Hello guys. I am sending a OpenSIPS configuration file to investigate the friends waiting critical to improve and optimize the operation of my server. As it is already functional in spite of not controlling the prepaid method yet. I ask attention for NAT issues.
Thanks in advance. ********************************************* opensips.cfg file ********************************************* # # $Id: opensips_residential.m4 9742 2013-02-05 10:24:48Z vladut-paiu $ # # OpenSIPS residential configuration script # by OpenSIPS Solutions <[email protected]> # # This script was generated via "make menuconfig", from # the "Residential" scenario. # You can enable / disable more features / functionalities by # re-generating the scenario with different options.# # # Please refer to the Core CookBook at: # http://www.opensips.org/Resources/DocsCookbooks # for a explanation of possible statements, functions and parameters. # ####### Global Parameters ######### debug=6 log_stderror=no log_facility=LOG_LOCAL0 fork=yes children=4 /* uncomment the following lines to enable debugging */ #debug=6 #fork=no #log_stderror=yes /* uncomment the next line to enable the auto temporary blacklisting of not available destinations (default disabled) */ #disable_dns_blacklist=no /* uncomment the next line to enable IPv6 lookup after IPv4 dns lookup failures (default disabled) */ #dns_try_ipv6=yes /* comment the next line to enable the auto discovery of local aliases based on revers DNS on IPs */ auto_aliases=no listen=udp:Server_IP:5060 # CUSTOMIZE ME tos=0x10 # set Type of Service to Minimize Delay #disable_tcp=yes #disable_tls=yes ####### Modules Section ######## #set module path mpath="/usr/lib64/opensips/modules/" #### SIGNALING module loadmodule "signaling.so" #### StateLess module loadmodule "sl.so" #### Transaction Module loadmodule "tm.so" modparam("tm", "fr_timeout", 5) modparam("tm", "fr_inv_timeout", 30) modparam("tm", "restart_fr_on_each_reply", 0) modparam("tm", "onreply_avp_mode", 1) #### Record Route Module loadmodule "rr.so" /* do not append from tag to the RR (no need for this script) */ modparam("rr", "append_fromtag", 0) #### MAX ForWarD module loadmodule "maxfwd.so" #### SIP MSG OPerationS module loadmodule "sipmsgops.so" #### FIFO Management Interface loadmodule "mi_fifo.so" modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") modparam("mi_fifo", "fifo_mode", 0666) #### MYSQL module loadmodule "db_mysql.so" #### URI module loadmodule "uri.so" modparam("uri", "use_uri_table", 0) modparam("uri", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") modparam("uri", "db_table", "accounts") modparam("uri", "domain_column", "fk_domains") modparam("uri", "user_column", "pk_accounts") #### USeR LOCation module loadmodule "usrloc.so" modparam("usrloc", "nat_bflag", "FLB_NATB") modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") #### REGISTRAR module loadmodule "registrar.so" modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT") /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10) #### ACCounting module loadmodule "acc.so" /* what special events should be accounted ? */ modparam("acc", "early_media", 0) modparam("acc", "report_cancels", 0) /* by default we do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) modparam("acc", "failed_transaction_flag", "FLT_ACCFAILED") /* account triggers (flags) */ modparam("acc", "log_flag", "FLT_ACC") modparam("acc", "log_missed_flag", "FLT_ACCMISSED") modparam("acc", "log_extra", "caller_id=$fu;callee_id=$ru;src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_u ser=$rU;dst_domain=$rd") modparam("acc", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") modparam("acc", "db_flag", "FLT_ACC") modparam("acc", "db_missed_flag", "FLT_ACCMISSED") modparam("acc", "db_extra", "caller_id=$fu;callee_id=$ru;src_domain=$fd") modparam("acc", "cdr_flag", "CDR_FLAG") # Set it when method is bye #### AUTHentication modules loadmodule "auth.so" loadmodule "auth_db.so" modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") modparam("auth_db", "load_credentials", "") modparam("auth_db", "user_column", "pk_accounts") modparam("auth_db", "domain_column", "fk_domains") modparam("auth_db", "password_column", "pwd") #modparam("auth_db", "load_credentials", "$avp(s:rpid)=rpid; ($avp(s:countrycode)=contrycode; $avp(s:areacode=areacode") #### ALIAS module loadmodule "alias_db.so" modparam("alias_db", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") modparam("alias_db", "user_column", "fk_accounts") modparam("alias_db", "domain_column", "fk_domains") modparam("alias_db", "alias_user_column", "alias_username") modparam("alias_db", "alias_domain_column", "alias_domain") #### DOMAIN module loadmodule "domain.so" modparam("domain", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") modparam("domain", "db_mode", 1) # Use caching modparam("domain", "domain_table", "domains") modparam("domain", "domain_col", "pk_domains") modparam("auth_db|usrloc|uri", "use_domain", 1) #### DIALOG module loadmodule "dialog.so" modparam("dialog", "ping_interval", 5) modparam("dialog", "dlg_match_mode", 1) modparam("dialog", "default_timeout", 60) modparam("dialog", "db_mode", 1) modparam("dialog", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") #### NAT modules loadmodule "nathelper.so" modparam("nathelper", "natping_interval", 10) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@Server_IP") modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") loadmodule "rtpproxy.so" modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:4567") #### DIALPLAN module loadmodule "avpops.so" modparam("avpops", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") modparam("avpops", "avp_table", "usr_preferences") loadmodule "dialplan.so" modparam("dialplan", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") #### DYNAMMIC ROUTING module loadmodule "drouting.so" modparam("drouting", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") #### PERMISSIONS module loadmodule "permissions.so" modparam("permissions", "check_all_branches", 0) modparam("permissions", "db_url", "mysql://sysdba:PassordForSysDBA@localhost/mng_opensips") modparam("permissions", "address_table", "address") modparam("permissions", "grp_col", "grp") modparam("permissions", "ip_col", "ip") modparam("permissions", "mask_col", "mask") modparam("permissions", "port_col", "port") modparam("permissions", "proto_col", "proto") modparam("permissions", "info_col", "context_info") ####### Routing Logic ######## # main request routing logic route{ if (!mf_process_maxfwd_header("3")) { send_reply("483","looping"); exit; } if(is_method("OPTIONS")) { # send reply for each options request sl_send_reply("200", "ok"); exit(); } # predetermined subscribe request if(is_method("SUBSCRIBE") && uri==myself) { # route(PRESENCE); exit; } # xlog("Main Route: Detecting nat for $fU"); # Detect NAT route(NAT); xlog("Main Route: Sending management requests with dialog: $fU"); # Sending management requests with dialog route(WITHINDLG); # Handling initial requests (not shown To tag) # CANCEL processing if (is_method("CANCEL")) { xlog("Main Route: Method Cancel: $fU"); if (t_check_trans()) t_relay(); exit; } # recording route to formation of dialogs (if routed) # remove any preloaded Route header remove_hf("Route"); if(is_method("INVITE")){ xlog("Main Route: Performing record route for method INVITE : $fU"); record_route(); } t_check_trans(); # Sending to authentication xlog("Main Route: Attempt to proxy_authorize in from gw to method $rm: [$fu/$tu/$ru/$ci]"); if (!check_address("0", "$si", "$sp", "$proto")) { if (!route(AUTH)) { exit; } else { xlog("Main Route: User $fU authenticate"); } } else { xlog("Main Route: Authorized IP for the permissions module. $fu -> $src_ip"); } # preloaded route checking if (loose_route()) { xlog("L_ERR", "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]"); if (!is_method("ACK")) sl_send_reply("403","Preload Route denied"); exit; } # record routing #if (!is_method("REGISTER|MESSAGE")) # record_route(); # Contabilizando (acc) INVITES if(is_method("INVITE")){ # create dialog with timeout ##################################### # Duplicate key error in mysql ##################################### if ( !create_dialog("B") ) { xlog("L_ERR", "MainRoute: INVITE Accounting: Error on create dialog(B)!"); send_reply("500", "Invite: Internal Server Error"); exit; } xlog("Main Route: Method INVITE, contabilizando: $fU"); setflag(FLT_ACC); } if(!is_method("REGISTER")){ # Sending call to external destinations xlog("Main Route: Sending call to external destinations: $fU -> $tU"); route(SIPOUT); if($ru==""){ xlog("ru --> empty: $fU"); sl_send_reply("484", "Address Incomplete"); exit; } # apply transformations from dialplan table # Sending request to PSTN xlog("Main Route: Making sure that we route $rU"); route(PSTN); # User location service route(LOCATION); # Making the relay (routing) route(RELAY); exit; } } route[LOCATION] { alias_db_lookup("dbaliases"); if(!lookup("location")){ switch($rc) { case -1: case -3: t_newtran(); t_reply("404","Not Found"); exit; case -2: sl_send_reply("405", "Method Not Allowed"); exit; } } if(is_method("INVITE")){ setflag(FLT_ACCMISSED); } } route[NAT] { force_rport(); # if(nat_uac_test("127")){ # Never Detect if(nat_uac_test("18")){ # Never Detect if(method=="REGISTER"){ fix_nated_register(); }else{ fix_nated_contact(); #---- Insert nat=yes at the end of the Contact header ----# #---- This helps with REINVITEs, ----# #--- nat=yes will be included in the R-URI for sequential requests ---# # search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); add_rr_param(";nat=yes"); } setflag(FLT_NATS); xlog("Route Nat: Requisicao de $src_ip esta atras de NAT: $fU -> $tU"); } else { xlog("Route Nat: Requisicao de $src_ip nao esta atras de NAT: $fU -> $tU"); } } route[WITHINDLG] { if(has_totag()){ if(loose_route()){ # validate the sequential request against dialog if ( $DLG_status!=NULL && !validate_dialog() ) { xlog("In-Dialog $rm from $si (callid=$ci) is not valid according to dialog\n"); ## exit; } if(is_method("BYE")){ setflag(CDR_FLAG); # calculate time of session on BYE setflag(FLT_ACC); # do accounting ... setflag(FLT_ACCFAILED); # even if the transaction fails } else if (is_method("INVITE")) { # even if in most of the cases is useless, do RR for # re-INVITEs alos, as some buggy clients do change route set # during the dialog. xlog("Route with in Dialog: loose route $rU -> $fU\n"); record_route(); } route(RELAY); }else{ if(is_method("ACK")){ if(t_check_trans()){ t_relay(); exit; } }else{ xlog("Route Withing Dialog: We are not in loose, has totag, method not ack [ $rm ] "); # ACK for not found transaction, ignore it... exit; } sl_send_reply("404", "Not Here"); } exit; } } route[AUTH]{ xlog("Route Authentication: Authentication request to method $rm: $fU"); if (is_method("REGISTER")) { # Authenticate REGISTER request if (!www_authorize("$fd", "accounts")) { xlog("Route Authentication: Fail www_authorize $rm: $fd $fU"); www_challenge("$fd", "1"); exit; } if (!db_check_to()) { sl_send_reply("403","Forbidden auth ID"); exit; } # Manage REGISTRAR requests if (!route(REGISTRAR)) { sl_send_reply("403","Forbidden auth ID"); exit; } xlog("Route Authentication: auth ID $au <-> $tU"); if ($au!=$tU) { xlog("Route Authentication: Authentication fail: $fU"); sl_send_reply("403", "Forbidden auth ID"); } } else { if (route(FSINBOUND)) { xlog("AUTH: FSINBOUND return"); exit; } xlog("Route Authentication: method: $rm from user: $fu"); if (is_from_local()) { xlog("Route Authentication: Try authenticate user $fU by ip or proxy_auth para $rm"); if (!check_source_address("0")) { if (!proxy_authorize("", "accounts")) { xlog("Route Authentication: Fail proxy_authorize $rm: $fU"); proxy_challenge("", "0"); return(-1); } if (!db_check_from()) { sl_send_reply("403","Forbidden auth ID"); exit; } consume_credentials(); xlog("Route Authentication: User $fu authenticate"); } else { xlog("Route Authentication: Authenticate user for the IP: $fU"); return; } } else { if (!is_uri_host_local()) { send_reply("403","Rely forbidden"); exit; } } } return; } route[REGISTRAR] { if(is_method("REGISTER")){ xlog("Main Route: Manage REGISTER requests: $fU"); if(isflagset(FLT_NATS)){ setbflag(FLB_NATB); } if(!save("location")){ sl_reply_error(); } } } route[SIPOUT]{ if(!uri==myself){ append_hf("P-hint: outbound\r\n"); route(RELAY); } } route[PSTN]{ xlog("Route PSTN: from $fU to $rU"); if(!uri==myself){ xlog("Route PSTN 403: Not allowed to others"); sl_send_reply("403", "Not Allowed"); exit; } $avp(dest) = ""; if (!dp_translate("0","$ruri.user/$rU","$avp(dest)")) { xlog("Route PSTN 420: Invalid destination to ru: $rU destination: $avp(dest)"); send_reply("420", "Invalid destination"); exit; } xlog("Route PSTN: From User $rU to destination: $avp(dest) / $ruri.user"); if ($avp(dest)=="usrloc") { # Route to USRLOC $avp(routeid) = 1; route(USRLOC); exit; } if ($avp(dest)=="fix_pstn") { # Route to pstn $avp(routeid) = 1; route(GATEWAY); } if ($avp(dest)=="mov_pstn") { # Route to cel phone $avp(routeid) = 3; route(GATEWAY); } if ($avp(dest)=="int_pstn") { # Route to international call $avp(routeid) = 2; route(GATEWAY); } xlog("Route PSTN: $fU para $tU is invalid."); send_reply("420", "Invalid Extension"); t_on_failure("FAIL_ONE"); # I don´t know if this command is needed # route(RELAY); exit; } route[GATEWAY] { xlog("Route GATEWAY: gw group: $avp(routeid) - $fU -> $rU\n"); if (!do_routing("$avp(routeid)")) { xlog("Route GATEWAY: Fail to routing call. Group: $avp(routeid) - $fU -> $rU\n"); send_reply("500", "No Gateway to Route found"); exit; } route(RELAY); } route[RELAY] { if(check_route_param("nat=yes")){ setbflag(FLB_NATB); } if(isflagset(FLT_NATS) || isbflagset(FLB_NATB)){ route(RTPPROXY); } if(is_method("INVITE")){ t_on_reply("REPLY_ONE"); t_on_failure("FAIL_ONE"); } xlog("Route Relay: Try route call $fU -> $rU"); if(!t_relay()){ xlog("Route Relay: Fail to route call. Unable to forwarding: $fU -> $tU ."); sl_reply_error(); } # xlog("Route Relay Error $fU -> $rU: Not relay this call by this route!!!"); } route[RTPPROXY] { if(is_method("BYE")){ unforce_rtp_proxy(); xlog("Route RtpProxy: Rtpproxy off $fU"); }else if(is_method("INVITE")){ xlog("Route RtpProxy: try on rtpproxy for $fU"); rtpproxy_engage(); } if(!has_totag()){ if(!check_route_param("nat=yes")){ add_rr_param(";nat=yes"); xlog("Route RtpProxy $fU: NAT yes not found, add it."); } } return; } route[FSINBOUND] { if($si=="LocalGW_IP" && $sp=="59892"){ return(1); }else{ return(-1); } } # User Location Route route[USRLOC] { # do lookup with method filtering if (!lookup("location", "m")) { switch ($retcode) { case -1: case -3: t_newtran(); t_reply("404", "Not Found"); return(-1); case -2: sl_send_reply("405", "Method not allowed"); return(-1); } } # when routing via usrloc, log the missed calls also setflag(FLT_ACCMISSED); route(RELAY); } branch_route[per_branch_ops] { xlog("new branch at $ru\n"); } onreply_route[REPLY_ONE] { xlog("On Reply Route: Incoming reply $fU"); if((isflagset(FLT_NATS) || isbflagset(FLB_NATB) && status =~ "(183)|(2[0-9][0-9])")){ rtpproxy_offer(); } if(isbflagset(FLB_NATB)){ fix_nated_contact(); } } failure_route[FAIL_ONE]{ xlog("On Failure Route: FAIL_ONE para $fU"); if(is_method("INVITE") && (isbflagset(FLB_NATB) || isflagset(FLT_NATS))){ rtpproxy_unforce(); } if(t_was_cancelled()){ exit; } } failure_route[NEXT_GW] { if (t_was_cancelled()) { exit; } if (use_next_gw()) { xlog("Next Gateway $rU \n"); t_on_failure("FAIL_ONE"); t_relay(); exit; } else { t_reply("503", "Service not avaliable, no more gateways!"); exit; } } local_route { if (is_method("BYE") && $DLG_dir=="UPSTREAM") { acc_db_request("200 Dialog Timeout", "acc"); } } _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
