#
# $Id: ser.cfg,v 1.25.2.1 2005/02/18 14:30:44 andrei Exp $
#
# simple quick-start config script
#

# ----------- global configuration parameters ------------------------

debug=3         # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)

# TCNet Configuration
# hostname matching an alias will satisfy the condition uri==myself.
listen="200.167.20.34"
alias="e-voip.com.br"
alias="200.167.20.34"
uid="ser"
gid="ser"

check_via=no    # (cmd. line: -v)
dns=no           # (cmd. line: -r)
rev_dns=no      # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://ser:pass@localhost/ser"

# Modules
loadmodule "/tcnet/ser/lib/ser/modules/mysql.so"
loadmodule "/tcnet/ser/lib/ser/modules/sl.so"
loadmodule "/tcnet/ser/lib/ser/modules/tm.so"
loadmodule "/tcnet/ser/lib/ser/modules/rr.so"
loadmodule "/tcnet/ser/lib/ser/modules/maxfwd.so"
loadmodule "/tcnet/ser/lib/ser/modules/usrloc.so"
loadmodule "/tcnet/ser/lib/ser/modules/registrar.so"
loadmodule "/tcnet/ser/lib/ser/modules/auth.so"
loadmodule "/tcnet/ser/lib/ser/modules/auth_db.so"
loadmodule "/tcnet/ser/lib/ser/modules/uri.so"
loadmodule "/tcnet/ser/lib/ser/modules/uri_db.so"
loadmodule "/tcnet/ser/lib/ser/modules/nathelper.so"
loadmodule "/tcnet/ser/lib/ser/modules/textops.so"
loadmodule "/tcnet/ser/lib/ser/modules/avpops.so"
loadmodule "/tcnet/ser/lib/ser/modules/acc.so"

# Modules parameter
# auth_db
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://ser:pass@localhost/ser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")

# nathelper
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock")

# usrloc
modparam("usrloc", "db_mode", 2)

# rr
modparam("rr", "enable_full_lr", 1)

# registrar
modparam("registrar", "nat_flag", 6)

# acc
modparam("acc", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("acc", "log_level", 1)
modparam("acc", "log_flag", 1)
modparam("acc", "radius_flag", 1)
modparam("acc", "radius_missed_flag", 2)
modparam("acc", "log_fmt", "miocfst")
modparam("acc", "failed_transactions", 1)

# tm
modparam("tm", "fr_inv_timer", 27)
modparam("tm", "fr_inv_timer_avp", "inv_timeout")

# main routing logic
route {

	if (method == "BYE" || method == "CANCEL") {
		unforce_rtp_proxy();
		setflag(1);		# accounting
		setflag(2);		# missed call
	};

	# initial sanity checks -- messages with
	# max_forwards==0, or excessively long requests
	if (!mf_process_maxfwd_header("10")) {
		sl_send_reply("483", "Too Many Hops");
		break;
	};
	if (msg:len > max_len) {
		sl_send_reply("513", "Message too big");
		break;
	};

	if (method!="REGISTER") {
		record_route ();
	};

	if (loose_route()) {
		if (method == "BYE") {
			setflag(1);
			setflag(2);
			unforce_rtp_proxy();
		};
		route(1);
		break;
	};

	if (uri == myself) {
		if (method=="INVITE") {
			fix_nated_sdp ("1");
		};

		if (method == "REGISTER") {
			if (search("^(Contact|m): .*@(200\.167\.20\.34|evoip03\.tcnet\.com\.br|sip\.e-voip\.com\.br)")) {
				log("LOG: alert: someone trying to set aor==contact\n");
				sl_send_reply("476", "No Server Address in Contacts Allowed");
				break;
			};

			route(2);		# WWW authentication

			if (!save("location")) {
				sl_reply_error();
			};
			break;
		};

		if (method == "INVITE") {
			route(3);			# PROXY authentication
			if (uri=~"^sip:0") {
				route(4);		# Asterisk
			};

			consume_credentials();

			#lookup("location");
			if (!lookup("location")) {
				if (!lookup("aliases")) {
					if (uri=~"^sip:[3789][0-9]") {
						prefix("035");
						route(4);	# Asterisk
					} else {
						sl_send_reply ("404", "Not Found");
						break;
					};
				};
			};
			setflag(1);
			setflag(2);
			route(1);
			break;
		};
	};
	route(1);
}

# Fix NATED client on reply route.
onreply_route[1] {
	if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") {
		if (!search("Content-Length:[ ]*0")) {
			force_rtp_proxy();
		};
	};
}

# Normal relay
route[1] {

	if (uri =~ "[@:](192\.168\.|10\.|172\.16)" && !search("^Route:")) {
		sl_send_reply("479", "We don't forward to private IP addresses");
		break;
	};

	t_on_reply("1");

	if (isflagset(6) || isflagset(5)) {
		log (1, "oi");
		force_rtp_proxy ();
	};

	if (!t_relay()) {
		sl_reply_error();
	};
}

# WWW authentication
route[2] {
	if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) {
		setflag(6);
		fix_nated_register();
		force_rport();
	};

	sl_send_reply("100", "Trying");

	if (!www_authorize("", "subscriber")) {
		www_challenge("", "0");
		break;
	};

	if (!check_to()) {
		sl_send_reply ("401", "Unauthorized");
		break;
	};

	if (isflagset(5)) {
		setflag(6);
	};
}

# PROXY authentication
route[3] {
	if (nat_uac_test("19")) {
		setflag(6);
	};

	if (!proxy_authorize("", "subscriber")) {
		proxy_challenge("", "0");
		break;
	};
}

# Asterisk - E-Voip
route[4] {
	if (isflagset(6)) {
		force_rport();
		fix_nated_contact();
		force_rtp_proxy();
	};

	t_on_reply("1");
	rewritehost("200.167.20.26");
	avp_write("i:45", "inv_timeout");
}