etc/obsoleted/backup.cfg
97d65a1e
 #
 # $Id$
 #
 # iptel.org real world configuration
 #
 
 # ----------- global configuration parameters ------------------------
 
 debug=4          # debug level (cmd line: -dddddddddd)
 fork=no
 #log_stderror=no	# (cmd line: -E)
 log_stderror=yes	# (cmd line: -E)
 #check_via=yes     # (cmd. line: -v)
 #check_via=0
 dns=on           # (cmd. line: -r)
 rev_dns=yes      # (cmd. line: -R)
 port=5069
 #port=8060
 children=1
 
 # advertise IP address in Via (as opposed to advertising DNS name
 # which is annoying for downstream servers and some phones can
 # not handle DNS at all)
 listen=195.37.77.100
 #listen=bat.iptel.org
 
 # ------------------ module loading ----------------------------------
 
 loadmodule "../sip_router/modules/sl/sl.so"
 loadmodule "../sip_router/modules/print/print.so"
 #loadmodule "../sip_router/modules/tm/tm.so"
 loadmodule "../sip_router/modules/acc/acc.so"
 loadmodule "../sip_router/modules/rr/rr.so"
 loadmodule "../sip_router/modules/maxfwd/maxfwd.so"
 loadmodule "../sip_router/modules/mysql/mysql.so"
 loadmodule "../sip_router/modules/usrloc/usrloc.so"
 loadmodule "../sip_router/modules/auth/auth.so"
 loadmodule "../sip_router/modules/cpl/cpl.so"
 
 # ----------------- setting module-specific parameters ---------------
 
 # -- usrloc params --
 
 modparam("usrloc", "use_database",   1)
 modparam("usrloc", "table",          "location")
 modparam("usrloc", "user_column",    "user")
 modparam("usrloc", "contact_column", "contact")
 modparam("usrloc", "expires_column", "expires")
 modparam("usrloc", "q_column",       "q")
 modparam("usrloc", "callid_column",  "callid")
 modparam("usrloc", "cseq_column",    "cseq")
 modparam("usrloc", "flush_interval", 60)
 modparam("usrloc", "db_url",         "sql://root:@localhost/ser")
 
 # -- auth params --
 
 modparam("auth", "db_url",        "sql://root:@localhost/ser")
eca3bd17
 modparam("auth", "user_column",   "user")
97d65a1e
 # nonce generation secret; particularly useful if multiple servers
 # in a proxy farm are configured to authenticate
 modparam("auth", "secret",        "439tg8h349g8hq349t9384hg")
 # calculate_ha1=false means password column includes ha1 strings;
 # if it was false, plain-text passwords would be assumed
 
 # the database credentials in hashed form
 modparam("auth", "calculate_ha1", false)
 modparam("auth", "password_column", "ha1")
 # password_column, realm_column, group_table, group_user_column,
 #   group_group_column are set to their default values
 # password_column_2 allows to deal with clients who put domain name
 #   in authentication credentials when calculate_ha1=false (if true,
 #   it works); if set to a value and USER_DOMAIN_HACK was enabled
 #   in defs.h, authentication will still work
 modparam("auth", "password_column_2", "ha1b")
 
 # the database in plain-text alternative:
 #modparam("auth", "calculate_ha1", true )
 #modparam("auth", "password_column", "password")
 
 modparam("auth", "nonce_expire",  300)
 modparam("auth", "retry_count",   3)
 
 # -- acc params --
 # report ACKs too for sake of completeness -- as we account PSTN
 # destinations which are RR, ACKs should show up
 modparam("acc", "report_ack", 1)
 # don't bother me with early media reports (I don't like 183 
 # too much anyway...ever thought of timer C hitting after
 # listening to music-on-hold for five minutes?)
 modparam("acc", "early_media", 0)
 modparam("acc", "log_level", 1)
 # that is the flag for which we will account -- don't forget to
 # set the same one :-)
 modparam("acc", "acc_flag", 1 )
 # we are interested only in succesful transactions
 modparam("acc", "failed_transactions", 0 )
 
 # -- tm params --
 modparam("tm", "fr_timer", 30 )
 modparam("tm", "fr_inv_timer", 60 )
 
 # -------------------------  request routing logic -------------------
 
 # main routing logic
 
 route{
 
 	# filter local stateless ACK generated by authentication of mf replies
 	sl_filter_ACK();
 
 	# filter too old messages
 	log("LOG: Checking maxfwd\n");
 	if (!mf_process_maxfwd_header("10")) {
 		log("LOG: Too many hops\n");
 		sl_send_reply("483","Too Many Hops");
 		break;
 	};
 
 	if (method=="REGISTER") {
 		log("LOG Request is REGISTER\n");
 		if (!www_authorize(	"bat.iptel.org" /* realm */, 
 			 				"subscriber" /* table name */ )) {
 			log("LOG: REGISTER has no credentials, sending challenge\n");
  			www_challenge(	"bat.iptel.org" /* realm */, 
 							"0" /* no qop -- M$ can't deal with it */);
 			break;
 		};
 		# prohibit attempts to grab someone else's To address 
 		# using  valid credentials
 		if (!is_user("replicator")) {
 			log("LOG: To Cheating attempt\n");
 			sl_send_reply("403", "That is ugly -- use To=id next time");
 			break;
 		};
 			
 		# update Contact database
        	log("LOG: REGISTER is authorized, saving location\n");
 		save_contact("location");
 		break;
 	};
 }