#
# $Id: ser.cfg,v 1.20 2003/05/31 21:12:19 jiri Exp $
#
# config script with voicemail, PSTN dial-out functionality
#

# ----------- global configuration parameters ------------------------

debug=4         # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no	# (cmd line: -E)

# Uncomment these lines to enter debugging mode
/*
debug=3
fork=no
log_stderror=yes
*/

check_via=no	# (cmd. line: -v)
dns=no           # (cmd. line: -r)
rev_dns=no      # (cmd. line: -R)
port=5060
children=5
fifo="/tmp/ser_fifo"
#sip_warning=no
group="serfifo"
fifo_mode=0660

#
# ------------------ module loading ----------------------------------
#
# Uncomment this if you want to use SQL database
loadmodule "/usr/local/lib/ser/modules/mysql.so"
#
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/vm.so"
loadmodule "/usr/local/lib/ser/modules/pa.so"
loadmodule "/usr/local/lib/ser/modules/msilo.so"
loadmodule "/usr/local/lib/ser/modules/acc.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
loadmodule "/usr/local/lib/ser/modules/group.so"
#
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
#
# ----------------- setting module-specific parameters ---------------
#
# -- usrloc params --
#
#modparam("usrloc", "db_mode",   0)
#
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 1)
#
# -- auth params --
# Uncomment if you are using auth module

modparam("auth", "rpid_prefix", "650846")
# Uncomment and change the following line to change the rpid suffix 
-20040126; gnoah
#modparam("auth", "rpid_suffix", 
";party=calling;id-type=subscriber;screen=yes") #these are the default 
values
#
# -- auth_db params --
#
modparam("auth_db","db_url","sql://ser:heslo@localhost/ser")
modparam("auth_db", "use_rpid", 1)
modparam("auth_db","rpid_column", "phone") #rpid is the default column; make 
sure it exists in subscriber table
modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")
#
modparam("rr", "enable_full_lr", 1)
#
# -- accouting params --
#
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
modparam("acc", "log_missed_flag", 1)
modparam("acc", "log_fmt", "fimos")
# f - from; i - inbound request uri; m - method; o - outbound request uri; s 
- status;
#
modparam("acc", "db_url", "sql://ser:heslo@localhost/ser")
modparam("acc", "db_flag", 1)
modparam("acc", "db_missed_flag", 1)
#
modparam("tm", "fr_inv_timer", 25)  #INVITE timeout
modparam("tm", "fr_timer", 10)  #negative INVITE reply or no
				#final reply for a request for ACK
#
modparam("voicemail", "db_url", "sql://ser:heslo@localhost/ser")
#
# -------------------------  request routing logic -------------------
#
# main routing logic
#
#alias=10.10.10.49		#sip server IP address
alias=jiffypop			#sip server name
alias=domain.com		#sip domain/realm

#
route{

	# initial sanity checks -- messages with
	# max_forwards==0, or excessively long requests
	if (!mf_process_maxfwd_header("10")) {
		sl_send_reply("483","Too Many Hops");
		break;
	};
	if (msg:len > max_len) {
#	if (len_gt( max_len )) {
		sl_send_reply("513", "Message too big");
		break;
	};

	#prevent private ip space from being used
	if(search("^(Contact|m): .*@192\.168\.")){
		if(method=="REGISTER"){
			log(1, "Someone trying to register from private IP\n");
			sl_send_reply("479", "Please don't use private IP addresses");
			break;
		};
	};

	# we record-route all messages -- to make sure that
	# subsequent messages will go through our proxy; that's
	# particularly good if upstream and downstream entities
	# use different transport protocol
	#if (!method=="REGISTER") record_route();
	record_route();
	# loose-route processing
	if (loose_route()) {
		t_relay();
		break;
	};

	# if the request is for other domain use UsrLoc
	# (in case it does not work, use the following command
	# with proper names and addresses in it)

	# deal with requests that are not destined for an internal account
#	if(!(uri==myself)){
#		route(2);
#		break;
#	};

	if (uri==myself) {
		if (method=="REGISTER") {
			# digest authentication
#			log(1,"request for registration");
#			if (!www_authorize("domain.com", "subscriber")) {
#				www_challenge("domain.com", "0");
#				break;
#			};
			log(1,"REGISTER request processed");
			if(!save("location")){
				log(1,"Unable to save location");
				sl_reply_error();
			};
			break;
		};
		setflag(1);
/* ********** Dial out to PSTN logic ************* */

		#forward 411[information] and 911[emergency] requests to gateway
		if(uri=~"^sip:(4|9)11@(domain\.com|10\.10\.10\.49)"){
			log(1,"411/911 expression match");
			route(3);
			break;
		};
		#forward numerical 7 digit requests to gateway
		if(uri=~"^sip:[0-9]{7}@(domain\.com|10\.10\.10\.49)"){
			log(1,"7 digit expression match");
			route(3);
			break;
		};
		# strip 650 and forward to GW if user dials 650 before local num
		if(uri=~"^sip:650[0-9]{7}@(domain\.com|10\.10\.10\.49)"){
			strip(3);
			log(1,"650 area code dialed, 650 stripped");
			route(3);
			break;
		};
		# strip 1650 and forward to GW if user dials 1650 before local num
		if(uri=~"^sip:1650[0-9]{7}@(domain\.com|10\.10\.10\.49)"){
			strip(4);
			log(1,"1650 dialed before local number,1650 stripped");
			route(3);
			break;
		};
		#forward numerical 10 digit requests to gateway, append a 1 first
		if(uri=~"^sip:[0-9]{10}@(domain\.com|10\.10\.10\.49)"){
			prefix("1");
			log(1,"10 digit expression match, prefix 1");
			route(3);
			break;
		};
		#forward numerical 11 digit requests that start with a 1 to GW
		if(uri=~"^sip:1[0-9]{10}@(domain\.com|10\.10\.10\.49)"){
			log(1,"10 digit exp match w/leading 1");
			route(3);
			break;
		};
		#forward international N digit requests to gateway
		if(uri=~"^sip:011[0-9]+@(domain\.com|10\.10\.10\.49)"){
			log(1,"international expression match");
			route(3);
			break;
		};

/* ********** VOICEMAIL logic ************* */
		if (uri=~"^sip:voicemail@.*" || uri=~"^sip:announce@.*" || 
uri=~"^sip:echo@.*"){
			log(1,"sip:voicemail/announce/echo uri match");
			rewritehostport("10.10.10.49:5090");
			t_relay();
			break;
		};

/*  ****** Find Aliases and Locations of users ********* */

		#lookup "aliases" before looking up "location"
		lookup("aliases");

# ******     New logic as of 3/11/2004 --gnoah
#		if domain is not local after looking up aliases, forward the request
#		to the correct domain
#		if (!(uri="^sip:(.+@)?(10\.10\..)){
#			route(5);
#			break;
#		};

		if(is_user_in("Request-URI", "voicemail")){
			log(1,"User is in Voicemail Group");
			t_on_failure("4");
			setflag(4);
		};

                # native SIP destinations are handled using our USRLOC DB

                if (!lookup("location")) {
			if(isflagset(4)){
				route(6);
			}else{
				log(1,"No location for user - going to route[4]");
				route(4);
				log(1,"returning from route[4]");
			};
			log(1,"no location, not in vm group");
			break;
		};

	};

	# forward to current uri now; use stateful forwarding; that
	# works reliably even if we forward from TCP to UDP

	log(1,"relaying from main route block");
	if (!t_relay()) {
		log(1,"main route: t_relay failed");
		sl_reply_error();
	};
#	log(1,"route[]:eof");
}

# ----------- Internet bound requests ------------

route[2]{
	log(1, "Route[2] entered");
	# outbound request are allowed only for registered V11 users
	if(!(src_ip==10.10.10.49) & !(proxy_authorize("domain.com", 
"subscriber"))){
		if(method=="ACK" | method=="BYE"){
			log(1, "failed internet bound authentication for ACK granted\n");
		}else if(method=="CANCEL"){
			log(1, "failed internet bound authentication for CANCEL granted\n");
		}else{
			proxy_challenge("domain.com","0");
			break;
		};
	};
	#verify that From field in INVITE is equal to registered user
	if(!src_ip==10.10.10.49 & method=="INVITE" & !check_from()){
		log(1,"Spoofed From attempt\n");
		sl_send_reply("403","Use Frome = ID next time");
		break;
	}:

	append_hf("P-hint: OUTBOUND ON INTERNET\r\n");
	log(1,"relaying from route[2]");
	if(!t_relay()){
		sl_reply_error();
		break;
	};
}

#---------- PSTN Bound requests -------------

route[3]{
	log(1,"route[3]:SIP-to-PSTN call routed");
	append_rpid_hf();
	rewritehostport("10.10.10.5:5060");

	forward(10.10.10.5, 5060);

#	setflag(1); 	#set flag for accounting
#	if(!t_relay()){
#		log(1,"route[2]: t_relay failed");
#		sl_reply_error();
#	};
}

#---------- Deal with offline users

route[4]{
	log(1,"route[4]: offline users or no user exists ");
	if(!t_newtran()){
		log(1,"Unable to create new txn");
		sl_reply_error();
	};
	if(!t_reply("404", "User Not Found")){
		sl_reply_error();
	};
	break;
}

route[5]{
	log(1,"Entered route[5]");
	append_hf("P-hint: ALIASED-OUTBOUND\r\n");
	if(!t_relay()){
	sl_reply_error();
	break;
	};
}

route[6]{
	log(1,"route[6]:no user location: foward to voicemail");
	revert_uri();
	lookup("aliases");
	rewritehostport("10.10.10.49:5095");
	t_relay();
}

failure_route[4]{
	log(1,"failure_route[4]");
	revert_uri();
	lookup("aliases");
	rewritehostport("10.10.10.49:5095");
	append_branch();
	append_urihf("CC-Diversion: ", "\r\n");
	append_hf("P-hint: OFFLINE-VOICEMAIL\r\n");
	log(1, "relaying from failure_route[4]");
	t_relay();
}