Browse code

- updated with more examples - extra accounting - nat traversal with nathelper and rtpproxy - easier system to enable features using sed command

git-svn-id: https://openser.svn.sourceforge.net/svnroot/openser/trunk@5650 689a6050-402a-0410-94f2-e92a70836424

Elena-Ramona Modroiu authored on 02/03/2009 10:57:30
Showing 1 changed files
... ...
@@ -1,12 +1,56 @@
1 1
 #
2 2
 # $Id$
3 3
 #
4
-# Kamailion basic configuration script
4
+# Kamailio (OpenSER) SIP Server - basic configuration script
5
+#     - web: http://www.kamailio.org
6
+#     - svn: http://openser.svn.sourceforge.net/viewvc/openser/
5 7
 #
6 8
 # Direct your questions about this file to: <users@lists.kamailio.org>
7 9
 #
8
-# Please refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php
9
-# for a explanation of possible statements, functions and parameters.
10
+# Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php
11
+# for an explanation of possible statements, functions and parameters.
12
+#
13
+# There are comments showing how to enable different features in th econfig
14
+# file. Such commented code starts with #X# where X is a letter to identify
15
+# a feature. Delete entire #X# if you want to enable that feature. Next are
16
+# sed commands that help you enable such features.
17
+#
18
+# *** To enamble mysql execute:
19
+#     sed -i 's/#m#//g' kamailio.cfg
20
+#
21
+# *** To enamble authentication execute:
22
+#     - enable mysql
23
+#     sed -i 's/#a#//g' kamailio.cfg
24
+#     - add users using 'kamctl'
25
+#
26
+# *** To enamble persistent user location execute:
27
+#     - enable mysql
28
+#     sed -i 's/#u#//g' kamailio.cfg
29
+#
30
+# *** To enamble presence server execute:
31
+#     - enable mysql
32
+#     sed -i 's/#p#//g' kamailio.cfg
33
+#
34
+# *** To enamble nat traversal execute:
35
+#     sed -i 's/#n#//g' kamailio.cfg
36
+#     - install RTPProxy: http://www.rtpproxy.org
37
+#     - start RTPProxy:
38
+#        rtpproxy -l _your_public_ip_ -s udp:localhost:7722
39
+#
40
+# *** To enhance accounting execute:
41
+#     - enable mysql
42
+#     sed -i 's/#c#//g' kamailio.cfg
43
+#     - add folowing columns to database
44
+# ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
45
+# ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
46
+# ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
47
+# ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
48
+# ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
49
+# ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
50
+# ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
51
+# ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
52
+# ALTER TABLE missed_call ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
53
+# ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
10 54
 #
11 55
 
12 56
 
... ...
@@ -64,7 +108,7 @@ port=5060
64 108
 mpath="/usr/local/lib/kamailio/modules/"
65 109
 
66 110
 /* uncomment next line for MySQL DB support */
67
-#loadmodule "db_mysql.so"
111
+#m#loadmodule "db_mysql.so"
68 112
 loadmodule "mi_fifo.so"
69 113
 loadmodule "sl.so"
70 114
 loadmodule "tm.so"
... ...
@@ -80,8 +124,8 @@ loadmodule "xlog.so"
80 124
 loadmodule "acc.so"
81 125
 /* uncomment next lines for MySQL based authentication support 
82 126
    NOTE: a DB (like db_mysql) module must be also loaded */
83
-#loadmodule "auth.so"
84
-#loadmodule "auth_db.so"
127
+#a#loadmodule "auth.so"
128
+#a#loadmodule "auth_db.so"
85 129
 /* uncomment next line for aliases support
86 130
    NOTE: a DB (like db_mysql) module must be also loaded */
87 131
 #loadmodule "alias_db.so"
... ...
@@ -92,9 +136,10 @@ loadmodule "acc.so"
92 136
 #loadmodule "domain.so"
93 137
 /* uncomment the next two lines for presence server support
94 138
    NOTE: a DB (like db_mysql) module must be also loaded */
95
-#loadmodule "presence.so"
96
-#loadmodule "presence_xml.so"
139
+#p#loadmodule "presence.so"
140
+#p#loadmodule "presence_xml.so"
97 141
 
142
+#n#loadmodule "nathelper.so"
98 143
 
99 144
 # ----------------- setting module-specific parameters ---------------
100 145
 
... ...
@@ -138,28 +183,32 @@ modparam("acc", "detect_direction", 0)
138 183
 modparam("acc", "failed_transaction_flag", 3)
139 184
 modparam("acc", "log_flag", 1)
140 185
 modparam("acc", "log_missed_flag", 2)
186
+modparam("acc", "log_extra", 
187
+	"src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
141 188
 /* uncomment the following lines to enable DB accounting also */
142
-modparam("acc", "db_flag", 1)
143
-modparam("acc", "db_missed_flag", 2)
189
+#c#modparam("acc", "db_flag", 1)
190
+#c#modparam("acc", "db_missed_flag", 2)
191
+#c#modparam("domain", "db_url",
192
+#c#	"mysql://openser:openserrw@localhost/openser")
193
+#c#modparam("acc", "db_extra",
194
+#c#	"src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
144 195
 
145 196
 
146 197
 # ----- usrloc params -----
147
-modparam("usrloc", "db_mode",   0)
148 198
 /* uncomment the following lines if you want to enable DB persistency
149 199
    for location entries */
150
-#modparam("usrloc", "db_mode",   2)
151
-#modparam("usrloc", "db_url",
152
-#	"mysql://openser:openserrw@localhost/openser")
153
-
200
+#u#modparam("usrloc", "db_mode",   2)
201
+#u#modparam("usrloc", "db_url",
202
+#u#	"mysql://openser:openserrw@localhost/openser")
154 203
 
155 204
 # ----- auth_db params -----
156 205
 /* uncomment the following lines if you want to enable the DB based
157 206
    authentication */
158
-#modparam("auth_db", "calculate_ha1", yes)
159
-#modparam("auth_db", "password_column", "password")
160
-#modparam("auth_db", "db_url",
161
-#	"mysql://openser:openserrw@localhost/openser")
162
-#modparam("auth_db", "load_credentials", "")
207
+#a#modparam("auth_db", "calculate_ha1", yes)
208
+#a#modparam("auth_db", "password_column", "password")
209
+#a#modparam("auth_db", "db_url",
210
+#a#	"mysql://openser:openserrw@localhost/openser")
211
+#a#modparam("auth_db", "load_credentials", "")
163 212
 
164 213
 
165 214
 # ----- alias_db params -----
... ...
@@ -185,11 +234,19 @@ modparam("usrloc", "db_mode",   0)
185 234
 
186 235
 # ----- presence params -----
187 236
 /* uncomment the following lines if you want to enable presence */
188
-#modparam("presence|presence_xml", "db_url",
189
-#	"mysql://openser:openserrw@localhost/openser")
190
-#modparam("presence_xml", "force_active", 1)
191
-#modparam("presence", "server_address", "sip:192.168.1.2:5060")
192
-
237
+#p#modparam("presence|presence_xml", "db_url",
238
+#p#	"mysql://openser:openserrw@localhost/openser")
239
+#p#modparam("presence_xml", "force_active", 1)
240
+#p#modparam("presence", "server_address", "sip:192.168.1.2:5060")
241
+
242
+# -- nathelper
243
+#n#modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722")
244
+#n#modparam("nathelper", "natping_interval", 30)
245
+#n#modparam("nathelper", "ping_nated_only", 1)
246
+#n#modparam("nathelper", "sipping_bflag", 7)
247
+#n#modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
248
+#n#modparam("registrar|nathelper", "received_avp", "$avp(i:80)")
249
+#n#modparam("usrloc", "nat_bflag", 6)
193 250
 
194 251
 ####### Routing Logic ########
195 252
 
... ...
@@ -213,12 +270,11 @@ route{
213 270
 			}
214 271
 			route(1);
215 272
 		} else {
216
-			/* uncomment the following lines if you want to enable presence */
217
-			##if (is_method("SUBSCRIBE") && $rd == "your.server.ip.address") {
218
-			##	# in-dialog subscribe requests
219
-			##	route(2);
220
-			##	exit;
221
-			##}
273
+			if (is_method("SUBSCRIBE") && uri == myself) {
274
+				# in-dialog subscribe requests
275
+				route(2);
276
+				exit;
277
+			}
222 278
 			if ( is_method("ACK") ) {
223 279
 				if ( t_check_trans() ) {
224 280
 					# non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server
... ...
@@ -246,21 +302,8 @@ route{
246 302
 
247 303
 	t_check_trans();
248 304
 
249
-	# authenticate if from local subscriber (uncomment to enable auth)
250
-	##if (!(method=="REGISTER") && from_uri==myself)
251
-	##{
252
-	##	if (!proxy_authorize("", "subscriber")) {
253
-	##		proxy_challenge("", "0");
254
-	##		exit;
255
-	##	}
256
-	##	if (!check_from()) {
257
-	##		sl_send_reply("403","Forbidden auth ID");
258
-	##		exit;
259
-	##	}
260
-	##
261
-	##	consume_credentials();
262
-	##	# caller authenticated
263
-	##}
305
+	# authentication
306
+	route(3);
264 307
 
265 308
 	# record routing
266 309
 	if (!is_method("REGISTER|MESSAGE"))
... ...
@@ -288,34 +331,11 @@ route{
288 331
 
289 332
 	# requests for my domain
290 333
 
291
-	/* uncomment this if you want to enable presence server 
292
-	   and comment the next 'if' block
293
-	   NOTE: uncomment also the definition of route[2] from  below */
294
-	##if( is_method("PUBLISH|SUBSCRIBE"))
295
-	##		route(2);
296
-
297
-	if (is_method("PUBLISH"))
298
-	{
299
-		sl_send_reply("503", "Service Unavailable");
300
-		exit;
301
-	}
302
-	
334
+	if( is_method("PUBLISH|SUBSCRIBE"))
335
+		route(2);
303 336
 
304 337
 	if (is_method("REGISTER"))
305 338
 	{
306
-		# authenticate the REGISTER requests (uncomment to enable auth)
307
-		##if (!www_authorize("", "subscriber"))
308
-		##{
309
-		##	www_challenge("", "0");
310
-		##	exit;
311
-		##}
312
-		##
313
-		##if (!check_to()) 
314
-		##{
315
-		##	sl_send_reply("403","Forbidden auth ID");
316
-		##	exit;
317
-		##}
318
-
319 339
 		if (!save("location"))
320 340
 			sl_reply_error();
321 341
 
... ...
@@ -352,59 +372,154 @@ route{
352 372
 
353 373
 
354 374
 route[1] {
375
+#n#	if (check_route_param("nat=yes")) {
376
+#n#		setbflag(6);
377
+#n#	}
378
+#n#	if (isflagset(5) || isbflagset(6)) {
379
+#n#		route(5);
380
+#n#	}
381
+
355 382
 	/* example how to enable some additional event routes */
356
-	##if (is_method("INVITE")) {
357
-	##	t_on_branch("2");
358
-	##	t_on_reply("2");
359
-	##	t_on_failure("1");
360
-	##}
383
+	if (is_method("INVITE")) {
384
+		#t_on_branch("1");
385
+		t_on_reply("1");
386
+		t_on_failure("1");
387
+	}
361 388
 
362 389
 	if (!t_relay()) {
363 390
 		sl_reply_error();
364
-	};
391
+	}
365 392
 	exit;
366 393
 }
367 394
 
368 395
 
369 396
 # Presence route
370
-/* uncomment the whole following route for enabling presence
371
-   NOTE: do not forget to enable the call of this route from the main
372
-     route */
373
-##route[2]
374
-##{
375
-##	if (!t_newtran())
376
-##	{
377
-##		sl_reply_error();
378
-##		exit;
379
-##	};
380
-##
381
-##	if(is_method("PUBLISH"))
382
-##	{
383
-##		handle_publish();
384
-##		t_release();
385
-##	}
386
-##	else
387
-##	if( is_method("SUBSCRIBE"))
388
-##	{
389
-##		handle_subscribe();
390
-##		t_release();
391
-##	}
392
-##
393
-##	exit;
394
-##}
395
-
396
-
397
-branch_route[2] {
398
-	xlog("new branch at $ru\n");
397
+/* uncomment the whole following route for enabling presence server */
398
+route[2]
399
+{
400
+#p#	if (!t_newtran())
401
+#p#	{
402
+#p#		sl_reply_error();
403
+#p#		exit;
404
+#p#	};
405
+#p#
406
+#p#	if(is_method("PUBLISH"))
407
+#p#	{
408
+#p#		handle_publish();
409
+#p#		t_release();
410
+#p#	}
411
+#p#	else
412
+#p#	if( is_method("SUBSCRIBE"))
413
+#p#	{
414
+#p#		handle_subscribe();
415
+#p#		t_release();
416
+#p#	}
417
+#p#	exit;
418
+	
419
+	# if presence enabled, this part will not be executed
420
+	if (is_method("PUBLISH") || $rU==null)
421
+	{
422
+		sl_send_reply("404", "Not here");
423
+		exit;
424
+	}
425
+	return;
426
+}
427
+
428
+# Authentication route
429
+/* uncomment the whole following route for enabling authentication */
430
+route[3] {
431
+#a#	if (is_method("REGISTER"))
432
+#a#	{
433
+#a#		# authenticate the REGISTER requests (uncomment to enable auth)
434
+#a#		if (!www_authorize("", "subscriber"))
435
+#a#		{
436
+#a#			www_challenge("", "0");
437
+#a#			exit;
438
+#a#		}
439
+#a#
440
+#a#		if ($au!=$tU) 
441
+#a#		{
442
+#a#			sl_send_reply("403","Forbidden auth ID");
443
+#a#			exit;
444
+#a#		}
445
+#a#	} else {
446
+#a#		# authenticate if from local subscriber (uncomment to enable auth)
447
+#a#		if (from_uri==myself)
448
+#a#		{
449
+#a#			if (!proxy_authorize("", "subscriber")) {
450
+#a#				proxy_challenge("", "0");
451
+#a#				exit;
452
+#a#			}
453
+#a#			if (is_method("PUBLISH"))
454
+#a#			{
455
+#a#				if ($au!=$tU) {
456
+#a#					sl_send_reply("403","Forbidden auth ID");
457
+#a#					exit;
458
+#a#				}
459
+#a#			} else {
460
+#a#				if ($au!=$fU) {
461
+#a#					sl_send_reply("403","Forbidden auth ID");
462
+#a#					exit;
463
+#a#				}
464
+#a#			}
465
+#a#
466
+#a#			consume_credentials();
467
+#a#			# caller authenticated
468
+#a#		}
469
+#a#	}
470
+	return;
399 471
 }
400 472
 
473
+# Caller NAT detection route
474
+/* uncomment the whole following route for enabling Caller NAT Detection */
475
+route[4]{
476
+#n#	force_rport();
477
+#n#	if (nat_uac_test("19")) {
478
+#n#		if (method=="REGISTER") {
479
+#n#			fix_nated_register();
480
+#n#		} else {
481
+#n#			fix_nated_contact();
482
+#n#		}
483
+#n#		setflag(5);
484
+#n#	}
485
+	return;
486
+}
487
+
488
+# RTPProxy control
489
+/* uncomment the whole following route for enabling RTPProxy Control */
490
+route[5] {
491
+#n#	if (is_method("BYE")) {
492
+#n#		unforce_rtp_proxy();
493
+#n#	} else if (is_method("INVITE")){
494
+#n#		force_rtp_proxy();
495
+#n#	}
496
+#n#	if (!has_totag()) add_rr_param(";nat=yes");
497
+	return;
498
+}
401 499
 
402
-onreply_route[2] {
403
-	xlog("incoming reply\n");
500
+branch_route[1] {
501
+	xdbg("new branch at $ru\n");
502
+}
503
+
504
+
505
+onreply_route[1] {
506
+	xdbg("incoming reply\n");
507
+
508
+#n#	if ((isflagset(5) || isbflagset(6)) && status=~"(183)|(2[0-9][0-9])") {
509
+#n#		force_rtp_proxy();
510
+#n#	}
511
+#n#	if (isbflagset(6)) {
512
+#n#		fix_nated_contact();
513
+#n#	}
404 514
 }
405 515
 
406 516
 
407 517
 failure_route[1] {
518
+#n#	if (is_method("INVITE)
519
+#n#			&& (isbflagset(6) || isflagset(5))) {
520
+#n#		unforce_rtp_proxy();
521
+#n#	}
522
+
408 523
 	if (t_was_cancelled()) {
409 524
 		exit;
410 525
 	}