ruhnet
/
kazoo-configs-kamailio
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 183 Wiki Activity
Browse Source

setup route & auth

update-rsyslog-config
lazedo 7 years ago
parent
774cb13154
commit
bc336505d1
2 changed files with 43 additions and 88 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +4
    -0
      kamailio/auth.cfg
  2. +39
    -88
      kamailio/default.cfg

+ 4
- 0
kamailio/auth.cfg View File

@ -46,6 +46,8 @@ route[SETUP_AUTH_HEADERS]
} }
#!ifdef REGISTRAR_ROLE
route[AUTH_TOKEN] route[AUTH_TOKEN]
{ {
$xavp(regcfg=>match_received) = $su; $xavp(regcfg=>match_received) = $su;
@ -93,3 +95,5 @@ route[AUTH_CCVS]
$xavp(hf[0]=>X-ecallmgr_Owner-ID) = $(xavp(ulattrs=>custom_channel_vars){kz.json,Owner-ID}); $xavp(hf[0]=>X-ecallmgr_Owner-ID) = $(xavp(ulattrs=>custom_channel_vars){kz.json,Owner-ID});
} }
} }
#!endif

+ 39
- 88
kamailio/default.cfg View File

@ -299,6 +299,9 @@ include_file "nodes-role.cfg"
include_file "sip_trace-role.cfg" include_file "sip_trace-role.cfg"
#!endif #!endif
## auth ##
include_file "auth.cfg"
####### Permissions module ########## ####### Permissions module ##########
loadmodule "permissions.so" loadmodule "permissions.so"
@ -373,13 +376,10 @@ route
} }
#!endif #!endif
#!ifdef DISPATCHER_ROLE
if (!isflagset(FLAG_INTERNALLY_SOURCED)) {
route(DISPATCHER_FIND_ROUTES);
}
#!endif
route(AUTH);
route(SETUP);
route(RELAY);
} }
#!trydef KZ_LOG_REQUEST_OPTIONS 0 #!trydef KZ_LOG_REQUEST_OPTIONS 0
@ -502,7 +502,7 @@ route[HANDLE_MESSAGE]
exit(); exit();
#!endif #!endif
} else { } else {
xlog("L_WARN", "$ci|end|MESSAGE $(hdr(Content-Type))\n");
xlog("L_WARN", "$ci|end|MESSAGE $hdr(Content-Type)\n");
if( $hdr(Content-Type) == "application/im-iscomposing+xml" ) { if( $hdr(Content-Type) == "application/im-iscomposing+xml" ) {
xlog("L_WARN", "$ci|end|dropping MESSAGE application/im-iscomposing+xml\n"); xlog("L_WARN", "$ci|end|dropping MESSAGE application/im-iscomposing+xml\n");
sl_send_reply("200", "OK"); sl_send_reply("200", "OK");
@ -634,17 +634,46 @@ route[PREPARE_INITIAL_REQUESTS]
record_route(); record_route();
} }
route[SETUP]
{
#!ifdef DISPATCHER_ROLE
if (!isflagset(FLAG_INTERNALLY_SOURCED)) {
route(DISPATCHER_FIND_ROUTES);
}
#!endif
#!ifdef REGISTRAR_ROLE
if (isflagset(FLAG_INTERNALLY_SOURCED)) {
route(ROUTE_TO_AOR);
}
#!endif
route(RELAY);
}
route[BRANCH_HEADERS]
{
if (!isflagset(FLAG_INTERNALLY_SOURCED)) {
route(AUTH_HEADERS);
} else {
remove_hf_re("^X-");
}
}
# Manage outgoing branches # Manage outgoing branches
branch_route[MANAGE_BRANCH] { branch_route[MANAGE_BRANCH] {
xlog("L_DEBUG", "$ci|branch|new branch [$T_branch_idx] to $ru\n");
xlog("L_DEBUG", "$ci|branch|new branch [$T_branch_idx] to $ru => $du\n");
#!ifdef NAT_TRAVERSAL_ROLE #!ifdef NAT_TRAVERSAL_ROLE
route(NAT_MANAGE); route(NAT_MANAGE);
#!endif #!endif
route(BRANCH_HEADERS);
} }
route[RELAY] route[RELAY]
{ {
if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH"); if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
} }
@ -671,11 +700,6 @@ route[INTERNAL_TO_EXTERNAL_RELAY]
} }
#!endif #!endif
#!ifdef REGISTRAR_ROLE
route(ROUTE_TO_AOR);
#!endif
remove_hf_re("^X-.*");
t_on_reply("EXTERNAL_REPLY"); t_on_reply("EXTERNAL_REPLY");
@ -693,15 +717,6 @@ route[EXTERNAL_TO_INTERNAL_RELAY]
} }
#!endif #!endif
remove_hf_re("^X-.*");
append_hf("X-AUTH-IP: $si\r\n");
append_hf("X-AUTH-PORT: $sp\r\n");
#!ifdef REGISTRAR_ROLE
route(ADD_AUTHORIZATION_HEADERS);
#!endif
t_on_reply("INTERNAL_REPLY"); t_on_reply("INTERNAL_REPLY");
t_on_failure("INTERNAL_FAULT"); t_on_failure("INTERNAL_FAULT");
@ -824,7 +839,7 @@ failure_route[INTERNAL_FAULT]
xlog("L_INFO", "$ci|log|failure route ignoring failure after session progress\n"); xlog("L_INFO", "$ci|log|failure route ignoring failure after session progress\n");
} else if (t_check_status("403") && $T_reply_reason=="Forbidden") { } else if (t_check_status("403") && $T_reply_reason=="Forbidden") {
xlog("L_WARNING", "$ci|log|failure route ignoring. Failed auth from IP $si\n"); xlog("L_WARNING", "$ci|log|failure route ignoring. Failed auth from IP $si\n");
} else if (t_check_status("(401)|(407)|(486)|(403)")) {
} else if (t_check_status("(401)|(407)|(486)")) {
xlog("L_INFO", "$ci|log|failure route ignoring auth reply $T_reply_code $T_reply_reason\n"); xlog("L_INFO", "$ci|log|failure route ignoring auth reply $T_reply_code $T_reply_reason\n");
} else if (t_check_status("402")) { } else if (t_check_status("402")) {
xlog("L_INFO", "$ci|log|failure route overriding reply code 402 with 486\n"); xlog("L_INFO", "$ci|log|failure route overriding reply code 402 with 486\n");
@ -908,70 +923,6 @@ route[ROUTE_TO_AOR]
} }
} }
#!ifdef REGISTRAR_ROLE
#!ifdef WITH_AUTH_TOKEN
route[ADD_AUTHORIZATION_HEADERS]
{
if (!is_method("INVITE|MESSAGE|REFER")) {
return;
}
$xavp(regcfg=>match_received) = $su;
if (registered("location","$fu", 2, 1) == 1) {
if($(xavp(ulattrs=>token){s.len}) > 0) {
append_hf("X-AUTH-Token: $xavp(ulattrs=>token)\r\n");
} else {
if($(xavp(ulattrs=>Authorizing-ID){s.len}) > 0 && $(xavp(ulattrs=>Account-ID){s.len})) {
append_hf("X-AUTH-Token: $xavp(ulattrs=>Authorizing-ID)@$xavp(ulattrs=>Account-ID)\r\n");
}
}
}
}
#!else
route[ADD_AUTHORIZATION_HEADERS]
{
if (!is_method("INVITE|MESSAGE|REFER")) {
return;
}
$xavp(regcfg=>match_received) = $su;
if (registered("location","$fu", 2, 1) == 1) {
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Account-ID}{s.len}) > 0)
append_hf("X-ecallmgr_Account-ID: $(xavp(ulattrs=>custom_channel_vars){kz.json,Account-ID})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Authorizing-Type}{s.len}) > 0)
append_hf("X-ecallmgr_Authorizing-Type: $(xavp(ulattrs=>custom_channel_vars){kz.json,Authorizing-Type})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Authorizing-ID}{s.len}) > 0)
append_hf("X-ecallmgr_Authorizing-ID: $(xavp(ulattrs=>custom_channel_vars){kz.json,Authorizing-ID})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Username}{s.len}) > 0)
append_hf("X-ecallmgr_Username: $(xavp(ulattrs=>custom_channel_vars){kz.json,Username})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Realm}{s.len}) > 0)
append_hf("X-ecallmgr_Realm: $(xavp(ulattrs=>custom_channel_vars){kz.json,Realm})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Account-Realm}{s.len}) > 0)
append_hf("X-ecallmgr_Account-Realm: $(xavp(ulattrs=>custom_channel_vars){kz.json,Account-Realm})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Account-Name}{s.len}) > 0)
append_hf("X-ecallmgr_Account-Name: $(xavp(ulattrs=>custom_channel_vars){kz.json,Account-Name})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Presence-ID}{s.len}) > 0)
append_hf("X-ecallmgr_Presence-ID: $(xavp(ulattrs=>custom_channel_vars){kz.json,Presence-ID})\r\n");
if($(xavp(ulattrs=>custom_channel_vars){kz.json,Owner-ID}{s.len}) > 0)
append_hf("X-ecallmgr_Owner-ID: $(xavp(ulattrs=>custom_channel_vars){kz.json,Owner-ID})\r\n");
}
}
#!endif
#!endif
event_route[tm:local-request] event_route[tm:local-request]
{ {
setflag(FLAG_LOCAL_REQUEST); setflag(FLAG_LOCAL_REQUEST);


Write Preview
Loading…
Cancel
Save