Browse code

doc: Fix typos

Bastian Triller authored on 05/05/2022 16:19:21 • Henning Westerholt committed on 08/05/2022 15:30:14
Showing 1 changed files
... ...
@@ -338,7 +338,7 @@ modules:
338 338
                           the retransmissions which would otherwise be 
339 339
                           challenged). The major advantage is greatly 
340 340
                           enhanced security (extremely small probability of
341
-                          a succesfull replay attack) combine with support
341
+                          a successful replay attack) combine with support
342 342
                           for cached credentials (if the UAs do support qop 
343 343
                           and auth)
344 344
                        - nc_array_size - size of the array used for storing
Browse code

doc: update URL changelog references in NEWS file

Henning Westerholt authored on 11/08/2019 09:54:38
Showing 1 changed files
... ...
@@ -7,6 +7,9 @@ notes for previous versions are posted below.
7 7
 
8 8
 For releases after 3.1, please visit:
9 9
 
10
+https://www.kamailio.org/wiki/features/new-in-5.2.x
11
+https://www.kamailio.org/wiki/features/new-in-5.1.x
12
+https://www.kamailio.org/wiki/features/new-in-5.0.x
10 13
 http://www.kamailio.org/wiki/features/new-in-4.4.x
11 14
 http://www.kamailio.org/wiki/features/new-in-4.3.x
12 15
 http://www.kamailio.org/wiki/features/new-in-4.2.x
Browse code

relocated old and not maintained text files from root to doc/misc

Daniel-Constantin Mierla authored on 07/12/2016 16:12:25
Showing 1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,1459 @@
1
+Release notes for Kamailio/SIP Router (sr)
2
+***********************************************
3
+
4
+Starting with release 3.2, release notes have
5
+been posted to the Kamailio website. Release
6
+notes for previous versions are posted below.
7
+
8
+For releases after 3.1, please visit:
9
+
10
+http://www.kamailio.org/wiki/features/new-in-4.4.x
11
+http://www.kamailio.org/wiki/features/new-in-4.3.x
12
+http://www.kamailio.org/wiki/features/new-in-4.2.x
13
+http://www.kamailio.org/wiki/features/new-in-4.1.x
14
+http://www.kamailio.org/wiki/features/new-in-4.0.x
15
+http://www.kamailio.org/wiki/features/new-in-3.3.x
16
+http://www.kamailio.org/wiki/features/new-in-3.2.x
17
+
18
+Earlier verisons are listed below.
19
+===================================================
20
+
21
+sip-router 3.1 changes
22
+
23
+core:
24
+  - Dragonfly BSD support
25
+  - statistics / counters support for tcp and sctp (enable by default)
26
+  - statistics / counters api
27
+  - networks addresses support in ip comparisons (src_ip, dst_ip, to_ip)
28
+    with strings or rvalue expressions.
29
+    E.g.: $ip=10.0.0.0;  if (src_ip == $ip +"/8") ....
30
+  - lots of module functions automatically support now expressions or
31
+      variables in function parameters. This applies to all the module
32
+      functions declared without a fixup, with a fixup and the corresponding
33
+      free_fixup function or with a compatible ser or kamailio style standard
34
+      fixup (declared in sr_module.h or mod_fix.h).
35
+      E.g.: f($a, "b = " + $b);  t_set_fr($v + 2 + $x).
36
+            t_set_fr($foo) (equivalent now with t_set_fr("$foo")).
37
+  - all the module functions can now be called with any constant expression
38
+      as parameters. E.g.: f("7 *" +" 6 = " + 7 * 6);
39
+  - major performance increase on Linux multi-cpu machines that send a lot
40
+     of UDP IPv4 packets (40-50% faster in stateless mode). For it to work
41
+     udp4_raw must be enabled or set into auto mode in sr.cfg and sr must be
42
+     started as root or with CAP_NET_RAW. Note that even if udp4_raw is
43
+     off (default), if sr was started with enough privileges, it can be
44
+     enabled at runtime.
45
+     The support for using raw sockets is also available on FreeBSD (compiled
46
+     by default but not tested for performance yet), NetBSD, OpenBSD and
47
+     Darwin (not tested and not compiled by default, needs
48
+     make cfg extra_defs=-DUSE_RAW_SOCKS). To check if the support is
49
+     compiled, use ser -V |grep --color RAW_SOCKS or for a running
50
+     ser: sercmd core.udp4_raw_info.
51
+     See udp4_raw, udp4_raw_mtu and udp4_raw_ttl below.
52
+  - asynchronous TLS support
53
+  - onreply_route {...} is now equivalent with onreply_route[0] {...}
54
+  - global, per protocol blacklist ignore masks (via extended send_flags).
55
+    See dst_blacklist_udp_imask a.s.o (dst_blacklist_*_imask).
56
+  - per message blacklist ignore masks
57
+  - route() now supports rvalue expressions (e.g. route("test"+$i))
58
+  - support for permanent entries in the DNS cache.
59
+
60
+new config variables:
61
+  - udp4_raw - enables raw socket support for sending UDP IPv4 datagrams 
62
+      (40-50% performance increase on linux multi-cpu).
63
+      Possible values: 0 - disabled (default), 1 - enabled, -1 auto.
64
+      In "auto" mode it will be enabled if possible (sr started as root or
65
+      with CAP_NET_RAW).
66
+      udp4_raw can be used on Linux and FreeBSD. For other BSDs and Darwin
67
+      one must compile with -DUSE_RAW_SOCKS.
68
+      On Linux one should also set udp4_raw_mtu if the MTU on any network
69
+      interface that could be used for sending is smaller then 1500.
70
+      Can be set at runtime as long as sr was started with enough privileges
71
+      (core.udp4_raw).
72
+  - udp4_raw_mtu - MTU value used for UDP IPv4 packets when udp4_raw is
73
+      enabled.  It should be set to the minimum MTU of all the network
74
+      interfaces that could be used for sending. The default value is 1500.
75
+      Note that on BSDs it does not need to be set (if set it will be ignored,
76
+      the proper MTU will be used automatically by the kernel). On Linux it
77
+      should be set.
78
+      Can be set at runtime (core.udp4_raw_mtu).
79
+  - udp4_raw_ttl - TTL value used for UDP IPv4 packets when udp4_raw is
80
+      enabled. By default it is set to auto mode (-1), meaning that the
81
+      same TTL will be used as for normal UDP sockets.
82
+      Can be set at runtime (core.udp4_raw_ttl).
83
+  - dst_blacklist_udp_imask - global blacklist events ignore mask for udp
84
+    (a blacklist event/reason set in this variable will be ignored when 
85
+    deciding whether or not to blacklist an udp destination). Can be set
86
+    at runtime. Default: 0 (no blacklist reason is ignored).
87
+    Possible values:  0 -disabled, 2 - send error; 4 - connect error,
88
+                      8 - icmp (reserverd), 16 - transaction timeout,
89
+                     32 - 503 received, 64 - administratively prohibited
90
+                     (manually set).
91
+   - dst_blacklist_tcp_imask - like dst_blacklist_udp_imask, but for tcp.
92
+   - dst_blacklist_tls_imask - like dst_blacklist_tls_imask, but for tcp.
93
+   - dst_blacklist_sctp_imask -like dst_blacklist_sctp_imask, but for tcp.
94
+   - dns_cache_rec_pref - DNS cache record preference:
95
+		0 - do not check duplicates (default)
96
+		1 - prefer old records
97
+		2 - prefer new records
98
+		3 - prefer records with longer lifetime
99
+
100
+modules:
101
+   - counters: functions and RPCs for manipulating counters (statistics):
102
+           modparam("counters", "script_counter", name)
103
+           cnt_inc(name)
104
+           cnt_add(name, val)
105
+           cnt_reset(name)
106
+   - blst: functions for ignoring blacklist events per message:
107
+           blst_set_ignore(mask):  set the events in mask in the per
108
+            per message blacklist ignore mask for a request
109
+            (see dst_blacklist_udp_imask for possible values).
110
+            The basic operation is: msg_blst_ignore_mask|=mask.
111
+           blst_clear_ignore(mask): like blst_set_ignore(mask), but instead
112
+            of setting some events, it clears them
113
+            (msg_blst_ignore_mask&=~mask).
114
+           blst_rpl_set_ignore(mask): like blst_set_ignore(mask), but sets
115
+            the mask for possible local replies to the current message.
116
+           blst_rpl_clear_ignore(mask): like blst_rpl_ignore(mask), but
117
+            clears instead of setting.
118
+   - tls:
119
+          certificate revocation list (CRL) support.
120
+          asynchronous TLS support
121
+          new TLS RPCs (tls.info, tls.options), tls.list more detailed.
122
+          removed handshake_timeout and send_timeout module parameters /
123
+            config variables. The values from tcp are used instead
124
+            (tcp_connect_timeout and tcp_send_timeout).
125
+          runtime config support
126
+          more config options:
127
+            crl - certificate revocation list file path (PEM format).
128
+            send_close_notify - enables/disables sending close notify
129
+              alerts prior to closing the corresponding TCP connection.
130
+              Sending the close notify prior to tcp shutdown is "nicer"
131
+              from a TLS point of view, but it has a measurable
132
+              performance impact. Default: off. Can be set at runtime
133
+              (tls.send_close_notify).
134
+            con_ct_wq_max - per connection tls maximum clear text write
135
+              queue size.  The TLS clear-text write queues are used when a
136
+              send attempt has to be delayed due to an on-going TLS level
137
+              renegotiation. Can be set at runtime (tls.con_ct_wq_max).
138
+              Default: 65536 (64 Kb).
139
+            ct_wq_max - maximum total for all the tls clear text write
140
+              queues (summed). Can be set at runtime (tls.ct_wq_max).
141
+              Default: 10485760 (10 Mb).
142
+            ct_wq_blk_size - internal TLS pre-write (clear-text) queue
143
+              minimum block size (advance tunning or debugging).
144
+              Can be set at runtime (tls.ct_wq_blk_size).
145
+              Default: 4096 (4 Kb).
146
+          verbose debug messages can be enable by re-compiling with
147
+            -DTLS_RD_DEBUG (for the read path) and -DTLS_WR_DEBUG
148
+            (for the write path).
149
+          new options for better tuning memory usage for modern openssl
150
+            versions: ssl_release_buffers (default 1), ssl_freelist_max_len
151
+            (default 0), ssl_max_send_fragment, ssl_read_ahead (default 0).
152
+            For more info see modules/doc/tls/README.
153
+          compression is now disabled by default. To enable it set
154
+            tls_disable_compression to 0, but note that memory usage will
155
+            increase dramatically especially for large number of
156
+            connections (>1000).
157
+tm:
158
+   - reason header support (RFC3326) both for CANCELs generated due to a
159
+      received final reply and for hop by hop CANCELs generated because of a
160
+      received CANCEL.
161
+      E.g.: reason header added for a CANCEL generated after a 200 reply was
162
+            received on one of the branches "Reason: SIP;cause=200".
163
+      The reason header support can be turned on/off using either tm
164
+      module parameters or in the end to end CANCEL case also on a per
165
+      transaction basis, using a script function:
166
+       local_cancel_reason = 0 | 1 (default 1/on) - turns on adding reason
167
+         headers for CANCELs generated due to a final reply. Can be changed
168
+         at runtime.
169
+       e2e_cancel_reason = 0 | 1 (default 1/on) - turns on copying reason
170
+         headers from a received end to end CANCEL (the generated hop by hop
171
+         CANCELs will have the same reason headers as the received CANCEL).
172
+         Can be changed at runtime.
173
+       t_set_no_e2e_cancel_reason(0|1) - enable/disable cancel reason 
174
+         header copying on a per transaction basis (0 - enable, 1 disable).
175
+   - t_reply() can be used both from the main/core onreply_route{} and tm
176
+     onreply_route[...]{}s.
177
+
178
+
179
+
180
+sip-router 3.0 changes
181
+
182
+core:
183
+  - type casts operators: (int), (str).
184
+  - new operators eq, ne for string compares and ieq, ine for interger 
185
+    compares. The names are not yet final (use them at your own risk).
186
+    Future version might use ==/!= only for ints (ieq/ine) and eq/ne for
187
+    strings (under debate).
188
+    They are almost equivalent to == or !=, but they force the conversion 
189
+    of their operands (eq to string and ieq to int), allowing among other
190
+    things better type checking on startup and more optimizations.
191
+    Non equiv. examples: 0 == "" (true) is not equivalent to 0 eq ""
192
+    (false: it evaluates to "0" eq ""). "a" ieq "b" (true: (int)"a" is 0
193
+     and (int)"b" is 0) is not equivalent to "a" == "b" (false).
194
+    Note: internally == and != are converted on startup to eq/ne/ieq/ine 
195
+    whenever possible (both operand types can be safely determined at
196
+    start time and they are the same).
197
+  - try to guess what the user wanted when operators that support multiple
198
+     types are used on different typed operands. In general convert the
199
+     the right operand to the type of the left operand and then perform the
200
+     operation. Exception: the left operand is undef.
201
+     This applies to the following operators: +, == and !=.
202
+     Special case: undef as left operand:
203
+     For +: undef + expr -> undef is converted to string => "" + expr.
204
+     For == and !=:   undef == expr -> undef is converted to type_of expr.
205
+     If expr is undef, then undef == undef is true (internally is converted
206
+     to string).
207
+  - expression evaluation changes: auto-convert to interger or string
208
+     in function of the operators: 
209
+       int(undef)==0,  int("")==0, int("123")==123, int("abc")==0
210
+       str(undef)=="", str(123)=="123".
211
+  - new script operators: defined, strlen, strempty
212
+      defined expr - returns true if expr is defined, and false if not.
213
+                     Note: only a standalone avp or pvar can be
214
+                     undefined, everything else is defined.
215
+      strlen(expr) - returns the lenght of expr evaluated as string.
216
+      strempty(expr) - returns true if expr evaluates to the empty
217
+                       string (equivalent to expr=="").
218
+    e.g.: if (defined $v && !strempty($v)) $len=strlen($v);
219
+  - msg:len max_len comparison obsoleted and removed (it did not make any
220
+    sense, msg:len > max_len was always false, use something like 
221
+    4096 or 16384 in its place).
222
+  - module search path support: loadpath takes now a list of directories
223
+    separated by ':'. The list is searched in-order. For each directory d
224
+    $d/${module_name}.so and $d/${module_name}/${module_name}.so are tried.
225
+  - dns TXT, EBL and PTR support (both cache and non-cached resolver)
226
+  - support for dual module interfaces: ser and kamailio
227
+config script changes:
228
+  - script mode can be switched between ser compatible, kamailio compatible
229
+    and max compatibility (compatible with both as much as possible), using
230
+      #!SER
231
+      #!KAMAILIO
232
+      #!OPENSER
233
+      #!ALL
234
+      #!MAXCOMPAT
235
+    where #!KAMAILIO is equivalent with #!OPENSER and #!ALL with #!MAXCOMPAT
236
+  - support for kamailio style pvars
237
+  - C-like switch()/case (integer only)
238
+  - while()
239
+  - include file support: include_file "somefile"
240
+  - event route support: event_route[module_name:eventid]
241
+  - user and shm_force_alloc must now appear prior to any modparam() or route
242
+     block.
243
+  - per message send_flags support (see set_forward_no_connect(),
244
+     set_forward_reply_no_connect(), set_forward_close() & set_reply_close())
245
+
246
+build system:
247
+  - multiple modules directories are now supported (defined in Makefile.dirs)
248
+
249
+new config variables:
250
+  - max_while_loops - maximum iterations allowed for a while  (can be changed
251
+       at runtime). Default 100.
252
+  - log_name - set the application name used when printing to syslog.
253
+  - mem_summary - memory debugging info logged on exit or on SIGUSR1.
254
+       The value is a combination of flags: 0 - off,
255
+       1 - dump all used memory blocks and some statistics (lots of output),
256
+       2 - dump a summary of the used memory blocks (works only if
257
+           compiled with DBG_QM_MALLOC or DBG_F_MALLOC).
258
+       Default: 1.
259
+       Can be changed at runtime.
260
+  - shm = number  or shm_mem = number  - size of shared memory in MB. It's
261
+       overwritten if a value is specified on the command line (-m val).
262
+       Default: 32 Mb. Must appear prior to any modparam() or route block.
263
+
264
+new script commands:
265
+  add_local_rport() - adds the rport parameter to the added via header
266
+       (rfc3581).
267
+  set_forward_no_connect() - the message will be forwarded only if there is
268
+       already an existing connection to the destination (it applies only to
269
+       connection oriented protocols like tcp, tls and in the future sctp).
270
+  set_reply_no_connect() - like set_forward_no_connect(),  but works for
271
+       replies to the current message.
272
+  set_forward_close()  - try to close the connection after forwarding the
273
+       current message (it applies only when the underlying protocol is
274
+       connection oriented).
275
+  set_reply_close() - like set_forward_close(), but it works for replies to
276
+       the current message.
277
+
278
+tm:
279
+  disable_6xx_block parameter - if set, will treat 6xx replies like normal
280
+       replies (non rfc conformant). Default: off.
281
+       See also t_set_disable_6xx().
282
+  t_set_disable_6xx(0|1) - can be used to turn off/on the special 6xx handling
283
+       on a per transaction basis.
284
+  t_set_disable_failover(0|1) - can be used to turn off/on dns failover on a
285
+       per transaction basis.
286
+
287
+
288
+
289
+2.1.0 changes
290
+
291
+modules:
292
+ - textops   - functions:
293
+                        - remove_hf_re("regexp") -- filter message headers out
294
+                          by matching the header name field against a regular
295
+                          expression.
296
+ - avp       - export new selects table to allow dissecting the content of an
297
+               attribute by interpreting it as a "name-addr" value 
298
+ - auth      - experimental support for one-time nonces: when enabled a nonce
299
+               will be accepted only for one response (each new request will
300
+               be challenged). See one_time_nonce.
301
+             - experimental support for nc checking when qop=auth
302
+               (fast, non-locking implementation, see nonce_count, 
303
+                nc_array_size, nc_array_order and nid_pool_no) 
304
+             - switched to base64 nonces
305
+             - record nonce generation time inside the nonce so that a 
306
+               received nonce can be checked against ser start time
307
+               (if older => stale). This allows gracefully handling ser
308
+               restarts with different auth configs.
309
+             - added extra authentication checks support, to protect
310
+               against various reply attacks.
311
+             - params:
312
+                       - nonce_auth_max_drift - maximum difference in seconds
313
+                          from the current time, if a nonce appears to be
314
+                          created in the future (if exceeded the nonce is 
315
+                          considered stale).
316
+                       - one_time_nonce - if enabled each nonce is allowed 
317
+                          only once => each new request (including 
318
+                          retransmissions!) will be challenged. It should be
319
+                          used only in stateful mode (so that tm deals with
320
+                          the retransmissions). The major disadvantage is that
321
+                          the UA won't be able to used any cached credentials
322
+                          (=> extra messages, extra round trips, more work for
323
+                           the proxy)
324
+                       - otn_in_flight_no - maximum number of in-flight nonces
325
+                          for one-time-nonces. It must be a number of the form
326
+                          2^k (if not it will be automatically rounded down).
327
+                          The memory used will be otn_in_flight_no/8
328
+                       - otn_in_flight_order - like otn_in_flight_no, but 
329
+                          instead of specifying the number as 2^k, it directly
330
+                          sets k (otn_in_flight_no=2^otn_in_flight_order)
331
+                       - nonce_count - if enabled and qop=auth or 
332
+                          qop=auth-int, store and check received nc values
333
+                          (for details see rfc2617 and auth/doc). It should be
334
+                          used only in stateful mode (so that tm deals with
335
+                          the retransmissions which would otherwise be 
336
+                          challenged). The major advantage is greatly 
337
+                          enhanced security (extremely small probability of
338
+                          a succesfull replay attack) combine with support
339
+                          for cached credentials (if the UAs do support qop 
340
+                          and auth)
341
+                       - nc_array_size - size of the array used for storing
342
+                          nc values, default 1Mb. It will be rounded down to
343
+                          a 2^k value. It represents the maximum number of
344
+                          in-flight nonces supported
345
+                       - nc_array_order - equivalent to nc_array_size, but 
346
+                          instead of specifying the size in bytes, it can 
347
+                          be used to directly set the power of 2 used
348
+                          (nc_array_size=2^nc_array_order)
349
+                       - nid_pool_no - number of nc and one-time-nonce array 
350
+                          and index partitions, useful for increasing 
351
+                          performance on multi-cpu systems (default 1,
352
+                          recommended 4)
353
+                       - auth_checks_register, auth_checks_no_dlg, 
354
+                         auth_checks_in_dlg - flags specifying which extra
355
+                          message part/parts will be checked for change before
356
+                          allowing nonce reuse. See the auth module docs for
357
+                          for more information (modules/auth/README).
358
+ - blst      - new module containing script blacklist manipulations functions
359
+               (the source of a message can be blacklisted, removed from the
360
+                blacklist or checked for presence in the blacklist).
361
+ - tm        - added API function t_get_canceled_ident(): returns the hash 
362
+               coordinates (bucket/index) of the transaction the currently 
363
+               processed CANCEL is targeting. Requires AS support enabled.
364
+             - added API function ack_local_uac(): allow generating the ACKs 
365
+               for 2xx'ed locally originated INVITEs - new headers and body can
366
+               now also be appended to it. Requires AS support enabled.
367
+             - matching of E2E ACKs no longer requires full From HF identity,
368
+               but rather only tag equality (this behaviour can be changed by
369
+               defining TM_E2E_ACK_CHECK_FROM_URI)
370
+             - added t_reset_fr(), t_reset_retr(), t_reset_max_lifetime()
371
+             - t_relay_to renamed to t_relay_to_avp (undocumented function)
372
+             - t_relay() can now also take host and port parameters (e.g.
373
+               t_relay(host, port)), behaving like a statefull 
374
+               forwad(host, port) version (forward to host:port using the same
375
+               protocol on which the message was received)
376
+             - t_relay_to_udp(), t_relay_to_tcp() and t_relay_to_tls() work
377
+               now even with no parameters: in this case the message is 
378
+               forwarded using the request uri, but with the specified protocol
379
+               (equivalent to a t_relay() with a forced protocol)
380
+             - method for canceling unreplied branches can now be selected
381
+               using the new cancel_b_method tm parameter.
382
+             - support for adding a 503 reply source to the blacklist for
383
+               the time specified in the Retry-After header (see the new tm
384
+               parameters blst_503, blst_503_def_timeout, blst_503_min_timeout
385
+               and blst_503_max_timeout).
386
+             - different error replies for too many branches (500 but with
387
+               different text), resolve error (478) or send error
388
+               (477).
389
+             - tm can be configured not to automatically send 100 replies
390
+               for invites either globally (see the auto_inv_100 parameter)
391
+               or on a per transaction basis (see t_set_auto_inv_100(...))
392
+             - t_relay* error reply are delayed till the end of the script
393
+               to allow the script writer to overwrite them
394
+             - branches are always canceled hop by hop
395
+             - cancels for silently canceled branches (no replies ever 
396
+               received) are automatically generated if later a provisional
397
+               reply arrives on such a branch
398
+             - noisy_ctimer is now 1 (on) by default
399
+             - added maximum transaction lifetime - a transaction is not
400
+               allowed to be active longer then this interval. See
401
+               t_set_max_lifetime(), max_inv_lifetime and max_noninv_lifetime.
402
+             - support for changing the retransmission intervals on the fly,
403
+               on a per transaction basis (it is enabled if tm is compiled
404
+               with -DTM_DIFF_RT_TIMEOUT -- default): t_set_retr(t1, t2).
405
+             - transaction are deleted the moment they are not referenced 
406
+               anymore (removed the need for the delete timer) -- this 
407
+               should improve memory usage on very busy proxies.
408
+             - lots of callbacks added
409
+             - new onsend callbacks support (require defining TMCB_ONSEND prior
410
+               to compiling tm)
411
+             - behaviour when receiving a CANCEL which doesn't match any 
412
+               transaction can be selected using the unmatched_cancel param.
413
+             - params: 
414
+                        - cancel_b_method - selects one of the three methods
415
+                          for dealing with unreplied branches when the 
416
+                          transaction must be canceled. The possible values
417
+                          are 0 (old behaviour) for stopping request 
418
+                          retransmission on the branch and act as if 
419
+                          the branch was immediately replied with a 487,
420
+                          1 for continuing to retransmit the request until an
421
+                          answer is received or the timeout kicks in (default)
422
+                          and
423
+                          2 for stopping the request retransmission and sending
424
+                          CANCEL on the branch (not rfc conforming).
425
+                          For more information see tm docs.
426
+                        - blst_503 - if set and if the blacklist is used
427
+                          (use_dst_blacklist=1), add the source of a 503 reply
428
+                          to the blacklist
429
+                        - blst_503_def_timeout - if the Retry-After header from
430
+                          a 503 reply is missing, use this value for the 
431
+                          blacklist timeout (in s). Depends on blst_503.
432
+                          The default value is 0 ( do not blacklist if no
433
+                          Retry-After is present).
434
+                        - blst_503_min_timeot (in s) - if the 503 reply 
435
+                          Retry-After header value is less, use this value
436
+                          for the blacklist timeout. Depends on blst_503.
437
+                          The default value is 0.
438
+                        - blst_503_max_timeout (in s) - if the 503 reply 
439
+                          Retry-After header value is greater, use this value
440
+                          instead. Depends on blst_503.
441
+                          The default value is 3600 s.
442
+                        - auto_inv_100 - if set (default) tm will automatically
443
+                          send an 100 reply to INVITEs (see also 
444
+                         t_set_auto_inv_100())
445
+                        - noisy_ctimer is now 1 by default
446
+                        - max_inv_lifetime & max_noninv_lifetime - default
447
+                          maximum lifetimes for an invite or non-invite 
448
+                          transaction. After this interval has passed from 
449
+                          the transaction creation the transaction will be 
450
+                          either switched into the wait state or in the
451
+                          final response retransmission state => a transaction
452
+                          will be kept in memory for maximum: 
453
+                           max_*inv_lifetime + fr_timer /*ack w.*/ +wait_timer.
454
+                        - unmatched_cancel - selects between forwarding cancels
455
+                           that do not match any transaction statefully (0, 
456
+                           default value), statelessly (1) or dropping them
457
+                           (2). Note that the statefull forwarding has an 
458
+                           additional hidden advantage: tm will be able to
459
+                           recognize INVITEs that arrive after their CANCEL.
460
+                           Note also that this feature could be used to try
461
+                           a memory exhaustion DOS attack against a proxy that
462
+                           authenticates all requests, by continuously flooding
463
+                           the victim with CANCELs to random destinations 
464
+                           (since the CANCEL cannot be authenticated, each
465
+                           received bogus CANCEL will create a new transaction 
466
+                           that will live by default 30s).
467
+             - functions:
468
+                        - t_reset_fr() -- resets the current transaction 
469
+                          fr_inv_timer and fr_timer to the default values
470
+                          (set via the tm modparams fr_inv_timer and fr_timer).
471
+                        - t_reset_retr() -- resets the current transaction
472
+                          retransmission intervals on the fly, to the default
473
+                          values (set via the tm modparams retr_timer1 and 
474
+                          retr_timer2).
475
+                        - t_reset_max_lifetime() -- resets the current 
476
+                          transaction maximum lifetime to the default value
477
+                          (set via the tm  modparam max_inv_lifetime or 
478
+                           max_noninv_lifetime).
479
+                        - t_grep_status("code") -- returns true if any branch
480
+                          received code as the final reply (or if no final 
481
+                          reply was yet received, but a "code" provisional 
482
+                          reply).
483
+                        - t_set_auto_inv_100(on/off) - switch automatically
484
+                          sending 100 replies to INVITEs on/off on a per
485
+                          transaction basis. It overrides the tm param.
486
+                          auto_inv_100.
487
+                        - t_set_max_lifetime(inv, noninv) - changes the 
488
+                          maximum transaction lifetime on the fly, for the
489
+                          current or next to be created transaction.
490
+                        - t_set_retr(t1, t2) - changes the retransmissions
491
+                           intervals on the fly, on a per transaction basis.
492
+core:
493
+             - most tcp config vars migrated to the dynamic config framework
494
+               (can be changed at runtime, e.g. 
495
+                 sercmd cfg.set_now_int tcp connection_lifetime 180 )
496
+             - fallback to tcp or other congestion controlled transport 
497
+               protocol if a forwarded udp sip request is greater then 
498
+               udp_mtu (config). Default off. See udp_mtu and 
499
+               udp_mtu_try_proto.
500
+             - sctp support (one-to-many, work in progress, for now linux
501
+               and freebsd only)
502
+             - partial cygwin (windows) support revived: core+static modules, 
503
+               no ipv6, no tcp, no dynamic modules
504
+             - most of the config variables can now be changed on the fly,
505
+               without ser restart  (migration work in progress)
506
+             - tcp improvements (better tcp timers, send fd cache, special
507
+                options support)
508
+             - dns naptr support (see dns_try_naptr and dns_<proto>_pref)
509
+             - dns srv based load balancing support (see dns_srv_lb)
510
+             - support for locking ser's pages in memory, pre-mapping
511
+               all the shared memory on startup (fill it with 0)
512
+             - real time options
513
+             - devel: new PROC_INIT rank, init_child(PROC_INIT) called first
514
+             - futex support on linux (better behaviour when waiting on 
515
+               long held locks, almost no performance impact otherwise)
516
+             - when dns search list was used for resolution, store the "link"
517
+               between the short name and long name in cache as CNAME record
518
+
519
+new config variables:
520
+  tcp_rd_buf_size = buffer size used for tcp reads.
521
+                    A high buffer size increases performance on server with few
522
+                    connections and lot of traffic on them, but also increases
523
+                     memory consumption (so for lots of connection is better 
524
+                    to use a low value). Note also that this value limits the
525
+                    maximum datagram size that can be received over tcp.
526
+                    Default: 4096, can be changed at runtime.
527
+  tcp_wq_blk_size = block size used for tcp async writes. It should be big
528
+                    enough to hold a few datagrams. If it's smaller then a
529
+                    datagram (in fact a tcp write()) size, it will be rounded
530
+                    up. It has no influenced on the number of datagrams 
531
+                    queued (for that see tcp_conn_wq_max or tcp_wq_max).
532
+                    It has mostly debugging and testing value (can be ignored).
533
+                    Default: 2100 (~ 2 INVITEs), can be changed at runtime.
534
+  tcp_no_connect = yes/no - disable connects, ser will only accept new 
535
+                     connections, it will never try to open new ones.
536
+                     Default: no, can be changed at runtime.
537
+  udp_mtu = number - fallback to another protocol (udp_mtu_try_proto must be
538
+                     set also either globally or per packet) if the constructed
539
+                     request size is greater then udp_mtu.
540
+                     Recommended size: 1300. Default: 0 (off).
541
+  udp_mtu_try_proto = TCP|TLS|SCTP|UDP - if udp_mtu !=0 and udp forwarded
542
+                     request size (after adding all the "local" headers) >
543
+                     udp_mtu, use this protocol instead of udp. Only the
544
+                     Via header will be updated (e.g. The Record-Route
545
+                     will be the one built for udp).
546
+                     Default: UDP (off). Recommended: TCP.
547
+  force_rport =yes/no - like force_rport(), but works globally.
548
+  disable_sctp = yes/no - disable sctp support (default auto, see enable_sctp)
549
+  enable_sctp = 0/1/2  - disable (0)/enable (1)/auto (2) sctp support, 
550
+                         default auto (2)
551
+  sctp_children = number - sctp children no (similar to udp children)
552
+  sctp_socket_rcvbuf = number - size for the sctp socket receive buffer
553
+  sctp_socket_sndbuf = number - size for the sctp socket send buffer
554
+  sctp_autoclose = seconds - number of seconds before autoclosing an idle
555
+                   association (default: 180 s).
556
+                   Can be changed at runtime, but it will affect only new
557
+                   associations. E.g.:
558
+                   $ sercmd cfg.set_now_int sctp autoclose 120
559
+  sctp_send_ttl = milliseconds - number of milliseconds before an unsent
560
+                  message/chunk is dropped (default: 32000 ms or 32 s).
561
+                  Can be changed at runtime, e.g.:
562
+                  $ sercmd cfg.set_now_int sctp send_ttl 180000
563
+  sctp_send_retries - how many times to attempt re-sending a message on a
564
+                      re-opened association, if the sctp stack did give up
565
+                      sending it (it's not related to sctp protocol level
566
+                      retransmission). Useful to improve reliability with
567
+                      peers that reboot/restart or fail over to another 
568
+                      machine. WARNING: use with care and low values (e.g.
569
+                      1-3) to avoid "multiplying" traffic to unresponding 
570
+                      hosts (default: 0).
571
+                      Can be changed at runtime.
572
+  sctp_assoc_tracking = yes/no - controls whether or not sctp associations
573
+     are tracked inside ser/sip-router. Turning it off would result in
574
+     less memory being used and slightly better performance, but it will also
575
+     disable some other features that depend on it (e.g. sctp_assoc_reuse).
576
+     Default: yes.
577
+     Can be changed at runtime (sercmd sctp assoc_tracking 0), but changes
578
+     will be allowed only if all the other features that depend on it are
579
+     turned off (for example it can be turned off only if first
580
+     sctp_assoc_reuse was turned off).
581
+     Note: turning sctp_assoc_tracking on/off will delete all the tracking
582
+     information for all the currently tracked associations and might introduce
583
+     a small temporary delay in the sctp processing if lots of associations
584
+     were tracked.
585
+     Config options depending on sctp_assoc_tracking being on:
586
+      sctp_assoc_reuse.
587
+  sctp_assoc_reuse = yes/no - controls sctp association reuse. For now only
588
+     association reuse for replies is affected by it. Default: yes.
589
+     Depends on sctp_assoc_tracking being on.
590
+     Note that even if turned off, if the port in via corresponds to the
591
+     source port of the association the request was sent on or if rport is
592
+     turned on (force_rport() or via containing a rport option), the
593
+     association will be automatically reused by the sctp stack.
594
+     Can be changed at runtime (sctp assoc_reuse), but it can be turned on
595
+     only if sctp_assoc_tracking is on.
596
+  sctp_max_assocs = number - maximum number of allowed open sctp associations.
597
+     -1 means maximum allowed by the OS. Default: -1.
598
+     Can be changed at runtime (e.g.:
599
+      sercmd cfg.set_now_int sctp max_assocs 10 ).
600
+     When the maximum associations number is exceeded and a new associations
601
+     is opened by a remote host, the association will be immediately closed.
602
+     However it is possible that some sip packets get through (especially if
603
+     they are sent early, as part of the 4-way handshake).
604
+     When ser/sip-router tries to open a new association and the max_assocs
605
+     is exceeded the exact behaviour depends on whether or not
606
+     sctp_assoc_tracking is on. If on, the send triggering the active open
607
+     will gracefully fail, before actually opening the new association and no
608
+     packet will be sent. However if sctp_assoc_tracking is off, the
609
+     association will first be opened and then immediately closed. In general
610
+     this means that the initial sip packet will be sent (as part of the 4-way
611
+     handshake).
612
+  sctp_srto_initial = milliseconds - initial value of the retr. timeout, used
613
+     in RTO calculations (default: OS specific).
614
+     Can be changed at runtime (sctp srto_initial) but it will affect only new
615
+     associations.
616
+  sctp_srto_max = milliseconds - maximum value of the retransmission timeout
617
+     (RTO) (default: OS specific).
618
+     WARNING: values lower then the sctp sack_delay will cause lots of
619
+     retransmissions and connection instability (see sctp_srto_min for more
620
+     details).
621
+     Can be changed at runtime (sctp srto_max) but it will affect only new
622
+     associations.
623
+  sctp_srto_min = milliseconds - minimum value of the retransmission timeout
624
+     (RTO) (default: OS specific).
625
+     WARNING: values lower then the sctp sack_delay of any peer might cause
626
+     retransmissions and possible interoperability problems. According to the
627
+     standard the sack_delay should be between 200 and 500 ms, so avoid trying
628
+     values lower then 500 ms unless you control all the possible sctp peers
629
+     and you do make sure their sack_delay is higher or their sack_freq is 1.
630
+     Can be changed at runtime (sctp srto_min) but it will affect only new
631
+     associations.
632
+  sctp_asocmaxrxt   = number - maximum retransmissions attempts per association
633
+     (default: OS specific). It should be set to sctp_pathmaxrxt * no. of
634
+     expected paths.
635
+     Can be changed at runtime (sctp asocmaxrxt) but it will affect only new
636
+     associations.
637
+  sctp_init_max_attempts = number - maximum INIT retransmission attempts
638
+     (default: OS specific).
639
+     Can be changed at runtime (sctp init_max_attempts).
640
+  sctp_init_max_timeo = milliseconds - maximum INIT retransmission timeout (RTO
641
+     max for INIT). Default: OS specific.
642
+     Can be changed at runtime (sctp init_max_timeo).
643
+  sctp_hbinterval = milliseconds - sctp heartbeat interval. Setting it to -1
644
+     will disable the heartbeats. Default: OS specific.
645
+     Can be changed at runtime (sctp hbinterval) but it will affect only new
646
+     associations.
647
+  sctp_pathmaxrxt = number - maximum retransmission attempts per path (see also
648
+     sctp_asocmaxrxt). Default: OS specific.
649
+     Can be changed at runtime (sctp pathmaxrxt) but it will affect only new
650
+     associations.
651
+  sctp_sack_delay = milliseconds - delay until an ACK is generated after
652
+     receiving a packet. Default: OS specific.
653
+     WARNING: a value higher then srto_min can cause a lot of retransmissions
654
+     (and strange problems). A value higher then srto_max will result in very
655
+     high connections instability. According to the standard the sack_delay
656
+     value should be between 200 and 500 ms.
657
+     Can be changed at runtime (sctp sack_delay) but it will affect only new
658
+     associations.
659
+  sctp_sack_freq = number - number of packets received before an ACK is sent
660
+     (without waiting for the sack_delay to expire).  Default: OS specific.
661
+     Note: on linux with lksctp up to and including 1.0.9 is not possible to
662
+     set this value (having it in the config will produce a warning on
663
+     startup).
664
+     Can be changed at runtime (sctp sack_freq) but it will affect only new
665
+     associations.
666
+  sctp_max_burst = number - maximum burst of packets that can be emitted by an
667
+     association. Default: OS specific.
668
+     Can be changed at runtime (sctp max_burst) but it will affect only new 
669
+     associations.
670
+  server_id = number - A configurable unique server id that can be used to
671
+                       discriminate server instances within a cluster of
672
+                       servers when all other information, such as IP addresses
673
+                       are the same.
674
+  loadpath = <modules path> - directory where to load the modules from (-L
675
+     equivalent); modules can be loaded simply by specifying their name
676
+     (loadmodule "maxfwd")
677
+  tcp_fd_cache = yes | no (default yes) - if enabled FDs used for sending
678
+     will be cached inside the process calling tcp_send (performance increase
679
+     for sending over tcp at the cost of slightly slower connection closing and
680
+     extra FDs kept open)
681
+  tcp_async = yes | no (default yes) - if enabled all the tcp  writes that 
682
+     would block / wait for connect to finish, will be queued and attempted
683
+     latter (see also tcp_conn_wq_max and tcp_wq_max).
684
+  tcp_buf_write = obsoleted synonim for tcp_async
685
+  tcp_conn_wq_max = bytes (default 32 K) - maximum bytes queued for write 
686
+     allowed per connection. Attempting to queue more bytes would result
687
+     in an error and in the connection being closed (too slow). If 
688
+     tcp_write_buf is not enabled, it has no effect.
689
+  tcp_wq_max = bytes (default 10 Mb) - maximum bytes queued for write allowed
690
+     globally. It has no effect if tcp_write_buf is not enabled.
691
+  tcp_defer_accept =  yes | no (default no) on freebsd  / number of seconds
692
+        before timeout on linux (default disabled) - tcp accepts will be 
693
+        delayed until some data is received (improves performance on proxies
694
+        with lots of opened tcp connections). See linux tcp(7) TCP_DEFER_ACCEPT
695
+        or freebsd ACCF_DATA(0). For now linux and freebsd only.
696
+        WARNING: the  linux TCP_DEFER_ACCEPT is buggy (<=2.6.23) and doesn't 
697
+         work exactly as expected (if no data is received it will retransmit 
698
+         syn acks for ~ 190 s, irrespective of the set timeout and then it will
699
+         silently drop the connection without sending a RST or FIN). Try to 
700
+         use it together with tcp_syncnt (this way the number of retrans.
701
+          SYNACKs can be limited => the timeout can be controlled in some way).
702
+  tcp_delayed_ack  = yes | no (default yes when supported) - initial ACK for
703
+        opened connections will be delayed and sent with the first data
704
+        segment (see linux tcp(7) TCP_QUICKACK). For now linux only.
705
+  tcp_syncnt = number of syn retr. (default not set) - number of SYN 
706
+        retransmissions before aborting a connect attempt (see linux tcp(7)
707
+        TCP_SYNCNT). Linux only.
708
+  tcp_linger2 = seconds (not set by default) - lifetime of orphaned sockets
709
+        in FIN_WAIT2 state (overrides tcp_fin_timeout on, see linux tcp(7) 
710
+        TCP_LINGER2). Linux only.
711
+  tcp_keepalive = yes | no (default yes) - enables keepalive for tcp.
712
+  tcp_keepidle  = seconds (not set by default) - time before starting to send
713
+         keepalives, if the connection is idle. Linux only.
714
+  tcp_keepintvl = seconds (not set by default) - time interval between 
715
+         keepalive probes, when the previous probe failed. Linux only.
716
+  tcp_keepcnt = number (not set by default) - number of keepalives sent before
717
+         dropping the connection. Linux only.
718
+  tcp_crlf_ping = yes | no (set by default) - enable CRLF keepalives aka
719
+         SIP outbound.
720
+  pmtu_discovery = 0 | 1 (default 0) - set DF bit in outbound IP if enabled
721
+  dns_srv_lb = yes | no (default no) - enable dns srv weight based load 
722
+    balancing (see doc/dns.txt)
723
+  dns_try_naptr = yes | no (default no) - enable naptr support 
724
+    (see doc/dns.txt for more info)
725
+  dns_{udp,tcp,tls,sctp}_pref = number - ser preference for each protocol
726
+    when doing naptr lookups. By default dns_udp_pref=30, dns_tcp_pref=20, 
727
+    dns_tls_pref=10 and dns_sctp_pref=20. To use the remote site preferences
728
+    set all dns_*_pref to the same positive value (e.g. dns_udp_pref=1,
729
+    dns_tcp_pref=1, dns_tls_pref=1, dns_sctp_pref=1). To completely ignore 
730
+    NAPTR records for a specific protocol, set the corresponding protocol 
731
+    preference to -1 (or any other negative number).  (see doc/dns.txt for 
732
+    more info)
733
+  dns_search_full_match = yes | no (default yes) - when name was resolved 
734
+    using dns search list, check the domain added in the answer matches with
735
+    one from the search list (small performance hit, but more safe)
736
+  mlock_pages = yes |no (default no) - locks all ser pages into memory making 
737
+    it unswappable (in general one doesn't want his sip proxy swapped out :-))
738
+  shm_force_alloc = yes | no (default no) - tries to pre-fault all the 
739
+    shared memory, before starting. When on start time will increase, but
740
+    combined with mlock_pages will guarantee ser will get all its memory from
741
+    the beginning (no more kswapd slow downs)
742
+  real_time = <int> (flags) (default off). - sets real time priority
743
+     for all the ser processes, or the timers. 
744
+     Possible values:   0  - off
745
+                        1  - the "fast" timer
746
+                        2  - the "slow" timer
747
+                        4  - all processes, except the timers
748
+     Example: real_time= 7 => everything switched to real time priority.
749
+  rt_prio = <int> (default 0) - real time priority used for everything except
750
+     the timers, if real_time is enabled
751
+  rt_policy= <0..3> (default 0)- real time scheduling policy, 0 = SCHED_OTHER,
752
+     1= SCHED_RR and 2=SCHED_FIFO
753
+  rt_timer1_prio=<int> (default 0) - like rt_prio but for the "fast" timer
754
+     process (if real_time & 1)
755
+  rt_timer1_policy=<0..3> (default 0) - like rt_policy but for the "fast" timer
756
+  rt_timer2_prio=<int> (default 0) - like rt_prio but for the "slow" timer
757
+  rt_timer2_policy=<0..3> (default 0) - like rt_policy but for the "slow" timer
758
+  tcp_source_ipv4 = IPv4 address
759
+  tcp_source_ipv6 = IPv6 address
760
+    Set the given source IP for all outbound TCP connections.
761
+    If setting the IP fails the TCP connection will use the default.
762
+  dns_cache_init = on | off (default on) - if off, the dns cache is not
763
+    initialized at startup and cannot be enabled runtime, that saves some
764
+    memory.
765
+  dst_blacklist_init = on | off (default on) - if off, the blacklist
766
+    is not initialized at startup and cannot be enabled runtime,
767
+    that saves some memory.
768
+
769
+new script commands:
770
+  udp_mtu_try_proto(TCP|TLS|SCTP|UDP) - same as udp_mtu_try_proto=... (see
771
+    above), but works per packet and not globally.
772
+
773
+
774
+build system:
775
+ - check defines and includes used at compile time and if different 
776
+   force rebuilding everything in the current dir (creates a new file: 
777
+   makecfg.lst that stores the compile defines & includes used at compile 
778
+   time)
779
+ - make cfg / config support: store the build config in an autogenerated file 
780
+   (config.mak) and use it for future compiles (e.g.: 
781
+   make cfg include_modules=mysql skip_modules=print CPU=pentium-m; make all).
782
+   Main advantages are easier usage and faster builds (e.g. make proper is
783
+    +16 times faster, make clean ~9 times, make with previously generated
784
+    config is 2.6 times faster and a make that has nothing to do is ~9 times
785
+    faster).
786
+
787
+
788
+
789
+
790
+2.0.0 changes
791
+
792
+
793
+new archs:
794
+
795
+
796
+modules:
797
+ - tls        - new module that enables tls support (set enable_tls=yes
798
+                in the config file and load the tls module)
799
+ - ctl        - new  fifo/unixsocket/xmlrpc like module, using a space 
800
+                efficient binary encoding for the requests.
801
+                It supports multiple clients on tcp, udp, unix stream or
802
+                unix datagram modes. By default (no modparams) it opens
803
+                one unix stream control socket in /tmp/ser_ctl.
804
+                It also includes extended fifo support: multiple fifos,
805
+                fifo over tcp, udp and unix sockets (see ctl/ctl.cfg).
806
+                Use utils/sercmd/sercmd to send commands to it.
807
+ - dispatcher - added hashing after request uri and to uri
808
+              - added a new flag parameter which can be used (for now) to
809
+                select only the username or the username, host and port when
810
+                hashing after an uri (to, from or request uri)
811
+              - improved uri hashing (password is ignored, port is used only
812
+                if != 5060 or 5061)
813
+ - tm        - aggregate challenges (WWW/Proxy-Authenticate) from all the
814
+               401 & 407 if the final reply is a 401/407. To turn this off
815
+               and fall back to the old behaviour set tm aggregate_challenges
816
+               parameter to 0.
817
+             - if a relayed 503 is the final reply, replace it by a 500
818
+             - if a 503 reply is received try the dns based failover
819
+               (forward to another ip if the original destination uri 
820
+                resolved to several SRV, A or AAAA records)
821
+             - on 6xx immediately cancel all the branches for which a 
822
+               provisional response was received and wait for all the 
823
+               branches to finish (either timeout, the 487 from the CANCEL
824
+               or a final response still on the wire in the moment the
825
+               CANCEL was sent)
826
+             - better final reply selection: 6xx is preferred over other 
827
+               negative replies; from several 4xx prefer 401, 407, 415, 420,
828
+               484 (in this order). For all the other cases, return the lowest
829
+               code (as before)
830
+             - special functions for checking for timeout, if a reply was
831
+               received or if the current transaction was canceled
832
+             - dns failover and dst blacklist support
833
+             - migrated to the new timers (tm timers completely rewritten)
834
+             - improved speed and less memory usage
835
+             - much more precise retransmissions timing
836
+             - params: - retr_timer1p1, retr_timer1p2, retr_timer1p3 removed
837
+                         and replaced by retr_timer1 and retr_timer2
838
+                       - all timer values are now expressed in milliseconds
839
+                         (they were in seconds before).
840
+                         Affected params: fr_timer, fr_inv_timer, wt_timer,
841
+                         delete_timer, retr_timer1, retr_timer2
842
+                       - retr_timer1 (first retransmission) changed to 500 ms
843
+                       - delete_timer changed to 200 ms
844
+                       - unix_tx_timeout expressed now in milliseconds; default
845
+                         value changed to 500 ms
846
+             - functions:
847
+                       - t_branch_timeout() -- returns true if the failure
848
+                         route is executed for a branch that did timeout
849
+                         (failure_route only).
850
+                       - t_branch_replied() -- returns true if the failure 
851
+                         route is executed for a branch that did receive at
852
+                         least one reply in the past (the current reply 
853
+                          is not taken into account). It can be used
854
+                         together with t_branch_timeout() to distinguish 
855
+                         between a remote side that doesn't respond (some 
856
+                         provisional reply received) and one that is completely
857
+                          dead. (failure_route only)
858
+                       - t_any_timeout() -- returns true if any of the current
859