diff --git a/autoload_configs/acl.conf.xml b/autoload_configs/acl.conf.xml index 4f19493..32c42f3 100644 --- a/autoload_configs/acl.conf.xml +++ b/autoload_configs/acl.conf.xml @@ -1,16 +1,16 @@ - - - - - + + + + + + - - - - + + + - + \ No newline at end of file diff --git a/opensips/opensips.cfg b/opensips/opensips.cfg index bc9249f..6c004b5 100644 --- a/opensips/opensips.cfg +++ b/opensips/opensips.cfg @@ -105,11 +105,12 @@ disable_tcp=no ###################################################################### ## Module Loading ###################################################################### -mpath="/usr/local/lib64/opensips/modules/" +mpath="/usr/lib64/opensips/modules/" loadmodule "memcached.so" loadmodule "signaling.so" loadmodule "sl.so" loadmodule "tm.so" +loadmodule "dialog.so" loadmodule "maxfwd.so" loadmodule "rr.so" loadmodule "path.so" @@ -117,6 +118,7 @@ loadmodule "uri.so" loadmodule "textops.so" loadmodule "usrloc.so" loadmodule "nathelper.so" +loadmodule "nat_traversal.so" loadmodule "dispatcher.so" loadmodule "mi_fifo.so" # loadmodule "mi_datagram.so" @@ -149,7 +151,7 @@ modparam("tm", "fr_timer", 5) # modparam("tm", "fr_inv_timer_avp", "$avp(i:25)") # modparam("tm", "tw_append", # "test: ua=$hdr(User-Agent) ;avp=$avp(i:10);$rb;time=$Ts") -# modparam("tm", "pass_provisional_replies", 0) +modparam("tm", "pass_provisional_replies", 1) # modparam("tm", "syn_branch", 1) # modparam("tm", "onreply_avp_mode", 0) # modparam("tm", "disable_6xx_block", 0) @@ -221,17 +223,25 @@ modparam("usrloc", "path_column", "path") ## Nathelper Module Parameters ###################################################################### # modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7890") -modparam("nathelper", "natping_interval", 30) -modparam("nathelper", "ping_nated_only", 1) +# modparam("nathelper", "natping_interval", 30) +# modparam("nathelper", "ping_nated_only", 1) # modparam("nathelper", "natping_processes", 3) -modparam("nathelper", "sipping_bflag", 7) -modparam("nathelper", "sipping_from", "sip:sipcheck@184.106.172.9 ") +# modparam("nathelper", "sipping_bflag", 7) +# modparam("nathelper", "sipping_from", "sip:sipcheck@184.106.157.174") # modparam("nathelper", "sipping_method", "INFO") +###################################################################### +## NAT Traversal Module Parameters +###################################################################### +modparam("nat_traversal", "keepalive_interval", 60) +modparam("nat_traversal", "keepalive_method", "OPTIONS") +modparam("nat_traversal", "keepalive_from", "sip:keepalive@ping.sip.2600hz.com") +modparam("nat_traversal", "keepalive_state_file", "/tmp/opensips_keepalive_state") + ###################################################################### ## Dispatcher Module Parameters ###################################################################### -modparam("dispatcher", "list_file", "/usr/local/etc/opensips/dispatcher.list") +modparam("dispatcher", "list_file", "/etc/opensips/dispatcher.list") modparam("dispatcher", "flags", 2) modparam("dispatcher", "use_default", 0) modparam("dispatcher", "force_dst", 1) @@ -242,7 +252,7 @@ modparam("dispatcher", "cnt_avp", "$avp(i:274)") modparam("dispatcher", "hash_pvar", "$avp(i:273)") # modparam("dispatcher", "setid_pvar", "$var(setid)") modparam("dispatcher", "ds_ping_method", "OPTIONS") -modparam("dispatcher", "ds_ping_from", "sip:sipcheck@184.106.172.9:5060") +modparam("dispatcher", "ds_ping_from", "sip:sipcheck@184.106.157.174:5060") modparam("dispatcher", "ds_ping_interval", 10) # modparam("dispatcher", "ds_ping_sock", "udp:10.80.25.168:5080") modparam("dispatcher", "ds_probing_threshhold", 3) @@ -290,11 +300,18 @@ route exit; } + if (src_ip==myself) + { + xlog("L_WARN", "Src IP [$ou] from [$si:$sp]"); + + exit; + } + xlog("L_INFO", "Received [$rm] [$ou] from [$si:$sp]"); xlog("L_DBG", " From: [$fu]"); xlog("L_DBG", " To: [$tu]"); - if (is_method("OPTIONS")) + if (is_method("OPTIONS|SUBSCRIBE")) { xlog("L_NOTICE", " Method [$rm] is not supported, sending 503 to [$si:$sp]"); @@ -305,39 +322,16 @@ route t_on_reply("1"); - if (nat_uac_test("18")) - { - xlog("L_INFO", " Source port is different from the port in Via, force rport"); - - force_rport(); - - fix_nated_contact(); - - if (has_body("application/sdp")) - { - xlog("L_INFO", " Fixing nated SDP, rewritting media and origin with [$si]"); - - fix_nated_sdp("10"); - } - - # If this leads to a sucessfull register then flag 5 will cause nat=yes to be append to the contact - # and (when appropriate) the use of the nat_compensator reply branch - setflag(5); - } + t_on_failure("1"); if (has_totag()) { - if (subst_uri('/(sip:.*);nat=yes/\1/')) - { - xlog("L_INFO", " Set reply branch for NAT compensation on this message in the existing dialog"); - - t_on_reply("nat_compensator"); - } - # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { + append_hf("P-hint: rr-enforced\r\n"); + if (is_method("INVITE")) { # even if in most of the cases is useless, do RR for @@ -348,6 +342,13 @@ route #record_route(); } + if ((ds_is_in_list("$si", "$sp", "1") || ds_is_in_list("$si", "$sp", "2")) && is_method("ACK")) + { + xlog("L_INFO", " Stored [$tU] as belonging to media server [$fd]"); + + cache_store("memcached_callid_hash", "$tU ", "$fd", 3600); + } + # route it out to whatever destination was set by loose_route() # in $du (destination URI). route(1); @@ -430,33 +431,38 @@ route } # is not from media servers - if (!ds_is_in_list("$si", "$sp", "1") and !ds_is_in_list("$si", "$sp", "2")) - { - if(cache_fetch("memcached_callid_hash", "$ci", $avp(i:55))) + if (!ds_is_in_list("$si", "$sp", "1") && !ds_is_in_list("$si", "$sp", "2")) + { + if ($ct.fields(uri) && cache_fetch("memcached_callid_hash", "$(ct.fields(uri){uri.user})", $avp(i:55))) + { + $rd = $avp(i:55); + + xlog("L_INFO", " Reconized contact [$ct.fields(uri)] as belonging to media server [$rd]"); + } + else if (cache_fetch("memcached_callid_hash", "$ci", $avp(i:55))) { $rd = $avp(i:55); xlog("L_INFO", " Reconized call-id [$ci] as belonging to media server [$rd]"); + + if ($ct.fields(uri) && is_method("INVITE")) + { + xlog("L_INFO", " Stored [$(ct.fields(uri){uri.user})] as belonging to media server [$rd]"); + + cache_store("memcached_callid_hash", "$(ct.fields(uri){uri.user})", "$rd", 3600); + } } else { xlog("L_INFO", " Selecting domain from set 1 using round-robin"); - + ds_select_domain("1", "4"); - - t_on_failure("1"); } + + remove_hf("X-AUTH-IP"); append_hf("X-AUTH-IP: $si\r\n"); - - if (isflagset(5)) - { - xlog("L_INFO", " This contact is behind NAT, appending nat=yes to the Contact header"); - - # "nat=yes" is added to help with in-dialog re-INVITE, UPDATE, etc. - search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); - } - } + } # record routing if (!is_method("REGISTER|MESSAGE")) @@ -473,6 +479,8 @@ route route[1] { + route("nat_test_and_correct"); + if (!t_relay()) { xlog("L_ERR", " Unable to relay [$rm] [$ru] to [$du], sending 500"); @@ -485,40 +493,41 @@ route[1] exit; } -onreply_route[1] +route[nat_test_and_correct] { - if (t_check_status("(407)|(401)")) + if (client_nat_test("3")) { - cache_store("memcached_callid_hash", "$ci ", "$si", 60); + xlog("L_INFO", " NAT (SIP): Private IP in contact field or via address differs from source"); - xlog("L_INFO", " Stored call-id [$ci] as belonging to media server [$si]"); - } -} + force_rport(); -onreply_route[nat_compensator] -{ - xlog("L_INFO ", " Compensating reply from NATed message [$rs] [$rr]"); + if ((method=="REGISTER" || method=="SUBSCRIBE" || (method=="INVITE" && !has_totag()))) + { + xlog("L_INFO", " NAT (SIP): Activating keep alive pings"); - if (t_check_status("(407)|(401)")) - { - cache_store("memcached_callid_hash", "$ci ", "$si", 60); + nat_keepalive(); + } - xlog("L_INFO", " Stored call-id [$ci] for NATed reply as belonging to media server [$si]"); + fix_contact(); } - - if (has_body("application/sdp")) + + if (has_body("application/sdp") && nat_uac_test("8")) { - xlog("L_INFO", " Fixing nated reply SDP, rewritting media and origin with [$si]"); + xlog("L_INFO", " NAT (SDP): Private IP in SDP"); fix_nated_sdp("10"); } +} + +onreply_route[1] +{ + route("nat_test_and_correct"); - if (is_present_hf("Contact")) + if (t_check_status("(407)|(401)")) { - xlog("L_INFO", " Fixing nated reply contact header"); + cache_store("memcached_callid_hash", "$ci ", "$si", 60); - fix_nated_contact(); - #search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); + xlog("L_INFO", " Stored call-id [$ci] as belonging to media server [$si]"); } } @@ -535,12 +544,20 @@ failure_route[1] ds_mark_dst("p"); - if (ds_next_domain()) +# if (ds_next_domain()) + if(ds_select_domain("1", "4")) { xlog("L_ERR", " Hunting for avaliable media server..."); xlog("L_INFO", " Sent [$rm] [$ru] to [$rd]"); + if ($ct.fields(uri) && is_method("INVITE")) + { + xlog("L_INFO", " Stored [$(ct.fields(uri){uri.user})] as belonging to media server [$rd]"); + + cache_store("memcached_callid_hash", "$(ct.fields(uri){uri.user})", "$rd", 3600); + } + t_relay(); exit; @@ -555,3 +572,4 @@ failure_route[1] exit; } +