissions needed");
123
-					break;
124
-				};
125
-			# everything else (e.g., interplanetary calls) is denied
126
-			} else {
127
-				sl_send_reply("403", "Forbidden");
128
-				break;
129
-			};
130
-
131
-		}; # INVITE to authorized PSTN
132
-
133
-	}; # authorized PSTN
134
-
135
-	# if you have passed through all the checks, let your call go to GW!
136
-
137
-	rewritehostport("192.168.0.10:5060");
138
-
139
-	# forward the request now
140
-	if (!t_relay()) {
141
-		sl_reply_error(); 
142
-		break; 
143
-	};
144
-
145
-}
Browse code

- sql:// changed to mysql:// in all modules

Jan Janak authored on 03/11/2003 13:03:56
Showing 1 changed files
... ...
@@ -20,7 +20,7 @@ loadmodule "modules/uri/uri.so"
20 20
 
21 21
 # ----------------- setting module-specific parameters ---------------
22 22
 
23
-modparam("auth_db", "db_url","sql://ser:heslo@localhost/ser")
23
+modparam("auth_db", "db_url","mysql://ser:heslo@localhost/ser")
24 24
 modparam("auth_db", "calculate_ha1", yes)
25 25
 modparam("auth_db", "password_column", "password")
26 26
 
Browse code

examples aligned to 8.11

Jiri Kuthan authored on 03/06/2003 03:18:12
Showing 1 changed files
... ...
@@ -14,18 +14,21 @@ loadmodule "modules/rr/rr.so"
14 14
 loadmodule "modules/maxfwd/maxfwd.so"
15 15
 loadmodule "modules/mysql/mysql.so"
16 16
 loadmodule "modules/auth/auth.so"
17
+loadmodule "modules/auth_db/auth_db.so"
18
+loadmodule "modules/group/group.so"
19
+loadmodule "modules/uri/uri.so"
17 20
 
18 21
 # ----------------- setting module-specific parameters ---------------
19 22
 
20
-modparam("auth", "db_url","sql://ser:heslo@localhost/ser")
21
-modparam("auth", "calculate_ha1", yes)
22
-modparam("auth", "password_column", "password")
23
+modparam("auth_db", "db_url","sql://ser:heslo@localhost/ser")
24
+modparam("auth_db", "calculate_ha1", yes)
25
+modparam("auth_db", "password_column", "password")
23 26
 
24 27
 # -- acc params --
25 28
 modparam("acc", "log_level", 1)
26 29
 # that is the flag for which we will account -- don't forget to
27 30
 # set the same one :-)
28
-modparam("acc", "acc_flag", 1 )
31
+modparam("acc", "log_flag", 1 )
29 32
 
30 33
 # -------------------------  request routing logic -------------------
31 34
 
... ...
@@ -48,11 +51,12 @@ route{
48 51
 
49 52
 	/* ********* RR ********************************** */
50 53
 
51
-	/* Do strict routing if route headers present */
52
-	rewriteFromRoute();
54
+	/* grant Route routing if route headers present */
55
+	if (loose_route()) { t_relay(); break; };
56
+	
53 57
 	/* record-route INVITEs -- all subsequent requests must visit us */
54 58
 	if (method=="INVITE") {
55
-		addRecordRoute();
59
+		record_route();
56 60
 	};
57 61
 
58 62
 	# now check if it really is a PSTN destination which should be handled
... ...
@@ -102,19 +106,19 @@ route{
102 106
 			# calls (destinations beginning with a single zero)? 
103 107
 			# (i.e., is he in the "local" group?)
104 108
 			if (uri=~"sip:0[1-9][0-9]+@.*") {
105
-				if (!is_in_group("local")) {
109
+				if (!is_user_in("credentials", "local")) {
106 110
 					sl_send_reply("403", "No permission for local calls"); 
107 111
 					break;
108 112
 				};
109 113
 			# the same for long-distance (destinations begin with two zeros")
110 114
 			} else if (uri=~"sip:00[1-9][0-9]+@.*") {
111
-				if (!is_in_group("ld")) {
115
+				if (!is_user_in("credentials", "ld")) {
112 116
 					sl_send_reply("403", " no permission for LD ");
113 117
 					break;
114 118
 				};
115 119
 			# the same for international calls (three zeros)
116 120
 			} else if (uri=~"sip:000[1-9][0-9]+@.*") {
117
-				if (!is_in_group("int")) {
121
+				if (!is_user_in("credentials", "int")) {
118 122
 					sl_send_reply("403", "International permissions needed");
119 123
 					break;
120 124
 				};
Browse code

admin documentation refurbished -- quite many changes, don't want me to list all of them

Jiri Kuthan authored on 09/12/2002 02:32:56
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,141 @@
1
+#
2
+# $Id$
3
+#
4
+# example: ser configured as PSTN gateway guard; PSTN gateway is located
5
+# at 192.168.0.10
6
+#
7
+
8
+# ------------------ module loading ----------------------------------
9
+
10
+loadmodule "modules/sl/sl.so"
11
+loadmodule "modules/tm/tm.so"
12
+loadmodule "modules/acc/acc.so"
13
+loadmodule "modules/rr/rr.so"
14
+loadmodule "modules/maxfwd/maxfwd.so"
15
+loadmodule "modules/mysql/mysql.so"
16
+loadmodule "modules/auth/auth.so"
17
+
18
+# ----------------- setting module-specific parameters ---------------
19
+
20
+modparam("auth", "db_url","sql://ser:heslo@localhost/ser")
21
+modparam("auth", "calculate_ha1", yes)
22
+modparam("auth", "password_column", "password")
23
+
24
+# -- acc params --
25
+modparam("acc", "log_level", 1)
26
+# that is the flag for which we will account -- don't forget to
27
+# set the same one :-)
28
+modparam("acc", "acc_flag", 1 )
29
+
30
+# -------------------------  request routing logic -------------------
31
+
32
+# main routing logic
33
+
34
+route{
35
+
36
+	/* ********* ROUTINE CHECKS  ********************************** */
37
+
38
+	# filter too old messages
39
+	if (!mf_process_maxfwd_header("10")) {
40
+		log("LOG: Too many hops\n");
41
+		sl_send_reply("483","Too Many Hops");
42
+		break;
43
+	};
44
+	if (len_gt( max_len )) {
45
+		sl_send_reply("513", "Wow -- Message too large");
46
+		break;
47
+	};
48
+
49
+	/* ********* RR ********************************** */
50
+
51
+	/* Do strict routing if route headers present */
52
+	rewriteFromRoute();
53
+	/* record-route INVITEs -- all subsequent requests must visit us */
54
+	if (method=="INVITE") {
55
+		addRecordRoute();
56
+	};
57
+
58
+	# now check if it really is a PSTN destination which should be handled
59
+	# by our gateway; if not, and the request is an invitation, drop it --
60
+	# we cannot terminate it in PSTN; relay non-INVITE requests -- it may
61
+	# be for example BYEs sent by gateway to call originator
62
+	if (!uri=~"sip:\+?[0-9]+@.*") {
63
+		if (method=="INVITE") {
64
+			sl_send_reply("403", "Call cannot be served here");
65
+		} else {
66
+			forward(uri:host, uri:port);
67
+		};
68
+		break;
69
+	}; 
70
+
71
+	# account completed transactions via syslog
72
+	setflag(1);
73
+
74
+	# free call destinations ... no authentication needed
75
+	if ( is_user_in("Request-URI", "free-pstn")  /* free destinations */
76
+			|  uri=~"sip:[79][0-9][0-9][0-9]@.*"  /* local PBX */
77
+			| uri=~"sip:98[0-9][0-9][0-9][0-9]") {
78
+		log("free call");
79
+	} else if (src_ip==192.168.0.10) {
80
+		# our gateway doesn't support digest authentication;
81
+		# verify that a request is coming from it by source
82
+		# address
83
+		log("gateway-originated request");
84
+	} else {
85
+		# in all other cases, we need to check the request against
86
+		# access control lists; first of all, verify request
87
+		# originator's identity
88
+
89
+		if (!proxy_authorize(	"gateway" /* realm */,
90
+				"subscriber" /* table name */))  {
91
+			proxy_challenge( "gateway" /* realm */, "0" /* no qop */ );
92
+			break;
93
+		};
94
+
95
+		# authorize only for INVITEs -- RR/Contact may result in weird
96
+		# things showing up in d-uri that would break our logic; our
97
+		# major concern is INVITE which causes PSTN costs 
98
+
99
+		if (method=="INVITE") {
100
+
101
+			# does the authenticated user have a permission for local
102
+			# calls (destinations beginning with a single zero)? 
103
+			# (i.e., is he in the "local" group?)
104
+			if (uri=~"sip:0[1-9][0-9]+@.*") {
105
+				if (!is_in_group("local")) {
106
+					sl_send_reply("403", "No permission for local calls"); 
107
+					break;
108
+				};
109
+			# the same for long-distance (destinations begin with two zeros")
110
+			} else if (uri=~"sip:00[1-9][0-9]+@.*") {
111
+				if (!is_in_group("ld")) {
112
+					sl_send_reply("403", " no permission for LD ");
113
+					break;
114
+				};
115
+			# the same for international calls (three zeros)
116
+			} else if (uri=~"sip:000[1-9][0-9]+@.*") {
117
+				if (!is_in_group("int")) {
118
+					sl_send_reply("403", "International permissions needed");
119
+					break;
120
+				};
121
+			# everything else (e.g., interplanetary calls) is denied
122
+			} else {
123
+				sl_send_reply("403", "Forbidden");
124
+				break;
125
+			};
126
+
127
+		}; # INVITE to authorized PSTN
128
+
129
+	}; # authorized PSTN
130
+
131
+	# if you have passed through all the checks, let your call go to GW!
132
+
133
+	rewritehostport("192.168.0.10:5060");
134
+
135
+	# forward the request now
136
+	if (!t_relay()) {
137
+		sl_reply_error(); 
138
+		break; 
139
+	};
140
+
141
+}