Browse code

modified ser.cfg to work with all the new functions and code. this new version contains a lot more "features" but mainly for demonstration purposes so that the users get an idea what you can do with the config script language/commands. ser-simple.cfg is the successor of the original ser.cfg. ser-simple.cfg contains only the very basic commands for a proxy and regitrar.

Nils Ohlmeier authored on 05/11/2006 18:32:38
Showing 2 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,137 @@
1
+#
2
+# $Id$
3
+#
4
+# This a very basic config file w aliases and anamed route but
5
+# w/o authentication, accouting, database, multi-domain support etc.
6
+# Please refer to ser.cfg for a more complete example
7
+#
8
+
9
+# ----------- global configuration parameters ------------------------
10
+
11
+debug=3         # debug level (cmd line: -dddddddddd)
12
+#memdbg=10 # memory debug message level
13
+#memlog=10 # memory statistics log level
14
+#log_facility=LOG_LOCAL0 # sets the facility used for logging (see syslog(3))
15
+
16
+/* Uncomment these lines to enter debugging mode 
17
+fork=no
18
+log_stderror=yes
19
+*/
20
+
21
+check_via=no    # (cmd. line: -v)
22
+dns=no          # (cmd. line: -r)
23
+rev_dns=no      # (cmd. line: -R)
24
+#port=5060
25
+#children=4
26
+#user=ser
27
+#group=ser
28
+#fifo_user=ser # owner of the ser fifo
29
+#fifo_group=ser
30
+#fifo_mode=0660 # fifo's permissions
31
+#disable_core=yes #disables core dumping
32
+#open_fd_limit=1024 # sets the open file descriptors limit
33
+#mhomed=yes  # usefull for multihomed hosts, small performance penalty
34
+#disable_tcp=yes 
35
+#tcp_accept_aliases=yes # accepts the tcp alias via option (see NEWS)
36
+
37
+#
38
+
39
+# ------------------ module loading ----------------------------------
40
+
41
+loadmodule "/usr/local/lib/ser/modules/sl.so"
42
+loadmodule "/usr/local/lib/ser/modules/tm.so"
43
+loadmodule "/usr/local/lib/ser/modules/rr.so"
44
+loadmodule "/usr/local/lib/ser/modules/textops.so"
45
+loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
46
+loadmodule "/usr/local/lib/ser/modules/usrloc.so"
47
+loadmodule "/usr/local/lib/ser/modules/registrar.so"
48
+loadmodule "/usr/local/lib/ser/modules/ctl.so"
49
+
50
+# ----------------- setting module-specific parameters ---------------
51
+
52
+# -- usrloc params --
53
+
54
+modparam("usrloc", "db_mode",   0)
55
+
56
+# -- rr params --
57
+# add value to ;lr param to make some broken UAs happy
58
+modparam("rr", "enable_full_lr", 1)
59
+
60
+# ctl params
61
+# by default ctl listens on unixs:/tmp/ser_ctl if no other address is
62
+# specified in modparams; this is also the default for sercmd
63
+modparam("ctl", "binrpc", "unixs:/tmp/ser_ctl")
64
+# listen on the "standard" fifo for backward compatibility
65
+modparam("ctl", "fifo", "fifo:/tmp/ser_fifo")
66
+# listen on tcp, localhost
67
+#modparam("ctl", "binrpc", "tcp:localhost:2046")
68
+
69
+# -------------------------  request routing logic -------------------
70
+
71
+# main routing logic
72
+
73
+route{
74
+
75
+	# initial sanity checks -- messages with
76
+	# max_forwards==0, or excessively long requests
77
+	if (!mf_process_maxfwd_header("10")) {
78
+		sl_send_reply("483","Too Many Hops");
79
+		break;
80
+	};
81
+	if (msg:len >=  max_len ) {
82
+		sl_send_reply("513", "Message too big");
83
+		break;
84
+	};
85
+	
86
+	# we record-route all messages -- to make sure that
87
+	# subsequent messages will go through our proxy; that's
88
+	# particularly good if upstream and downstream entities
89
+	# use different transport protocol
90
+	if (!method=="REGISTER") record_route();	
91
+
92
+	# subsequent messages withing a dialog should take the
93
+	# path determined by record-routing
94
+	if (loose_route()) {
95
+		# mark routing logic in request
96
+		append_hf("P-hint: rr-enforced\r\n"); 
97
+		route(FORWARD);
98
+		break;
99
+	};
100
+
101
+	if (!uri==myself) {
102
+		# mark routing logic in request
103
+		append_hf("P-hint: outbound\r\n"); 
104
+		route(FORWARD);
105
+		break;
106
+	};
107
+
108
+	# if the request is for other domain use UsrLoc
109
+	# (in case, it does not work, use the following command
110
+	# with proper names and addresses in it)
111
+	if (uri==myself) {
112
+
113
+		if (method=="REGISTER") {
114
+
115
+			save_contacts("location");
116
+			break;
117
+		};
118
+
119
+		# native SIP destinations are handled using our USRLOC DB
120
+		if (!lookup_contacts("location")) {
121
+			sl_send_reply("404", "Not Found");
122
+			break;
123
+		};
124
+		append_hf("P-hint: usrloc applied\r\n"); 
125
+	};
126
+	route(FORWARD);
127
+}
128
+
129
+route[FORWARD] 
130
+{
131
+	# send it out now; use stateful forwarding as it works reliably
132
+	# even for UDP2TCP
133
+	if (!t_relay()) {
134
+		sl_reply_error();
135
+	};
136
+}
137
+
... ...
@@ -1,15 +1,32 @@
1 1
 #
2 2
 # $Id$
3 3
 #
4
-# simple quick-start config script
4
+
5
+# First start SER sample config script with:
6
+#   database, accounting, authentication, multi-domain support
7
+#   PSTN GW section, named flags, named routes, global-,
8
+#   domain- and user-preferences with AVPs
9
+# Several of these features are only here for demonstration purpose
10
+# what can be achieved with the SER config script language.
5 11
 #
12
+# If you look for a simpler version with a lot less dependencies
13
+# please refer to the ser-simple.cfg file in your SER distribution.
14
+
15
+# To get this config running you need to execute the following commands
16
+# with the new serctl (the capital word are just place holders)
17
+# - ser_ctl domain add DOMAINNAME
18
+# - ser_ctl user add USERNAME@DOMAINNAME -p PASSWORD
19
+# If you want to have PID header for your user
20
+# - ser_attr add uid=UID asserted_id="PID"
21
+# If you want to have gateway support
22
+# - ser_db add attr_types name=gw_ip rich_type=string raw_type=2 description="The gateway IP for the default ser.cfg" default_flags=33
23
+# - ser_attr add global gw_ip=GATEWAY-IP
6 24
 
7 25
 # ----------- global configuration parameters ------------------------
8 26
 
9
-#debug=3         # debug level (cmd line: -dddddddddd)
10
-#fork=yes
11
-#log_stderror=no	# (cmd line: -E)
12
-#memlog=5 # memory debug log level
27
+debug=3         # debug level (cmd line: -dddddddddd)
28
+#memdbg=10 # memory debug log level
29
+#memlog=10 # memory statistics log level
13 30
 #log_facility=LOG_LOCAL0 # sets the facility used for logging (see syslog(3))
14 31
 
15 32
 /* Uncomment these lines to enter debugging mode 
... ...
@@ -17,8 +34,8 @@ fork=no
17 34
 log_stderror=yes
18 35
 */
19 36
 
20
-check_via=no	# (cmd. line: -v)
21
-dns=no           # (cmd. line: -r)
37
+check_via=no    # (cmd. line: -v)
38
+dns=no          # (cmd. line: -r)
22 39
 rev_dns=no      # (cmd. line: -R)
23 40
 #port=5060
24 41
 #children=4
... ...
@@ -37,8 +54,8 @@ rev_dns=no      # (cmd. line: -R)
37 54
 
38 55
 # ------------------ module loading ----------------------------------
39 56
 
40
-# Uncomment this if you want to use SQL database
41
-#loadmodule "/usr/local/lib/ser/modules/mysql.so"
57
+# load a SQL database for authentication, domains, user AVPs etc.
58
+loadmodule "/usr/local/lib/ser/modules/mysql.so"
42 59
 
43 60
 loadmodule "/usr/local/lib/ser/modules/sl.so"
44 61
 loadmodule "/usr/local/lib/ser/modules/tm.so"
... ...
@@ -46,40 +63,62 @@ loadmodule "/usr/local/lib/ser/modules/rr.so"
46 63
 loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
47 64
 loadmodule "/usr/local/lib/ser/modules/usrloc.so"
48 65
 loadmodule "/usr/local/lib/ser/modules/registrar.so"
66
+loadmodule "/usr/local/lib/ser/modules/xlog.so"
49 67
 loadmodule "/usr/local/lib/ser/modules/textops.so"
50 68
 loadmodule "/usr/local/lib/ser/modules/ctl.so"
51
-#loadmodule "/usr/local/lib/ser/modules/fifo.so"
69
+loadmodule "/usr/local/lib/ser/modules/fifo.so"
70
+loadmodule "/usr/local/lib/ser/modules/auth.so"
71
+loadmodule "/usr/local/lib/ser/modules/auth_db.so"
72
+loadmodule "/usr/local/lib/ser/modules/gflags.so"
73
+loadmodule "/usr/local/lib/ser/modules/domain.so"
74
+loadmodule "/usr/local/lib/ser/modules/uri_db.so"
75
+loadmodule "/usr/local/lib/ser/modules/avp.so"
76
+loadmodule "/usr/local/lib/ser/modules/avp_db.so"
77
+loadmodule "/usr/local/lib/ser/modules/acc_db.so"
78
+loadmodule "/usr/local/lib/ser/modules/xmlrpc.so"
79
+
80
+# ----------------- setting script FLAGS -----------------------------
81
+flags
82
+  FLAG_ACC         : 1  # include message in accouting
52 83
 
53
-# Uncomment this if you want digest authentication
54
-# mysql.so must be loaded !
55
-#loadmodule "/usr/local/lib/ser/modules/auth.so"
56
-#loadmodule "/usr/local/lib/ser/modules/auth_db.so"
84
+avpflags
85
+  dialog_cookie;        # handled by rr module
57 86
 
58 87
 # ----------------- setting module-specific parameters ---------------
59 88
 
60
-# -- usrloc params --
89
+# specify the path to you database here
90
+modparam("acc_db|auth_db|domain|gflags|usrloc|uri_db", "db_url", "mysql://ser:heslo@127.0.0.1/ser")
61 91
 
62
-modparam("usrloc", "db_mode",   0)
92
+# -- usrloc params --
63 93
 
64
-# Uncomment this if you want to use SQL database 
65
-# for persistent storage and comment the previous line
66
-#modparam("usrloc", "db_mode", 2)
94
+# as we use the database anyway we will use it for usrloc as well
95
+modparam("usrloc", "db_mode", 1)
67 96
 
68 97
 # -- auth params --
69
-# Uncomment if you are using auth module
70
-#
71
-#modparam("auth_db", "calculate_ha1", yes)
72
-#
73
-# If you set "calculate_ha1" parameter to yes (which true in this config), 
74
-# uncomment also the following parameter)
75
-#
76
-#modparam("auth_db", "password_column", "password")
98
+modparam("auth_db", "calculate_ha1", yes)
99
+modparam("auth_db", "password_column", "password")
77 100
 
78 101
 # -- rr params --
79 102
 # add value to ;lr param to make some broken UAs happy
80 103
 modparam("rr", "enable_full_lr", 1)
104
+#
105
+# limit the length of the AVP cookie to only necessary ones
106
+modparam("rr", "cookie_filter", "(account)")
107
+#
108
+# you probably do not want that someone can simply read and change
109
+# the AVP cookie in your Routes, thus should really change this
110
+# secret value below
111
+modparam("rr", "cookie_secret", "MyRRAVPcookiesecret")
112
+
113
+# -- gflags params --
114
+# load the global AVPs
115
+modparam("gflags", "load_global_attrs", 1)
116
+
117
+# -- domain params --
118
+# load the domain AVPs
119
+modparam("domain", "load_domain_attrs", 1)
81 120
 
82
-# ctl params
121
+# -- ctl params --
83 122
 # by default ctl listens on unixs:/tmp/ser_ctl if no other address is
84 123
 # specified in modparams; this is also the default for sercmd
85 124
 modparam("ctl", "binrpc", "unixs:/tmp/ser_ctl")
... ...
@@ -88,85 +127,320 @@ modparam("ctl", "fifo", "fifo:/tmp/ser_fifo")
88 127
 # listen on tcp, localhost
89 128
 #modparam("ctl", "binrpc", "tcp:localhost:2046")
90 129
 
130
+# -- acc_db params --
131
+modparam("acc_db", "failed_transactions", 1)
132
+
133
+# comment the next line if you dont want to have accouting to DB
134
+modparam("acc_db", "log_flag", "FLAG_ACC")
135
+
91 136
 # -------------------------  request routing logic -------------------
92 137
 
93 138
 # main routing logic
94 139
 
95 140
 route{
141
+	# if you have a PSTN gateway just un-comment the follwoing line and 
142
+	# specify the IP address of it to route calls to it
143
+	#$gw_ip = "1.2.3.4"
144
+
145
+	# first do some initial sanity checks
146
+	route(INIT);
147
+
148
+	# check if the request is routed via Route header or
149
+	# needs a Record-Route header
150
+	route(RR);
151
+
152
+	# check if the request belongs to our proxy
153
+	route(DOMAIN);
154
+
155
+	# handle REGISTER requests
156
+	route(REGISTRAR);
157
+
158
+	# from here on we want to know you is calling
159
+	route(AUTHENTICATION);
160
+
161
+	# check if we should be outbound proxy for a local user
162
+	route(OUTBOUND);
163
+
164
+	# check if the request is for a local user
165
+	route(INBOUND);
166
+
167
+	# here you coud for example try to an ENUM lookup before
168
+	# the call gets routed to the PSTN
169
+	#route(ENUM);
170
+
171
+	# lets see if someone wants to call a PSTN number
172
+	route(PSTN);
173
+
174
+	# nothing matched, reject it finally
175
+	sl_send_reply("404", "No route matched");
176
+}
177
+
178
+route[FORWARD]
179
+{
180
+	# here you could decide wether this call needs a RTP relay or not
181
+
182
+	# send it out now; use stateful forwarding as it works reliably
183
+	# even for UDP2TCP
184
+	if (!t_relay()) {
185
+		sl_reply_error();
186
+	};
187
+	drop;
188
+}
189
+
190
+route[INIT]
191
+{
192
+	# as soon as it is save to distinguish HTTP from SIP
193
+	# we can un-comment the next line
194
+	route(RPC);
96 195
 
97 196
 	# initial sanity checks -- messages with
98 197
 	# max_forwards==0, or excessively long requests
99 198
 	if (!mf_process_maxfwd_header("10")) {
100 199
 		sl_send_reply("483","Too Many Hops");
101
-		break;
200
+		drop;
102 201
 	};
202
+
103 203
 	if (msg:len >=  max_len ) {
104 204
 		sl_send_reply("513", "Message too big");
105
-		break;
205
+		drop;
106 206
 	};
107
-	
108
-	# we record-route all messages -- to make sure that
109
-	# subsequent messages will go through our proxy; that's
110
-	# particularly good if upstream and downstream entities
111
-	# use different transport protocol
112
-	if (!method=="REGISTER") record_route();	
113 207
 
208
+	# you could add some NAT detection here for example
209
+
210
+	# or you cuold call here some of the check from the sanity module
211
+
212
+	# lets account all initial INVITEs and the BYEs
213
+	# if (method=="INVITE" && @to.tag=="" || method=="BYE") {
214
+	if (method=="INVITE" && @to.tag=="") {
215
+		setflag(FLAG_ACC);
216
+	}
217
+}
218
+
219
+route[RPC]
220
+{
221
+	# allow XMLRPC from localhost
222
+	if ((method=="POST" || method=="GET") &&
223
+		src_ip==127.0.0.1) {
224
+
225
+		# add a Via header to the HTTP
226
+		create_via();
227
+
228
+		if (msg:len >= 8192) {
229
+			sl_send_reply("513", "Request to big");
230
+			drop;
231
+		}
232
+
233
+		# lets see if a module want to answer this
234
+		dispatch_rpc();
235
+		drop;
236
+	}
237
+}
238
+
239
+route[RR]
240
+{
114 241
 	# subsequent messages withing a dialog should take the
115 242
 	# path determined by record-routing
116 243
 	if (loose_route()) {
117 244
 		# mark routing logic in request
118 245
 		append_hf("P-hint: rr-enforced\r\n"); 
119
-		route(1);
120
-		break;
121
-	};
122 246
 
123
-	if (!uri==myself) {
124
-		# mark routing logic in request
125
-		append_hf("P-hint: outbound\r\n"); 
126
-		route(1);
127
-		break;
128
-	};
247
+		# if the Route contained the accounting AVP cookie we
248
+		# set the accounting flag for the acc_db module.
249
+		# this is more for demonstration purpose as this could
250
+		# also be solved without RR cookies.
251
+		# Note: this means all in-dialog request will show up in the
252
+		# accouting tables, so prepare your accounting software for this ;-)
253
+		if ($account == "yes") {
254
+			setflag(FLAG_ACC);
255
+		}
129 256
 
130
-	# if the request is for other domain use UsrLoc
131
-	# (in case, it does not work, use the following command
132
-	# with proper names and addresses in it)
133
-	if (uri==myself) {
257
+		# for broken devices which overwrite their Route's with each
258
+		# (not present) RR from within dialog requests it is better
259
+		# to repeat the RRing
260
+		# and if we call rr after loose_route the AVP cookies are restored
261
+		# automatically :)
262
+		record_route();
134 263
 
135
-		if (method=="REGISTER") {
264
+		route(FORWARD);
265
+	} else if (!method=="REGISTER") {
266
+		# we record-route all messages -- to make sure that
267
+		# subsequent messages will go through our proxy; that's
268
+		# particularly good if upstream and downstream entities
269
+		# use different transport protocol
136 270
 
137
-# Uncomment this if you want to use digest authentication
138
-#			if (!www_authorize("iptel.org", "subscriber")) {
139
-#				www_challenge("iptel.org", "0");
140
-#				break;
141
-#			};
271
+		# if the inital INVITE got the ACC flag store this in
272
+		# an RR AVP cookie. this is more for demonstration purpose
273
+		if (isflagset(FLAG_ACC)) {
274
+			$account = "yes";
275
+			setavpflag($account, "dialog_cookie");
276
+		}
142 277
 
143
-			save("location");
144
-			break;
145
-		};
278
+		record_route();
279
+	}
280
+}
146 281
 
147
-		lookup("aliases");
148
-		if (!uri==myself) {
149
-			append_hf("P-hint: outbound alias\r\n"); 
150
-			route(1);
151
-			break;
152
-		};
282
+route[DOMAIN]
283
+{
284
+	# check if the caller is from a local domain
285
+	lookup_domain("$fd", "@from.uri.host");
153 286
 
154
-		# native SIP destinations are handled using our USRLOC DB
155
-		if (!lookup("location")) {
156
-			sl_send_reply("404", "Not Found");
157
-			break;
287
+	# check if the callee is at a local domain
288
+	lookup_domain("$td", "@ruri.host");
289
+
290
+	# we dont know the domain of the caller and also not
291
+	# the domain of the callee -> somone uses our proxy as
292
+	# a relay
293
+	if (!$t.did && !$f.did) {
294
+		sl_send_reply("403", "Relaying Forbidden");
295
+		drop;
296
+	}
297
+}
298
+
299
+route[REGISTRAR]
300
+{
301
+	# if the request is a REGISTER lets take care of it
302
+	if (method=="REGISTER") {
303
+		# check if the REGISTER if for one of our local domains
304
+		if (!$t.did) {
305
+			sl_send_reply("403", "Register forwarding forbidden");
306
+			drop;
307
+		}
308
+
309
+		# we want only authenticated users to be registered
310
+		if (!www_authenticate("$fd.digest_realm", "credentials")) {
311
+			if ($? == -2) {
312
+				sl_send_reply("500", "Internal Server Error");
313
+			} else if ($? == -3) {
314
+				sl_send_reply("400", "Bad Request");
315
+			} else {
316
+				if ($digest_challenge) {
317
+					append_to_reply("%$digest_challenge");
318
+				}
319
+				sl_send_reply("401", "Unauthorized");
320
+			}
321
+			drop;
158 322
 		};
323
+
324
+		# check if the authenticated user is the same as the target user
325
+		if (!lookup_user("$tu", "@from.uri")) {
326
+			sl_send_reply("404", "Unknown user");
327
+			drop;
328
+		}
329
+
330
+		if ($f.uid != $t.uid) {
331
+			sl_send_reply("403", "3rd Party regsitration rejected");
332
+			drop;
333
+		}
334
+
335
+		# everyhting is fine so lets store the binding
336
+		save_contacts("location");
337
+		drop;
159 338
 	};
160
-	append_hf("P-hint: usrloc applied\r\n"); 
161
-	route(1);
162 339
 }
163 340
 
164
-route[1] 
341
+route[AUTHENTICATION]
165 342
 {
166
-	# send it out now; use stateful forwarding as it works reliably
167
-	# even for UDP2TCP
168
-	if (!t_relay()) {
169
-		sl_reply_error();
343
+	if (method=="CANCEL" || method=="ACK") {
344
+		# you are not allowed to challenge these methods
345
+		break;
346
+	}
347
+
348
+	# requests from non-local to local domains should be permitted
349
+	# remove this if you want a walled garden
350
+	if (! $f.did) {
351
+		break;
352
+	}
353
+
354
+	# as gateways are usually not able to authenticate for their
355
+	# requests you will have trust them base on some other information
356
+	# like the source IP address. WARNING: if at all this is only safe
357
+	# in a local network!!!
358
+	#if (src_ip==a.b.c.d) {
359
+	#	break;
360
+	#}
361
+
362
+	if (!proxy_authenticate("$fd.digest_realm", "credentials")) {
363
+		if ($? == -2) {
364
+			sl_send_reply("500", "Internal Server Error");
365
+		} else if ($? == -3) {
366
+			sl_send_reply("400", "Bad Request");
367
+		} else {
368
+			if ($digest_challenge) {
369
+				append_to_reply("%$digest_challenge");
370
+			}
371
+			sl_send_reply("407", "Proxy Authentication Required");
372
+		}
373
+		drop;
374
+	}
375
+
376
+	# check if the UID from the authentication meets the From header
377
+	$authuid = $uid;
378
+	if (!lookup_user("$fu", "@from.uri")) {
379
+		del_attr("$uid");
380
+	}
381
+	if (! ($uid == $authuid)) {
382
+		sl_send_reply("403", "Fake Identity");
383
+		drop;
384
+	}
385
+	# load the user AVPs (preferences) of the caller, e.g. for RPID header
386
+	load_attrs("$fu", "$f.uid");
387
+}
388
+
389
+route[OUTBOUND]
390
+{
391
+	# if a local user calls to a foreign domain we play outbound proxy for him
392
+	# comment this out if you want a walled garden
393
+	if ($f.did && ! $t.did) {
394
+		append_hf("P-hint: outbound\r\n");
395
+		route(FORWARD);
396
+	}
397
+}
398
+
399
+route[INBOUND]
400
+{
401
+	# lets see if know the callee
402
+	if (lookup_user("$tu", "@ruri")) {
403
+
404
+		# maybe you want to consider the preferences of the callee,
405
+		# e.g. voicemail, then load his attributes here
406
+		#load_attrs("$tu", "$t.uid");
407
+
408
+		# if you want to know if the callee username was alias
409
+		# check it like this
410
+		#if (! $tu.uri_canonical) { }
411
+
412
+		# native SIP destinations are handled using our USRLOC DB
413
+		if (lookup_contacts("location")) {
414
+			append_hf("P-hint: usrloc applied\r\n");
415
+			route(FORWARD);
416
+		} else {
417
+			sl_send_reply("480", "User temporarily not available");
418
+			drop;
419
+		}
170 420
 	};
171 421
 }
172 422
 
423
+route[PSTN]
424
+{
425
+	# Only if the AVP 'gw_ip' is set and the request URI contains
426
+	# only a number we consider sending this to the PSTN GW.
427
+	# Only users from a local domain are permitted to make calls.
428
+	# Additionally you might want to check the acl AVP to verify
429
+	# that the user is allowed to make such expensives calls.
430
+	if ($f.did && $gw_ip &&
431
+		uri=~"sips?:\+?[0-9]{3,18}@.*") {
432
+		# probably you need to convert the number in the request
433
+		# URI according to the requirements of your gateway here
434
+
435
+		# if an AVP 'asserted_id' is set we insert an RPID header
436
+		if ($asserted_id) {
437
+			xlset_attr("$rpidheader", "<sip:%$asserted_id@%@ruri.host>;screen=yes");
438
+			replace_attr_hf("Remote-Party-ID", "$rpidheader");
439
+		}
440
+
441
+		# just replace the domain part of the RURI with the
442
+		# value from the AVP and send it out
443
+		attr2uri("$gw_ip", "domain");
444
+		route(FORWARD);
445
+	}
446
+}