etc/kamailio.cfg
36c4036b
 #!KAMAILIO
4b8ad64a
 #
 # $Id$
 #
9069082a
 # Kamailio (OpenSER) SIP Server v3.0 - basic configuration script
1af1c668
 #     - web: http://www.kamailio.org
5adb83ef
 #     - git: http://sip-router.org
de69aa6e
 #
 # Direct your questions about this file to: <users@lists.kamailio.org>
2ec46fbb
 #
1af1c668
 # Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php
 # for an explanation of possible statements, functions and parameters.
 #
9069082a
 # Several features can be enabled using '#!define WITH_FEATURE' directives:
1af1c668
 #
9069082a
 # *** To run in debug mode: 
 #     - define WITH_DEBUG
1af1c668
 #
9069082a
 # *** To enable mysql: 
 #     - define WITH_MYSQL
 #
 # *** To enable authentication execute:
1af1c668
 #     - enable mysql
9069082a
 #     - define WITH_AUTH
1af1c668
 #     - add users using 'kamctl'
 #
9069082a
 # *** To enable persistent user location execute:
1af1c668
 #     - enable mysql
9069082a
 #     - define WITH_USRLOCDB
1af1c668
 #
9069082a
 # *** To enable presence server execute:
1af1c668
 #     - enable mysql
9069082a
 #     - define WITH_PRESENCE
1af1c668
 #
9069082a
 # *** To enable nat traversal execute:
 #     - define WITH_NAT
1af1c668
 #     - install RTPProxy: http://www.rtpproxy.org
 #     - start RTPProxy:
 #        rtpproxy -l _your_public_ip_ -s udp:localhost:7722
 #
a9e4d86e
 # *** To enable PSTN gateway routing execute:
 #     - define WITH_PSTN
 #     - set the value of pstn.gw_ip
 #     - check route[PSTN] for regexp routing condition
 #
1af1c668
 # *** To enhance accounting execute:
 #     - enable mysql
9069082a
 #     - define WITH_ACCDB
ad87f9b3
 #     - add following columns to database
9069082a
 #!ifdef ACCDB_COMMENT
   ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
   ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
   ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
   ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
   ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
   ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
   ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
   ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
6087434f
   ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
9069082a
   ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
 #!endif
4b8ad64a
 
2ec46fbb
 
 ####### Global Parameters #########
4b8ad64a
 
9069082a
 #!ifdef WITH_DEBUG
 debug=4
 log_stderror=yes
 #!else
762ab0f1
 debug=2
9069082a
 log_stderror=no
 #!endif
 
5adb83ef
 memdbg=5
 memlog=5
9069082a
 
2ec46fbb
 log_facility=LOG_LOCAL0
4b8ad64a
 
2ec46fbb
 fork=yes
 children=4
42ee1c91
 
2ec46fbb
 /* uncomment the next line to disable TCP (default on) */
 #disable_tcp=yes
 
 /* uncomment the next line to disable the auto discovery of local aliases
    based on revers DNS on IPs (default on) */
 #auto_aliases=no
 
 port=5060
 
58ecbfc1
 /* uncomment and configure the following line if you want Kamailio to 
2ec46fbb
    bind on a specific interface/port/proto (default bind on all available) */
9069082a
 #listen=udp:10.0.0.10:5060
2ec46fbb
 
 
a9e4d86e
 ####### Custom Parameters #########
 
 # These parameters can be modified runtime via RPC interface
 # - see the documentation of 'cfg_rpc' module.
 #
 # Format: group.id = value 'desc' description
 # Access: $sel(cfg_get.group.id) or @cfg_get.group.id
 #
 
 #!ifdef WITH_PSTN
 # PSTN GW Routing
 #
 # - pstn.gw_ip: valid IP or hostname as string value, example:
 # pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
 #
 # - by default is empty to avoid misrouting
 pstn.gw_ip = "" desc "PSTN GW Address"
 #!endif
 
 
2ec46fbb
 ####### Modules Section ########
4b8ad64a
 
3649b57e
 #set module path
974e9143
 mpath="/usr/local/lib/kamailio/modules_k/:/usr/local/lib/kamailio/modules/"
3649b57e
 
2ec46fbb
 /* uncomment next line for MySQL DB support */
9069082a
 #!ifdef WITH_MYSQL
 loadmodule "db_mysql.so"
 #!endif
de69aa6e
 loadmodule "mi_fifo.so"
5adb83ef
 loadmodule "kex.so"
3649b57e
 loadmodule "tm.so"
5adb83ef
 loadmodule "tmx.so"
762ab0f1
 loadmodule "sl.so"
3649b57e
 loadmodule "rr.so"
9a63b314
 loadmodule "pv.so"
3649b57e
 loadmodule "maxfwd.so"
 loadmodule "usrloc.so"
 loadmodule "registrar.so"
 loadmodule "textops.so"
2ec46fbb
 loadmodule "uri_db.so"
af41c841
 loadmodule "siputils.so"
2ec46fbb
 loadmodule "xlog.so"
aa569991
 loadmodule "sanity.so"
80a8fc22
 loadmodule "ctl.so"
 loadmodule "mi_rpc.so"
2ec46fbb
 loadmodule "acc.so"
9069082a
 #!ifdef WITH_AUTH
 loadmodule "auth.so"
 loadmodule "auth_db.so"
 #!endif
2ec46fbb
 /* uncomment next line for aliases support
b29652d3
    NOTE: a DB (like db_mysql) module must be also loaded */
2ec46fbb
 #loadmodule "alias_db.so"
 /* uncomment next line for multi-domain support
b29652d3
    NOTE: a DB (like db_mysql) module must be also loaded
2ec46fbb
    NOTE: be sure and enable multi-domain support in all used modules
          (see "multi-module params" section ) */
 #loadmodule "domain.so"
9069082a
 #!ifdef WITH_PRESENCE
 loadmodule "presence.so"
 loadmodule "presence_xml.so"
 #!endif
2ec46fbb
 
9069082a
 #!ifdef WITH_NAT
 loadmodule "nathelper.so"
 #!endif
4b8ad64a
 
 # ----------------- setting module-specific parameters ---------------
 
f136276a
 
2ec46fbb
 # ----- mi_fifo params -----
58ecbfc1
 modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
f136276a
 
4b8ad64a
 
2ec46fbb
 # ----- rr params -----
 # add value to ;lr param to cope with most of the UAs
 modparam("rr", "enable_full_lr", 1)
 # do not append from tag to the RR (no need for this script)
 modparam("rr", "append_fromtag", 0)
 
 
 # ----- rr params -----
 modparam("registrar", "method_filtering", 1)
 /* uncomment the next line to disable parallel forking via location */
 # modparam("registrar", "append_branches", 0)
 /* uncomment the next line not to allow more than 10 contacts per AOR */
 #modparam("registrar", "max_contacts", 10)
 
 
 # ----- uri_db params -----
 /* by default we disable the DB support in the module as we do not need it
    in this configuration */
 modparam("uri_db", "use_uri_table", 0)
 modparam("uri_db", "db_url", "")
 
 
 # ----- acc params -----
 /* what sepcial events should be accounted ? */
 modparam("acc", "early_media", 1)
 modparam("acc", "report_ack", 1)
 modparam("acc", "report_cancels", 1)
 /* by default ww do not adjust the direct of the sequential requests.
    if you enable this parameter, be sure the enable "append_fromtag"
    in "rr" module */
 modparam("acc", "detect_direction", 0)
 /* account triggers (flags) */
 modparam("acc", "failed_transaction_flag", 3)
 modparam("acc", "log_flag", 1)
 modparam("acc", "log_missed_flag", 2)
1af1c668
 modparam("acc", "log_extra", 
 	"src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
9069082a
 /* enhanced DB accounting */
 #!ifdef WITH_ACCDB
 modparam("acc", "db_flag", 1)
 modparam("acc", "db_missed_flag", 2)
 modparam("acc", "db_url",
 	"mysql://openser:openserrw@localhost/openser")
 modparam("acc", "db_extra",
 	"src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
 #!endif
2ec46fbb
 
 # ----- usrloc params -----
9069082a
 /* enable DB persistency for location entries */
 #!ifdef WITH_USRLOCDB
 modparam("usrloc", "db_mode",   2)
 modparam("usrloc", "db_url",
 	"mysql://openser:openserrw@localhost/openser")
 #!endif
4b8ad64a
 
2ec46fbb
 # ----- auth_db params -----
9069082a
 /* enable the DB based authentication */
 #!ifdef WITH_AUTH
 modparam("auth_db", "calculate_ha1", yes)
 modparam("auth_db", "password_column", "password")
 modparam("auth_db", "db_url",
 	"mysql://openser:openserrw@localhost/openser")
 modparam("auth_db", "load_credentials", "")
 #!endif
2ec46fbb
 
 # ----- alias_db params -----
 /* uncomment the following lines if you want to enable the DB based
    aliases */
 #modparam("alias_db", "db_url",
50e5434a
 #	"mysql://openser:openserrw@localhost/openser")
2ec46fbb
 
 
 # ----- domain params -----
 /* uncomment the following lines to enable multi-domain detection
    support */
 #modparam("domain", "db_url",
50e5434a
 #	"mysql://openser:openserrw@localhost/openser")
2ec46fbb
 #modparam("domain", "db_mode", 1)   # Use caching
 
 
 # ----- multi-module params -----
 /* uncomment the following line if you want to enable multi-domain support
    in the modules (dafault off) */
 #modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)
 
 
 # ----- presence params -----
9069082a
 /* enable presence server support */
 #!ifdef WITH_PRESENCE
 modparam("presence|presence_xml", "db_url",
 	"mysql://openser:openserrw@localhost/openser")
 modparam("presence_xml", "force_active", 1)
 modparam("presence", "server_address", "sip:10.0.0.10:5060")
 #!endif
 
 # ----- nathelper -----
 #!ifdef WITH_NAT
 modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722")
 modparam("nathelper", "natping_interval", 30)
 modparam("nathelper", "ping_nated_only", 1)
 modparam("nathelper", "sipping_bflag", 7)
 modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
 modparam("registrar|nathelper", "received_avp", "$avp(i:80)")
 modparam("usrloc", "nat_bflag", 6)
 #!endif
4b8ad64a
 
2ec46fbb
 ####### Routing Logic ########
4b8ad64a
 
2ec46fbb
 
 # main request routing logic
4b8ad64a
 
 route{
 
 	if (!mf_process_maxfwd_header("10")) {
 		sl_send_reply("483","Too Many Hops");
155cb06f
 		exit;
2ec46fbb
 	}
 
aa569991
 	if(!sanity_check("1511", "7"))
 	{
 		xlog("Malformed SIP message from $si:$sp\n");
 		exit;
 	}
 
2e7b3626
 	# NAT detection
489ddd13
 	route(NAT);
2e7b3626
 
2ec46fbb
 	if (has_totag()) {
 		# sequential request withing a dialog should
 		# take the path determined by record-routing
 		if (loose_route()) {
 			if (is_method("BYE")) {
7c9b77da
 				setflag(1); # do accounting ...
2ec46fbb
 				setflag(3); # ... even if the transaction fails
 			}
99d434e5
 			route(RELAY);
2ec46fbb
 		} else {
1af1c668
 			if (is_method("SUBSCRIBE") && uri == myself) {
 				# in-dialog subscribe requests
489ddd13
 				route(PRESENCE);
1af1c668
 				exit;
 			}
2c832401
 			if ( is_method("ACK") ) {
 				if ( t_check_trans() ) {
 					# non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server
 					t_relay();
 					exit;
 				} else {
 					# ACK without matching transaction ... ignore and discard.\n");
 					exit;
 				}
 			}
 			sl_send_reply("404","Not here");
2ec46fbb
 		}
 		exit;
 	}
155cb06f
 
2ec46fbb
 	#initial requests
 
 	# CANCEL processing
 	if (is_method("CANCEL"))
 	{
 		if (t_check_trans())
 			t_relay();
155cb06f
 		exit;
2ec46fbb
 	}
 
 	t_check_trans();
 
1af1c668
 	# authentication
489ddd13
 	route(AUTH);
2ec46fbb
 
e3b1dd26
 	# record routing for dialog forming requests (in case they are routed)
a9e4d86e
 	# - remove preloaded route headers
 	remove_hf("Route");
e3b1dd26
 	if (is_method("INVITE|SUBSCRIBE"))
155cb06f
 		record_route();
4b8ad64a
 
2ec46fbb
 	# account only INVITEs
 	if (is_method("INVITE")) {
7c9b77da
 		setflag(1); # do accounting
2ec46fbb
 	}
 	if (!uri==myself)
 	/* replace with following line if multi-domain support is used */
 	##if (!is_uri_host_local())
 	{
4b8ad64a
 		append_hf("P-hint: outbound\r\n"); 
489ddd13
 		route(RELAY);
2ec46fbb
 	}
 
 	# requests for my domain
af4032cb
 
1af1c668
 	if( is_method("PUBLISH|SUBSCRIBE"))
489ddd13
 		route(PRESENCE);
2ec46fbb
 
 	if (is_method("REGISTER"))
 	{
2a67b253
 		if(isflagset(5))
 		{
 			setbflag("6");
9069082a
 			# uncomment next line to do SIP NAT pinging 
 			## setbflag("7");
2a67b253
 		}
2ec46fbb
 		if (!save("location"))
 			sl_reply_error();
4b8ad64a
 
2ec46fbb
 		exit;
 	}
4b8ad64a
 
5adb83ef
 	if ($rU==$null) {
2ec46fbb
 		# request with no Username in RURI
 		sl_send_reply("484","Address Incomplete");
 		exit;
 	}
 
a9e4d86e
 	route(PSTN);
 
2ec46fbb
 	# apply DB based aliases (uncomment to enable)
 	##alias_db_lookup("dbaliases");
 
 	if (!lookup("location")) {
5adb83ef
 		switch ($rc) {
2ec46fbb
 			case -1:
 			case -3:
 				t_newtran();
 				t_reply("404", "Not Found");
 				exit;
 			case -2:
 				sl_send_reply("405", "Method Not Allowed");
 				exit;
 		}
 	}
 
 	# when routing via usrloc, log the missed calls also
 	setflag(2);
155cb06f
 
489ddd13
 	route(RELAY);
4b8ad64a
 }
 
155cb06f
 
489ddd13
 route[RELAY] {
9069082a
 #!ifdef WITH_NAT
 	if (check_route_param("nat=yes")) {
 		setbflag("6");
 	}
 	if (isflagset(5) || isbflagset("6")) {
 		route(RTPPROXY);
 	}
 #!endif
1af1c668
 
de69aa6e
 	/* example how to enable some additional event routes */
1af1c668
 	if (is_method("INVITE")) {
489ddd13
 		#t_on_branch("BRANCH_ONE");
 		t_on_reply("REPLY_ONE");
 		t_on_failure("FAIL_ONE");
1af1c668
 	}
2ec46fbb
 
4b8ad64a
 	if (!t_relay()) {
 		sl_reply_error();
1af1c668
 	}
155cb06f
 	exit;
4b8ad64a
 }
 
af4032cb
 
9069082a
 # Presence server route
489ddd13
 route[PRESENCE]
1af1c668
 {
9069082a
 #!ifdef WITH_PRESENCE
 	if (!t_newtran())
 	{
 		sl_reply_error();
 		exit;
 	};
 
 	if(is_method("PUBLISH"))
 	{
 		handle_publish();
 		t_release();
 	}
 	else
 	if( is_method("SUBSCRIBE"))
 	{
 		handle_subscribe();
 		t_release();
 	}
 	exit;
 #!endif
1af1c668
 	
 	# if presence enabled, this part will not be executed
5adb83ef
 	if (is_method("PUBLISH") || $rU==$null)
1af1c668
 	{
 		sl_send_reply("404", "Not here");
 		exit;
 	}
 	return;
 }
 
 # Authentication route
489ddd13
 route[AUTH] {
9069082a
 #!ifdef WITH_AUTH
 	if (is_method("REGISTER"))
 	{
 		# authenticate the REGISTER requests (uncomment to enable auth)
 		if (!www_authorize("", "subscriber"))
 		{
 			www_challenge("", "0");
 			exit;
 		}
 
 		if ($au!=$tU)
 		{
 			sl_send_reply("403","Forbidden auth ID");
 			exit;
 		}
 	} else {
 		# authenticate if from local subscriber (uncomment to enable auth)
 		if (from_uri==myself)
 		{
 			if (!proxy_authorize("", "subscriber")) {
 				proxy_challenge("", "0");
 				exit;
 			}
 			if (is_method("PUBLISH"))
 			{
 				if ($au!=$tU) {
 					sl_send_reply("403","Forbidden auth ID");
 					exit;
 				}
 			} else {
 				if ($au!=$fU) {
 					sl_send_reply("403","Forbidden auth ID");
 					exit;
 				}
 			}
 
 			consume_credentials();
 			# caller authenticated
 		}
 	}
 #!endif
1af1c668
 	return;
2ec46fbb
 }
 
1af1c668
 # Caller NAT detection route
489ddd13
 route[NAT]{
9069082a
 #!ifdef WITH_NAT
 	force_rport();
 	if (nat_uac_test("19")) {
 		if (method=="REGISTER") {
 			fix_nated_register();
 		} else {
 			fix_nated_contact();
 		}
 		setflag(5);
 	}
 #!endif
1af1c668
 	return;
 }
 
 # RTPProxy control
489ddd13
 route[RTPPROXY] {
9069082a
 #!ifdef WITH_NAT
 	if (is_method("BYE")) {
 		unforce_rtp_proxy();
 	} else if (is_method("INVITE")){
 		force_rtp_proxy();
 	}
 	if (!has_totag()) add_rr_param(";nat=yes");
 #!endif
1af1c668
 	return;
 }
2ec46fbb
 
a9e4d86e
 # PSTN GW routing
 route[PSTN] {
 #!ifdef WITH_PSTN
 	# check if PSTN GW IP is defined
 	if (strempty($sel(cfg_get.pstn.gw_ip))) {
 		xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");
 		return;
 	}
 
 	# route to PSTN dialed numbers starting with '+' or '00'
 	#     (international format)
 	# - update the condition to match your dialing rules for PSTN routing
 	if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))
 		return;
 
 	# only local users allowed to call
 	if(from_uri!=myself) {
 		sl_send_reply("403", "Not Allowed");
 		exit;
 	}
 
 	$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
 
 	route(RELAY);
 	exit;
 #!endif
 
 	return;
 }
 
9069082a
 # Sample branch router
489ddd13
 branch_route[BRANCH_ONE] {
1af1c668
 	xdbg("new branch at $ru\n");
 }
 
9069082a
 # Sample onreply route
489ddd13
 onreply_route[REPLY_ONE] {
1af1c668
 	xdbg("incoming reply\n");
9069082a
 #!ifdef WITH_NAT
 	if ((isflagset(5) || isbflagset("6")) && status=~"(183)|(2[0-9][0-9])") {
 		force_rtp_proxy();
 	}
 	if (isbflagset("6")) {
 		fix_nated_contact();
 	}
 #!endif
2ec46fbb
 }
 
9069082a
 # Sample failure route
489ddd13
 failure_route[FAIL_ONE] {
9069082a
 #!ifdef WITH_NAT
 	if (is_method("INVITE")
 			&& (isbflagset("6") || isflagset(5))) {
 		unforce_rtp_proxy();
 	}
 #!endif
1af1c668
 
5adb83ef
 	if (t_is_canceled()) {
2ec46fbb
 		exit;
 	}
 
 	# uncomment the following lines if you want to block client 
 	# redirect based on 3xx replies.
 	##if (t_check_status("3[0-9][0-9]")) {
 	##t_reply("404","Not found");
 	##	exit;
 	##}
 
 	# uncomment the following lines if you want to redirect the failed 
 	# calls to a different new destination
 	##if (t_check_status("486|408")) {
 	##	sethostport("192.168.2.100:5060");
 	##	append_branch();
 	##	# do not set the missed call flag again
 	##	t_relay();
 	##}
 }