Kamailio
/
kamailio
mirror of https://github.com/kamailio/kamailio.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247
							#
# $Id$
#
# iptel.org real world configuration
#

# ----------- global configuration parameters ------------------------

#debug=8          # debug level (cmd line: -dddddddddd)
debug=3
#fork=yes
fork=no
children=2
#log_stderror=no	# (cmd line: -E)
log_stderror=yes	# (cmd line: -E)
check_via=yes     # (cmd. line: -v)
dns=on           # (cmd. line: -r)
rev_dns=yes      # (cmd. line: -R)
port=5060
#port=8060

# advertise IP address in Via (as opposed to advertising DNS name
# which is annoying for downstream servers and some phones can
# not handle DNS at all)
listen=195.37.77.100

# ------------------ module loading ----------------------------------

loadmodule "../sip_router/modules/sl/sl.so"
loadmodule "../sip_router/modules/print/print.so"
#loadmodule "../sip_router/modules/tm/tm.so"
loadmodule "../sip_router/modules/acc/acc.so"
loadmodule "../sip_router/modules/rr/rr.so"
loadmodule "../sip_router/modules/maxfwd/maxfwd.so"
#loadmodule "../sip_router/modules/mysql/mysql.so"
loadmodule "../sip_router/modules/usrloc/usrloc.so"
#loadmodule "../sip_router/modules/auth/auth.so"
loadmodule "../sip_router/modules/cpl/cpl.so"

# ----------------- setting module-specific parameters ---------------

# -- usrloc params --

modparam("usrloc", "use_database",   0)
modparam("usrloc", "flush_interval", 3600)

# -- acc params --
# report ACKs too for sake of completeness -- as we account PSTN
# destinations which are RR, ACKs should show up
modparam("acc", "report_ack", 1)
# don't bother me with early media reports (I don't like 183 
# too much anyway...ever thought of timer C hitting after
# listening to music-on-hold for five minutes?)
modparam("acc", "early_media", 0)
modparam("acc", "log_level", 1)
# that is the flag for which we will account -- don't forget to
# set the same one :-)
modparam("acc", "acc_flag", 3 )
# we are interested only in succesful transactions
modparam("acc", "failed_transactions", 0 )

# -- tm params --
modparam("tm", "fr_timer", 10 )
modparam("tm", "fr_inv_timer", 10 )
modparam("tm", "wt_timer", 1000 )
modparam("tm", "noisy_ctimer", 1 )

# -------------------------  request routing logic -------------------

# main routing logic

route{

	#t_uac();

	# filter local stateless ACK generated by authentication of mf replies
	sl_filter_ACK();

	# filter too old messages
	log("LOG: Checking maxfwd\n");
	if (!mf_process_maxfwd_header("10")) {
		log("LOG: Too many hops\n");
		sl_send_reply("483","Too Many Hops");
		break;
	};

	# len_gt *after* max_fwd, otherwise an "INVITE sip:[email protected]"
	# will cause "message too big" for a short message

	if (len_gt( max_len )) {
		sl_send_reply("513", "Riesengross -- Message too large");
		break;
	};


	# Do strict routing if route headers present
	rewriteFromRoute();

	# look at whether we need record-routing; 
	# - we need it for calls  from gateways (otherwise, subsequent 
	#   requests from the other # party will attempt to contact gateway 
	#  	directly through blocked ports)
	# - we need it for Windows Messanger's IM sessions to cross
	#   firewalls -- we force all MESSAGEs to go via our server
	#   to avoid blocking port numbers (some firewalls can do
	#   standard SIP but are puzzled by Microsoft's proprietary
	#   messaging session model)
	# - some other places may decide to set the record-routing
	#   flag (2 chosen) too; particularly, INVITEs to our gw
	if ( (src_ip==195.37.77.110 & method=="INVITE") || method=="MESSAGE" || method=="INFO" )  {
		setflag(2);
	};


	# if this request is not for our domain, fall over to
	# outbound request processing; include gateway's address
	# in matching too -- we RR requests to it, so that
	# its address may show up in subsequent requests
	# after rewriteFromRoute

	# sign of our domain: there is @ (username), :
    # (nothing) or . (host) in front of our domain name	
	if (!(uri=~"bat\.iptel\.org([;:].*)*" 
		| uri=~"[@:\.]195\.37\.77\.101([;:].*)*" |
		uri=~"@195\.37\.77\.110([;:].*)*" )) {
		route(2);
		# break from route (2) return -- stop then !
		break;
	};
	# here we continue with requests for our domain...

	# registers always MUST be authenticated to
	# avoid stealing incoming calls	
	if (method=="REGISTER") {
		log("LOG Request is REGISTER\n");
		# prohibit attempts to grab someone else's To address 
		# using  valid credentials; the only exception is the user
		# 'replciator' permitted to generate 3-rd party registrations

		# update Contact database
       	log("LOG: REGISTER is authorized, saving location\n");
		save_contact("location");
		break;
	};

	# now check if it's about PSTN destinations through our gateway;
	# note that 8.... is exempted for numerical destinations
	if (uri=~"sip:\+?[0-79][0-9]*@.*") {
		route(3);
		# break from route (3) return -- stop then !
		break;
	}; 

	# native SIP destinations are handled using our USRLOC DB
	if (!lookup_contact("location")) {
		if (method=="ACK") {
			log("Ooops -- an ACK made it here -- probably UAC screwed up to-tags\n");
			break;
		};
		log("LOG: Unable to lookup contact, sending 404\n");
		sl_send_reply("404", "Not Found");
		break;
	};

	# requests from gateway should be RR-ed too
	if (isflagset(2)) {
		addRecordRoute();
	};

	# we now know we may, we know where, let it go out now!
	if (!t_relay()) {
		sl_reply_error();
		break;
	};
}
#---------------------------------------------------------------------

# routing logic for outbound requests targeted out of our domain
# (beware, messages to our users can end up here too: for example,
#  an INVITE may be UsrLoc-ed, then the other party uses outbound
#  proxy with r-uri=the usr_loced addredd (typically IP))
route[2] {

		# requests from gateway should be RR-ed too
		if (isflagset(2)) {
			addRecordRoute();
		};
		if (!t_relay()) {
			sl_reply_error();
			break;
		};
}

#---------------------------------------------------------------------

# logic for calls through our PSTN gateway
route[3] {
	# if it is a MESSAGE pass it "as is" over to our SMS gateway
	# (which unfortunately lives at a different host due to
	# lack of serial interfaces)
	if (method=="MESSAGE") {
		# note that we don't do any admission control yet:
		# anyone can SMS anywhere; 
		setflag(1);
		rewritehostport("195.37.77.100:5070");
		if (!t_relay()) {
			sl_reply_error(); 
		};
		break;
	};
	# continue with requests to PSTN gateway ...

	# the international + prefix
	if (uri=~"sip:\+" ) {
		strip(1);
		prefix("000");
	};
	# free call destinations ... no authentication needed
	if (uri=~"sip:001795061546@.*" | uri=~"sip:0016097265544.*" 
		| uri=~"sip:[79][0-9][0-9][0-9]@.*" 
		| uri=~"sip:98[0-9][0-9][0-9][0-9]") {
		log("LOG: Free PSTN\n");
		# let's log free calls for now too ...
		setflag(1);
	} else {
		# we passed all authorization checks for PSTN -- move on!
		# tag this transaction for accounting
		setflag(1);

	}; # authorized PSTN

	# requests to gateway must be record-routed because the GW accepts
	# only reqeusts coming from our proxy
	if (isflagset(2) || method=="INVITE")
		addRecordRoute();

	# if you have passed through all the checks, let your call go to GW!


	rewritehostport("fox.iptel.org:5060");

	if (!t_relay()) {
		sl_reply_error(); 
		break; 
	};
}