Browse code

core: relocated some folders from root and utils to misc

- utils keeps only the applications related to kamailio c code
- the other are now in misc/tools
- utils/misc/vim moved to misc/extra/
- obsolete and scripts folders moved to misc/

Daniel-Constantin Mierla authored on 07/12/2016 11:46:38
Showing 1 changed files
1 1
deleted file mode 100755
... ...
@@ -1,563 +0,0 @@
1
-#!/bin/sh
2
-#
3
-# $Id$
4
-#
5
-# SER configuration script
6
-#
7
-# disclaimer: extremely simplistic and experimental
8
-# useful only for people who know what they are doing
9
-# and want to save some typing
10
-#
11
-# call it to generate a basic script -- you have to
12
-# carry out any subsequent changes manually
13
-#
14
-
15
-# ------------------- Variables ------------------------
16
-
17
-# prompted variables
18
-# SER_DOMAIN -- name of served domain, e.g., foo.bar.com
19
-# SER_GWIP -- IP address of PSTN gateway, e.g. 10.0.0.1
20
-
21
-# parameters that are typically not changed
22
-SER_SQL_URI="mysql://ser:heslo@localhost/ser"
23
-# set LIB_PATH if all modules are installed in a single
24
-# directory; otherwise, modules are sought in 'modules'
25
-# subdirectories
26
-#SER_LIB_PATH="/usr/local/lib/ser/modules"
27
-
28
-
29
-# --------------------- functions ---------------------------
30
-function go_to_pstn()
31
-{
32
-	if [ -n "$SER_GWIP" ] ; then 
33
-		cat << EOGOTOPSTN
34
-	# now check if it's about PSTN destinations through our gateway;
35
-	# note that 8.... is exempted for numerical non-gw destinations
36
-	if (uri=~"sip:\+?[0-79][0-9]*@.*") {
37
-		route(3);
38
-		break;
39
-	}; 
40
-EOGOTOPSTN
41
-	fi
42
-}
43
-
44
-
45
-function addr2re()
46
-{
47
-	echo $1 |  sed -ne "s/\./\\\./gp"
48
-}
49
-
50
-function gw_check()
51
-{
52
-	if [ -n "$SER_GWIP" ] ; then 
53
-		cat << EOGWTEST
54
-		if (uri=~"sip:[+0-9]+@$SER_GWIP_RE") {
55
-			# it is gateway -- proceed to ACLs
56
-			route(3);
57
-			break;
58
-		};
59
-EOGWTEST
60
-	fi
61
-}
62
-
63
-function mine_check()
64
-{
65
-	printf "uri=~\"[@:](sip[\.)?$SER_DOMAIN_TEST_RE([;:].*)*\" $SER_GW_TEST_RE"
66
-}
67
-
68
-function gw_m_check()
69
-{
70
-	if [ -n "$SER_GWIP" ] ; then 
71
-		cat << EOMCHECK
72
-		if (search("^(Contact|m): .*$SER_GWIP_RE")) {
73
-			log(1, "LOG: alert: protected contacts\n");
74
-			sl_send_reply("476", "No Server Address in Contacts Allowed" );
75
-			break;
76
-		};
77
-EOMCHECK
78
-	fi
79
-}
80
-
81
-function help()
82
-{
83
-	cat << EOHELP
84
-Numbering plan is as follows:
85
-- numbers beginning with 8 are considered aliases
86
-- numbers beginning with + are considered ENUM destinations
87
-EOHELP
88
-	if [ -n "$SER_GWIP" ] ; then
89
-		cat << EOHELP2
90
-- all other numbers are considered PSTN destinations
91
-  ... to dial PSTN, a user must have 'int' privilege
92
-EOHELP2
93
-	else
94
-		echo "- all other numbers are considered usernames"
95
-	fi
96
-}
97
-
98
-function usage()
99
-{
100
-	echo "Usage: $0 <domain_name> [<ip_address_of_gateway>]" \
101
-		'> <config_file>' > /dev/stderr
102
-	exit 1
103
-}
104
-
105
-function load_mod()
106
-{
107
-	if [ -n "$SER_LIB_PATH" ] ; then
108
-		echo "loadmodule \"$SER_LIB_PATH/$1.so\""
109
-	else
110
-		echo "loadmodule \"modules/$1/$1.so\""
111
-	fi
112
-}
113
-
114
-# ----------------------- user-parameter check ---------------
115
-# SER_DOMAIN -- name of served domain, e.g., foo.bar.com
116
-# SER_GWIP -- IP address of PSTN gateway, e.g. 10.0.0.1
117
-
118
-if [ $# -gt 0 ] ; then
119
-	SER_DOMAIN="$1"
120
-	shift
121
-	if [ $# -gt 0 ] ; then
122
-		SER_GWIP="$1"
123
-		shift
124
-	fi
125
-	if [ $# -gt 0 ] ; then
126
-		usage
127
-	fi
128
-else
129
-	usage
130
-fi
131
-
132
-# ---------------------- initialization -------------------------
133
-
134
-# autodetection parameters
135
-SER_IP=`/sbin/ifconfig eth0 | 
136
-	sed -ne 's/\( \)*\(inet addr:\)\([0-9\.]*\).*/\3/gp'`
137
-
138
-# construction of regular expressions
139
-SER_IP_RE=`addr2re $SER_IP`
140
-SER_DOMAIN_RE=`addr2re $SER_DOMAIN`
141
-
142
-# tests
143
-# - is this for my domain
144
-SER_DOMAIN_TEST_RE=`printf "($SER_DOMAIN_RE|$SER_IP_RE)"`
145
-# - is this for my gateway ?
146
-if [ -n "$SER_GWIP" ] ; then
147
-	SER_GWIP_RE=`addr2re $SER_GWIP`
148
-	SER_GW_TEST_RE=`printf "| uri=~\"@$SER_GWIP_RE([;:].*)*\""`
149
-fi
150
-
151
-SER_REGISTRAR="registrar@$SER_DOMAIN"
152
-
153
-# ---------------------- verficiation --------------------------
154
-set | grep ^SER_ > /dev/stderr
155
-echo > /dev/stderr
156
-echo "IS EVERYTHING OK ???? (press ^C to interrupt)" > /dev/stderr
157
-read
158
-
159
-
160
-# --------------------- dump it here -------------------------
161
-
162
-cat << EOF
163
-
164
-#
165
-# \$Id$
166
-#
167
-# autogenerated SER configuration 
168
-#
169
-# user: `id`
170
-# system: `uname -a`
171
-# date: `date`
172
-#
173
-
174
-# ----------- global configuration parameters ------------------------
175
-
176
-debug=3
177
-fork=yes
178
-port=5060
179
-log_stderror=no
180
-memlog=5
181
-
182
-mhomed=yes
183
-
184
-fifo="/tmp/ser_fifo"
185
-
186
-alias=$SER_DOMAIN
187
-
188
-# uncomment to override config values for test 
189
-/* 
190
-debug=3             # debug level (cmd line: -ddd)
191
-fork=no
192
-port=5068
193
-log_stderror=yes	# (cmd line: -E)
194
-fifo="/tmp/ser_fifox"
195
- */
196
-
197
-
198
-check_via=no		# (cmd. line: -v)
199
-dns=no              # (cmd. line: -r)
200
-rev_dns=no          # (cmd. line: -R)
201
-children=16
202
-# if changing fifo mode to a more restrictive value, put
203
-# decimal value in there, e.g. dec(rw|rw|rw)=dec(666)=438
204
-#fifo_mode=438
205
-
206
-# ------------------ module loading ----------------------------------
207
-
208
-`load_mod tm`
209
-`load_mod sl`
210
-`load_mod acc`
211
-`load_mod rr`
212
-`load_mod maxfwd`
213
-`load_mod mysql`
214
-`load_mod usrloc`
215
-`load_mod registrar`
216
-`load_mod auth`
217
-`load_mod auth_db`
218
-`load_mod textops`
219
-`load_mod uri`
220
-`load_mod group`
221
-`load_mod msilo`
222
-`load_mod enum`
223
-
224
-
225
-
226
-# ----------------- setting module-specific parameters ---------------
227
-
228
-# all DB urls here
229
-modparam("usrloc|acc|auth_db|group|msilo|uri", "db_url",
230
-	"$SER_SQL_URI")
231
-
232
-# -- usrloc params --
233
-/* 0 -- dont use mysql, 1 -- write_through, 2--write_back */
234
-modparam("usrloc", "db_mode",   2)
235
-modparam("usrloc", "timer_interval", 10)
236
-
237
-# -- auth params --
238
-
239
-modparam("auth_db", "calculate_ha1", yes)
240
-#modparam("auth_db", "user_column",   "user_id")
241
-modparam("auth_db", "password_column",   "password")
242
-modparam("auth", "nonce_expire",  300)
243
-
244
-# -- rr params --
245
-# add value to ;lr param to make some broken UAs happy
246
-modparam("rr", "enable_full_lr", 1)
247
-
248
-# -- acc params --
249
-# that is the flag for which we will account -- don't forget to
250
-modparam("acc", "db_flag", 1 )
251
-modparam("acc", "db_missed_flag", 3 )
252
-
253
-# -- tm params --
254
-modparam("tm", "fr_timer", 20 )
255
-modparam("tm", "fr_inv_timer", 90 )
256
-modparam("tm", "wt_timer", 20 )
257
-
258
-# -- msilo params
259
-modparam("msilo", "registrar", "sip:$SER_REGISTRAR")
260
-
261
-# -- enum params --
262
-#
263
-modparam("enum", "domain_suffix", "e164.arpa.")
264
-
265
-
266
-# -------------------------  request routing logic -------------------
267
-
268
-# main routing logic
269
-
270
-route{
271
-
272
-	/* ********* ROUTINE CHECKS  ********************************** */
273
-
274
-	# filter too old messages
275
-	if (!mf_process_maxfwd_header("10")) {
276
-		log("LOG: Too many hops\n");
277
-		sl_send_reply("483","Alas Too Many Hops");
278
-		break;
279
-	};
280
-	if (len_gt( max_len )) {
281
-		sl_send_reply("513", "Message too large sorry");
282
-		break;
283
-	};
284
-
285
-
286
-	# Make sure that requests dont advertise addresses 
287
-	# from private IP space (RFC1918) in Contact HF
288
-	# (note: does not match with folded lines)
289
-	if (search("^(Contact|m): .*@(192\.168\.|10\.|172\.16)")) {
290
-		# allow RR-ed requests, as these may indicate that
291
-		# a NAT-enabled proxy takes care of it; unless it is
292
-		# a REGISTER
293
-		if ((method=="REGISTER" || ! search("^Record-Route:")) 
294
-					&& !( src_ip==192.168.0.0/16 ||
295
-						src_ip==10.0.0.0/8 || src_ip==172.16.0.0/12 )) {
296
-			log("LOG: Someone trying to register from private IP again\n");
297
-			sl_send_reply("479", "We dont accept private IP contacts" );
298
-			break;
299
-		};
300
-	};
301
-
302
-	# anti-spam -- if somene claims to belong to our domain in From,
303
-	# challenge him (skip REGISTERs -- we will chalenge them later)
304
-	if (search("(From|F):.*$SER_DOMAIN_TEST_RE")) {
305
-		# invites forwarded to other domains, like FWD may cause subsequent 
306
-		# request to come from there but have iptel in From -> verify
307
-		# only INVITEs (ignore FIFO/UAC's requests, i.e. src_ip==myself)
308
-		if (method=="INVITE" &  !(src_ip==$SER_IP)) {
309
-			if  (!(proxy_authorize(	"$SER_DOMAIN" /* realm */,
310
-					"subscriber" /* table name */ ))) {
311
-				proxy_challenge("$SER_DOMAIN" /* realm */, "0" /* no-qop */);
312
-				break;
313
-			};
314
-			# to maintain outside credibility of our proxy, we enforce
315
-			# username in From to equal digest username; user with
316
-			# "john.doe" id could advertise "bill.gates" in From otherwise;
317
-			if (!check_from()) {
318
-				log("LOG: From Cheating attempt in INVITE\n");
319
-				sl_send_reply("403", "That is ugly -- use From=id next time (OB)");
320
-				break;
321
-			};
322
-            		# we better don't consume credentials -- some requests may be
323
-            		# spiraled through our server (sfo@iptel->7141@iptel) and the
324
-            		# subsequent iteration may challenge too, for example because of
325
-            		# iptel claim in From; UACs then give up because they
326
-        		# already submitted credentials for the given realm
327
-			#consume_credentials();
328
-		}; # INVITEs claiming to come from our domain
329
-	} else if (method=="INVITE" && !(uri=~"[@:\.]$SER_DOMAIN_TEST_RE([;:].*)*" 
330
-			# ... and we serve our gateway too if present
331
-			$SER_GW_TEST_RE )) {
332
-		#the INVITE neither claims to come from our domain nor is it targeted to it
333
-		# -> junk it
334
-		sl_send_reply("403", "No relaying");
335
-		break;
336
-	};
337
-
338
-
339
-	/* ********* RR ********************************** */
340
-	# to be safe, record route everything; UAs may use different
341
-	# transport protocols and need to have SER in path
342
-	record_route();
343
-	# if route forces us to forward to some explicit destination,
344
-	# do so; check however first that a cheater didn't preload 
345
-	# a gateway destination to bypass PSTN ACLs
346
-
347
-	if (loose_route()) {
348
-		`gw_check`
349
-		# route HF determined next hop; forward there
350
-		append_hf("P-hint: rr-enforced\r\n");
351
-		t_relay();
352
-		break;
353
-	};
354
-
355
-
356
-	/*  *********  check for requests targeted out of our domain... ******* */
357
-	# sign of our domain: there is '@' (username) or  : (nothing) in 
358
-	# front of our domain name	; ('.' is not there -- we handle all
359
-	# xxx.iptel.org as outbound hosts);if none of these cases matches, 
360
-	# proceed with processing of outbound requests in route[2]
361
-	if (!(`mine_check`)) {
362
-		route(2);
363
-		break;
364
-	};
365
-
366
-
367
-	/* ************ requests for our domain ********** */
368
-
369
-
370
-	/* now, the request is for sure for our domain */
371
-
372
-
373
-	# registers always MUST be authenticated to
374
-	# avoid stealing incoming calls	
375
-	if (method=="REGISTER") {
376
-
377
-		# Make sure that user's dont register infinite loops
378
-		# (note: does not match with folded lines)
379
-		if (search("^(Contact|m): .*@$SER_DOMAIN_TEST_RE")) {
380
-			log(1, "LOG: alert: someone trying to set aor==contact\n");
381
-			sl_send_reply("476", "No Server Address in Contacts Allowed" );
382
-			break;
383
-		};
384
-		`gw_m_check`
385
-
386
-		if (!www_authorize(	"$SER_DOMAIN" /* realm */, 
387
-			 				"subscriber" /* table name */ )) {
388
-			# challenge if none or invalid credentials
389
- 			www_challenge(	"$SER_DOMAIN" /* realm */, 
390
-							"0" /* no qop -- some phones can't deal with it */);
391
-			break;
392
-		};
393
-
394
-		# prohibit attempts to grab someone else's To address 
395
-		# using  valid credentials; 
396
-
397
-		if (!check_to()) {
398
-			log("LOG: To Cheating attempt\n");
399
-			sl_send_reply("403", "That is ugly -- use To=id in REGISTERs");
400
-			break;
401
-		};
402
-		# it is an authenticated request, update Contact database now
403
-		if (!save("location")) {
404
-			sl_reply_error();
405
-		};
406
-		m_dump();
407
-		break;
408
-	};
409
-
410
-	# some UACs might be fooled by Contacts our UACs generate to make MSN 
411
-	# happy (web-im, e.g.) -- tell its urneachable
412
-	if (uri=~"sip:daemon@" ) {
413
-		sl_send_reply("410", "daemon is gone");
414
-		break;
415
-	};
416
-
417
-	# is this an ENUM destination (leading +?)? give it a try, if the lookup
418
-	# doesn't change URI, just continue
419
-	if (uri=~"sip:\+[0-9]+@") {
420
-		if (!enum_query("voice")) { # if parameter empty, it defaults to "e2u+sip"
421
-			enum_query(""); # E2U+sip
422
-		};
423
-	} else {
424
-		# aliases  (take precedences over PSTN number; provisioning interface
425
-		# is set up to assinge aliases beginning with 8)
426
-		lookup("aliases");
427
-	};
428
-
429
-
430
-	# check again, if it is still for our domain after aliases are resolved
431
-	if (!(`mine_check`)) {
432
-		route(5);
433
-		break;
434
-	};
435
-
436
-	`go_to_pstn`
437
-
438
-	# native SIP destinations are handled using our USRLOC DB
439
-	if (!lookup("location")) {
440
-		# handle user which was not found ...
441
-		route(4);
442
-		break;
443
-	};
444
-	# check whether some inventive user has uploaded  gateway 
445
-	# contacts to UsrLoc to bypass our authorization logic
446
-	`gw_check`
447
-
448
-	/* ... and also report on missed calls ... */
449
-	setflag(3);
450
-
451
-	# we now know we may, we know where, let it go out now!
452
-	append_hf("P-hint: USRLOC\r\n");
453
-	if (!t_relay()) {
454
-		sl_reply_error();
455
-		break;
456
-	};
457
-}
458
-#------------------- OUTBOUND ----------------------------------------
459
-
460
-# routing logic for outbound requests targeted out of our domain
461
-# (keep in mind messages to our users can end up here too: for example,
462
-#  an INVITE may be UsrLoc-ed, then the other party uses outbound
463
-#  proxy with r-uri=the usr_loced addredd (typically IP))
464
-route[2] {
465
-	append_hf("P-hint: OUTBOUND\r\n");
466
-	t_relay();
467
-}
468
-
469
-#------- ALIASED OUTBOUND --------------------------------------------
470
-
471
-# routing logic for inbound requests aliased outbound; unlike
472
-# with real outbound requests we do not force authentication
473
-# as these calls are server by our server and we do not want
474
-# to disqualify unathenticated request originatiors from other
475
-# domains
476
-route[5] {
477
-	append_hf("P-hint: ALIASED-OUTBOUND\r\n");
478
-	t_relay();
479
-}
480
-
481
-#----------------- PSTN ----------------------------------------------
482
-
483
-# logic for calls to the PSTN
484
-route[3] {
485
-	# turn accounting on
486
-	setflag(1);
487
-
488
-	/* require all who call PSTN to be members of the "int" group;
489
-	   apply ACLs only to INVITEs -- we don't need to protect other requests, as they
490
-	   don't imply charges; also it could cause troubles when a call comes in via PSTN
491
-	   and goes to a party that can't authenticate (voicemail, other domain) -- BYEs would
492
-	   fail then; exempt Cisco gateway from authentication by IP address -- it does not
493
-	   support digest
494
-	*/
495
-	if (method=="INVITE" && (!src_ip==$SER_GWIP)) {
496
-		if (!proxy_authorize(	"$SER_DOMAIN" /* realm */,
497
-						"subscriber" /* table name */))  {
498
-			proxy_challenge( "$SER_DOMAIN" /* realm */, "0" /* no qop */ );
499
-			break;
500
-		};
501
-		# let's check from=id ... avoids accounting confusion
502
-		if (method=="INVITE" & !check_from()) {
503
-			log("LOG: From Cheating attempt\n");
504
-			sl_send_reply("403", "That is ugly -- use From=id next time (gw)");
505
-			break;
506
-		};
507
-
508
-		if(!is_user_in("credentials", "int")) {
509
-			sl_send_reply("403", "NO PSTN Privileges...");
510
-			break;
511
-		};
512
-		consume_credentials();
513
-
514
-	}; # INVITE to authorized PSTN
515
-
516
-	# if you have passed through all the checks, let your call go to GW!
517
-	rewritehostport("$SER_GWIP:5060");
518
-
519
-	# snom conditioner
520
-	if (method=="INVITE" && search("User-Agent: snom")) {
521
-		replace("100rel, ", "");
522
-	};
523
-
524
-	append_hf("P-hint: GATEWAY\r\n");
525
-	# use UDP to guarantee well-known sender port (TCP ephemeral)
526
-	t_relay_to_udp("$SER_GWIP","5060");
527
-}
528
-
529
-
530
-
531
-/* *********** handling of unavailable user ******************* */
532
-
533
-route[4] {
534
-/**/
535
-	# message store 
536
-	if (method=="MESSAGE") {
537
-		t_newtran();
538
-		if (m_store("0")) {
539
-			t_reply("202", "Accepted for Later Delivery");
540
-		} else {
541
-			t_reply("503", "Service Unavailable");
542
-		};
543
-		break;
544
-	};
545
-/**/
546
-	# non-Voip -- just send "off-line"
547
-	if (!(method=="INVITE" || method=="ACK" || method=="CANCEL")) {
548
-		sl_send_reply("404", "Not Found");
549
-		break;
550
-	};
551
-	# voicemail subscribers ...
552
-	t_newtran();
553
-	t_reply("404", "Not Found");
554
-	# we account missed incoming calls; previous statteful processing
555
-	# guarantees that retransmissions are not accounted
556
-	if (method=="INVITE") {
557
-		acc_db_request("404 missed call", "missed_calls");
558
-	};
559
-}
560
-
561
-EOF
562
-
563
-help > /dev/stderr
Browse code

- sql:// changed to mysql:// in all modules

Jan Janak authored on 03/11/2003 13:03:56
Showing 1 changed files
... ...
@@ -19,7 +19,7 @@
19 19
 # SER_GWIP -- IP address of PSTN gateway, e.g. 10.0.0.1
20 20
 
21 21
 # parameters that are typically not changed
22
-SER_SQL_URI="sql://ser:heslo@localhost/ser"
22
+SER_SQL_URI="mysql://ser:heslo@localhost/ser"
23 23
 # set LIB_PATH if all modules are installed in a single
24 24
 # directory; otherwise, modules are sought in 'modules'
25 25
 # subdirectories
Browse code

stable changes projected to developer's

Jiri Kuthan authored on 13/08/2003 20:53:04
Showing 1 changed files
1 1
new file mode 100755
... ...
@@ -0,0 +1,563 @@
1
+#!/bin/sh
2
+#
3
+# $Id$
4
+#
5
+# SER configuration script
6
+#
7
+# disclaimer: extremely simplistic and experimental
8
+# useful only for people who know what they are doing
9
+# and want to save some typing
10
+#
11
+# call it to generate a basic script -- you have to
12
+# carry out any subsequent changes manually
13
+#
14
+
15
+# ------------------- Variables ------------------------
16
+
17
+# prompted variables
18
+# SER_DOMAIN -- name of served domain, e.g., foo.bar.com
19
+# SER_GWIP -- IP address of PSTN gateway, e.g. 10.0.0.1
20
+
21
+# parameters that are typically not changed
22
+SER_SQL_URI="sql://ser:heslo@localhost/ser"
23
+# set LIB_PATH if all modules are installed in a single
24
+# directory; otherwise, modules are sought in 'modules'
25
+# subdirectories
26
+#SER_LIB_PATH="/usr/local/lib/ser/modules"
27
+
28
+
29
+# --------------------- functions ---------------------------
30
+function go_to_pstn()
31
+{
32
+	if [ -n "$SER_GWIP" ] ; then 
33
+		cat << EOGOTOPSTN
34
+	# now check if it's about PSTN destinations through our gateway;
35
+	# note that 8.... is exempted for numerical non-gw destinations
36
+	if (uri=~"sip:\+?[0-79][0-9]*@.*") {
37
+		route(3);
38
+		break;
39
+	}; 
40
+EOGOTOPSTN
41
+	fi
42
+}
43
+
44
+
45
+function addr2re()
46
+{
47
+	echo $1 |  sed -ne "s/\./\\\./gp"
48
+}
49
+
50
+function gw_check()
51
+{
52
+	if [ -n "$SER_GWIP" ] ; then 
53
+		cat << EOGWTEST
54
+		if (uri=~"sip:[+0-9]+@$SER_GWIP_RE") {
55
+			# it is gateway -- proceed to ACLs
56
+			route(3);
57
+			break;
58
+		};
59
+EOGWTEST
60
+	fi
61
+}
62
+
63
+function mine_check()
64
+{
65
+	printf "uri=~\"[@:](sip[\.)?$SER_DOMAIN_TEST_RE([;:].*)*\" $SER_GW_TEST_RE"
66
+}
67
+
68
+function gw_m_check()
69
+{
70
+	if [ -n "$SER_GWIP" ] ; then 
71
+		cat << EOMCHECK
72
+		if (search("^(Contact|m): .*$SER_GWIP_RE")) {
73
+			log(1, "LOG: alert: protected contacts\n");
74
+			sl_send_reply("476", "No Server Address in Contacts Allowed" );
75
+			break;
76
+		};
77
+EOMCHECK
78
+	fi
79
+}
80
+
81
+function help()
82
+{
83
+	cat << EOHELP
84
+Numbering plan is as follows:
85
+- numbers beginning with 8 are considered aliases
86
+- numbers beginning with + are considered ENUM destinations
87
+EOHELP
88
+	if [ -n "$SER_GWIP" ] ; then
89
+		cat << EOHELP2
90
+- all other numbers are considered PSTN destinations
91
+  ... to dial PSTN, a user must have 'int' privilege
92
+EOHELP2
93
+	else
94
+		echo "- all other numbers are considered usernames"
95
+	fi
96
+}
97
+
98
+function usage()
99
+{
100
+	echo "Usage: $0 <domain_name> [<ip_address_of_gateway>]" \
101
+		'> <config_file>' > /dev/stderr
102
+	exit 1
103
+}
104
+
105
+function load_mod()
106
+{
107
+	if [ -n "$SER_LIB_PATH" ] ; then
108
+		echo "loadmodule \"$SER_LIB_PATH/$1.so\""
109
+	else
110
+		echo "loadmodule \"modules/$1/$1.so\""
111
+	fi
112
+}
113
+
114
+# ----------------------- user-parameter check ---------------
115
+# SER_DOMAIN -- name of served domain, e.g., foo.bar.com
116
+# SER_GWIP -- IP address of PSTN gateway, e.g. 10.0.0.1
117
+
118
+if [ $# -gt 0 ] ; then
119
+	SER_DOMAIN="$1"
120
+	shift
121
+	if [ $# -gt 0 ] ; then
122
+		SER_GWIP="$1"
123
+		shift
124
+	fi
125
+	if [ $# -gt 0 ] ; then
126
+		usage
127
+	fi
128
+else
129
+	usage
130
+fi
131
+
132
+# ---------------------- initialization -------------------------
133
+
134
+# autodetection parameters
135
+SER_IP=`/sbin/ifconfig eth0 | 
136
+	sed -ne 's/\( \)*\(inet addr:\)\([0-9\.]*\).*/\3/gp'`
137
+
138
+# construction of regular expressions
139
+SER_IP_RE=`addr2re $SER_IP`
140
+SER_DOMAIN_RE=`addr2re $SER_DOMAIN`
141
+
142
+# tests
143
+# - is this for my domain
144
+SER_DOMAIN_TEST_RE=`printf "($SER_DOMAIN_RE|$SER_IP_RE)"`
145
+# - is this for my gateway ?
146
+if [ -n "$SER_GWIP" ] ; then
147
+	SER_GWIP_RE=`addr2re $SER_GWIP`
148
+	SER_GW_TEST_RE=`printf "| uri=~\"@$SER_GWIP_RE([;:].*)*\""`
149
+fi
150
+
151
+SER_REGISTRAR="registrar@$SER_DOMAIN"
152
+
153
+# ---------------------- verficiation --------------------------
154
+set | grep ^SER_ > /dev/stderr
155
+echo > /dev/stderr
156
+echo "IS EVERYTHING OK ???? (press ^C to interrupt)" > /dev/stderr
157
+read
158
+
159
+
160
+# --------------------- dump it here -------------------------
161
+
162
+cat << EOF
163
+
164
+#
165
+# \$Id$
166
+#
167
+# autogenerated SER configuration 
168
+#
169
+# user: `id`
170
+# system: `uname -a`
171
+# date: `date`
172
+#
173
+
174
+# ----------- global configuration parameters ------------------------
175
+
176
+debug=3
177
+fork=yes
178
+port=5060
179
+log_stderror=no
180
+memlog=5
181
+
182
+mhomed=yes
183
+
184
+fifo="/tmp/ser_fifo"
185
+
186
+alias=$SER_DOMAIN
187
+
188
+# uncomment to override config values for test 
189
+/* 
190
+debug=3             # debug level (cmd line: -ddd)
191
+fork=no
192
+port=5068
193
+log_stderror=yes	# (cmd line: -E)
194
+fifo="/tmp/ser_fifox"
195
+ */
196
+
197
+
198
+check_via=no		# (cmd. line: -v)
199
+dns=no              # (cmd. line: -r)
200
+rev_dns=no          # (cmd. line: -R)
201
+children=16
202
+# if changing fifo mode to a more restrictive value, put
203
+# decimal value in there, e.g. dec(rw|rw|rw)=dec(666)=438
204
+#fifo_mode=438
205
+
206
+# ------------------ module loading ----------------------------------
207
+
208
+`load_mod tm`
209
+`load_mod sl`
210
+`load_mod acc`
211
+`load_mod rr`
212
+`load_mod maxfwd`
213
+`load_mod mysql`
214
+`load_mod usrloc`
215
+`load_mod registrar`
216
+`load_mod auth`
217
+`load_mod auth_db`
218
+`load_mod textops`
219
+`load_mod uri`
220
+`load_mod group`
221
+`load_mod msilo`
222
+`load_mod enum`
223
+
224
+
225
+
226
+# ----------------- setting module-specific parameters ---------------
227
+
228
+# all DB urls here
229
+modparam("usrloc|acc|auth_db|group|msilo|uri", "db_url",
230
+	"$SER_SQL_URI")
231
+
232
+# -- usrloc params --
233
+/* 0 -- dont use mysql, 1 -- write_through, 2--write_back */
234
+modparam("usrloc", "db_mode",   2)
235
+modparam("usrloc", "timer_interval", 10)
236
+
237
+# -- auth params --
238
+
239
+modparam("auth_db", "calculate_ha1", yes)
240
+#modparam("auth_db", "user_column",   "user_id")
241
+modparam("auth_db", "password_column",   "password")
242
+modparam("auth", "nonce_expire",  300)
243
+
244
+# -- rr params --
245
+# add value to ;lr param to make some broken UAs happy
246
+modparam("rr", "enable_full_lr", 1)
247
+
248
+# -- acc params --
249
+# that is the flag for which we will account -- don't forget to
250
+modparam("acc", "db_flag", 1 )
251
+modparam("acc", "db_missed_flag", 3 )
252
+
253
+# -- tm params --
254
+modparam("tm", "fr_timer", 20 )
255
+modparam("tm", "fr_inv_timer", 90 )
256
+modparam("tm", "wt_timer", 20 )
257
+
258
+# -- msilo params
259
+modparam("msilo", "registrar", "sip:$SER_REGISTRAR")
260
+
261
+# -- enum params --
262
+#
263
+modparam("enum", "domain_suffix", "e164.arpa.")
264
+
265
+
266
+# -------------------------  request routing logic -------------------
267
+
268
+# main routing logic
269
+
270
+route{
271
+
272
+	/* ********* ROUTINE CHECKS  ********************************** */
273
+
274
+	# filter too old messages
275
+	if (!mf_process_maxfwd_header("10")) {
276
+		log("LOG: Too many hops\n");
277
+		sl_send_reply("483","Alas Too Many Hops");
278
+		break;
279
+	};
280
+	if (len_gt( max_len )) {
281
+		sl_send_reply("513", "Message too large sorry");
282
+		break;
283
+	};
284
+
285
+
286
+	# Make sure that requests dont advertise addresses 
287
+	# from private IP space (RFC1918) in Contact HF
288
+	# (note: does not match with folded lines)
289
+	if (search("^(Contact|m): .*@(192\.168\.|10\.|172\.16)")) {
290
+		# allow RR-ed requests, as these may indicate that
291
+		# a NAT-enabled proxy takes care of it; unless it is
292
+		# a REGISTER
293
+		if ((method=="REGISTER" || ! search("^Record-Route:")) 
294
+					&& !( src_ip==192.168.0.0/16 ||
295
+						src_ip==10.0.0.0/8 || src_ip==172.16.0.0/12 )) {
296
+			log("LOG: Someone trying to register from private IP again\n");
297
+			sl_send_reply("479", "We dont accept private IP contacts" );
298
+			break;
299
+		};
300
+	};
301
+
302
+	# anti-spam -- if somene claims to belong to our domain in From,
303
+	# challenge him (skip REGISTERs -- we will chalenge them later)
304
+	if (search("(From|F):.*$SER_DOMAIN_TEST_RE")) {
305
+		# invites forwarded to other domains, like FWD may cause subsequent 
306
+		# request to come from there but have iptel in From -> verify
307
+		# only INVITEs (ignore FIFO/UAC's requests, i.e. src_ip==myself)
308
+		if (method=="INVITE" &  !(src_ip==$SER_IP)) {
309
+			if  (!(proxy_authorize(	"$SER_DOMAIN" /* realm */,
310
+					"subscriber" /* table name */ ))) {
311
+				proxy_challenge("$SER_DOMAIN" /* realm */, "0" /* no-qop */);
312
+				break;
313
+			};
314
+			# to maintain outside credibility of our proxy, we enforce
315
+			# username in From to equal digest username; user with
316
+			# "john.doe" id could advertise "bill.gates" in From otherwise;
317
+			if (!check_from()) {
318
+				log("LOG: From Cheating attempt in INVITE\n");
319
+				sl_send_reply("403", "That is ugly -- use From=id next time (OB)");
320
+				break;
321
+			};
322
+            		# we better don't consume credentials -- some requests may be
323
+            		# spiraled through our server (sfo@iptel->7141@iptel) and the
324
+            		# subsequent iteration may challenge too, for example because of
325
+            		# iptel claim in From; UACs then give up because they
326
+        		# already submitted credentials for the given realm
327
+			#consume_credentials();
328
+		}; # INVITEs claiming to come from our domain