kamailio-basic.cfg: added basic cfg config file
authorDaniel-Constantin Mierla <miconda@gmail.com>
Tue, 2 Jul 2013 19:40:32 +0000 (21:40 +0200)
committerDaniel-Constantin Mierla <miconda@gmail.com>
Tue, 2 Jul 2013 19:40:32 +0000 (21:40 +0200)
- get the same set of configs as expected by former ser flavour

etc/kamailio-basic.cfg [new file with mode: 0644]

diff --git a/etc/kamailio-basic.cfg b/etc/kamailio-basic.cfg
new file mode 100644 (file)
index 0000000..5f403ab
--- /dev/null
@@ -0,0 +1,612 @@
+#!KAMAILIO
+#
+# Kamailio (OpenSER) SIP Server v4.0 - default configuration script
+#     - web: http://www.kamailio.org
+#     - git: http://sip-router.org
+#
+# Direct your questions about this file to: <sr-users@lists.sip-router.org>
+#
+# Refer to the Core CookBook at http://www.kamailio.org/wiki/
+# for an explanation of possible statements, functions and parameters.
+#
+# Several features can be enabled using '#!define WITH_FEATURE' directives:
+#
+# *** To run in debug mode: 
+#     - define WITH_DEBUG
+#
+# *** To enable mysql: 
+#     - define WITH_MYSQL
+#
+# *** To enable authentication execute:
+#     - enable mysql
+#     - define WITH_AUTH
+#     - add users using 'kamctl'
+#
+# *** To enable IP authentication execute:
+#     - enable mysql
+#     - enable authentication
+#     - define WITH_IPAUTH
+#     - add IP addresses with group id '1' to 'address' table
+#
+# *** To enable persistent user location execute:
+#     - enable mysql
+#     - define WITH_USRLOCDB
+#
+# *** To enable nat traversal execute:
+#     - define WITH_NAT
+#     - install RTPProxy: http://www.rtpproxy.org
+#     - start RTPProxy:
+#        rtpproxy -l _your_public_ip_ -s udp:localhost:7722
+#
+# *** To enable TLS support execute:
+#     - adjust CFGDIR/tls.cfg as needed
+#     - define WITH_TLS
+#
+# *** To enhance accounting execute:
+#     - enable mysql
+#     - define WITH_ACCDB
+#     - add following columns to database
+#!ifdef ACCDB_COMMENT
+  ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
+  ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
+  ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
+  ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
+  ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
+  ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
+  ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
+  ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
+  ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
+  ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
+  ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
+  ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
+#!endif
+
+####### Include Local Config If Exists #########
+import_file "kamailio-local.cfg"
+
+####### Defined Values #########
+
+# *** Value defines - IDs used later in config
+#!ifdef WITH_MYSQL
+# - database URL - used to connect to database server by modules such
+#       as: auth_db, acc, usrloc, a.s.o.
+#!ifndef DBURL
+#!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio"
+#!endif
+#!endif
+#!define MULTIDOMAIN 0
+
+# - flags
+#   FLT_ - per transaction (message) flags
+#      FLB_ - per branch flags
+#!define FLT_ACC 1
+#!define FLT_ACCMISSED 2
+#!define FLT_ACCFAILED 3
+#!define FLT_NATS 5
+
+#!define FLB_NATB 6
+#!define FLB_NATSIPPING 7
+
+####### Global Parameters #########
+
+### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
+#!ifdef WITH_DEBUG
+debug=4
+log_stderror=yes
+#!else
+debug=2
+log_stderror=no
+#!endif
+
+memdbg=5
+memlog=5
+
+log_facility=LOG_LOCAL0
+
+fork=yes
+children=4
+
+/* uncomment the next line to disable TCP (default on) */
+#disable_tcp=yes
+
+/* uncomment the next line to disable the auto discovery of local aliases
+   based on reverse DNS on IPs (default on) */
+#auto_aliases=no
+
+/* add local domain aliases */
+#alias="sip.mydomain.com"
+
+/* uncomment and configure the following line if you want Kamailio to 
+   bind on a specific interface/port/proto (default bind on all available) */
+#listen=udp:10.0.0.10:5060
+
+/* port to listen to
+ * - can be specified more than once if needed to listen on many ports */
+port=5060
+
+#!ifdef WITH_TLS
+enable_tls=yes
+#!endif
+
+# life time of TCP connection when there is no traffic
+# - a bit higher than registration expires to cope with UA behind NAT
+tcp_connection_lifetime=3605
+
+####### Modules Section ########
+
+# set paths to location of modules (to sources or installation folders)
+#!ifdef WITH_SRCPATH
+mpath="modules_k:modules"
+#!else
+mpath="/usr/local/lib/kamailio/modules_k/:/usr/local/lib/kamailio/modules/"
+#!endif
+
+#!ifdef WITH_MYSQL
+loadmodule "db_mysql.so"
+#!endif
+
+loadmodule "mi_fifo.so"
+loadmodule "kex.so"
+loadmodule "corex.so"
+loadmodule "tm.so"
+loadmodule "tmx.so"
+loadmodule "sl.so"
+loadmodule "rr.so"
+loadmodule "pv.so"
+loadmodule "maxfwd.so"
+loadmodule "usrloc.so"
+loadmodule "registrar.so"
+loadmodule "textops.so"
+loadmodule "siputils.so"
+loadmodule "xlog.so"
+loadmodule "sanity.so"
+loadmodule "ctl.so"
+loadmodule "cfg_rpc.so"
+loadmodule "mi_rpc.so"
+loadmodule "acc.so"
+
+#!ifdef WITH_AUTH
+loadmodule "auth.so"
+loadmodule "auth_db.so"
+#!ifdef WITH_IPAUTH
+loadmodule "permissions.so"
+#!endif
+#!endif
+
+#!ifdef WITH_NAT
+loadmodule "nathelper.so"
+loadmodule "rtpproxy.so"
+#!endif
+
+#!ifdef WITH_TLS
+loadmodule "tls.so"
+#!endif
+
+#!ifdef WITH_DEBUG
+loadmodule "debugger.so"
+#!endif
+
+# ----------------- setting module-specific parameters ---------------
+
+
+# ----- mi_fifo params -----
+modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
+
+
+# ----- tm params -----
+# auto-discard branches from previous serial forking leg
+modparam("tm", "failure_reply_mode", 3)
+# default retransmission timeout: 30sec
+modparam("tm", "fr_timer", 30000)
+# default invite retransmission timeout after 1xx: 120sec
+modparam("tm", "fr_inv_timer", 120000)
+
+
+# ----- rr params -----
+# add value to ;lr param to cope with most of the UAs
+modparam("rr", "enable_full_lr", 1)
+# do not append from tag to the RR (no need for this script)
+modparam("rr", "append_fromtag", 0)
+
+
+# ----- registrar params -----
+modparam("registrar", "method_filtering", 1)
+/* uncomment the next line to disable parallel forking via location */
+# modparam("registrar", "append_branches", 0)
+/* uncomment the next line not to allow more than 10 contacts per AOR */
+#modparam("registrar", "max_contacts", 10)
+# max value for expires of registrations
+modparam("registrar", "max_expires", 3600)
+# set it to 1 to enable GRUU
+modparam("registrar", "gruu_enabled", 0)
+
+
+# ----- acc params -----
+/* what special events should be accounted ? */
+modparam("acc", "early_media", 0)
+modparam("acc", "report_ack", 0)
+modparam("acc", "report_cancels", 0)
+/* by default ww do not adjust the direct of the sequential requests.
+   if you enable this parameter, be sure the enable "append_fromtag"
+   in "rr" module */
+modparam("acc", "detect_direction", 0)
+/* account triggers (flags) */
+modparam("acc", "log_flag", FLT_ACC)
+modparam("acc", "log_missed_flag", FLT_ACCMISSED)
+modparam("acc", "log_extra", 
+       "src_user=$fU;src_domain=$fd;src_ip=$si;"
+       "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
+modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
+/* enhanced DB accounting */
+#!ifdef WITH_ACCDB
+modparam("acc", "db_flag", FLT_ACC)
+modparam("acc", "db_missed_flag", FLT_ACCMISSED)
+modparam("acc", "db_url", DBURL)
+modparam("acc", "db_extra",
+       "src_user=$fU;src_domain=$fd;src_ip=$si;"
+       "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
+#!endif
+
+
+# ----- usrloc params -----
+/* enable DB persistency for location entries */
+#!ifdef WITH_USRLOCDB
+modparam("usrloc", "db_url", DBURL)
+modparam("usrloc", "db_mode", 2)
+modparam("usrloc", "use_domain", MULTIDOMAIN)
+#!endif
+
+
+# ----- auth_db params -----
+#!ifdef WITH_AUTH
+modparam("auth_db", "db_url", DBURL)
+modparam("auth_db", "calculate_ha1", yes)
+modparam("auth_db", "password_column", "password")
+modparam("auth_db", "load_credentials", "")
+modparam("auth_db", "use_domain", MULTIDOMAIN)
+
+# ----- permissions params -----
+#!ifdef WITH_IPAUTH
+modparam("permissions", "db_url", DBURL)
+modparam("permissions", "db_mode", 1)
+#!endif
+
+#!endif
+
+
+#!ifdef WITH_NAT
+# ----- rtpproxy params -----
+modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
+
+# ----- nathelper params -----
+modparam("nathelper", "natping_interval", 30)
+modparam("nathelper", "ping_nated_only", 1)
+modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
+modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
+
+# params needed for NAT traversal in other modules
+modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
+modparam("usrloc", "nat_bflag", FLB_NATB)
+#!endif
+
+
+#!ifdef WITH_TLS
+# ----- tls params -----
+modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")
+#!endif
+
+#!ifdef WITH_DEBUG
+# ----- debugger params -----
+modparam("debugger", "cfgtrace", 1)
+#!endif
+
+####### Routing Logic ########
+
+
+# Main SIP request routing logic
+# - processing of any incoming SIP request starts with this route
+# - note: this is the same as route { ... }
+request_route {
+
+       # per request initial checks
+       route(REQINIT);
+
+       # NAT detection
+       route(NATDETECT);
+
+       # CANCEL processing
+       if (is_method("CANCEL")) {
+               if (t_check_trans()) {
+                       route(RELAY);
+               }
+               exit;
+       }
+
+       # handle requests within SIP dialogs
+       route(WITHINDLG);
+
+       ### only initial requests (no To tag)
+
+       t_check_trans();
+
+       # authentication
+       route(AUTH);
+
+       # record routing for dialog forming requests (in case they are routed)
+       # - remove preloaded route headers
+       remove_hf("Route");
+       if (is_method("INVITE|SUBSCRIBE"))
+               record_route();
+
+       # account only INVITEs
+       if (is_method("INVITE")) {
+               setflag(FLT_ACC); # do accounting
+       }
+
+       # dispatch requests to foreign domains
+       route(SIPOUT);
+
+       ### requests for my local domains
+
+       # handle registrations
+       route(REGISTRAR);
+
+       if ($rU==$null) {
+               # request with no Username in RURI
+               sl_send_reply("484","Address Incomplete");
+               exit;
+       }
+
+       # user location service
+       route(LOCATION);
+}
+
+
+route[RELAY] {
+       # enable additional event routes for forwarded requests
+       # - serial forking, RTP relaying handling, a.s.o.
+       if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
+               if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
+       }
+       if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
+               if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
+       }
+       if (is_method("INVITE")) {
+               if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
+       }
+
+       if (!t_relay()) {
+               sl_reply_error();
+       }
+       exit;
+}
+
+# Per SIP request initial checks
+route[REQINIT] {
+#!ifdef WITH_ANTIFLOOD
+       # flood dection from same IP and traffic ban for a while
+       # be sure you exclude checking trusted peers, such as pstn gateways
+       # - local host excluded (e.g., loop to self)
+       if(src_ip!=myself) {
+               if($sht(ipban=>$si)!=$null) {
+                       # ip is already blocked
+                       xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
+                       exit;
+               }
+               if (!pike_check_req()) {
+                       xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
+                       $sht(ipban=>$si) = 1;
+                       exit;
+               }
+       }
+#!endif
+
+       if (!mf_process_maxfwd_header("10")) {
+               sl_send_reply("483","Too Many Hops");
+               exit;
+       }
+
+       if(!sanity_check("1511", "7")) {
+               xlog("Malformed SIP message from $si:$sp\n");
+               exit;
+       }
+}
+
+# Handle requests within SIP dialogs
+route[WITHINDLG] {
+       if (has_totag()) {
+               # sequential request withing a dialog should
+               # take the path determined by record-routing
+               if (loose_route()) {
+                       route(DLGURI);
+                       if (is_method("BYE")) {
+                               setflag(FLT_ACC); # do accounting ...
+                               setflag(FLT_ACCFAILED); # ... even if the transaction fails
+                       }
+                       else if ( is_method("ACK") ) {
+                               # ACK is forwarded statelessy
+                               route(NATMANAGE);
+                       }
+                       else if ( is_method("NOTIFY") ) {
+                               # Add Record-Route for in-dialog NOTIFY as per RFC 6665.
+                               record_route();
+                       }
+                       route(RELAY);
+               } else {
+                       if ( is_method("ACK") ) {
+                               if ( t_check_trans() ) {
+                                       # no loose-route, but stateful ACK;
+                                       # must be an ACK after a 487
+                                       # or e.g. 404 from upstream server
+                                       route(RELAY);
+                                       exit;
+                               } else {
+                                       # ACK without matching transaction ... ignore and discard
+                                       exit;
+                               }
+                       }
+                       sl_send_reply("404","Not here");
+               }
+               exit;
+       }
+}
+
+# Handle SIP registrations
+route[REGISTRAR] {
+       if (is_method("REGISTER")) {
+               if(isflagset(FLT_NATS)) {
+                       setbflag(FLB_NATB);
+                       # uncomment next line to do SIP NAT pinging 
+                       ## setbflag(FLB_NATSIPPING);
+               }
+               if (!save("location"))
+                       sl_reply_error();
+
+               exit;
+       }
+}
+
+# USER location service
+route[LOCATION] {
+       if (!lookup("location")) {
+               $var(rc) = $rc;
+               t_newtran();
+               switch ($var(rc)) {
+                       case -1:
+                       case -3:
+                               send_reply("404", "Not Found");
+                               exit;
+                       case -2:
+                               send_reply("405", "Method Not Allowed");
+                               exit;
+               }
+       }
+
+       # when routing via usrloc, log the missed calls also
+       if (is_method("INVITE")) {
+               setflag(FLT_ACCMISSED);
+       }
+
+       route(RELAY);
+       exit;
+}
+
+
+# Authentication route
+route[AUTH] {
+#!ifdef WITH_AUTH
+
+#!ifdef WITH_IPAUTH
+       if((!is_method("REGISTER")) && allow_source_address()) {
+               # source IP allowed
+               return;
+       }
+#!endif
+
+       if (is_method("REGISTER") || from_uri==myself) {
+               # authenticate requests
+               if (!auth_check("$fd", "subscriber", "1")) {
+                       auth_challenge("$fd", "0");
+                       exit;
+               }
+               # user authenticated - remove auth header
+               if(!is_method("REGISTER|PUBLISH"))
+                       consume_credentials();
+       }
+       # if caller is not local subscriber, then check if it calls
+       # a local destination, otherwise deny, not an open relay here
+       if (from_uri!=myself && uri!=myself) {
+               sl_send_reply("403","Not relaying");
+               exit;
+       }
+
+#!endif
+       return;
+}
+
+# Caller NAT detection route
+route[NATDETECT] {
+#!ifdef WITH_NAT
+       force_rport();
+       if (nat_uac_test("19")) {
+               if (is_method("REGISTER")) {
+                       fix_nated_register();
+               } else {
+                       add_contact_alias();
+               }
+               setflag(FLT_NATS);
+       }
+#!endif
+       return;
+}
+
+# RTPProxy control
+route[NATMANAGE] {
+#!ifdef WITH_NAT
+       if (is_request()) {
+               if(has_totag()) {
+                       if(check_route_param("nat=yes")) {
+                               setbflag(FLB_NATB);
+                       }
+               }
+       }
+       if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
+               return;
+
+       rtpproxy_manage("co");
+
+       if (is_request()) {
+               if (!has_totag()) {
+                       if(t_is_branch_route()) {
+                               add_rr_param(";nat=yes");
+                       }
+               }
+       }
+       if (is_reply()) {
+               if(isbflagset(FLB_NATB)) {
+                       add_contact_alias();
+               }
+       }
+#!endif
+       return;
+}
+
+# URI update for dialog requests
+route[DLGURI] {
+#!ifdef WITH_NAT
+       if(!isdsturiset()) {
+               handle_ruri_alias();
+       }
+#!endif
+       return;
+}
+
+# Routing to foreign domains
+route[SIPOUT] {
+       if (!uri==myself) {
+               append_hf("P-hint: outbound\r\n");
+               route(RELAY);
+       }
+}
+
+# manage outgoing branches
+branch_route[MANAGE_BRANCH] {
+       xdbg("new branch [$T_branch_idx] to $ru\n");
+       route(NATMANAGE);
+}
+
+# manage incoming replies
+onreply_route[MANAGE_REPLY] {
+       xdbg("incoming reply\n");
+       if(status=~"[12][0-9][0-9]")
+               route(NATMANAGE);
+}
+
+# manage failure routing cases
+failure_route[MANAGE_FAILURE] {
+       route(NATMANAGE);
+
+       if (t_is_canceled()) {
+               exit;
+       }
+}