examples: fix kamailio ims cfg file for basic volte call

misc/examples/ims/icscf/icscf.cfg.sample

@@ -1,20 +1,25 @@
 # SIP / UDP
 listen=udp:11.22.33.44:4060
 # SIP / TCP
-#listen=tcp:11.22.33.44:4060
+listen=tcp:11.22.33.44:4060
 # SIP / TCP/TLS
 #listen=tls:11.22.33.44:4061
 
 alias=ims.mnc001.mcc001.3gppnetwork.org
 
 #!define NETWORKNAME "ims.mnc001.mcc001.3gppnetwork.org"
-#!define HOSTNAME "icscf.mnc001.mcc001.3gppnetwork.org"
+#!define HOSTNAME "icscf.ims.mnc001.mcc001.3gppnetwork.org"
+
+#!subst "/NETWORKNAME/ims.mnc001.mcc001.3gppnetwork.org/"
+#!subst "/HSS_REALM/ims.mnc001.mcc001.3gppnetwork.org/"
+
+#!define ENUM_SUFFIX "ims.mnc001.mcc001.3gppnetwork.org."
 
 # SIP-Address of capturing node, if not set, capturing is disabled.
 ##!define CAPTURE_NODE "sip:127.0.0.1:9060"
 
 # Connection URL for the database:
-#!define DB_URL "con1=>mysql://icscf:[email protected]/icscf"
+#!define DB_URL "mysql://icscf:heslo@localhost/icscf"
 ##!define DB_URL2 "con2=>mysql://icscf:[email protected]/icscf"
 
 # Allowed IPs for XML-RPC-Queries
@@ -41,6 +46,7 @@ alias=ims.mnc001.mcc001.3gppnetwork.org
 #
 # Enabled Features for this host:
 ##!define WITH_DEBUG
+#!define WITH_TCP
 ##!define WITH_TLS
 #!define WITH_XMLRPC
 ##!define PEERING

misc/examples/ims/icscf/icscf.xml.sample

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <DiameterPeer 
-	FQDN="icscf.mnc001.mcc001.3gppnetwork.org"
+	FQDN="icscf.ims.mnc001.mcc001.3gppnetwork.org"
 	Realm="ims.mnc001.mcc001.3gppnetwork.org"
 	Vendor_Id="10415"
 	Product_Name="CDiameterPeer"
@@ -15,7 +15,7 @@
 	MaxAuthSessionTimeout="3600"
 >
 
-	<Peer FQDN="hss.mnc001.mcc001.3gppnetwork.org" Realm="ims.mnc001.mcc001.3gppnetwork.org" port="3868"/>
+	<Peer FQDN="hss.ims.mnc001.mcc001.3gppnetwork.org" Realm="ims.mnc001.mcc001.3gppnetwork.org" port="3868"/>
 
 	<Acceptor port="3869" bind="11.22.33.44"/>
 
@@ -30,5 +30,5 @@
         -->
         <SupportedVendor vendor="10415" />
 
-	<DefaultRoute FQDN="hss.mnc001.mcc001.3gppnetwork.org" metric="10"/>
+	<DefaultRoute FQDN="hss.ims.mnc001.mcc001.3gppnetwork.org" metric="10"/>
 </DiameterPeer>

misc/examples/ims/icscf/kamailio.cfg

@@ -50,9 +50,9 @@ server_header="Server: Kamailio I-CSCF"
 auto_aliases=no
 
 # Do SRV-Loadbalancing:
-dns_srv_lb=yes
+dns_srv_lb=on
 # Always: Also try IPv6:
-dns_try_ipv6=yes
+dns_try_ipv6=on
 # Query NAPTR-Records as well:
 dns_try_naptr=no
 
@@ -81,10 +81,10 @@ check_via=no    # (cmd. line: -v)
 dns=no          # (cmd. line: -r)
 rev_dns=no      # (cmd. line: -R)
 
-children=64
+children=4
 
 # ------------------ module loading ----------------------------------
-mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/"
+mpath="/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/:/usr/local/lib64/kamailio/modules"
 # (we try both the lib64 and the lib directory)
 loadmodule "tm"
 loadmodule "sl"
@@ -132,6 +132,7 @@ loadmodule "tls.so"
 
 #!ifdef PEERING
 loadmodule "enum"
+loadmodule "dispatcher"
 #!endif
 
 # ----------------- setting module-specific parameters ---------------
@@ -146,9 +147,9 @@ loadmodule "jsonrpcs.so"
 # ----- jsonrpcs params -----
 modparam("jsonrpcs", "pretty_format", 1)
 /* set the path to RPC fifo control file */
-# modparam("jsonrpcs", "fifo_name", "/run/kamailio/kamailio_rpc.fifo")
+modparam("jsonrpcs", "fifo_name", "/var/run/kamailio_icscf/kamailio_rpc.fifo")
 /* set the path to RPC unix socket control file */
-# modparam("jsonrpcs", "dgram_socket", "/run/kamailio/kamailio_rpc.sock")
+modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio_icscf/kamailio_rpc.sock")
 
 # -- rr params --
 # add value to ;lr param to make some broken UAs happy
@@ -162,7 +163,7 @@ modparam("cdp", "config_file", "/etc/kamailio_icscf/icscf.xml")
 #!ifdef CXDX_FORCED_PEER
 modparam("ims_icscf", "cxdx_forced_peer", CXDX_FORCED_PEER)
 #!endif
-modparam("ims_icscf", "cxdx_dest_realm", NETWORKNAME)
+modparam("ims_icscf","cxdx_dest_realm", "HSS_REALM")
 
 # DB-URL, where information about S-CSCF-Server can be found:
 #!ifdef DB_URL2
@@ -182,7 +183,7 @@ modparam("ims_icscf", "route_uar_user_unknown", "uar_term_user_unknown")
 
 #!ifdef WITH_TLS
 # ----- tls params -----
-modparam("tls", "config", "/etc/kamailio/tls.cfg")
+modparam("tls", "config", "/etc/kamailio_icscf/tls.cfg")
 #!endif
 
 #!ifdef WITH_XMLRPC
@@ -192,7 +193,7 @@ modparam("xmlrpc", "url_match", "^/RPC")
 #!endif
 
 # ----- ctl params -----
-modparam("ctl", "binrpc", "unix:/run/kamailio_icscf/kamailio_ctl")
+modparam("ctl", "binrpc", "unix:/var/run/kamailio_icscf/kamailio_ctl")
 
 #!ifdef WITH_DEBUG
 # ----- debugger params -----
@@ -221,9 +222,10 @@ modparam("tm", "failure_reply_mode", 3)
 modparam("tm", "fr_timer", 10000)
 # default invite retransmission timeout after 1xx: 120sec
 modparam("tm", "fr_inv_timer", 120000)
+# Don't reply automatically with "100 Trying"
+modparam("tm", "auto_inv_100", 0)
 
 #!ifdef WITH_DEBUG
-loadmodule "debugger.so"
 modparam("debugger", "mod_hash_size", 5)
 modparam("debugger", "mod_level_mode", 1)
 modparam("debugger", "mod_level", "cdp=3")
@@ -244,6 +246,12 @@ route{
 	if (is_method("REGISTER")) {
 		route(register);
 	}
+	if (is_method("NOTIFY") && search("^(Event|o)([ \t]*):([ \t]*)reg")) {
+		if (!t_relay()) {
+			sl_reply_error();
+		}
+		exit;
+	}
 
 	if (is_method("INVITE|SUBSCRIBE|MESSAGE|INFO|PUBLISH|CANCEL")) {
 		route(initial_request);
@@ -446,6 +454,8 @@ failure_route[register_failure]
 ######################################################################
 route[initial_request]
 {
+#	$avp(prefix)="+";
+#	$ru= $(ru{s.rm,$avp(prefix)});
 	xlog("$$ru => $ru\n");
 	I_perform_location_information_request("LIR_REPLY", "0");
 }
@@ -559,8 +569,6 @@ route[lir_term_user_unknown]
 	};
 }
 
-}
-
 ######################################################################
 # Send calls to the PSTN-Gateways:
 ######################################################################

misc/examples/ims/pcscf/kamailio.cfg

@@ -57,13 +57,17 @@ mlock_pages=yes
 shm_force_alloc=yes
 
 # Do SRV-Loadbalancing:
-dns_srv_lb=yes
+dns_srv_lb=on
 # Always prefer IPv6:
-dns_try_ipv6=yes
+dns_try_ipv6=on
+# Always prefer IPv6:
+dns_cache_flags=4
 # DNS-Based failover
-use_dns_failover=yes
+use_dns_failover=on
 # Query NAPTR-Records as well:
-dns_try_naptr=no
+dns_try_naptr=off
+# DNS cache won't be used (all dns lookups will result into a DNS request)
+use_dns_cache=off
 
 user_agent_header="User-Agent: TelcoSuite Proxy-CSCF"
 server_header="Server: TelcoSuite Proxy-CSCF"
@@ -71,7 +75,7 @@ server_header="Server: TelcoSuite Proxy-CSCF"
 log_facility=LOG_LOCAL0
 
 fork=yes
-children=16
+children=4
 
 #!ifndef TCP_PROCESSES
 # Number of TCP Processes
@@ -99,7 +103,7 @@ enable_tls=yes
 #!ifdef WITH_TCP
 # life time of TCP connection when there is no traffic
 # - a bit higher than registration expires to cope with UA behind NAT
-tcp_connection_lifetime=3615
+tcp_connection_lifetime=36000
 # If a message received over a tcp connection has "alias" in its via a new tcp
 # alias port will be created for the connection the message came from (the
 # alias port will be set to the via one).
@@ -111,6 +115,8 @@ tcp_accept_aliases=no
 # Enable SIP outbound TCP keep-alive using PING-PONG (CRLFCRLF - CRLF).
 tcp_crlf_ping=yes
 
+tcp_reuse_port=yes
+
 tcp_accept_no_cl=yes
 tcp_rd_buf_size=16384
 
@@ -125,6 +131,11 @@ disable_tcp=yes
    based on reverse DNS on IPs (default on) */
 auto_aliases=no
 
+#phone2tel=1
+
+udp_mtu = 1300
+udp_mtu_try_proto = TCP
+
 /* uncomment and configure the following line if you want Kamailio to 
    bind on a specific interface/port/proto (default bind on all available) */
 
@@ -134,7 +145,7 @@ system.service = "Proxy-CSCF" desc "Function of this server"
 ####### Modules Section ########
 
 # set paths to location of modules
-mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/local/lib/kamailio/modules/"
+mpath="/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/:/usr/local/lib64/kamailio/modules"
 
 # Fifo Module
 # Kamailio Extensions (e.g. MI:uptime, MI:version, cfg:isflagset etc.)
@@ -156,17 +167,16 @@ loadmodule "cfg_rpc"
 loadmodule "xlog"
 loadmodule "auth"
 loadmodule "dispatcher"
+loadmodule "sctp"
 loadmodule "path"
 loadmodule "statistics"
 
 loadmodule "ims_dialog"
 loadmodule "ims_usrloc_pcscf" 
-#!ifdef WITH_IPSEC
+# Following module is required even in case of IPSec being disabled.
 loadmodule "ims_ipsec_pcscf"
-#!endif
 loadmodule "ims_registrar_pcscf"
 
-
 #!ifdef WITH_XMLRPC
 loadmodule "xmlrpc"
 #!endif
@@ -232,10 +242,17 @@ loadmodule "sqlops"
 loadmodule "htable"
 
 #!ifdef WITH_DEBUG
-loadmodule "debugger.so"
 modparam("debugger", "mod_hash_size", 5)
 modparam("debugger", "mod_level_mode", 1)
 modparam("debugger", "mod_level", "rtpengine=3")
+modparam("debugger", "mod_level", "ims_qos=3")
+#!ifdef WITH_IPSEC
+modparam("debugger", "mod_level", "ims_ipsec_pcscf=3")
+#!endif
+modparam("debugger", "mod_level", "textops=3")
+modparam("debugger", "mod_level", "tm=3")
+modparam("debugger", "mod_level", "ims_registrar_pcscf=3")
+modparam("debugger", "mod_level", "ims_usrloc_pcscf=3")
 modparam("debugger", "cfgtrace", 1)
 #!endif
 
@@ -243,9 +260,9 @@ loadmodule "jsonrpcs.so"
 # ----- jsonrpcs params -----
 modparam("jsonrpcs", "pretty_format", 1)
 /* set the path to RPC fifo control file */
-# modparam("jsonrpcs", "fifo_name", "/run/kamailio/kamailio_rpc.fifo")
+modparam("jsonrpcs", "fifo_name", "/var/run/kamailio_pcscf/kamailio_rpc.fifo")
 /* set the path to RPC unix socket control file */
-# modparam("jsonrpcs", "dgram_socket", "/run/kamailio/kamailio_rpc.sock")
+modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio_pcscf/kamailio_rpc.sock")
 
 # ----------------- setting module-specific parameters ---------------
 #!ifdef DB_URL2
@@ -265,14 +282,21 @@ modparam("pike", "remove_latency", 4)
 # ip ban htable with autoexpire after 5 minutes
 modparam("htable", "htable", "ipban=>size=8;autoexpire=300")
 modparam("htable", "htable", "failedauth=>size=8;autoexpire=120")
+modparam("htable", "htable", "natpingfrom=>size=8;autoexpire=600000;")
 #!endif
 
 modparam("htable", "htable", "contact=>size=8;autoexpire=20")
 modparam("htable", "htable", "a=>size=8;autoexpire=20")
 
+#!ifdef WITH_IMS_HDR_CACHE
+modparam("htable", "htable", "serviceroutes=>size=16;autoexpire=14400;")
+modparam("htable", "htable", "associateduris=>size=16;autoexpire=14400;")
+#!endif
+
 #!ifdef WITH_NATPING
 modparam("htable", "htable", "natping=>size=8;autoexpire=600000;")
 modparam("htable", "htable", "natpingfail=>size=8;autoexpire=600000;")
+modparam("htable", "htable", "natpingfrom=>size=8;autoexpire=600000;")
 #!ifdef DB_URL2
 modparam("sqlops", "sqlcon", "pcscf=>cluster://cluster1")
 #!else
@@ -282,8 +306,8 @@ modparam("sqlops", "sqlcon", SQLOPS_DBURL)
 modparam("uac", "restore_mode", "none")
 
 # ----------------- Settings for RTimer ---------------
-# time interval set to 10 seconds
-modparam("rtimer", "timer", "name=NATPING;interval=15;mode=1;")
+# time interval set to 60 seconds
+modparam("rtimer", "timer", "name=NATPING;interval=60;mode=1;")
 modparam("rtimer", "exec", "timer=NATPING;route=NATPING")
 #!endif
 
@@ -294,6 +318,8 @@ modparam("rtimer", "exec", "timer=NATPING;route=NATPING")
 modparam("tm", "fr_timer", 3000)
 # default invite retransmission timeout after 1xx: 120sec
 modparam("tm", "fr_inv_timer", 120000)
+# Dont reply automatically with "100 Trying"
+modparam("tm", "auto_inv_100", 0)
 
 # ----- rr params -----
 # add value to ;lr param to cope with most of the UAs
@@ -304,6 +330,7 @@ modparam("rr", "append_fromtag", 1)
 modparam("rr", "add_username", 1)
 # Take User from a custom AVP
 modparam("rr", "custom_user_avp", "$avp(RR_CUSTOM_USER_AVP)")
+modparam("rr", "force_send_socket", 1)
 
 #!ifdef WITH_XMLRPC
 # ----- xmlrpc params -----
@@ -317,35 +344,39 @@ modparam("tls", "config", "/etc/kamailio_pcscf/tls.cfg")
 #!endif
 
 # ----- rtpproxy params -----
-modparam("rtpengine", "rtpengine_sock", "1 == udp:localhost:9910")
-modparam("rtpengine", "rtpengine_sock", "2 == udp:localhost:9911")
+modparam("rtpengine", "setid_default", 1)
+modparam("rtpengine", "rtpengine_sock", "1 == udp:localhost:2223")
+#modparam("rtpengine", "rtpengine_sock", "2 == udp:localhost:2224")
 modparam("rtpengine", "setid_avp", "$avp(setid)")
 modparam("rtpengine", "extra_id_pv", "$avp(extra_id)")
 
 modparam("path", "use_received", 1)
 
 # ----- ctl params -----
-modparam("ctl", "binrpc", "unix:/run/kamailio_pcscf/kamailio_ctl")
+modparam("ctl", "binrpc", "unix:/var/run/kamailio_pcscf/kamailio_ctl")
 
 # ----------------- Settings for Dispatcher ---------------
 modparam("dispatcher", "list_file", "/etc/kamailio_pcscf/dispatcher.list")
 
-#!ifdef WITH_SBC
 # Dispatcher: Enable Failover-Support
 modparam("dispatcher", "flags", 2)
 # Dispatcher: Overwrite Destination address, if required.
 modparam("dispatcher", "force_dst", 1)
 # AVP's required for Fail-Over-Support:
-modparam("dispatcher", "dst_avp", "$avp(DISPATCHER_DST_AVP)")
-modparam("dispatcher", "grp_avp", "$avp(DISPATCHER_GRP_AVP)")
-modparam("dispatcher", "cnt_avp", "$avp(DISPATCHER_CNT_AVP)")
-modparam("dispatcher", "sock_avp", "$avp(DISPATCHER_SOCK_AVP)")
+#modparam("dispatcher", "dst_avp", "$avp(DISPATCHER_DST_AVP)")
+#modparam("dispatcher", "grp_avp", "$avp(DISPATCHER_GRP_AVP)")
+#modparam("dispatcher", "cnt_avp", "$avp(DISPATCHER_CNT_AVP)")
+#modparam("dispatcher", "sock_avp", "$avp(DISPATCHER_SOCK_AVP)")
+
+#modparam("dispatcher", "xavp_dst", "$avp(DISPATCHER_DST_AVP)")
+#modparam("dispatcher", "xavp_dst_mode", 0)
+#modparam("dispatcher", "xavp_ctx", "$avp(DISPATCHER_CNT_AVP)")
+#modparam("dispatcher", "xavp_ctx_mode", 0)
 
 # Try to recover disabled destinations every 15 seconds.
 modparam("dispatcher", "ds_ping_interval", 15)
 # Actively query the gateways:
 modparam("dispatcher", "ds_probing_mode", 1)
-#!endif
 
 # -- usrloc params --
 #!ifdef DB_URL
@@ -354,18 +385,23 @@ modparam("ims_usrloc_pcscf", "db_url", "cluster://cluster1")
 #!else
 modparam("ims_usrloc_pcscf", "db_url", DB_URL)
 #!endif
-modparam("ims_usrloc_pcscf", "db_mode", 1)
+modparam("ims_usrloc_pcscf", "db_mode", 0)
 #!endif
+#modparam("ims_usrloc_pcscf", "hashing_type", 2)
 modparam("ims_usrloc_pcscf", "enable_debug_file", 0)
 modparam("ims_usrloc_pcscf", "match_contact_host_port", 1)
 modparam("ims_registrar_pcscf", "is_registered_fallback2ip", 1)
 modparam("ims_registrar_pcscf", "ignore_reg_state", 1)
 modparam("ims_registrar_pcscf", "ignore_contact_rxport_check", 1)
+modparam("ims_registrar_pcscf", "pending_reg_expires", 30)
+modparam("ims_registrar_pcscf", "subscription_expires", 36000)
+modparam("ims_registrar_pcscf", "delete_delay", CONTACT_DELETE_DELAY)
+modparam("ims_usrloc_pcscf", "expires_grace", 120)
 
 #!ifdef WITH_REGINFO
 modparam("ims_registrar_pcscf", "subscribe_to_reginfo", 1)
 modparam("ims_registrar_pcscf", "publish_reginfo", 1)
-modparam("ims_registrar_pcscf", "pcscf_uri", PCSCF_URL)
+modparam("ims_registrar_pcscf", "pcscf_uri", "sip:HOSTNAME")
 #!else
 modparam("ims_registrar_pcscf", "subscribe_to_reginfo", 0)
 modparam("ims_registrar_pcscf", "publish_reginfo", 0)
@@ -375,13 +411,27 @@ modparam("ims_registrar_pcscf", "publish_reginfo", 0)
 modparam("ims_ipsec_pcscf", "ipsec_listen_addr", IPSEC_LISTEN_ADDR)
 modparam("ims_ipsec_pcscf", "ipsec_client_port", IPSEC_CLIENT_PORT)
 modparam("ims_ipsec_pcscf", "ipsec_server_port", IPSEC_SERVER_PORT)
+modparam("ims_ipsec_pcscf", "ipsec_spi_id_start", 4096)
+modparam("ims_ipsec_pcscf", "ipsec_max_connections", IPSEC_MAX_CONN)
+modparam("htable", "htable", "ipsec_clients=>size=8;autoexpire=600000;")
 #!endif
 
 #!ifdef WITH_RX
 # -- CDP params --
 modparam("cdp", "config_file", "/etc/kamailio_pcscf/pcscf.xml")
 # -- diameter_rx params --
-modparam("ims_qos", "rx_dest_realm", "NETWORKNAME")
+modparam("ims_qos", "rx_dest_realm", "PCRF_REALM")
+#modparam("ims_qos", "rx_forced_peer", "pcrf.epc.mnc001.mcc001.3gppnetwork.org")
+#modparam("ims_qos", "rx_forced_peer", "10.4.128.21")
+#modparam("ims_qos", "rx_dest_realm", "NETWORKNAME")
+modparam("ims_qos", "early_qosrelease_reason", "Sorry - QoS failed")
+modparam("ims_qos", "confirmed_qosrelease_headers", "X-Reason: QoS failed\r\n")
+modparam("ims_qos", "authorize_video_flow", 1)
+modparam("ims_qos", "af_signaling_ip", RX_AF_SIGNALING_IP)
+modparam("ims_qos", "include_rtcp_fd", 1)
+modparam("ims_qos", "rx_auth_expiry", 36000)
+modparam("ims_qos", "recv_mode", 1)
+modparam("ims_qos", "dialog_direction", RX_IMS_REG_DIALOG_DIRECTION)
 #!endif
 
 # -- pua params --
@@ -400,13 +450,14 @@ modparam("ims_dialog", "dlg_flag", FLT_DIALOG)
 modparam("ims_dialog", "timeout_avp", "$avp(DLG_TIMEOUT_AVP)")
 modparam("ims_dialog", "detect_spirals", 0)
 modparam("ims_dialog", "profiles_no_value", "orig ; term")
+modparam("ims_dialog", "profiles_with_value", "caller ; callee")
 #!ifdef DB_URL
 #!ifdef DB_URL2
 modparam("ims_dialog", "db_url", "cluster://cluster1")
 #!else
 modparam("ims_dialog", "db_url", DB_URL)
 #!endif
-modparam("ims_usrloc_pcscf", "db_mode", 1)
+modparam("ims_dialog", "db_mode", 0)
 #!endif
 
 #!ifdef CAPTURE_NODE
@@ -431,7 +482,7 @@ modparam("statistics", "variable", "register_time")
 # - processing of any incoming SIP request starts with this route
 route {
 ##!ifdef WITH_DEBUG
-	xlog("$rm ($fu ($si:$sp) to $tu, $ci)\n");
+	xnotice("PCSCF: $rm $ru ($fu ($si:$sp) to $tu, $ci)\n");
 ##!endif
 
 #!ifdef WITH_WEBSOCKET
@@ -458,21 +509,23 @@ route {
 		exit;
 	}
 
-	# handle requests within SIP dialogs
-	route(WITHINDLG);
-
-	### only initial requests (no To tag)
-
 	# handle retransmissions
-	if(t_precheck_trans()) {
-		t_check_trans();
-		exit;
+	if (!is_method("ACK")) {
+		if(t_precheck_trans()) {
+			t_check_trans();
+			exit;
+		}
 	}
-	t_check_trans();
+	#t_check_trans();
 
 	# Check for Re-Transmissions
 	t_check_trans();
 
+	# handle requests within SIP dialogs
+	route(WITHINDLG);
+
+	### only initial requests (no To tag)
+
 	if (is_method("UPDATE")) {
 		send_reply("403", "Forbidden - Target refresh outside dialog not allowed");
 		break;
@@ -482,6 +535,10 @@ route {
 		break;
 	}
 
+	#Set DLG flag to track dialogs using dialog2
+	if (!is_method("REGISTER|SUBSCRIBE"))
+		setflag(FLT_DIALOG);
+
 	loose_route();
 #!ifdef WITH_SBC
 	if (ds_is_from_list(DISPATCHER_LIST_SBC)) {
@@ -712,10 +769,6 @@ route[REQINIT] {
 		exit;
 	}
 
-	if (!is_method("REGISTER")) {
-        ipsec_forward("location");
-    }
-
 	# Ignore Re-Transmits:
 	if (t_lookup_request()) {
 		exit;
@@ -736,17 +789,23 @@ route[RELAY] {
 # Handle requests within SIP dialogs
 route[WITHINDLG] {
 	if (has_totag()) {
+		xnotice("Within DLG\n");
+		# sequential request withing a dialog should
+		# take the path determined by record-routing
+		if (loose_route()) {
+			xnotice("Within loose route\n");
 		if(!isdsturiset()) {
 			handle_ruri_alias();
+				#if ($rc == 1) {
+				#	$ru = "sip:" + $rU + "@" + $dd + ":" + $dp + ";transport=" + $rP;
+				#}
 		}
+
 		if ( is_method("ACK") && ($sht(contact=>$ci) != $null) ) {
 			xlog("Contact of Reply: $sht(contact=>$ci) ($ci)\n");
 			$ru = $sht(contact=>$ci);
 		}
 
-		# sequential request within a dialog should
-		# take the path determined by record-routing
-		if (loose_route()) {
 			if ($route_uri =~ "sip:mt@.*") {
 				route(MT_indialog);
 			} else {
@@ -757,7 +816,8 @@ route[WITHINDLG] {
 			route(NATMANAGE);
 
 			route(RELAY);
-		} else {
+			exit;
+		}
 			if ( is_method("ACK") ) {
 				xlog("Contact of Reply: $T_rpl($ct)\n");
 				if ( t_check_trans() ) {
@@ -772,7 +832,6 @@ route[WITHINDLG] {
 				}
 			}
 			sl_send_reply("404", "Not here");
-		}
 		exit;
 	}
 }
@@ -827,37 +886,41 @@ route[NOTIFY]
 	}
 }
 
+#!ifdef WITH_NATPING
 # NATPING Route:                                                    #
 #####################################################################
 route[NATPING] {
 	route(preload_pcscf);
 
+	sht_lock("natping=>natpinglock");
 	sht_iterator_start("nat_iterator", "natping");
 	while(sht_iterator_next("nat_iterator")) {
 		xlog("OPTIONS to $shtitval(nat_iterator) via $shtitkey(nat_iterator)...\n");
 		$uac_req(method) = "OPTIONS";
 		$uac_req(ruri) = $shtitval(nat_iterator);
 		$uac_req(furi) = PCSCF_URL;
+		$uac_req(sock) = $sht(natpingfrom=>$shtitkey(nat_iterator));
 		$uac_req(turi) = $shtitval(nat_iterator);
 		$uac_req(ouri) = $shtitkey(nat_iterator); 
 		$uac_req(evroute) = 1;
 		uac_req_send();	
 	}
 	sht_iterator_end("nat_iterator");
+	sht_unlock("natping=>natpinglock");
 }
 
 event_route[uac:reply] {
-#!ifdef WITH_DEBUG
+##!ifdef WITH_DEBUG
 	xlog("request sent to $uac_req(ruri) completed with code: $uac_req(evcode), Type $uac_req(evtype)\n");
-#!endif
+##!endif
 	if (($uac_req(evtype) != 1) || ($uac_req(evcode) != 200)) {
 		if ($sht(natpingfail=>$uac_req(ouri)) == $null) {
 			$sht(natpingfail=>$uac_req(ouri)) = 1;
 		} else {
 			$sht(natpingfail=>$uac_req(ouri)) = $sht(natpingfail=>$uac_req(ouri)) + 1;
 		}
-		# xlog("  request sent to $uac_req(ruri): Fail Counter is $sht(natpingfail=>$uac_req(ouri))\n");
-		if ($sht(natpingfail=>$uac_req(ouri)) > 3) {
+		xlog("  request sent to $uac_req(ruri): Fail Counter is $sht(natpingfail=>$uac_req(ouri))\n");
+		if ($sht(natpingfail=>$uac_req(ouri)) > 30) {
 			if ($(uac_req(ouri){uri.transport}) == "tcp") {
 				$var(alias) = "alias="+$(uac_req(ouri){uri.host})+"~"+$(uac_req(ouri){uri.port})+"~2";
 			} else if ($(uac_req(ouri){uri.transport}) == "tls") {
@@ -867,10 +930,19 @@ event_route[uac:reply] {
 			}
 			xlog("  Unregistering $uac_req(ruri);$var(alias)\n");
 			setdebug("9");
-			ipsec_destroy("location");
+#!ifdef WITH_IPSEC
+			ipsec_destroy_by_contact("location", "$uac_req(ruri);$var(alias)", "$(uac_req(ouri){uri.host})", "$(uac_req(ouri){uri.port})");
+#!endif
 			pcscf_unregister("location", "$uac_req(ruri);$var(alias)", "$(uac_req(ouri){uri.host})", "$(uac_req(ouri){uri.port})");
 			resetdebug();
+			sht_lock("natping=>natpinglock");
 			$sht(natping=>$uac_req(ouri)) = $null;
+			sht_unlock("natping=>natpinglock");
+			$sht(natpingfail=>$uac_req(ouri)) = $null;
+
+			sht_lock("natpingfrom=>natpingfromlock");
+			$sht(natpingfrom=>$uac_req(ouri)) = $null;
+			sht_unlock("natpingfrom=>natpingfromlock");
 			$sht(natpingfail=>$uac_req(ouri)) = $null;
 		}
 	} else {
@@ -883,10 +955,9 @@ event_route[htable:expired:natping] {
 }
 
 event_route[htable:mod-init] {
-	xlog("event_route[htable:mod-init] {\n");
+	xlog("event_route[htable:mod-init] \n");
 }
 
-
 route[preload_pcscf] {
 	if ($shv(preload_pcscf) == 1) return;
 	$shv(preload_pcscf) = 1;
@@ -904,12 +975,15 @@ route[preload_pcscf] {
 			}
 			$var(noalias) = $(dbr(resultset=>[$var(i),0]){re.subst,/^(.*);alias=.*/\1/}{nameaddr.uri});
 			# xlog("$$var(noalias) => $var(noalias) (via $var(ouri))\n");
+			sht_lock("natping=>natpinglock");
 			$sht(natping=>$var(ouri)) = $var(noalias);
+			sht_unlock("natping=>natpinglock");
 			$var(i) = $var(i) + 1;
 		}
 	}
 	sql_result_free("resultset");
 }
+#!endif
 
 #!ifdef WITH_XMLRPC
 include_file "route/xmlrpc.cfg"

misc/examples/ims/pcscf/pcscf.cfg.sample

@@ -1,28 +1,50 @@
 # IP-Address for incoming SIP-Traffic, in the following format:
 
 # SIP / UDP
-listen=udp:0.0.0.0:5060
+listen=udp:11.22.33.44:5060
 # SIP / TCP
-#listen=tcp:0.0.0.0:5060
+listen=tcp:11.22.33.44:5060
 # SIP / TCP/TLS
-#listen=tls:0.0.0.0:5061
+#listen=tls:11.22.33.44:5061
 
 # IPSEC / UDP
-#!define IPSEC_LISTEN_ADDR "0.0.0.0"
-#!define IPSEC_CLIENT_PORT 5062
-#!define IPSEC_SERVER_PORT 5063
+#!define IPSEC_LISTEN_ADDR "11.22.33.44"
+#!define IPSEC_CLIENT_PORT 5100
+#!define IPSEC_SERVER_PORT 6100
+#!define IPSEC_MAX_CONN 10
 
-alias=pcscf.mnc001.mcc001.3gppnetwork.org
+# Value: 1 for true and 0 for false
+#!define IPSEC_DELETE_UNUSED_TUNNELS 1
+
+# Delay in seconds to delete contact from registrar
+#!define CONTACT_DELETE_DELAY 10
+
+# Logical OR of following flags:
+# - IPSEC_SEND_FORCE_SOCKET 1
+# - IPSEC_SETDSTURI_FULL 128
+# - IPSEC_FORWARD_USEVIA 256
+# - IPSEC_FORWARD_TRYTCP 512
+#!define IPSEC_FORWARD_FLAGS 897
+
+#!define RX_IMS_REG_DIALOG_DIRECTION 3
+
+# IP used in Rx_AAR_Register - IP of this P-CSCF, to be used in the flow for the AF-signaling
+#!define RX_AF_SIGNALING_IP "10.4.128.21"
+# Uncomment the below line only when UE is behind double NAT (e.g. VoIP calling over WiFi/ CN behind a NAT)
+##!define RX_AF_SIGNALING_IP "172.24.15.30"
+
+alias=pcscf.ims.mnc001.mcc001.3gppnetwork.org
 
 #!define MY_WS_PORT 80
 #!define MY_WSS_PORT 443
 
-#!define PCSCF_URL "sip:pcscf.mnc001.mcc001.3gppnetwork.org"
+#!define PCSCF_URL "sip:pcscf.ims.mnc001.mcc001.3gppnetwork.org:5060"
 
 #!define TCP_PROCESSES 8
 
-#!subst "/NETWORKNAME/mnc001.mcc001.3gppnetwork.org/"
-#!subst "/HOSTNAME/pcscf.mnc001.mcc001.3gppnetwork.org/"
+#!subst "/NETWORKNAME/ims.mnc001.mcc001.3gppnetwork.org/"
+#!subst "/HOSTNAME/pcscf.ims.mnc001.mcc001.3gppnetwork.org/"
+#!subst "/PCRF_REALM/epc.mnc001.mcc001.3gppnetwork.org/"
 
 # SIP-Address of capturing node, if not set, capturing is disabled.
 ##!define CAPTURE_NODE "sip:127.0.0.1:9060"
@@ -41,7 +63,7 @@ alias=pcscf.mnc001.mcc001.3gppnetwork.org
 #! Optional: Server-URL for Websocket-Requests
 ##!define WEBSOCKET_WEBSERVER "phone.ng-voice.com"
 
-##!define TRF_FUNCTION "trf.mnc001.mcc001.3gppnetwork.org"
+##!define TRF_FUNCTION "trf.ims.mnc001.mcc001.3gppnetwork.org"
 
 #
 # Several features can be enabled using '#!define WITH_FEATURE' directives:
@@ -99,10 +121,10 @@ alias=pcscf.mnc001.mcc001.3gppnetwork.org
 ##!define WITH_XMLRPC
 ##!define WITH_IPBLOCK
 ##!define WITH_ANTIFLOOD
-##!define WITH_RX
-##!define WITH_RX_REG
-##!define WITH_RX_CALL
-##!define WITH_TCP
+#!define WITH_RX
+#!define WITH_RX_REG
+#!define WITH_RX_CALL
+#!define WITH_TCP
 ##!define WITH_RTPIPV4
 ##!define WITH_SBC
 ##!define WITH_SBC_CALL
@@ -110,3 +132,6 @@ alias=pcscf.mnc001.mcc001.3gppnetwork.org
 ##!define WITH_RTPPING
 ##!define WITH_WEBSOCKET
 #!define WITH_IPSEC
+#!define WITH_IMS_HDR_CACHE
+#!define WITH_PING_UDP
+#!define WITH_PING_TCP

misc/examples/ims/pcscf/pcscf.xml.sample

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <DiameterPeer 
-	FQDN="pcscf.mnc001.mcc001.3gppnetwork.org"
+	FQDN="pcscf.ims.mnc001.mcc001.3gppnetwork.org"
 	Realm="ims.mnc001.mcc001.3gppnetwork.org"
 	Vendor_Id="10415"
 	Product_Name="CDiameterPeer"
@@ -14,13 +14,13 @@
 	DefaultAuthSessionTimeout="3600"
 	MaxAuthSessionTimeout="3600"
 >
-	<Peer FQDN="pcrf.mnc001.mcc001.3gppnetwork.org" Realm="ims.mnc001.mcc001.3gppnetwork.org" port="3868"/> 
+	<Peer FQDN="pcrf.epc.mnc001.mcc001.3gppnetwork.org" Realm="epc.mnc001.mcc001.3gppnetwork.org" port="3868"/> 
 
 	<Acceptor port="3871" bind="11.22.33.44"/>
 
 	<Auth id="16777236" vendor="10415"/> <!-- 3GPP Rx -->
 	<Auth id="16777236" vendor="0"/> <!-- 3GPP Rx -->
 
-	<DefaultRoute FQDN="pcrf.mnc001.mcc001.3gppnetwork.org" metric="10"/>
+	<DefaultRoute FQDN="pcrf.epc.mnc001.mcc001.3gppnetwork.org" metric="10"/>
 
 </DiameterPeer>

misc/examples/ims/pcscf/route/mo.cfg

@@ -5,6 +5,10 @@ route[MO]
 {
 	# Strip Transport from RURI:
 	$ru = $(ru{re.subst,/;transport=[A-Za-z]*//g});
+	xnotice("PCSCF MO: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
 
 	# Process route headers, if any:
 	loose_route();
@@ -20,12 +24,20 @@ route[MO]
 	# Add P-Charging-Vector
 	sip_p_charging_vector("g");
 
-	if (is_present_hf("P-Preferred-Identity") && pcscf_assert_identity("location", "$hdr(P-Preferred-Identity)")) {
+	if (is_present_hf("P-Preferred-Identity") && pcscf_assert_identity("location", "$hdr(P-Preferred-Identity)") && $hdr(P-Preferred-Identity) =~ "sip:.*") {
 		append_hf("P-Asserted-Identity: $hdr(P-Preferred-Identity)\r\n");
-	} else if (is_present_hf("P-Asserted-Identity") && pcscf_assert_identity("location", "$hdr(P-Asserted-Identity)")) {
+	} else if (is_present_hf("P-Asserted-Identity") && pcscf_assert_identity("location", "$hdr(P-Asserted-Identity)") && $hdr(P-Asserted-Identity) =~ "sip:.*") {
 		append_hf("P-Asserted-Identity: $hdr(P-Asserted-Identity)\r\n");
 	} else if (pcscf_assert_identity("location", "$(fu{tobody.uri})")) {
+		# For broken SIP implementation in Samsung devices
+		if ($fu =~ "tel:.*") {
+			$var(new_hdr) = $(fu{tobody.uri}) + "@NETWORKNAME";
+			$var(new_hdr) = $(var(new_hdr){re.subst,/tel:/sip:/g});
+			append_hf("P-Asserted-Identity: <$var(new_hdr)>\r\n");
+			$fu = $var(new_hdr);
+		} else {
 		append_hf("P-Asserted-Identity: <$(fu{tobody.uri})>\r\n");
+		}
 	} else {
 		append_hf("P-Asserted-Identity: <$pcscf_asserted_identity>\r\n");
 	}
@@ -81,8 +93,7 @@ route[MO]
 	} else {
 		append_hf("P-Visited-Network-ID: NETWORKNAME\r\n");
 	}
-
-
+	set_dlg_profile("orig");
 	t_on_reply("MO_reply");
 }
 
@@ -90,19 +101,23 @@ route[MO]
 # Replies to Originating Initial Requests
 ######################################################################
 onreply_route[MO_reply] {
+	xnotice("PCSCF MO_reply: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
 	if (is_present_hf("C-Params")) {
 		remove_hf("Contact");
 		remove_hf("C-Params");	
 		append_hf("Contact: $ct;$hdr(C-Params)\r\n");
 	}
 #!ifdef WITH_IPSEC
-	ipsec_forward("location");
+	ipsec_forward("location", IPSEC_FORWARD_FLAGS);
 #!endif
 	# In case of 1xx and 2xx do NAT
 	if(status=~"[12][0-9][0-9]")
 		route(NATMANAGE);
 #!ifdef WITH_RX
-        if (t_check_status("183")){
+        if (t_check_status("183|200") && has_body("application/sdp")){
 		xlog("L_DBG", "IMS: Received 183/200 inside orig_initial_reply\n");
 
 		if (t_is_retr_async_reply()) {
@@ -115,28 +130,9 @@ onreply_route[MO_reply] {
 		$avp(TTAG_CUSTOM_AVP)=$tt;
 		$avp(CALLID_CUSTOM_AVP)=$ci;
 
-		$var(aarret) = Rx_AAR("MO_aar_reply", "orig", "", -1);
-                xlog("L_DBG", "AAR return code is $var(aarret)\n");
-
-		switch ($var(aarret)) {
-			case 1:
-				#suspend was successful and we must break
-	                        xlog("L_DBG", "Success sending AAR for media\n");
-       		                exit;
-
-			case -1:
-				#this is retransmitted response so we just drop it
-	                        xlog("L_DBG", "AAR still processing dropping retransmitted response\n");
-       		                drop();
-                 	       	exit;
-
-			default:
-				xlog("L_ERR", "Unable to send AAR for media\n");
-	                        #comment this if you want to allow even if Rx fails
-				dlg_terminate("all", "Sorry no QoS available");
-       		                exit;
-
-		}
+        if (Rx_AAR("MO_aar_reply","orig","",-1) == 0) {
+            exit;
+        }
 	}
 }
 
@@ -166,17 +162,39 @@ route[MO_aar_reply]
 # In-Dialog-Mo-Requests
 ######################################################################
 route[MO_indialog] {
+	xnotice("PCSCF MO_indialog: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
 	setflag(FLT_MOBILE_ORIG);
 	t_on_reply("MO_indialog_reply");
+
+	# Append rport only if its a request coming from UE
+	if (is_request() && ($hdrc(Via) == 1)) {
+		force_rport();
+	}
+
+#!ifdef WITH_IPSEC
+	if ($dd != "" && $rd != "" && $fs != "") {
+        if ($rd =~ ".*" + $dd + ".*") {
+			ipsec_forward("location", IPSEC_FORWARD_FLAGS);
+		}
+	}
+#!endif
 }
 
 onreply_route[MO_indialog_reply] {
+	xnotice("PCSCF MO_indialog_reply: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
+
 	# In case of 1xx and 2xx do NAT
 	if(status=~"[12][0-9][0-9]")
 		route(NATMANAGE);
 
 #!ifdef WITH_RX
-	if(t_check_status("200") && is_method("INVITE")) {
+	if (t_check_status("183|200") && has_body("application/sdp") && !is_method("PRACK")) {
 		if (t_is_retr_async_reply()) {
 	                xlog("L_DBG", "Dropping retransmitted reply which is still currently suspended\n");
        	         	drop();
@@ -188,27 +206,8 @@ onreply_route[MO_indialog_reply] {
 		$avp(TTAG_CUSTOM_AVP)=$tt;
 		$avp(CALLID_CUSTOM_AVP)=$ci;
 
-		$var(aarret) = Rx_AAR("MO_indialog_aar_reply", "orig", "", -1);
-		xlog("L_DBG", "AAR return code is $var(aarret)\n");
-
-		switch ($var(aarret)) {
-                        case 1:
-                                #suspend was successful and we must break
-                                xlog("L_DBG", "Success sending AAR for media\n");
-                                exit;
-
-                        case -1:
-                                #this is retransmitted response so we just drop it
-                                xlog("L_DBG", "AAR still processing dropping retransmitted response\n");
-                                drop();
-                                exit;
-
-                        default:
-                                xlog("L_ERR", "Unable to send AAR for media\n");
-                                #comment this if you want to allow even if Rx fails
-                                dlg_terminate("all", "Sorry no QoS available");
-                                exit;
-
+		if (Rx_AAR("MO_indialog_aar_reply","orig","",-1) == 0) {
+            exit;
                 }
 	}
 }

misc/examples/ims/pcscf/route/mt.cfg

@@ -2,6 +2,14 @@
 # Terminating, Initial requests
 ######################################################################
 route[MT] {
+    xnotice("PCSCF MT: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
+    set_dlg_profile("term");
+#!ifdef WITH_IPSEC
+    ipsec_forward("location", IPSEC_FORWARD_FLAGS);
+#!endif
 	t_on_reply("MT_reply");
 }
 
@@ -9,14 +17,23 @@ route[MT] {
 # Replies to Originating Initial Requests
 ######################################################################
 onreply_route[MT_reply] {
+    xnotice("PCSCF MT_reply: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
 	if (!strempty($(ct{tobody.params}))) {
 		append_hf("C-Params: $(ct{tobody.params})\r\n");
 	}
+
 	# In case of 1xx and 2xx do NAT
 	if(status=~"[12][0-9][0-9]")
 		route(NATMANAGE);
 #!ifdef WITH_RX
-        if (t_check_status("183")){
+        if (t_check_status("183|200") && has_body("application/sdp")){
+        xnotice("PCSCF MT_reply: \n Destination URI: $du\n Request URI: $ru\n");
+        xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+        xnotice("Received IP and Port: ($Ri:$Rp)\n");
+        xnotice("Contact header: $ct\n");
 		xlog("L_DBG", "IMS: Received 183 inside term_initial_reply\n");	
 
 		xlog("L_DBG", "About to test if this is a retransmitted reply which is still currently suspended\n");
@@ -25,33 +42,14 @@ onreply_route[MT_reply] {
        		         drop();
        		}
 
-		xlog("L_DBG", "Diameter: Term authorizing media via Rx\n");
+		xlog("L_DBG","Diameter: Term authorizing media via Rx\n");	
 		$avp(FTAG_CUSTOM_AVP)=$ft;
 		$avp(TTAG_CUSTOM_AVP)=$tt;
 		$avp(CALLID_CUSTOM_AVP)=$ci;
 
-		$var(aarret) = Rx_AAR("MT_aar_reply", "term", "", -1);
-		xlog("L_DBG", "AAR return code is $var(aarret)\n");
-
-		 switch ($var(aarret)) {
-                        case 1:
-                                #suspend was successful and we must break
-                                xlog("L_DBG", "Success sending AAR for media\n");
-                                exit;
-
-                        case -1:
-                                #this is retransmitted response so we just drop it
-                                xlog("L_DBG", "AAR still processing dropping retransmitted response\n");
-                                drop();
-                                exit;
-
-                        default:
-                                xlog("L_ERR", "Unable to send AAR for media\n");
-                                #comment this if you want to allow even if Rx fails
-                                dlg_terminate("all", "Sorry no QoS available");
-                                exit;
-
-                }
+        if (Rx_AAR("MT_aar_reply","term","",-1) == 0) {
+            exit;
+        }
 	}
 }
 
@@ -70,7 +68,7 @@ route[MT_aar_reply]
                         xlog("L_ERR", "IMS: ftag: "+ "$avp(FTAG_CUSTOM_AVP)");
                         xlog("L_ERR", "IMS: callid: "+ "$avp(CALLID_CUSTOM_AVP)");
                         #comment this if you want to allow even if Rx fails
-                        if(dlg_get("$avp(CALLID_CUSTOM_AVP)", "$avp(FTAG_CUSTOM_AVP)", "$avp(TTAG_CUSTOM_AVP)")){
+                        if(dlg_get("$avp(CALLID_CUSTOM_AVP)","$avp(FTAG_CUSTOM_AVP)","$avp(TTAG_CUSTOM_AVP)")){
                                 dlg_terminate("all", "Sorry no QoS available");
                                 exit;
                         }
@@ -83,49 +81,52 @@ route[MT_aar_reply]
 # In-Dialog-MT-Requests
 ######################################################################
 route[MT_indialog] {
+    xnotice("PCSCF MT_indialog: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
+    #resetflag(FLT_MOBILE_ORIG);
 	t_on_reply("MT_indialog_reply");
+
+    # Append rport only if its a request coming from UE
+	if (is_request() && ($hdrc(Via) == 1)) {
+		force_rport();
+	}
+
+#!ifdef WITH_IPSEC
+    if ($dd != "" && $rd != "" && $fs != "") {
+        if ($rd =~ ".*" + $dd + ".*") {
+            ipsec_forward("location", IPSEC_FORWARD_FLAGS);
+        }
+    }
+#!endif
 }
 
 onreply_route[MT_indialog_reply] {
+    xnotice("PCSCF MT_indialog_reply: \n Destination URI: $du\n Request URI: $ru\n");
+    xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+    xnotice("Received IP and Port: ($Ri:$Rp)\n");
+    xnotice("Contact header: $ct\n");
 	# In case of 1xx and 2xx do NAT
 	if(status=~"[12][0-9][0-9]")
 		route(NATMANAGE);
 
 #!ifdef WITH_RX
-	if(t_check_status("200") && is_method("INVITE")) {
+	if (t_check_status("183|200") && has_body("application/sdp") && !is_method("PRACK")) {
 		if (t_is_retr_async_reply()) {
 			xlog("L_DBG", "Dropping retransmitted reply which is still currently suspended\n");
 			drop();
 		}
 
 		xlog("L_DBG", "IMS: TERM_SUBSEQUENT reply. This is a 200 OK to a re-INVITE\n");
-		xlog("L_DBG", "Diameter: Term authorizing media via Rx\n");
+		xlog("L_DBG","Diameter: Term authorizing media via Rx\n");      
 		$avp(FTAG_CUSTOM_AVP)=$ft;
 		$avp(TTAG_CUSTOM_AVP)=$tt;
 		$avp(CALLID_CUSTOM_AVP)=$ci;
 
-		$var(aarret) = Rx_AAR("MT_indialog_aar_reply", "term", "", -1);
-		xlog("L_DBG", "AAR return code is $var(aarret)\n");
-
-		switch ($var(aarret)) {
-                        case 1:
-                                #suspend was successful and we must break
-                                xlog("L_DBG", "Success sending AAR for media\n");
-                                exit;
-
-                        case -1:
-                                #this is retransmitted response so we just drop it
-                                xlog("L_DBG", "AAR still processing dropping retransmitted response\n");
-                                drop();
-                                exit;
-
-                        default:
-                                xlog("L_ERR", "Unable to send AAR for media\n");
-                                #comment this if you want to allow even if Rx fails
-                                dlg_terminate("all", "Sorry no QoS available");
-                                exit;
-
-                }
+		if (Rx_AAR("MT_indialog_aar_reply","term","",-1) == 0) {
+            exit;
+        }
 	}
 }
 
@@ -142,7 +143,7 @@ route[MT_indialog_aar_reply]
                         xlog("L_ERR", "IMS: ftag: "+ "$avp(FTAG_CUSTOM_AVP)");
                         xlog("L_ERR", "IMS: callid: "+ "$avp(CALLID_CUSTOM_AVP)");
                         #comment this if you want to allow even if Rx fails
-                        if(dlg_get("$avp(CALLID_CUSTOM_AVP)", "$avp(FTAG_CUSTOM_AVP)", "$avp(TTAG_CUSTOM_AVP)")){
+                        if(dlg_get("$avp(CALLID_CUSTOM_AVP)","$avp(FTAG_CUSTOM_AVP)","$avp(TTAG_CUSTOM_AVP)")){
                                 dlg_terminate("all", "Sorry no QoS available");
                                 exit;
                         }

misc/examples/ims/pcscf/route/register.cfg

@@ -3,9 +3,13 @@
 ######################################################################
 route[REGISTER] {
 	# Provide some statistics
-		if ($sht(a=>$ci::start_time) == $null || $sht(a=>$ci::start_time) == 0) {
-			$sht(a=>$ci::start_time) = $TV(Sn);
-		} 
+        if ($sht(a=>$ci::start_time) == $null || $sht(a=>$ci::start_time) == 0) {
+            $sht(a=>$ci::start_time) = $TV(Sn);
+        }
+	xnotice("PCSCF REGISTER: \n Destination URI: $du\n Request URI: $ru\n");
+	xnotice("Source IP and Port: ($si:$sp)\n Route-URI: $route_uri\n");
+	xnotice("Received IP and Port: ($Ri:$Rp)\n");
+	xnotice("Contact header: $ct\n");
 
 	# Strip Transport from RURI:
 	$ru = $(ru{re.subst,/;transport=[A-Za-z]*//g});
@@ -17,6 +21,12 @@ route[REGISTER] {
 		exit;
 	}
 
+#!ifdef WITH_IPSEC
+	$sht(ipsec_clients=>$(ct{nameaddr.uri})) = $null;
+	if ($hdr(Security-Client) =~ ".*ipsec-3gpp.*") {
+		$sht(ipsec_clients=>$(ct{nameaddr.uri})) = 1;
+	}
+#!endif
 
 	# Strip additional Tags from RURI:
 	if ($rU == $null)
@@ -24,25 +34,30 @@ route[REGISTER] {
 	else
 		$ru = "sip:"+$rU+"@"+$rd;
 
-#!ifdef WITH_RX	
-	xlog("L_DBG", "Subscribing to signalling bearer status\n");
+#!ifdef WITH_RX
+	if ($expires(min) != 0) {
+		xlog("L_DBG","Subscribing to signalling bearer status\n");
 
-	Rx_AAR_Register("REG_AAR_REPLY", "location");
-	switch ($retcode) {
-		case -1:
-			# There was an error sending the AAR-Request:
-			xlog("L_ERR", "Diameter: AAR failed on subscription to signalling\n");
-			send_reply("403", "Can't register to QoS for signalling");
-			exit;
-			break;
-		case 0:
-			# We are waiting for an async reply, just exit here.
-			exit;
-			break;
-		case 1:
-			# We did not need to send AAR, so just continue as normal
-			route(REGISTER_CONTINUE);
-			break;
+		Rx_AAR_Register("REG_AAR_REPLY", "location");
+		switch ($retcode) {
+			case -1:
+				# There was an error sending the AAR-Request:
+				xlog("L_ERR", "Diameter: AAR failed on subscription to signalling\n");
+				send_reply("403", "Can't register to QoS for signalling");
+				exit;
+				break;
+			case 0:
+				# We are waiting for an async reply, just exit here.
+				exit;
+				break;
+			case 1:
+				# We did not need to send AAR, so just continue as normal
+				route(REGISTER_CONTINUE);
+				break;
+		}
+	} else {
+		# Proceed with Registering:
+		route(REGISTER_CONTINUE);
 	}
 	exit;
 }
@@ -125,23 +140,108 @@ onreply_route[REGISTER_reply]
 		$sht(failedauth=>$T_req($si)) = $null;
 #!endif
 		pcscf_save("location");
+
 #!ifdef WITH_NATPING
 #!ifdef WITH_PING_UDP
-		if ($T_req($pr) == "udp") {
-			$var(ouri) = "sip:"+$T_req($si)+":"+$T_req($sp);
+		#if ($T_req($pr) == "udp") {
+		if ($pr == "udp") {
+			sht_lock("natping=>natpinglock");
+			if ($(T_req($hdr(Security-Client))) =~ ".*ipsec-3gpp.*") {
+				$var(sec_client) = $(T_req($hdr(Security-Client)));
+				xnotice("Security-Client=$var(sec_client)\n");
+				$var(sc_port_c) = $(var(sec_client){re.subst,/.*port-c=([0-9]*).*$/\1/s});
+				xnotice("port-c=$var(sc_port_c)\n");
+				$var(sc_port_s) = $(var(sec_client){re.subst,/.*port-s=([0-9]*).*$/\1/s});
+				xnotice("port-s=$var(sc_port_s)\n");
+				$var(ouri) = "sip:"+$T_req($si)+":"+$var(sc_port_s);
+			} else {
+				$var(ouri) = "sip:"+$T_req($si)+":"+$T_req($sp);
+			}
 			$sht(natping=>$var(ouri)) = $(T_req($ct){nameaddr.uri});
+			sht_unlock("natping=>natpinglock");
+
+			sht_lock("natpingfrom=>natpingfromlock");
+			if ($(T_req($hdr(Security-Verify))) =~ ".*ipsec-3gpp.*") {
+				$var(sec_verify) = $(T_req($hdr(Security-Verify)));
+				xnotice("Security-Verify=$var(sec_verify)\n");
+				$var(sv_port_c) = $(var(sec_verify){re.subst,/.*port-c=([0-9]*).*$/\1/s});
+				xnotice("port-c=$var(sv_port_c)\n");
+				$var(sv_port_s) = $(var(sec_verify){re.subst,/.*port-s=([0-9]*).*$/\1/s});
+				xnotice("port-s=$var(sv_port_s)\n");
+
+				$sht(natpingfrom=>$var(ouri)) = "udp:"+$T_req($Ri)+":"+$var(sv_port_c);
+			} else {
+				$sht(natpingfrom=>$var(ouri)) = "udp:"+$T_req($Ri)+":"+$T_req($Rp);
+			}
+			sht_unlock("natpingfrom=>natpingfromlock");
 		}
 #!endif
 #!ifdef WITH_PING_TCP
-		if ($T_req($pr) == "tcp") {
-			$var(ouri) = "sip:"+$T_req($si)+":"+$T_req($sp)+";transport=tcp";
+		#if ($T_req($pr) == "tcp") {
+		if ($pr == "tcp") {
+			sht_lock("natping=>natpinglock");
+			if ($(T_req($hdr(Security-Client))) =~ ".*ipsec-3gpp.*") {
+				$var(sec_client) = $(T_req($hdr(Security-Client)));
+				xnotice("Security-Client=$var(sec_client)\n");
+				$var(sc_port_c) = $(var(sec_client){re.subst,/.*port-c=([0-9]*).*$/\1/s});
+				xnotice("port-c=$var(sc_port_c)\n");
+				$var(sc_port_s) = $(var(sec_client){re.subst,/.*port-s=([0-9]*).*$/\1/s});
+				xnotice("port-s=$var(sc_port_s)\n");
+				$var(ouri) = "sip:"+$T_req($si)+":"+$var(sc_port_s)+";transport=tcp";
+			} else {
+				$var(ouri) = "sip:"+$T_req($si)+":"+$T_req($sp)+";transport=tcp";
+			}
 			$sht(natping=>$var(ouri)) = $(T_req($ct){nameaddr.uri});
+			sht_unlock("natping=>natpinglock");
+
+			sht_lock("natpingfrom=>natpingfromlock");
+			if ($(T_req($hdr(Security-Verify))) =~ ".*ipsec-3gpp.*") {
+				$var(sec_verify) = $(T_req($hdr(Security-Verify)));
+				xnotice("Security-Verify=$var(sec_verify)\n");
+				$var(sv_port_c) = $(var(sec_verify){re.subst,/.*port-c=([0-9]*).*$/\1/s});
+				xnotice("port-c=$var(sv_port_c)\n");
+				$var(sv_port_s) = $(var(sec_verify){re.subst,/.*port-s=([0-9]*).*$/\1/s});
+				xnotice("port-s=$var(sv_port_s)\n");
+
+				$sht(natpingfrom=>$var(ouri)) = "tcp:"+$T_req($Ri)+":"+$var(sv_port_c);
+			} else {
+				$sht(natpingfrom=>$var(ouri)) = "tcp:"+$T_req($Ri)+":"+$T_req($Rp);
+			}
+			sht_unlock("natpingfrom=>natpingfromlock");
 		}
 #!endif
 #!ifdef WITH_PING_TLS
-		if ($T_req($pr) == "tls") {
-			$var(ouri) = "sip:"+$T_req($si)+":"+$T_req($sp)+";transport=tls";
+		#if ($T_req($pr) == "tls") {
+		if ($pr == "tls") {
+			sht_lock("natping=>natpinglock");
+			if ($(T_req($hdr(Security-Client))) =~ ".*ipsec-3gpp.*") {
+				$var(sec_client) = $(T_req($hdr(Security-Client)));
+				xnotice("Security-Client=$var(sec_client)\n");
+				$var(sc_port_c) = $(var(sec_client){re.subst,/.*port-c=([0-9]*).*$/\1/s});
+				xnotice("port-c=$var(sc_port_c)\n");
+				$var(sc_port_s) = $(var(sec_client){re.subst,/.*port-s=([0-9]*).*$/\1/s});
+				xnotice("port-s=$var(sc_port_s)\n");
+				$var(ouri) = "sip:"+$T_req($si)+":"+$var(sc_port_s)+";transport=tls";
+			} else {
+				$var(ouri) = "sip:"+$T_req($si)+":"+$T_req($sp)+";transport=tls";
+			}
 			$sht(natping=>$var(ouri)) = $(T_req($ct){nameaddr.uri});
+			sht_unlock("natping=>natpinglock");
+
+			sht_lock("natpingfrom=>natpingfromlock");
+			if ($(T_req($hdr(Security-Verify))) =~ ".*ipsec-3gpp.*") {
+				$var(sec_verify) = $(T_req($hdr(Security-Verify)));
+				xnotice("Security-Verify=$var(sec_verify)\n");
+				$var(sv_port_c) = $(var(sec_verify){re.subst,/.*port-c=([0-9]*).*$/\1/s});
+				xnotice("port-c=$var(sv_port_c)\n");
+				$var(sv_port_s) = $(var(sec_verify){re.subst,/.*port-s=([0-9]*).*$/\1/s});
+				xnotice("port-s=$var(sv_port_s)\n");
+
+				$sht(natpingfrom=>$var(ouri)) = "tls:"+$T_req($Ri)+":"+$var(sv_port_c);
+			} else {
+				$sht(natpingfrom=>$var(ouri)) = "tls:"+$T_req($Ri)+":"+$T_req($Rp);
+			}
+			sht_unlock("natpingfrom=>natpingfromlock");
 		}
 #!endif
 #!endif
@@ -153,24 +253,38 @@ onreply_route[REGISTER_reply]
 		$var(diff_ms) = $var(diff_secs)*1000 + ($var(diff_usecs)/1000);
 		$sht(a=>$ci::start_time)=0;
 		$var(stat_add) = "+" + $var(diff_ms);
-		xlog("L_DBG", "REGISTER SUCCESS[$ci] took $var(stat_add)ms\n"); 
+		xlog("L_DBG", "REGISTER SUCCESS[$ci] took $var(stat_add)ms\n");
 		update_stat("register_success", "+1");
 		update_stat("register_time", "$var(stat_add)");
 #!ifdef WITH_IPSEC
-		ipsec_forward("location");
-	}
+            ipsec_forward("location", IPSEC_FORWARD_FLAGS);
+   	}
 	else {
 		if (t_check_status("401")) {
-			#Remove ck and ik from Authentication header
-			$var(rem_ck) = $(hdr(WWW-Authenticate){re.subst,/ck="[a-zA-Z0-9]*", //g});
-			$var(rem_ik) = $(var(rem_ck){re.subst,/ik="[a-zA-Z0-9]*", //g});
-			remove_hf("WWW-Authenticate");
-			append_hf("WWW-Authenticate: $var(rem_ik)\r\n");
-
-			if(ipsec_create("location")!=1) {
+			if($(T_req($hdr(Security-Client))) != $null && ipsec_create("location", IPSEC_DELETE_UNUSED_TUNNELS)!=1) {
 				send_reply("503", "Service Unavailable (Create ipsec failed)");
 			}
-		}
+			if ($sht(ipsec_clients=>$(T_req($ct){nameaddr.uri})) != $null) {
+				$var(sec_client) = $(T_req($hdr(Security-Client)));
+				xnotice("Security-Client=$var(sec_client)\n");
+				$var(sc_port_c) = $(var(sec_client){re.subst,/.*port-c=([0-9]*).*$/\1/s});
+				xnotice("port-c=$var(sc_port_c)\n");
+				$var(sc_port_s) = $(var(sec_client){re.subst,/.*port-s=([0-9]*).*$/\1/s});
+				xnotice("port-s=$var(sc_port_s)\n");
+			}
+			xnotice("Expires=$(T_req($expires(min)))\n");
+			if (is_present_hf("WWW-Authenticate")) {
+				# Remove ck and ik:
+				$var(old_hdr) = $hdr(WWW-Authenticate);
+				xnotice("Old header - WWW-Authenticate=$var(old_hdr)\n");
+				remove_hf("WWW-Authenticate");
+				$var(new_hdr) = $(hdr(WWW-Authenticate){re.subst,/(, *)?(ck|ik)=\"\w+\"//gi});
+				if ($(var(new_hdr){s.len}) > 0) {
+					append_hf("WWW-Authenticate: $var(new_hdr)\r\n");
+				}
+				xnotice("New header - WWW-Authenticate=$var(new_hdr)\n");
+			}
+        }
 #!endif
     }
 	exit;
@@ -187,16 +301,16 @@ failure_route[REGISTER_failure]
 		else
 			$sht(failedauth=>$si) = 1;
 		if ($sht(failedauth=>$si) > 10) {
-			xlog("L_ALERT", "ALERT: blocking $rm from $fu (IP:$si:$sp), more than 5 failed auth requests!\n");
+			xlog("L_ALERT","ALERT: blocking $rm from $fu (IP:$si:$sp), more than 5 failed auth requests!\n");
 			xlog("Blocking traffic from $si\n");
 			$sht(ipban=>$si) = 1;
 		}
-		update_stat("register_failed", "+1");
+                update_stat("register_failed", "+1");
 	}
 #!endif
 	if (t_check_status("408")) {
-		send_reply("504", "Server Time-Out");
-		update_stat("register_failed", "+1");
+		send_reply("504","Server Time-Out");
+                update_stat("register_failed", "+1");
 		exit;
 	}
 }

misc/examples/ims/pcscf/route/rtp.cfg

@@ -1,50 +1,50 @@
 # RTPProxy control
 route[ENC_SRTP] {
 	add_rr_param(";rm=1");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=force SRTP AVP";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force SRTP AVP";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
 }
 
 route[DEC_SRTP] {
 	add_rr_param(";rm=2");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=force SRTP AVP";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force SRTP AVP";
 }
 
 route[ENC_WS_RTP] {
 	add_rr_param(";rm=3");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=force RTP AVPF";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force RTP AVPF";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
 }
 
 route[DEC_WS_RTP] {
 	add_rr_param(";rm=4");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=force RTP AVPF";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force RTP AVPF";
 }
 
 route[ENC_WSS_RTP] {
 	add_rr_param(";rm=5");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=force SRTP AVPF DTLS=passive";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force SRTP AVPF DTLS=passive";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
 }
 
 route[DEC_WSS_RTP] {
 	add_rr_param(";rm=6");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=force SRTP AVPF DTLS=passive";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force SRTP AVPF DTLS=passive";
 }
 
 route[ENC_RTP] {
 	add_rr_param(";rm=7");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=force RTP AVP";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force RTP AVP";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
 }
 
 route[DEC_RTP] {
 	add_rr_param(";rm=8");
-	$avp(rtpproxy_offer_flags) = "replace-origin replace-session-connection ICE=remove RTP AVP";
-	$avp(rtpproxy_answer_flags) = "replace-origin replace-session-connection ICE=force RTP AVP";
+	$avp(rtpproxy_offer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=remove RTP AVP";
+	$avp(rtpproxy_answer_flags) = "flags=loop-protect replace-origin replace-session-connection ICE=force RTP AVP";
 }
 
 # RTPProxy control
@@ -75,20 +75,20 @@ route[NATMANAGE] {
 			xlog("L_DBG", "No RM Param\n");
 			return;
 		}
-		if (is_request()) {
-			if (isflagset(FLT_MOBILE_ORIG) && is_direction("downstream")) {
-				xlog("L_DBG", "1) add_contact_alias();");
+		if (($fU != $null && is_in_profile("caller", "$fU")) ||
+			($tU != $null && is_in_profile("callee", "$tU"))) {
+			# In-Dialog Request from MO side
+			if (is_request() && isflagset(FLT_MOBILE_ORIG)) {
 				add_contact_alias();
-			} else if (!isflagset(FLT_MOBILE_ORIG) && is_direction("upstream")) {
-				xlog("L_DBG", "2) add_contact_alias();");
+			} else if (is_reply() && !isflagset(FLT_MOBILE_ORIG)) {
 				add_contact_alias();
 			}
-		} else {
-			if (!isflagset(FLT_MOBILE_ORIG) && is_direction("downstream")) {
-				xlog("L_DBG", "1) ADD_contact_alias();");
+		} else if (($fU != $null && is_in_profile("callee", "$fU")) ||
+			($tU != $null && is_in_profile("caller", "$tU"))) {
+			# In-Dialog Request from MT side
+			if (is_request() && !isflagset(FLT_MOBILE_ORIG)) {
 				add_contact_alias();
-			} else if (isflagset(FLT_MOBILE_ORIG) && is_direction("downstream")) {
-				xlog("L_DBG", "2) ADD_contact_alias();");
+			} else if (is_reply() && isflagset(FLT_MOBILE_ORIG)) {
 				add_contact_alias();
 			}
 		}
@@ -103,7 +103,8 @@ route[NATMANAGE] {
 		$avp(setid) = 1;
 		$avp(extra_id) = "mo";
 	} else {
-		$avp(setid) = 2;
+		$avp(setid) = 1;
+#		$avp(setid) = 2;
 		$avp(extra_id) = "mt";
 	}
 
@@ -129,17 +130,44 @@ route[NATMANAGE] {
 		return;
 #!endif
 
+	# Fix for calling between UEs not supporting preconditioning
+	if(sdp_get_line_startswith("$avp(mline)", "a=inactive")) {
+		xlog("m-line: $avp(mline)\n");
+		sdp_remove_line_by_prefix("a=inactive");
+		$sdp(body) = $sdp(body) + "a=sendrecv\r\n";
+		msg_apply_changes();
+	}
+
 	if ((is_reply() && ($T_req($tt) != $null)) || (is_request() && has_totag())) {
-		rtpengine_manage();
+		if (($fU != $null && is_in_profile("caller", "$fU")) ||
+			($tU != $null && is_in_profile("callee", "$tU"))) {
+			# In-Dialog Request from MO side
+			if (is_request() && isflagset(FLT_MOBILE_ORIG)) {
+				rtpengine_manage();
+			} else if (is_reply() && !isflagset(FLT_MOBILE_ORIG)) {
+				rtpengine_manage();
+			}
+		} else if (($fU != $null && is_in_profile("callee", "$fU")) ||
+			($tU != $null && is_in_profile("caller", "$tU"))) {
+			# In-Dialog Request from MT side
+			if (is_request() && !isflagset(FLT_MOBILE_ORIG)) {
+				rtpengine_manage();
+			} else if (is_reply() && isflagset(FLT_MOBILE_ORIG)) {
+				rtpengine_manage();
+			}
+		}
 	} else {
+		# Initial Requests
 		if ($avp(rtpproxy_offer_flags) == $null)
 			return;
 		if ($avp(rtpproxy_answer_flags) == $null)
 			return;
 
-		if (is_request()) {
-			rtpengine_manage($avp(rtpproxy_offer_flags));		
-		} else {
+		if (is_request() && isflagset(FLT_MOBILE_ORIG)) {
+			set_dlg_profile("caller", "$fU");
+			rtpengine_manage($avp(rtpproxy_offer_flags));
+		} else if (is_reply() && !isflagset(FLT_MOBILE_ORIG)) {
+			set_dlg_profile("callee", "$tU");
 			rtpengine_manage($avp(rtpproxy_answer_flags));
 		}
 	}

misc/examples/ims/scscf/kamailio.cfg

@@ -62,15 +62,17 @@ dns=no          # (cmd. line: -r)
 rev_dns=no      # (cmd. line: -R)
 
 # Do SRV-Loadbalancing:
-dns_srv_lb=yes
+dns_srv_lb=on
 # Always: Also try IPv6:
-dns_try_ipv6=yes
+dns_try_ipv6=on
 # Always prefer IPv6:
-dns_cache_flags=6
+dns_cache_flags=4
 # DNS-Based failover
 use_dns_failover = on
 # Query NAPTR-Records as well:
-dns_try_naptr=no
+dns_try_naptr=on
+# DNS cache won't be used (all dns lookups will result into a DNS request)
+use_dns_cache=off
 
 #!ifdef WITH_XMLRPC
 #!ifndef WITH_TCP
@@ -93,13 +95,13 @@ tcp_children=TCP_PROCESSES
 disable_tcp=yes
 #!endif
 
-children=12
+children=4
 
 system.shutdownmode = 0 desc "System shutdown mode"
 system.service = "Serving-CSCF" desc "Function of this server"
 
 # ------------------ module loading ----------------------------------
-mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/"
+mpath="/usr/lib64/kamailio/modules/:/usr/lib/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/:/usr/local/lib64/kamailio/modules"
 # (we try both the lib64 and the lib directory)
 
 loadmodule "tm.so"
@@ -159,12 +161,12 @@ loadmodule "siptrace.so"
 loadmodule "debugger.so"
 modparam("debugger", "mod_hash_size", 5)
 modparam("debugger", "mod_level_mode", 1)
-#modparam("debugger", "mod_level", "ims_usrloc_scscf=3")
-#modparam("debugger", "mod_level", "ims_registrar_scscf=3")
+modparam("debugger", "mod_level", "ims_usrloc_scscf=3")
+modparam("debugger", "mod_level", "ims_registrar_scscf=3")
 modparam("debugger", "mod_level", "ims_auth=3")
-#modparam("debugger", "mod_level", "ims_isc=3")
+modparam("debugger", "mod_level", "ims_isc=3")
 modparam("debugger", "mod_level", "ims_dialog=3")
-#modparam("debugger", "mod_level", "ims_charging=3")
+modparam("debugger", "mod_level", "ims_charging=3")
 ##!endif
 
 # ----------------- setting module-specific parameters ---------------
@@ -190,12 +192,12 @@ loadmodule "jsonrpcs.so"
 # ----- jsonrpcs params -----
 modparam("jsonrpcs", "pretty_format", 1)
 /* set the path to RPC fifo control file */
-# modparam("jsonrpcs", "fifo_name", "/run/kamailio/kamailio_rpc.fifo")
+modparam("jsonrpcs", "fifo_name", "/var/run/kamailio_scscf/kamailio_rpc.fifo")
 /* set the path to RPC unix socket control file */
-# modparam("jsonrpcs", "dgram_socket", "/run/kamailio/kamailio_rpc.sock")
+modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio_scscf/kamailio_rpc.sock")
 
 # ----- ctl params -----
-modparam("ctl", "binrpc", "unix:/run/kamailio_scscf/kamailio_ctl")
+modparam("ctl", "binrpc", "unix:/var/run/kamailio_scscf/kamailio_ctl")
 
 # ----- tm params -----
 # auto-discard branches from previous serial forking leg
@@ -220,7 +222,9 @@ modparam("rr", "custom_user_avp", "$avp(RR_CUSTOM_USER_AVP)")
 # -- usrloc params --
 modparam("ims_usrloc_scscf", "enable_debug_file", 0)
 modparam("ims_usrloc_scscf", "matching_mode", 0)
-modparam("ims_registrar_scscf", "max_contacts", 3);
+modparam("ims_usrloc_scscf", "maxcontact", 5)
+modparam("ims_usrloc_scscf", "maxcontact_3gpp", 5)
+modparam("ims_registrar_scscf", "max_contacts", 5)
 modparam("ims_usrloc_scscf", "maxcontact_behaviour", 2) #overwrite
 #!ifdef DB_URL
 #!ifdef DB_URL2
@@ -228,7 +232,7 @@ modparam("ims_usrloc_scscf", "db_url", "cluster://cluster1")
 #!else
 modparam("ims_usrloc_scscf", "db_url", DB_URL)
 #!endif
-modparam("ims_usrloc_scscf", "db_mode", 1)
+modparam("ims_usrloc_scscf", "db_mode", 0)
 #!endif
 modparam("ims_registrar_scscf", "subscription_default_expires", 654800)
 modparam("ims_registrar_scscf", "subscription_min_expires", 3700)
@@ -240,9 +244,16 @@ modparam("cdp", "config_file", "/etc/kamailio_scscf/scscf.xml")
 # -- ims_dialog params --
 modparam("ims_dialog", "dlg_flag", FLT_DIALOG)
 modparam("ims_dialog", "timeout_avp", "$avp(DLG_TIMEOUT_AVP)")
-modparam("ims_dialog", "detect_spirals", 1)
+modparam("ims_dialog", "detect_spirals", 0)
 modparam("ims_dialog", "profiles_no_value", "orig ; term")
+#!ifdef DB_URL
+#!ifdef DB_URL2
+modparam("ims_dialog", "db_url", "cluster://cluster1")
+#!else
+modparam("ims_dialog", "db_url", DB_URL)
+#!endif
 modparam("ims_dialog", "db_mode", 0)
+#!endif
 
 #!ifdef WITH_XMLRPC
 # ----- xmlrpc params -----
@@ -271,11 +282,16 @@ modparam("ims_auth", "registration_default_algorithm", REG_AUTH_DEFAULT_ALG)
 #!ifdef CXDX_FORCED_PEER
 modparam("ims_auth", "cxdx_forced_peer", CXDX_FORCED_PEER)
 #!endif
-modparam("ims_auth", "cxdx_dest_realm", NETWORKNAME)
+modparam("ims_auth", "cxdx_dest_realm", "HSS_REALM")
 modparam("ims_auth", "av_check_only_impu", 1)
 
-#modparam("ims_auth", "auth_data_timeout", 5)
-modparam("ims_auth", "auth_used_vector_timeout", 300)
+modparam("ims_auth", "max_nonce_reuse", 20)
+modparam("ims_auth", "auth_vector_timeout", 60)
+modparam("ims_auth", "auth_data_timeout", 600000)
+modparam("ims_auth", "auth_used_vector_timeout", 600000)
+modparam("ims_auth", "av_request_at_once", 1)
+modparam("ims_auth", "av_request_at_sync", 1)
+modparam("ims_auth", "registration_qop", "auth")
 
 # -- ims_registrar_scscf params --
 #!ifdef WITH_DEBUG
@@ -292,7 +308,10 @@ modparam("ims_registrar_scscf", "support_wildcardPSI",1)
 modparam("ims_registrar_scscf", "user_data_xsd", "/etc/kamailio_scscf/CxDataType_Rel7.xsd")
 modparam("ims_registrar_scscf", "scscf_name", URI)
 modparam("ims_registrar_scscf", "scscf_name", URI)
-modparam("ims_registrar_scscf", "cxdx_dest_realm", NETWORKNAME)
+modparam("ims_registrar_scscf", "cxdx_dest_realm", "HSS_REALM")
+modparam("ims_registrar_scscf", "append_branches", 1)
+modparam("ims_registrar_scscf", "user_data_always", 0)
+modparam("ims_registrar_scscf", "ue_unsubscribe_on_dereg", 1)
 
 #!ifdef WITH_MULTIDOMAIN
 # ----- domain params -----
@@ -353,10 +372,15 @@ modparam("dispatcher", "flags", 2)
 # Dispatcher: Overwrite Destination address, if required.
 modparam("dispatcher", "force_dst", 1)
 # AVP's required for Fail-Over-Support:
-modparam("dispatcher", "dst_avp", "$avp(DISPATCHER_DST_AVP)")
-modparam("dispatcher", "grp_avp", "$avp(DISPATCHER_GRP_AVP)")
-modparam("dispatcher", "cnt_avp", "$avp(DISPATCHER_CNT_AVP)")
-modparam("dispatcher", "sock_avp", "$avp(DISPATCHER_SOCK_AVP)")
+#modparam("dispatcher", "dst_avp", "$avp(DISPATCHER_DST_AVP)")
+#modparam("dispatcher", "grp_avp", "$avp(DISPATCHER_GRP_AVP)")
+#modparam("dispatcher", "cnt_avp", "$avp(DISPATCHER_CNT_AVP)")
+#modparam("dispatcher", "sock_avp", "$avp(DISPATCHER_SOCK_AVP)")
+
+#modparam("dispatcher", "xavp_dst", "$avp(DISPATCHER_DST_AVP)")
+#modparam("dispatcher", "xavp_dst_mode", 0)
+#modparam("dispatcher", "xavp_ctx", "$avp(DISPATCHER_CNT_AVP)")
+#modparam("dispatcher", "xavp_ctx_mode", 0)
 
 # Try to recover disabled destinations every 15 seconds.
 modparam("dispatcher", "ds_ping_interval", 15)
@@ -370,7 +394,7 @@ modparam("dispatcher", "ds_ping_reply_codes", "class=2;code=404;code=480")
 
 route {
 ##!ifdef WITH_DEBUG
-	xlog("$rm ($fu ($si:$sp) to $tu, $ci)\n");
+	xnotice("SCSCF: $rm $ru ($fu ($si:$sp) to $tu, $ci)\n");
 ##!endif
 
 	# per request initial checks
@@ -392,10 +416,6 @@ route {
                 route(PUBLISH);
                 break;
         }
-	
-	#Set DLG flag to track dialogs using dialog2
-	if (!is_method("REGISTER|SUBSCRIBE"))
-		setflag(FLT_DIALOG);
 
 	# Evaluate Route-Header and set $route_uri
 	loose_route();
@@ -405,12 +425,43 @@ route {
 		exit;
 	}
 
-	if (($route_uri =~ "sip:orig@.*") || isc_from_as("orig")) {
+	#Set DLG flag to track dialogs using dialog2
+	if (!is_method("REGISTER|SUBSCRIBE"))
+		setflag(FLT_DIALOG);
+
+	if (($route_uri =~ "sip:orig@.*") || ($route_uri =~ "sip:orig@"+HOSTNAME_ESC+".*") || isc_from_as("orig")) {
 		xlog("Orig");
 		# we need something like this to assign SCSCF to unregistered user for services
 		# support for AS origination on behalf of unregistered useri
 		# can use the registrar is_registered methods - must see if we need to check orig or term?
 
+		# Sanitize the R-URI if domain is present in from of @MSISDN of caller
+		# What in case of Roaming? - Need to handle it
+		# if ($ru =~ ".*phone-context.*") {
+		# 	if ($ru =~ "tel:.*") {
+		# 		# Handle following request-uri
+		# 		# tel:0498765432100;phone-context=ims.mnc001.mcc001.3gppnetwork.org
+		# 		$ru = $(ru{re.subst,/tel:/sip:/g});
+		# 	}
+		# 	# Now in sip: uri format
+		# 	if ($ru =~ ".*@.*") {
+		# 		$ru = $(ru{re.subst,/@[0-9+-]*;user=phone/@NETWORKNAME;user=phone/g});
+		# 		#$ru = $(ru{re.subst,/;phone-context=[A-Za-z.0-9+-]*@/;phone-context=NETWORKNAME@/g});
+		# 	} else {
+		# 		$ru = $ru + "@" + NETWORKNAME + ";user=phone";
+		# 		#$ru = $(ru{re.subst,/;phone-context=[A-Za-z.0-9+-]*@/;phone-context=NETWORKNAME@/g});
+		# 	}
+		# }
+		if (!is_method("REGISTER|SUBSCRIBE")) {
+			# sip:xxx;phone-context=xxxx@xxx format is not desired
+			if (($ru =~ ".*phone-context.*") && ($ru =~ "sip:.*")) {
+				$ru = $(ru{re.subst,/sip:/tel:/g});
+				$ru = $(ru{re.subst,/;phone-context=[A-Za-z.0-9+-@]*;user=phone//g});
+				$ru = $ru + ";phone-context=" + NETWORKNAME;
+				msg_apply_changes();
+			}
+		}
+
 		# Originating
 		route(orig);
     		break;                          
@@ -436,10 +487,10 @@ route {
 				xlog("L_DBG", "We need to do an UNREG server SAR assignemnt");
                                 assign_server_unreg("UNREG_SAR_REPLY", "location", "term");
                                 exit;
-		        }
 		} else {
 			sl_send_reply("403", "Forbidden - Domain not served");
 			exit();
+			}
 		}
 		route(term);
 		break;
@@ -1118,7 +1169,7 @@ route[PSTN_handling]
 	# $ru:           tel:+(34)-999-888-777
 	# $fu:           sip:[email protected]
 	# becomes $ru:   sip:[email protected];user=phone
-	if (!tel2sip("$ru", "$fd", "$ru"))
+	if (tel2sip2("$ru", "$fd", "$ru") < 0)
 		xlog("L_WARN", "Failed to convert $ru to a sip:-URI - M=$rm R=$ru F=$fu T=$tu IP=$si:$sp ID=$ci\n\n");
 
 	if ($rU =~ "\+[0-9]+") {

misc/examples/ims/scscf/scscf.cfg.sample

@@ -1,25 +1,30 @@
 # SIP / UDP
 listen=udp:11.22.33.44:6060
 # SIP / TCP
-#listen=tcp:11.22.33.44:6060
+listen=tcp:11.22.33.44:6060
 # SIP / TCP/TLS
 #listen=tls:11.22.33.44:6061
 
 #!define NETWORKNAME "ims.mnc001.mcc001.3gppnetwork.org"
-#!define HOSTNAME "scscf.mnc001.mcc001.3gppnetwork.org"
-#!define URI "sip:scscf.mnc001.mcc001.3gppnetwork.org:6060"
+#!define NETWORKNAME_ESC "ims\.mnc001\.mcc001\.3gppnetwork\.org"
+#!define HOSTNAME "scscf.ims.mnc001.mcc001.3gppnetwork.org"
+#!define HOSTNAME_ESC "scscf\.ims\.mnc001\.mcc001\.3gppnetwork\.org"
+#!define URI "sip:scscf.ims.mnc001.mcc001.3gppnetwork.org:6060"
 
-alias=scscf.mnc001.mcc001.3gppnetwork.org
+#!subst "/NETWORKNAME/ims.mnc001.mcc001.3gppnetwork.org/"
+#!subst "/HSS_REALM/ims.mnc001.mcc001.3gppnetwork.org/"
+
+alias=scscf.ims.mnc001.mcc001.3gppnetwork.org
 
 # ENUM-Server to query:
-#!define ENUM_SUFFIX "mnc001.mcc001.3gppnetwork.org."
+#!define ENUM_SUFFIX "ims.mnc001.mcc001.3gppnetwork.org."
 
 # SIP-Address of capturing node, if not set, capturing is disabled.
 ##!define CAPTURE_NODE "sip:127.0.0.1:9060"
 
 # Connection URL for the database:
 # For use with a single database:
-##!define DB_URL "mysql://scscf:[email protected]/scscf"
+#!define DB_URL "mysql://scscf:[email protected]/scscf"
 
 # For use with DB_Cluster: con1 (primary), con2 (backup)
 ##!define DB_URL "con1=>mysql://scscf:[email protected]/scscf"
@@ -42,8 +47,8 @@ alias=scscf.mnc001.mcc001.3gppnetwork.org
 #!define RO_DESTINATION "hssocs.voiceblue.com"
 #!define RO_ROOT "[email protected]"
 #!define RO_EXT "ext"
-#!define RO_MNC "07"
-#!define RO_MCC "262"
+#!define RO_MNC "02"
+#!define RO_MCC "001"
 #(see https://en.wikipedia.org/wiki/Mobile_country_code_(MCC))
 #!define RO_RELEASE "8"
 # See http://tools.ietf.org/html/rfc4006#section-4.1.2 for the definition of the Service-Context
@@ -73,7 +78,8 @@ alias=scscf.mnc001.mcc001.3gppnetwork.org
 #
 # Enabled Features for this host:
 ##!define WITH_DEBUG
+#!define WITH_TCP
 ##!define WITH_XMLRPC
 ##!define WITH_RO
 ##!define WITH_RO_TERM
-##!define WITH_AUTH
+#!define WITH_AUTH

misc/examples/ims/scscf/scscf.xml.sample

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <DiameterPeer 
-	FQDN="scscf.mnc001.mcc001.3gppnetwork.org"
+	FQDN="scscf.ims.mnc001.mcc001.3gppnetwork.org"
 	Realm="ims.mnc001.mcc001.3gppnetwork.org"
 	Vendor_Id="10415"
 	Product_Name="CDiameterPeer"
@@ -14,7 +14,7 @@
 	DefaultAuthSessionTimeout="3600"
 	MaxAuthSessionTimeout="3600"
 >
-	<Peer FQDN="hss.mnc001.mcc001.3gppnetwork.org" Realm="ims.mnc001.mcc001.3gppnetwork.org" port="3868"/>
+	<Peer FQDN="hss.ims.mnc001.mcc001.3gppnetwork.org" Realm="ims.mnc001.mcc001.3gppnetwork.org" port="3868"/>
 		
 	<Acceptor port="3870" bind="11.22.33.44"/>
 
@@ -32,5 +32,5 @@
         -->
         <SupportedVendor vendor="10415" />
 
-	<DefaultRoute FQDN="hss.mnc001.mcc001.3gppnetwork.org" metric="10"/>
+	<DefaultRoute FQDN="hss.ims.mnc001.mcc001.3gppnetwork.org" metric="10"/>
 </DiameterPeer>