Hi everyone<br><br>I'm trying to integrate Asterisk with Kamailio for voicemail.<br>I tried to follow this tutorial: <a href="http://kb.asipto.com/asterisk:realtime:kamailio-3.3.x-asterisk-10.7.0-astdb">http://kb.asipto.com/asterisk:realtime:kamailio-3.3.x-asterisk-10.7.0-astdb</a><br>
BUT:<br><br>- I had to adapt it because I use LDAP authentication with Kamailio<br>- I had problems with Asterisk 10.7 (problems with chan_sip module crashing) so I've installed Asterisk 11 on another VM<br>- we have high-availability with 2 Kamailio servers, with Kamailio listening on TCP (constraint from our SSL gateway in front of Kamailio) on a "virtual IP" (created by keep-alive): this VIP is not visible with ifconfig, but you can see it with the command "ip addr sh eth0"<br>
<br>For now, we use Linphone on Windows as SIP clients to test.<br>If I don't define WITH_ASTERISK, calls work, I can call someone@domain.tld<br>However, if I define WITH_ASTERISK, calls fail (even with destination registered and available) and I have these errors in the logfile:<br>
<br>Nov 15 11:45:08 kamailio1 /usr/sbin/kamailio[25308]: ERROR: tm [ut.h:333]: no corresponding socket for af 2<br>Nov 15 11:45:08 kamailio1 /usr/sbin/kamailio[25308]: ERROR: tm [t_fwd.c:424]: ERROR: can't fwd to af 2, proto 1 (no corresponding listening socket)<br>
Nov 15 11:45:08 kamailio1 /usr/sbin/kamailio[25308]: ERROR: tm [t_fwd.c:1530]: ERROR: t_forward_nonack: failure to add branches<br>Nov 15 11:45:08 kamailio1 /usr/sbin/kamailio[25308]: INFO: <script>: reply error<br>
Nov 15 11:45:08 kamailio1 /usr/sbin/kamailio[25308]: ERROR: sl [sl_funcs.c:371]: ERROR: sl_reply_error used: I'm terribly sorry, server error occurred (1/SL)<br><br>It seems to happen on the if (!t_relay()) line in ROUTE[RELAY]<br>
<br>192.168.14.25 is the real IP of the Kamailio server, <br>192.168.14.24 is the VIP of the Kamailio "cluster"<br>192.168.14.28 is the IP of the Mysql server<br>192.168.14.32 is the IP of the Asterisk server<br>
<br>I can't find why the relay doesn't work. I've tried to bypass the VIP and have Kamailio listen on the real IP, but it still doesn't work: I don't seem to have the same errors as above, but I don't see any traffic between Kamailio and Asterisk.<br>
<br>What could be the problem? Thanks for your help<br><br>Christophe<br><br><br><br><br><br>Below is my kamailio.cfg:<br><br><br>#!WITH_DEBUG<br><br>#!KAMAILIO<br>#<br># Kamailio (OpenSER) SIP Server v3.2 - default configuration script<br>
# - web: <a href="http://www.kamailio.org">http://www.kamailio.org</a><br># - git: <a href="http://sip-router.org">http://sip-router.org</a><br>#<br># Direct your questions about this file to: <<a href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>><br>
#<br># Refer to the Core CookBook at <a href="http://www.kamailio.org/dokuwiki/doku.php">http://www.kamailio.org/dokuwiki/doku.php</a><br># for an explanation of possible statements, functions and parameters.<br>#<br># Several features can be enabled using '#!define WITH_FEATURE' directives:<br>
#<br># *** To run in debug mode: <br># - define WITH_DEBUG<br>#<br># *** To enable mysql: <br># - define WITH_MYSQL<br>#<br># *** To enable authentication execute:<br># - enable mysql<br># - define WITH_AUTH<br>
# - add users using 'kamctl'<br>#<br># *** To enable IP authentication execute:<br># - enable mysql<br># - enable authentication<br># - define WITH_IPAUTH<br># - add IP addresses with group id '1' to 'address' table<br>
#<br># *** To enable persistent user location execute:<br># - enable mysql<br># - define WITH_USRLOCDB<br>#<br># *** To enable presence server execute:<br># - enable mysql<br># - define WITH_PRESENCE<br>#<br>
# *** To enable nat traversal execute:<br># - define WITH_NAT<br># - install RTPProxy: <a href="http://www.rtpproxy.org">http://www.rtpproxy.org</a><br># - start RTPProxy:<br># rtpproxy -l _your_public_ip_ -s udp:localhost:7722<br>
#<br>###!define WITH_NAT<br><br># *** To enable PSTN gateway routing execute:<br># - define WITH_PSTN<br># - set the value of pstn.gw_ip<br># - check route[PSTN] for regexp routing condition<br>#<br># *** To enable database aliases lookup execute:<br>
# - enable mysql<br># - define WITH_ALIASDB<br>#<br># *** To enable speed dial lookup execute:<br># - enable mysql<br># - define WITH_SPEEDDIAL<br>#<br># *** To enable multi-domain support execute:<br># - enable mysql<br>
# - define WITH_MULTIDOMAIN<br>#<br># *** To enable TLS support execute:<br># - adjust CFGDIR/tls.cfg as needed<br># - define WITH_TLS<br>#<br># *** To enable XMLRPC support execute:<br># - define WITH_XMLRPC<br>
# - adjust route[XMLRPC] for access policy<br>#<br># *** To enable anti-flood detection execute:<br># - adjust pike and htable=>ipban settings as needed (default is<br># block if more than 16 requests in 2 seconds and ban for 300 seconds)<br>
# - define WITH_ANTIFLOOD<br>#<br># *** To block 3XX redirect replies execute:<br># - define WITH_BLOCK3XX<br>#<br># *** To enable VoiceMail routing execute:<br># - define WITH_VOICEMAIL<br># - set the value of voicemail.srv_ip<br>
# - adjust the value of voicemail.srv_port<br>#<br># *** To enhance accounting execute:<br># - enable mysql<br># - define WITH_ACCDB<br># - add following columns to database<br>#!ifdef ACCDB_COMMENT<br> ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';<br>
ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';<br> ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';<br> ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';<br>
ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';<br> ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';<br> ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';<br>
ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';<br> ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';<br> ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';<br>
ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';<br> ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';<br>#!endif<br><br>###!define WITH_ASTERISK<br>
###!define WITH_VOICEMAIL<br>#!define WITH_LDAP<br>#!define WITH_AUTH<br>#!define WITH_MYSQL<br>####### Defined Values #########<br><br># *** Value defines - IDs used later in config<br>#!ifdef WITH_MYSQL<br># - database URL - used to connect to database server by modules such<br>
# as: auth_db, acc, usrloc, a.s.o.<br>#!define DBURL "mysql://<a href="http://openserrw:openserrw@192.168.14.28/openser">openserrw:openserrw@192.168.14.28/openser</a>"<br><br>#!ifdef WITH_ASTERISK<br>#!define DBASTURL "mysql://<a href="http://asterisk:asteriskpwd@192.168.14.28/asterisk">asterisk:asteriskpwd@192.168.14.28/asterisk</a>"<br>
#!endif<br><br>#!endif<br>#!ifdef WITH_MULTIDOMAIN<br># - the value for 'use_domain' parameters<br>#!define MULTIDOMAIN 1<br>#!else<br>#!define MULTIDOMAIN 0<br>#!endif<br><br># - flags<br># FLT_ - per transaction (message) flags<br>
# FLB_ - per branch flags<br>#!define FLT_ACC 1<br>#!define FLT_ACCMISSED 2<br>#!define FLT_ACCFAILED 3<br>#!define FLT_NATS 5<br><br>#!define FLB_NATB 6<br>#!define FLB_NATSIPPING 7<br><br>####### Global Parameters #########<br>
<br>#!ifdef WITH_DEBUG<br>debug=4<br>log_stderror=no<br>#!else<br>debug=2<br>log_stderror=no<br>#!endif<br><br>memdbg=5<br>memlog=5<br><br>log_facility=LOG_LOCAL6<br><br>fork=yes<br>children=4<br><br>/* uncomment the next line to disable TCP (default on) */<br>
#disable_tcp=yes<br><br>/* uncomment the next line to disable the auto discovery of local aliases<br> based on reverse DNS on IPs (default on) */<br>auto_aliases=no<br><br>/* add local domain aliases */<br>alias="mydomain.corp"<br>
<br>/* uncomment and configure the following line if you want Kamailio to <br> bind on a specific interface/port/proto (default bind on all available) */<br>listen=tcp:<a href="http://192.168.14.24:5060">192.168.14.24:5060</a><br>
#listen=tcp:<a href="http://192.168.14.25:5060">192.168.14.25:5060</a><br><br>/* port to listen to<br> * - can be specified more than once if needed to listen on many ports */<br>#port=5060<br><br>#!ifdef WITH_TLS<br>enable_tls=yes<br>
#!endif<br><br># life time of TCP connection when there is no traffic<br># - a bit higher than registration expires to cope with UA behind NAT<br>tcp_connection_lifetime=3605<br><br>####### Custom Parameters #########<br>
<br># These parameters can be modified runtime via RPC interface<br># - see the documentation of 'cfg_rpc' module.<br>#<br># Format: <a href="http://group.id">group.id</a> = value 'desc' description<br># Access: $sel(<a href="http://cfg_get.group.id">cfg_get.group.id</a>) or @<a href="http://cfg_get.group.id">cfg_get.group.id</a><br>
#<br><br>#!ifdef WITH_PSTN<br># PSTN GW Routing<br>#<br># - pstn.gw_ip: valid IP or hostname as string value, example:<br># pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"<br>#<br># - by default is empty to avoid misrouting<br>
pstn.gw_ip = "" desc "PSTN GW Address"<br>#!endif<br><br>#!ifdef WITH_VOICEMAIL<br># VoiceMail Routing on offline, busy or no answer<br>#<br># - by default Voicemail server IP is empty to avoid misrouting<br>
voicemail.srv_ip = "192.168.14.32" desc "VoiceMail IP Address"<br>voicemail.srv_port = "5060" desc "VoiceMail Port"<br>#!endif<br><br>#!ifdef WITH_ASTERISK<br>asterisk.bindip = "192.168.14.32" desc "Asterisk IP Address"<br>
asterisk.bindport = "5060" desc "Asterisk Port"<br>kamailio.bindip = "192.168.14.24" desc "Kamailio IP Address"<br>kamailio.bindport = "5060" desc "Kamailio Port"<br>
#!endif<br><br><br>####### Modules Section ########<br><br># set paths to location of modules (to sources or installation folders)<br>#!ifdef WITH_SRCPATH<br>mpath="modules_k:modules"<br>#!else<br>mpath="/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/"<br>
#!endif<br><br>#!ifdef WITH_MYSQL<br>loadmodule "db_mysql.so"<br>#!endif<br><br>loadmodule "mi_fifo.so"<br>loadmodule "kex.so"<br>loadmodule "tm.so"<br>loadmodule "tmx.so"<br>
loadmodule "sl.so"<br>loadmodule "rr.so"<br>loadmodule "pv.so"<br>loadmodule "maxfwd.so"<br>loadmodule "usrloc.so"<br>loadmodule "registrar.so"<br>loadmodule "textops.so"<br>
loadmodule "siputils.so"<br>loadmodule "xlog.so"<br># loadmodule "sanity.so"<br>loadmodule "ctl.so"<br>loadmodule "cfg_rpc.so"<br>loadmodule "mi_rpc.so"<br>loadmodule "acc.so"<br>
<br>#!ifdef WITH_AUTH<br>loadmodule "auth.so"<br>loadmodule "auth_db.so" #chris<br>loadmodule "ldap.so"<br>modparam ("ldap", "config_file", "/etc/kamailio/ldap.cfg")<br>
#!ifdef WITH_IPAUTH<br>loadmodule "permissions.so"<br>#!endif<br>#!endif<br><br>#!ifdef WITH_ALIASDB<br>loadmodule "alias_db.so"<br>#!endif<br><br>#!ifdef WITH_SPEEDDIAL<br>loadmodule "speeddial.so"<br>
#!endif<br><br>#!ifdef WITH_MULTIDOMAIN<br>loadmodule "domain.so"<br>#!endif<br><br>#!ifdef WITH_PRESENCE<br>loadmodule "presence.so"<br>loadmodule "presence_xml.so"<br>#!endif<br><br>#!ifdef WITH_NAT<br>
loadmodule "nathelper.so"<br>loadmodule "rtpproxy.so"<br>#!endif<br><br>#!ifdef WITH_TLS<br>loadmodule "tls.so"<br>#!endif<br><br>#!ifdef WITH_ANTIFLOOD<br>loadmodule "htable.so"<br>
loadmodule "pike.so"<br>#!endif<br><br>#!ifdef WITH_XMLRPC<br>loadmodule "xmlrpc.so"<br>#!endif<br><br>#!ifdef WITH_DEBUG<br>loadmodule "debugger.so"<br>#!endif<br><br>#!ifdef WITH_ASTERISK<br>
loadmodule "uac.so"<br>#!endif<br><br><br># ----------------- setting module-specific parameters ---------------<br><br><br># ----- mi_fifo params -----<br>#modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")<br>
modparam("mi_fifo", "fifo_name", "/tmp/kamailio_tmp")<br><br><br># ----- tm params -----<br># auto-discard branches from previous serial forking leg<br>modparam("tm", "failure_reply_mode", 3)<br>
# default retransmission timeout: 30sec<br>modparam("tm", "fr_timer", 30000)<br># default invite retransmission timeout after 1xx: 120sec<br>modparam("tm", "fr_inv_timer", 120000)<br>
<br># suppress the check for the CSEQ method<br># modparam("sanity", "default_checks", 967)<br><br># ----- rr params -----<br># add value to ;lr param to cope with most of the UAs<br>modparam("rr", "enable_full_lr", 1)<br>
# do not append from tag to the RR (no need for this script)<br>#edit asterisk<br>#!ifdef WITH_ASTERISK<br>modparam("rr", "append_fromtag", 1)<br>#!else<br>modparam("rr", "append_fromtag", 0)<br>
#!endif<br><br># ----- registrar params -----<br>modparam("registrar", "method_filtering", 1)<br>/* uncomment the next line to disable parallel forking via location */<br># modparam("registrar", "append_branches", 0)<br>
/* uncomment the next line not to allow more than 10 contacts per AOR */<br>modparam("registrar", "max_contacts", 256)<br># max value for expires of registrations<br>modparam("registrar", "max_expires", 3600)<br>
<br><br># ----- acc params -----<br>/* what special events should be accounted ? */<br>modparam("acc", "early_media", 0)<br>modparam("acc", "report_ack", 0)<br>modparam("acc", "report_cancels", 0)<br>
/* by default ww do not adjust the direct of the sequential requests.<br> if you enable this parameter, be sure the enable "append_fromtag"<br> in "rr" module */<br>modparam("acc", "detect_direction", 0)<br>
/* account triggers (flags) */<br>modparam("acc", "log_flag", FLT_ACC)<br>modparam("acc", "log_missed_flag", FLT_ACCMISSED)<br>modparam("acc", "log_extra", <br> "src_user=$fU;src_domain=$fd;src_ip=$si;"<br>
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")<br>modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)<br>/* enhanced DB accounting */<br>#!ifdef WITH_ACCDB<br>modparam("acc", "db_flag", FLT_ACC)<br>
modparam("acc", "db_missed_flag", FLT_ACCMISSED)<br>modparam("acc", "db_url", DBURL)<br>modparam("acc", "db_extra",<br> "src_user=$fU;src_domain=$fd;src_ip=$si;"<br>
"dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")<br>#!endif<br><br><br># ----- usrloc params -----<br>/* enable DB persistency for location entries */<br>#!ifdef WITH_USRLOCDB<br>modparam("usrloc", "db_url", DBURL)<br>
modparam("usrloc", "db_mode", 2)<br>modparam("usrloc", "use_domain", MULTIDOMAIN)<br>#!endif<br><br>#chris commented out this part<br># ----- auth_db params -----<br>#!ifdef WITH_AUTH<br>
modparam("auth_db", "calculate_ha1", yes)<br>modparam("auth_db", "load_credentials", "")<br>#!ifdef WITH_ASTERISK<br>modparam("auth_db", "user_column", "username")<br>
modparam("auth_db", "password_column", "sippasswd")<br>modparam("auth_db", "db_url", DBASTURL)<br>modparam("auth_db", "version_table", 0)<br>#!else<br>
modparam("auth_db", "db_url", DBURL)<br>modparam("auth_db", "password_column", "password")<br>modparam("auth_db", "use_domain", MULTIDOMAIN)<br>#!endif<br>
<br># ----- permissions params -----<br>#!ifdef WITH_IPAUTH<br>modparam("permissions", "db_url", DBURL)<br>modparam("permissions", "db_mode", 1)<br>#!endif<br><br>#!endif<br><br><br>
# ----- alias_db params -----<br>#!ifdef WITH_ALIASDB<br>modparam("alias_db", "db_url", DBURL)<br>modparam("alias_db", "use_domain", MULTIDOMAIN)<br>#!endif<br><br><br># ----- speedial params -----<br>
#!ifdef WITH_SPEEDDIAL<br>modparam("speeddial", "db_url", DBURL)<br>modparam("speeddial", "use_domain", MULTIDOMAIN)<br>#!endif<br><br><br># ----- domain params -----<br>#!ifdef WITH_MULTIDOMAIN<br>
modparam("domain", "db_url", DBURL)<br># use caching<br>modparam("domain", "db_mode", 1)<br># register callback to match myself condition with domains list<br>modparam("domain", "register_myself", 1)<br>
#!endif<br><br><br>#!ifdef WITH_PRESENCE<br># ----- presence params -----<br>modparam("presence", "db_url", DBURL)<br><br># ----- presence_xml params -----<br>modparam("presence_xml", "db_url", DBURL)<br>
modparam("presence_xml", "force_active", 1)<br>#!endif<br><br><br>#!ifdef WITH_NAT<br># ----- rtpproxy params -----<br>modparam("rtpproxy", "rtpproxy_sock", "udp:<a href="http://192.168.14.25:22222">192.168.14.25:22222</a>")<br>
<br># ----- nathelper params -----<br>modparam("nathelper", "natping_interval", 30)<br>modparam("nathelper", "ping_nated_only", 1)<br>modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)<br>
modparam("nathelper", "sipping_from", "sip:pinger@teopad-toip.corp")<br><br># params needed for NAT traversal in other modules<br>modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")<br>
modparam("usrloc", "nat_bflag", FLB_NATB)<br>#!endif<br><br><br>#!ifdef WITH_TLS<br># ----- tls params -----<br>modparam("tls", "config", "/etc/kamailio/tls.cfg")<br>#!endif<br>
<br>#!ifdef WITH_ANTIFLOOD<br># ----- pike params -----<br>modparam("pike", "sampling_time_unit", 2)<br>modparam("pike", "reqs_density_per_unit", 16)<br>modparam("pike", "remove_latency", 4)<br>
<br># ----- htable params -----<br># ip ban htable with autoexpire after 5 minutes<br>modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")<br>#!endif<br><br>#!ifdef WITH_XMLRPC<br>
# ----- xmlrpc params -----<br>modparam("xmlrpc", "route", "XMLRPC");<br>modparam("xmlrpc", "url_match", "^/RPC")<br>#!endif<br><br>#!ifdef WITH_DEBUG<br># ----- debugger params -----<br>
modparam("debugger", "cfgtrace", 1)<br>#!endif<br><br>####### Routing Logic ########<br><br><br># Main SIP request routing logic<br># - processing of any incoming SIP request starts with this route<br>
# - note: this is the same as route { ... }<br>request_route {<br><br> # per request initial checks<br> route(REQINIT);<br> xlog("L_INFO","apres REQINIT");<br> <br> # NAT detection<br> route(NATDETECT);<br>
xlog("L_INFO","apres NATDETECT");<br><br> # handle requests within SIP dialogs<br> route(WITHINDLG);<br> xlog("L_INFO","apres WITHINDLG");<br><br> ### only initial requests (no To tag)<br>
<br> # CANCEL processing<br> if (is_method("CANCEL"))<br> {<br> if (t_check_trans())<br> t_relay();<br> exit;<br> }<br><br> t_check_trans();<br> xlog("L_INFO","apres t_check_trans");<br>
<br> # authentication<br> route(AUTH);<br> xlog("L_INFO","apres AUTH");<br><br> # record routing for dialog forming requests (in case they are routed)<br> # - remove preloaded route headers<br>
remove_hf("Route");<br> if (is_method("INVITE|SUBSCRIBE"))<br> record_route();<br> xlog("L_INFO","apres RECORD ROUTE");<br><br> # account only INVITEs<br> if (is_method("INVITE"))<br>
{<br> setflag(FLT_ACC); # do accounting<br> }<br> xlog("L_INFO","apres INVITE");<br><br> # dispatch requests to foreign domains<br> route(SIPOUT);<br> xlog("L_INFO","apres SIPOUT");<br>
<br> ### requests for my local domains<br><br> # handle presence related requests<br> route(PRESENCE);<br> xlog("L_INFO","apres PRESENCE");<br><br> # handle registrations<br> route(REGISTRAR);<br>
xlog("L_INFO","apres REGISTRAR");<br><br> if ($rU==$null)<br> {<br> # request with no Username in RURI<br> sl_send_reply("484","Address Incomplete");<br> exit;<br>
}<br><br> # dispatch destinations to PSTN<br> route(PSTN);<br> xlog("L_INFO","apres PSTN");<br><br> # user location service<br> route(LOCATION);<br> xlog("L_INFO","apres LOCATION");<br>
<br> route(RELAY);<br> xlog("L_INFO","apres RELAY");<br>}<br><br><br>route[RELAY] {<br><br> # enable additional event routes for forwarded requests<br> # - serial forking, RTP relaying handling, a.s.o.<br>
xlog("L_INFO","Dans route relay");<br> if (is_method("INVITE|SUBSCRIBE")) {<br> xlog("L_INFO","avant manage branch");<br> t_on_branch("MANAGE_BRANCH");<br>
xlog("L_INFO","avant manage reply");<br> t_on_reply("MANAGE_REPLY");<br> }<br> if (is_method("INVITE")) {<br> xlog("L_INFO","avant manage failure");<br>
t_on_failure("MANAGE_FAILURE");<br> }<br><br> if (!t_relay()) {<br> xlog("L_INFO","reply error");<br> sl_reply_error();<br> }<br> exit;<br>}<br><br># Per SIP request initial checks<br>
route[REQINIT] {<br>#!ifdef WITH_ANTIFLOOD<br> # flood dection from same IP and traffic ban for a while<br> # be sure you exclude checking trusted peers, such as pstn gateways<br> # - local host excluded (e.g., loop to self)<br>
if(src_ip!=myself)<br> {<br> if($sht(ipban=>$si)!=$null)<br> {<br> # ip is already blocked<br> xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");<br> exit;<br>
}<br> if (!pike_check_req())<br> {<br> xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");<br> $sht(ipban=>$si) = 1;<br> exit;<br>
}<br> }<br>#!endif<br><br> if (!mf_process_maxfwd_header("10")) {<br> sl_send_reply("483","Too Many Hops");<br> exit;<br> }<br><br># if(!sanity_check("1511", "7"))<br>
# {<br># xlog("Malformed SIP message from $si:$sp\n");<br># exit;<br># }<br>}<br><br># Handle requests within SIP dialogs<br>route[WITHINDLG] {<br> xlog("L_INFO","Dans WITHINDLG");<br>
if (has_totag()) {<br> xlog("L_INFO","dans has totag");<br> # sequential request withing a dialog should<br> # take the path determined by record-routing<br> if (loose_route()) {<br>
xlog("L_INFO","looseroute");<br> if (is_method("BYE")) {<br> setflag(FLT_ACC); # do accounting ...<br> setflag(FLT_ACCFAILED); # ... even if the transaction fails<br>
}<br> if ( is_method("ACK") ) {<br> xlog("L_INFO","ack");<br> # ACK is forwarded statelessy<br> route(NATMANAGE);<br> }<br>
xlog("L_INFO","relay");<br> route(RELAY);<br> } else {<br> xlog("L_INFO","else");<br> if (is_method("SUBSCRIBE") && uri == myself) {<br>
# in-dialog subscribe requests<br> xlog("L_INFO","subscribe avant presence");<br> route(PRESENCE);<br> xlog ("L_INFO","apres presence");<br>
exit;<br> }<br> if ( is_method("ACK") ) {<br> xlog("L_INFO","else ack");<br> if ( t_check_trans() ) {<br> # no loose-route, but stateful ACK;<br>
# must be an ACK after a 487<br> # or e.g. 404 from upstream server<br> xlog("L_INFO","else ack avant relay");<br> t_relay();<br>
xlog("L_INFO","else ack apres relay");<br> exit;<br> } else {<br> # ACK without matching transaction ... ignore and discard<br> xlog("L_INFO","else final");<br>
exit;<br> }<br> }<br> sl_send_reply("404","Not here");<br> }<br> exit;<br> }<br>}<br><br># Handle SIP registrations<br>route[REGISTRAR] {<br>
if (is_method("REGISTER"))<br> {<br> if(isflagset(FLT_NATS))<br> {<br> setbflag(FLB_NATB);<br> # uncomment next line to do SIP NAT pinging <br> setbflag(FLB_NATSIPPING);<br>
}<br> if (!save("location"))<br> sl_reply_error();<br>#edit asterisk<br>#!ifdef WITH_ASTERISK<br> xlog ("L_INFO","avant regfwd dans registrar");<br> route(REGFWD);<br>
xlog ("L_INFO","apres regfwd dans registrar");<br><br>#!endif<br><br> exit;<br> }<br>}<br><br># USER location service<br>route[LOCATION] {<br><br>#!ifdef WITH_SPEEDIAL<br> # search for short dialing - 2-digit extension<br>
if($rU=~"^[0-9][0-9]$")<br> if(sd_lookup("speed_dial"))<br> route(SIPOUT);<br>#!endif<br><br>#!ifdef WITH_ALIASDB<br> # search in DB-based aliases<br> if(alias_db_lookup("dbaliases"))<br>
route(SIPOUT);<br>#!endif<br><br>#edit asterisk<br>#!ifdef WITH_ASTERISK<br> if(is_method("INVITE") && (!route(FROMASTERISK))) {<br> #if new call from out there - send to Asterisk<br> # - non-INVITE requests are routed directly by Kamailio<br>
# - traffic from Asterisk is router also directly by Kamailio<br> xlog ("L_INFO", "avant toasterisk dans location");<br> route(TOASTERISK);<br> xlog ("L_INFO", "apres toasterisk dans location");<br>
exit;<br> }<br>#!endif<br> $avp(oexten) = $rU;<br> if (!lookup("location")) {<br> $var(rc) = $rc;<br> route(TOVOICEMAIL);<br> t_newtran();<br> switch ($var(rc)) {<br>
case -1:<br> case -3:<br> send_reply("404", "Not Found");<br> exit;<br> case -2:<br> send_reply("405", "Method Not Allowed");<br>
exit;<br> }<br> }<br><br> # when routing via usrloc, log the missed calls also<br> if (is_method("INVITE"))<br> {<br> setflag(FLT_ACCMISSED);<br> }<br>}<br><br># Presence server route<br>
route[PRESENCE] {<br> if(!is_method("PUBLISH|SUBSCRIBE"))<br> return;<br><br>#!ifdef WITH_PRESENCE<br> if (!t_newtran())<br> {<br> sl_reply_error();<br> exit;<br> };<br><br> if(is_method("PUBLISH"))<br>
{<br> handle_publish();<br> t_release();<br> }<br> else<br> if( is_method("SUBSCRIBE"))<br> {<br> handle_subscribe();<br> t_release();<br> }<br> exit;<br>#!endif<br>
<br> # if presence enabled, this part will not be executed<br> if (is_method("PUBLISH") || $rU==$null)<br> {<br> sl_send_reply("404", "Not here");<br> exit;<br> }<br>
return;<br>}<br><br># Authentication route<br>route[AUTH] {<br>#!ifdef WITH_AUTH<br><br>#edit asterisk<br>#!ifdef WITH_ASTERISK<br> #do not auth traffic from Asterisk: trusted!<br> xlog ("L_INFO", "avant if route fromasterisk");<br>
if(route(FROMASTERISK))<br> return;<br>#!endif<br><br> if (is_method("REGISTER"))<br># {<br># # authenticate the REGISTER requests (uncomment to enable auth)<br># if (!www_authorize("$td", "subscriber"))<br>
# {<br># www_challenge("$td", "0");<br># exit;<br># }<br>#<br># if ($au!=$tU)<br># {<br># sl_send_reply("403","Forbidden auth ID");<br>
# exit;<br># }<br><br> {<br><br>#edit asterisk<br>##!ifdef WITH_ASTERISK<br># xlog ("L_INFO", "dans auth / authcheck sipusers");<br># if (!auth_check("$fd","sipusers","1")) <br>
##!else<br> if(is_present_hf("Authorization"))<br>##!endif<br><br> {<br> # ldap search<br> if (!ldap_search("ldap://sipaccounts/OU=SIP,OU=Utilisateurs,DC=teopad-toip,DC=corp?teopad-Sip-Username,teopadSipPassword?one?(teopad-Sip-Username=$fU)"))<br>
# if (!ldap_search("ldap://sipaccounts/OU=SIP,OU=Utilisateurs,DC=teopad-toip,DC=corp?sAMAccountName,?one?(sAMAccountName=$fU)"))<br> {<br> switch ($retcode)<br> {<br>
case -1:<br> # no LDAP entry found<br> sl_send_reply("404", "User Not Found");<br> xlog("L_INFO", "ldap_search: NO found [$retcode] entries for (uid=$fU)");<br>
exit;<br><br> case -2:<br> # internal error<br> sl_send_reply("500", "Internal server error");<br> exit;<br>
<br> default:<br> exit;<br> }<br> }<br> ldap_result("teopad-Sip-Username/$avp(s:username)");<br> ldap_result("teopadSipPassword/$avp(s:password)");<br>
xlog("L_INFO", "ldap_search: found [$retcode] entries for (uid=$fU)");<br> if(!pv_www_authenticate("$td", "$avp(s:password)", "0")) {<br> xlog ("L_INFO", "ldap pv_authenticate failed") ;<br>
www_challenge("$td","1");<br> exit;<br> }<br> save("location");<br> sl_send_reply("200", "ok");<br> xlog ("L_INFO", "ldap pv_authenticate ok") ;<br>
exit;<br> } else {<br> www_challenge("$td","1");<br> exit;<br> }<br><br><br><br><br> } else {<br><br>#!ifdef WITH_IPAUTH<br> if(allow_source_address())<br>
{<br> # source IP allowed<br> return;<br> }<br>#!endif<br><br># # authenticate if from local subscriber<br> if (from_uri==myself)<br> {<br># if (!proxy_authorize("$fd", "subscriber")) {<br>
# proxy_challenge("$fd", "0");<br># exit;<br># }<br> if (is_method("PUBLISH"))<br> {<br> xlog ("L_INFO", "au = $au") ;<br>
xlog ("L_INFO", "fU = $fU") ;<br> xlog ("L_INFO", "tU = $tU") ;<br> xlog ("L_INFO", "fd = $fd") ;<br> xlog ("L_INFO", "rd = $rd") ;<br>
<br> if ($au!=$fU || $au!=$tU) {<br> sl_send_reply("403","Forbidden auth ID au!=fu ou au!=tu");<br> exit;<br> }<br> if ($au!=$rU) {<br>
sl_send_reply("403","Forbidden R-URI");<br> exit;<br> }<br>#!ifdef WITH_MULTIDOMAIN<br> if ($fd!=$rd) {<br> sl_send_reply("403","Forbidden R-URI domain");<br>
exit;<br> }<br>#!endif<br> } else {<br> xlog ("L_INFO", "au = $au") ;<br> xlog ("L_INFO", "fU = $fU") ;<br>
# if ($au!=$fU) {<br> # sl_send_reply("403","Forbidden auth ID au!=fu");<br> # exit;<br> # }<br> }<br><br> #consume_credentials();<br>
# caller authenticated<br> } else {<br> # caller is not local subscriber, then check if it calls<br> # a local destination, otherwise deny, not an open relay here<br> if (!uri==myself)<br>
{<br> sl_send_reply("403","Not relaying");<br> exit;<br> }<br> }<br> }<br>#!endif<br> return;<br>}<br><br># Caller NAT detection route<br>
route[NATDETECT] {<br>#!ifdef WITH_NAT<br> force_rport();<br> if (nat_uac_test("19")) {<br> if (is_method("REGISTER")) {<br> fix_nated_register();<br> } else {<br> fix_nated_contact();<br>
}<br> setflag(FLT_NATS);<br> }<br>#!endif<br> return;<br>}<br><br># RTPProxy control<br>route[NATMANAGE] {<br>#!ifdef WITH_NAT<br> if (is_request()) {<br> if(has_totag()) {<br> if(check_route_param("nat=yes")) {<br>
setbflag(FLB_NATB);<br> }<br> }<br> }<br> if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))<br> return;<br><br> rtpproxy_manage();<br> #rtpproxy_manage("co","82.127.95.167");<br>
<br> if (is_request()) {<br> if (!has_totag()) {<br> add_rr_param(";nat=yes");<br> }<br> }<br> if (is_reply()) {<br> if(isbflagset(FLB_NATB)) {<br> fix_nated_contact();<br>
}<br> }<br>#!endif<br> return;<br>}<br><br># Routing to foreign domains<br>route[SIPOUT] {<br> if (!uri==myself)<br> {<br> append_hf("P-hint: outbound\r\n");<br> route(RELAY);<br>
}<br>}<br><br># PSTN GW routing<br>route[PSTN] {<br>#!ifdef WITH_PSTN<br> # check if PSTN GW IP is defined<br> if (strempty($sel(cfg_get.pstn.gw_ip))) {<br> xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");<br>
return;<br> }<br><br> # route to PSTN dialed numbers starting with '+' or '00'<br> # (international format)<br> # - update the condition to match your dialing rules for PSTN routing<br>
if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))<br> return;<br><br> # only local users allowed to call<br> if(from_uri!=myself) {<br> sl_send_reply("403", "Not Allowed");<br> exit;<br>
}<br><br> $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);<br><br> route(RELAY);<br> exit;<br>#!endif<br><br> return;<br>}<br><br># XMLRPC routing<br>#!ifdef WITH_XMLRPC<br>route[XMLRPC] {<br>
# allow XMLRPC from localhost<br> if ((method=="POST" || method=="GET")<br> && (src_ip==127.0.0.1)) {<br> # close connection only for xmlrpclib user agents (there is a bug in<br>
# xmlrpclib: it waits for EOF before interpreting the response).<br> if ($hdr(User-Agent) =~ "xmlrpclib")<br> set_reply_close();<br> set_reply_no_connect();<br> dispatch_rpc();<br>
exit;<br> }<br> send_reply("403", "Forbidden");<br> exit;<br>}<br>#!endif<br><br># route to voicemail server<br>route[TOVOICEMAIL] {<br>#!ifdef WITH_VOICEMAIL<br> if(!is_method("INVITE"))<br>
return;<br><br> # check if VoiceMail server IP is defined<br> if (strempty($sel(cfg_get.voicemail.srv_ip))) {<br> xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n");<br> return;<br>
}<br> if($avp(oexten)==$null)<br> return;<br><br> $ru = "tcp:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip)<br> + ":" + $sel(cfg_get.voicemail.srv_port);<br>
xlog("L_INFO","tovoicemail ru: $ru");<br> route(RELAY);<br> exit;<br>#!endif<br><br> return;<br>}<br><br># manage outgoing branches<br>branch_route[MANAGE_BRANCH] {<br> xdbg("new branch [$T_branch_idx] to $ru\n");<br>
route(NATMANAGE);<br>}<br><br># manage incoming replies<br>onreply_route[MANAGE_REPLY] {<br> xlog("L_INFO","dans managereply");<br> xdbg("incoming reply\n");<br> if(status=~"[12][0-9][0-9]"){<br>
xlog("L_INFO","avant route natmanage");<br> route(NATMANAGE);<br> }<br>}<br><br># manage failure routing cases<br>failure_route[MANAGE_FAILURE] {<br> route(NATMANAGE);<br><br> if (t_is_canceled()) {<br>
exit;<br> }<br><br>#!ifdef WITH_BLOCK3XX<br> # block call redirect based on 3xx replies.<br> if (t_check_status("3[0-9][0-9]")) {<br> t_reply("404","Not found");<br> exit;<br>
}<br>#!endif<br><br>#!ifdef WITH_VOICEMAIL<br> # serial forking<br> # - route to voicemail on busy or no answer (timeout)<br> if (t_check_status("486|408")) {<br> route(TOVOICEMAIL);<br> exit;<br>
}<br>#!endif<br>}<br><br>#edit asterisk<br>#!ifdef WITH_ASTERISK<br># Test if coming from Asterisk<br>route[FROMASTERISK] {<br> xlog ("L_INFO", "Dans FROMASTERISK? $si / $sp");<br> if($si==$sel(cfg_get.asterisk.bindip)<br>
&& $sp==$sel(cfg_get.asterisk.bindport))<br> return 1;<br> return -1;<br>}<br> <br># Send to Asterisk<br>route[TOASTERISK] {<br> $du = "sip:" + $sel(cfg_get.asterisk.bindip) + ":"<br>
+ $sel(cfg_get.asterisk.bindport);<br> xlog ("L_INFO", "Dans TOASTERISK $du") ;<br> xlog ("L_INFO", "Juste avant route relay");<br> route(RELAY);<br> exit;<br>
}<br> <br># Forward REGISTER to Asterisk<br>route[REGFWD] {<br> xlog("L_INFO", "Dans REGFWD");<br> if(!is_method("REGISTER"))<br> {<br> return;<br> }<br> $var(rip) = $sel(cfg_get.asterisk.bindip);<br>
$uac_req(method)="REGISTER";<br> $uac_req(ruri)="sip:" + $var(rip) + ":" + $sel(cfg_get.asterisk.bindport);<br> $uac_req(furi)="sip:" + $au + "@" + $var(rip);<br>
$uac_req(turi)="sip:" + $au + "@" + $var(rip);<br> $uac_req(hdrs)="Contact: <sip:" + $au + "@"<br> + $sel(cfg_get.kamailio.bindip)<br> + ":" + $sel(cfg_get.kamailio.bindport) + ">\r\n";<br>
xlog("L_INFO","avant if dans regfwd");<br> if($sel(contact.expires) != $null)<br> $uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $sel(contact.expires) + "\r\n";<br> else<br>
$uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $hdr(Expires) + "\r\n";<br> uac_req_send();<br>}<br>#!endif<br><br><br><br>