<div dir="ltr"><div><div><div><div><div><div><div><div><div>I am new to Kamailio after starting to play around for 3 weeks.<br><br></div>Before Kamailio, I used asterisk and it works quite well in my network which has 2 public IP addresses and 10+ wired and wireless users. The asterisk listens to only one IP which my netgear router port forward the necessary sip and rdp ports to the asterisk.<br><br></div>My interest is to use Kamailio as SIP proxy to sit in front of the asterisk. I follow the tutorial here - <a href="http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb">http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb</a><br><br></div><div>I use debian wheezy and kamailio is installed from the repository with version 4.2.1<br></div><div><br></div>Everything works for my lan subscribers. However, when I am outside the lan, I can register  but do not the incoming packets at my sip client.<br><br></div>What I observe is two strange behaviours<br></div>1. in asterisk, the kamailio peer has to use "<a href="http://sip.example.org">sip.example.org</a> or its public IP" in the host name field, otherwise it is not online<br></div>2. in looking at the log, I found the sip client peer is registered at my lan address i.e. 192.168.118.xx instead of a public IP when I directly login to asterisk. <br><br></div>I add on rtproxy but not succeed with error as force_rtp_proxy_body: incorrect port 0 in reply from rtpproxy<br><br></div>Below is my kamailio.cfg<br><br></div>Help is appreciated.<br><div>--------------------------------------<br>#!KAMAILIO<br><br><br> <br>#<br># Kamailio (OpenSER) SIP Server v4.0 - default configuration script<br>#     - web: <a href="http://www.kamailio.org">http://www.kamailio.org</a><br>#     - git: <a href="http://sip-router.org">http://sip-router.org</a><br>#<br># Direct your questions about this file to: <<a href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a>><br>#<br># Refer to the Core CookBook at <a href="http://www.kamailio.org/dokuwiki/doku.php">http://www.kamailio.org/dokuwiki/doku.php</a><br># for an explanation of possible statements, functions and parameters.<br>#<br># Several features can be enabled using '#!define WITH_FEATURE' directives:<br>#<br># *** To run in debug mode: <br>#     - define WITH_DEBUG<br>#<br># *** To enable mysql: <br>#     - define WITH_MYSQL<br>#<br># *** To enable authentication execute:<br>#     - enable mysql<br>#     - define WITH_AUTH<br>#     - add users using 'kamctl'<br>#<br># *** To enable IP authentication execute:<br>#     - enable mysql<br>#     - enable authentication<br>#     - define WITH_IPAUTH<br>#     - add IP addresses with group id '1' to 'address' table<br>#<br># *** To enable persistent user location execute:<br>#     - enable mysql<br>#     - define WITH_USRLOCDB<br>#<br># *** To enable presence server execute:<br>#     - enable mysql<br>#     - define WITH_PRESENCE<br>#<br># *** To enable nat traversal execute:<br>#     - define WITH_NAT<br>#     - install RTPProxy: <a href="http://www.rtpproxy.org">http://www.rtpproxy.org</a><br>#     - start RTPProxy:<br>#        rtpproxy -l _your_public_ip_ -s udp:localhost:7722<br>#<br># *** To enable PSTN gateway routing execute:<br>#     - define WITH_PSTN<br>#     - set the value of pstn.gw_ip<br>#     - check route[PSTN] for regexp routing condition<br>#<br># *** To enable database aliases lookup execute:<br>#     - enable mysql<br>#     - define WITH_ALIASDB<br>#<br># *** To enable speed dial lookup execute:<br>#     - enable mysql<br>#     - define WITH_SPEEDDIAL<br>#<br># *** To enable multi-domain support execute:<br>#     - enable mysql<br>#     - define WITH_MULTIDOMAIN<br>#<br># *** To enable TLS support execute:<br>#     - adjust CFGDIR/tls.cfg as needed<br>#     - define WITH_TLS<br>#<br># *** To enable XMLRPC support execute:<br>#     - define WITH_XMLRPC<br>#     - adjust route[XMLRPC] for access policy<br>#<br># *** To enable anti-flood detection execute:<br>#     - adjust pike and htable=>ipban settings as needed (default is<br>#       block if more than 16 requests in 2 seconds and ban for 300 seconds)<br>#     - define WITH_ANTIFLOOD<br>#<br># *** To block 3XX redirect replies execute:<br>#     - define WITH_BLOCK3XX<br>#<br># *** To enable VoiceMail routing execute:<br>#     - define WITH_VOICEMAIL<br>#     - set the value of voicemail.srv_ip<br>#     - adjust the value of voicemail.srv_port<br>#<br># *** To enhance accounting execute:<br>#     - enable mysql<br>#     - define WITH_ACCDB<br>#     - add following columns to database<br>#!ifdef ACCDB_COMMENT<br>  ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';<br>  ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';<br>  ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';<br>  ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';<br>  ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';<br>  ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';<br>  ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';<br>  ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';<br>  ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';<br>  ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';<br>  ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';<br>  ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';<br>#!endif<br> <br>####### Defined Values #########<br><br>#!define WITH_MYSQL<br>#!define WITH_AUTH<br>#!define WITH_USRLOCDB<br>#!define WITH_ASTERISK<br>#!define WITH_NAT<br>#!define WITH_TLS<br><br>#!define ADDR_IPV4 192.168.118.30<br><br># *** Value defines - IDs used later in config<br>#!ifdef WITH_MYSQL<br># - database URL - used to connect to database server by modules such<br>#       as: auth_db, acc, usrloc, a.s.o.<br>#!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio"<br>#!ifdef WITH_ASTERISK<br>#!define DBASTURL "mysql://user:password@localhost/asterisk"<br>#!endif<br>#!endif<br>#!ifdef WITH_MULTIDOMAIN<br># - the value for 'use_domain' parameters<br>#!define MULTIDOMAIN 1<br>#!else<br>#!define MULTIDOMAIN 0<br>#!endif<br> <br># - flags<br>#   FLT_ - per transaction (message) flags<br>#    FLB_ - per branch flags<br>#!define FLT_ACC 1<br>#!define FLT_ACCMISSED 2<br>#!define FLT_ACCFAILED 3<br>#!define FLT_NATS 5<br>#!define FLB_NATB 6<br>#!define FLB_NATSIPPING 7<br> <br>####### Global Parameters #########<br> <br>#!ifdef WITH_DEBUG<br>debug=4<br>log_stderror=yes<br>#!else<br>debug=2<br>log_stderror=no<br>#!endif<br> <br>memdbg=5<br>memlog=5<br> <br>log_facility=LOG_LOCAL0<br> <br>fork=yes<br>children=4<br> <br>/* uncomment the next line to disable TCP (default on) */<br>#disable_tcp=yes<br> <br>/* uncomment the next line to disable the auto discovery of local aliases<br>   based on reverse DNS on IPs (default on) */<br>auto_aliases=no<br> <br>/* add local domain aliases */<br>alias="<a href="http://sip.example.org">sip.example.org</a>"<br> <br>/* uncomment and configure the following line if you want Kamailio to <br>   bind on a specific interface/port/proto (default bind on all available) */<br>listen=udp:<a href="http://192.168.118.30:5060">192.168.118.30:5060</a><br>listen=tls:<a href="http://192.168.118.30:5061">192.168.118.30:5061</a><br> <br>/* port to listen to<br> * - can be specified more than once if needed to listen on many ports */<br><br>port=5060<br><br>#!ifdef WITH_TLS<br>enable_tls=yes<br>#!endif<br><br>#!ifdef WITH_XCAPSRV<br>tcp_accept_no_cl=yes<br>#!endif<br> <br> <br><br>tcp_connection_lifetime=3604<br>tcp_accept_no_cl=yes<br>tcp_rd_buf_size=16384<br><br># life time of TCP connection when there is no traffic<br># - a bit higher than registration expires to cope with UA behind NAT<br>#tcp_connection_lifetime=3605<br> <br>####### Custom Parameters #########<br> <br># These parameters can be modified runtime via RPC interface<br># - see the documentation of 'cfg_rpc' module.<br>#<br># Format: <a href="http://group.id">group.id</a> = value 'desc' description<br># Access: $sel(<a href="http://cfg_get.group.id">cfg_get.group.id</a>) or @<a href="http://cfg_get.group.id">cfg_get.group.id</a><br>#<br> <br>#!ifdef WITH_PSTN<br># PSTN GW Routing<br>#<br># - pstn.gw_ip: valid IP or hostname as string value, example:<br># pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"<br>#<br># - by default is empty to avoid misrouting<br>pstn.gw_ip = "" desc "PSTN GW Address"<br>#!endif<br> <br>#!ifdef WITH_VOICEMAIL<br># VoiceMail Routing on offline, busy or no answer<br>#<br># - by default Voicemail server IP is empty to avoid misrouting<br>voicemail.srv_ip = "" desc "VoiceMail IP Address"<br>voicemail.srv_port = "5060" desc "VoiceMail Port"<br>#!endif<br> <br> <br>#!ifdef WITH_ASTERISK<br>asterisk.bindip = "192.168.118.30" desc "Asterisk IP Address"<br>asterisk.bindport = "15066" desc "Asterisk Port"<br>kamailio.bindip = "192.168.118.30" desc "Kamailio IP Address"<br>kamailio.bindport = "5060" desc "Kamailio Port"<br>#!endif<br> <br>####### Modules Section ########<br> <br># set paths to location of modules (to sources or installation folders)<br>#!ifdef WITH_SRCPATH<br>mpath="modules_k:modules"<br>#!else<br>mpath="/usr/lib/i386-linux-gnu/kamailio/modules/"<br>#!endif<br> <br>#!ifdef WITH_MYSQL<br>loadmodule "db_mysql.so"<br>#!endif<br> <br>loadmodule "mi_fifo.so"<br>loadmodule "kex.so"<br>loadmodule "tm.so"<br>loadmodule "tmx.so"<br>loadmodule "sl.so"<br>loadmodule "rr.so"<br>loadmodule "pv.so"<br>loadmodule "maxfwd.so"<br>loadmodule "usrloc.so"<br>loadmodule "registrar.so"<br>loadmodule "textops.so"<br>loadmodule "siputils.so"<br>loadmodule "xlog.so"<br>loadmodule "sanity.so"<br>loadmodule "ctl.so"<br>loadmodule "cfg_rpc.so"<br>loadmodule "mi_rpc.so"<br>loadmodule "acc.so"<br>loadmodule "outbound.so"<br> <br>#!ifdef WITH_AUTH<br>loadmodule "auth.so"<br>loadmodule "auth_db.so"<br>#!ifdef WITH_IPAUTH<br>loadmodule "permissions.so"<br>#!endif<br>#!endif<br> <br>#!ifdef WITH_ALIASDB<br>loadmodule "alias_db.so"<br>#!endif<br> <br>#!ifdef WITH_SPEEDDIAL<br>loadmodule "speeddial.so"<br>#!endif<br> <br>#!ifdef WITH_MULTIDOMAIN<br>loadmodule "domain.so"<br>#!endif<br> <br>#!ifdef WITH_PRESENCE<br>loadmodule "presence.so"<br>loadmodule "presence_xml.so"<br>#!endif<br> <br>#!ifdef WITH_NAT<br>loadmodule "nathelper.so"<br>loadmodule "rtpproxy.so"<br>#!endif<br> <br>#!ifdef WITH_TLS<br>loadmodule "tls.so"<br>#!endif<br> <br>#!ifdef WITH_ANTIFLOOD<br>loadmodule "htable.so"<br>loadmodule "pike.so"<br>#!endif<br> <br>#!ifdef WITH_XMLRPC<br>loadmodule "xmlrpc.so"<br>#!endif<br> <br>#!ifdef WITH_DEBUG<br>loadmodule "debugger.so"<br>#!endif<br> <br>#!ifdef WITH_ASTERISK<br>loadmodule "uac.so"<br>#!endif<br> <br># ----------------- setting module-specific parameters ---------------<br> <br>modparam("ctl", "user", "kamailio")<br> <br># ----- mi_fifo params -----<br>modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")<br> <br> <br># ----- tm params -----<br># auto-discard branches from previous serial forking leg<br>modparam("tm", "failure_reply_mode", 3)<br># default retransmission timeout: 30sec<br>modparam("tm", "fr_timer", 30000)<br># default invite retransmission timeout after 1xx: 120sec<br>modparam("tm", "fr_inv_timer", 120000)<br> <br> <br># ----- rr params -----<br># add value to ;lr param to cope with most of the UAs<br>modparam("rr", "enable_full_lr", 1)<br># do not append from tag to the RR (no need for this script)<br>#!ifdef WITH_ASTERISK<br>modparam("rr", "append_fromtag", 1)<br>#!else<br>modparam("rr", "append_fromtag", 0)<br>#!endif<br> <br># ----- registrar params -----<br>modparam("registrar", "method_filtering", 1)<br>/* uncomment the next line to disable parallel forking via location */<br># modparam("registrar", "append_branches", 0)<br>/* uncomment the next line not to allow more than 10 contacts per AOR */<br>#modparam("registrar", "max_contacts", 10)<br># max value for expires of registrations<br>modparam("registrar", "max_expires", 3600)<br># set it to 1 to enable GRUU<br>modparam("registrar", "gruu_enabled", 0)<br> <br> <br># ----- acc params -----<br>/* what special events should be accounted ? */<br>modparam("acc", "early_media", 0)<br>modparam("acc", "report_ack", 0)<br>modparam("acc", "report_cancels", 0)<br>/* by default ww do not adjust the direct of the sequential requests.<br>   if you enable this parameter, be sure the enable "append_fromtag"<br>   in "rr" module */<br>modparam("acc", "detect_direction", 0)<br>/* account triggers (flags) */<br>modparam("acc", "log_flag", FLT_ACC)<br>modparam("acc", "log_missed_flag", FLT_ACCMISSED)<br>modparam("acc", "log_extra", <br>    "src_user=$fU;src_domain=$fd;src_ip=$si;"<br>    "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")<br>modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)<br>/* enhanced DB accounting */<br>#!ifdef WITH_ACCDB<br>modparam("acc", "db_flag", FLT_ACC)<br>modparam("acc", "db_missed_flag", FLT_ACCMISSED)<br>modparam("acc", "db_url", DBURL)<br>modparam("acc", "db_extra",<br>    "src_user=$fU;src_domain=$fd;src_ip=$si;"<br>    "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")<br>#!endif<br> <br> <br># ----- usrloc params -----<br>/* enable DB persistency for location entries */<br>#!ifdef WITH_USRLOCDB<br>modparam("usrloc", "db_url", DBURL)<br>modparam("usrloc", "db_mode", 2)<br>modparam("usrloc", "use_domain", MULTIDOMAIN)<br>#!endif<br> <br> <br># ----- auth_db params -----<br>#!ifdef WITH_AUTH<br>modparam("auth_db", "calculate_ha1", yes)<br>modparam("auth_db", "load_credentials", "")<br> <br>#!ifdef WITH_ASTERISK<br>modparam("auth_db", "user_column", "name")<br>modparam("auth_db", "password_column", "sippasswd")<br>modparam("auth_db", "db_url", DBASTURL)<br>modparam("auth_db", "version_table", 0)<br>#!else<br>modparam("auth_db", "db_url", DBURL)<br>modparam("auth_db", "password_column", "password")<br>modparam("auth_db", "use_domain", MULTIDOMAIN)<br>#!endif<br> <br># ----- permissions params -----<br>#!ifdef WITH_IPAUTH<br>modparam("permissions", "db_url", DBURL)<br>modparam("permissions", "db_mode", 1)<br>#!endif<br> <br>#!endif<br> <br> <br># ----- alias_db params -----<br>#!ifdef WITH_ALIASDB<br>modparam("alias_db", "db_url", DBURL)<br>modparam("alias_db", "use_domain", MULTIDOMAIN)<br>#!endif<br> <br> <br># ----- speedial params -----<br>#!ifdef WITH_SPEEDDIAL<br>modparam("speeddial", "db_url", DBURL)<br>modparam("speeddial", "use_domain", MULTIDOMAIN)<br>#!endif<br> <br> <br># ----- domain params -----<br>#!ifdef WITH_MULTIDOMAIN<br>modparam("domain", "db_url", DBURL)<br># register callback to match myself condition with domains list<br>modparam("domain", "register_myself", 1)<br>#!endif<br> <br> <br>#!ifdef WITH_PRESENCE<br># ----- presence params -----<br>modparam("presence", "db_url", DBURL)<br> <br># ----- presence_xml params -----<br>modparam("presence_xml", "db_url", DBURL)<br>modparam("presence_xml", "force_active", 1)<br>#!endif<br> <br> <br>#!ifdef WITH_NAT<br># ----- rtpproxy params -----<br>modparam("rtpproxy", "rtpproxy_sock", "udp:<a href="http://127.0.0.1:22222">127.0.0.1:22222</a>")<br>#modparam("rtpproxy", "rtpproxy_sock", "unix:/var/run/rtpproxy/rtpproxy.sock")<br> <br># ----- nathelper params -----<br>modparam("nathelper", "natping_interval", 30)<br>modparam("nathelper", "ping_nated_only", 1)<br>modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)<br>modparam("nathelper", "sipping_from", "<a href="mailto:sip%3Apinger@kamailio.org">sip:pinger@kamailio.org</a>")<br> <br># params needed for NAT traversal in other modules<br>modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")<br>modparam("usrloc", "nat_bflag", FLB_NATB)<br>#!endif<br> <br> <br>#!ifdef WITH_TLS<br># ----- tls params -----<br>modparam("tls", "config", "/etc/kamailio/tls.cfg")<br>#!endif<br> <br>#!ifdef WITH_ANTIFLOOD<br># ----- pike params -----<br>modparam("pike", "sampling_time_unit", 2)<br>modparam("pike", "reqs_density_per_unit", 16)<br>modparam("pike", "remove_latency", 4)<br> <br># ----- htable params -----<br># ip ban htable with autoexpire after 5 minutes<br>modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")<br>#!endif<br> <br>#!ifdef WITH_XMLRPC<br># ----- xmlrpc params -----<br>modparam("xmlrpc", "route", "XMLRPC");<br>modparam("xmlrpc", "url_match", "^/RPC")<br>#!endif<br> <br>#!ifdef WITH_DEBUG<br># ----- debugger params -----<br>modparam("debugger", "cfgtrace", 1)<br>#!endif<br> <br>####### Routing Logic ########<br> <br> <br># Main SIP request routing logic<br># - processing of any incoming SIP request starts with this route<br># - note: this is the same as route { ... }<br>request_route {<br> <br>    # per request initial checks<br>    route(REQINIT);<br> <br>    # NAT detection<br>    route(NATDETECT);<br> <br>    # handle requests within SIP dialogs<br>    route(WITHINDLG);<br> <br>    ### only initial requests (no To tag)<br> <br>    # CANCEL processing<br>    if (is_method("CANCEL"))<br>    {<br>        if (t_check_trans())<br>            t_relay();<br>        exit;<br>    }<br> <br>    t_check_trans();<br> <br>    # authentication<br>    route(AUTH);<br> <br>    # record routing for dialog forming requests (in case they are routed)<br>    # - remove preloaded route headers<br>    remove_hf("Route");<br>    if (is_method("INVITE|SUBSCRIBE"))<br>        record_route();<br> <br>    # account only INVITEs<br>    if (is_method("INVITE"))<br>    {<br>        setflag(FLT_ACC); # do accounting<br>    }<br> <br>    # dispatch requests to foreign domains<br>    route(SIPOUT);<br> <br>    ### requests for my local domains<br> <br>    # handle presence related requests<br>    route(PRESENCE);<br> <br>    # handle registrations<br>    route(REGISTRAR);<br> <br>    if ($rU==$null)<br>    {<br>        # request with no Username in RURI<br>        sl_send_reply("484","Address Incomplete");<br>        exit;<br>    }<br> <br>    # dispatch destinations to PSTN<br>    route(PSTN);<br> <br>    # user location service<br>    route(LOCATION);<br> <br>    route(RELAY);<br>}<br> <br> <br>route[RELAY] {<br><br>#!ifdef WITH_NAT<br>        if (check_route_param("nat=yes")) {<br>                setbflag(FLB_NATB);<br>        }<br>        if (isflagset(FLT_NATS) || isbflagset(FLB_NATB)) {<br>                route(RTPPROXY);<br>        }<br>#!endif<br> <br>    # enable additional event routes for forwarded requests<br>    # - serial forking, RTP relaying handling, a.s.o.<br>    if (is_method("INVITE|SUBSCRIBE")) {<br>        t_on_branch("MANAGE_BRANCH");<br>        t_on_reply("MANAGE_REPLY");<br>    }<br>    if (is_method("INVITE")) {<br>        t_on_failure("MANAGE_FAILURE");<br>    }<br> <br>    if (!t_relay()) {<br>        sl_reply_error();<br>    }<br>    exit;<br>}<br> <br><br># RTPProxy control<br>route[RTPPROXY] {<br>#!ifdef WITH_NAT<br>        if (is_method("BYE")) {<br>                unforce_rtp_proxy();<br>        } else if (is_method("INVITE")){<br>                rtpproxy_offer();<br>        }<br>        if (!has_totag()) add_rr_param(";nat=yes");<br>#!endif<br>        return;<br>}<br><br><br># Per SIP request initial checks<br>route[REQINIT] {<br>#!ifdef WITH_ANTIFLOOD<br>    # flood dection from same IP and traffic ban for a while<br>    # be sure you exclude checking trusted peers, such as pstn gateways<br>    # - local host excluded (e.g., loop to self)<br>    if(src_ip!=myself)<br>    {<br>        if($sht(ipban=>$si)!=$null)<br>        {<br>            # ip is already blocked<br>            xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");<br>            exit;<br>        }<br>        if (!pike_check_req())<br>        {<br>            xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");<br>            $sht(ipban=>$si) = 1;<br>            exit;<br>        }<br>    }<br>#!endif<br> <br>    if (!mf_process_maxfwd_header("10")) {<br>        sl_send_reply("483","Too Many Hops");<br>        exit;<br>    }<br> <br>    if(!sanity_check("1511", "7"))<br>    {<br>        xlog("Malformed SIP message from $si:$sp\n");<br>        exit;<br>    }<br>}<br> <br># Handle requests within SIP dialogs<br>route[WITHINDLG] {<br>    if (has_totag()) {<br>        # sequential request withing a dialog should<br>        # take the path determined by record-routing<br>        if (loose_route()) {<br>            if (is_method("BYE")) {<br>                setflag(FLT_ACC); # do accounting ...<br>                setflag(FLT_ACCFAILED); # ... even if the transaction fails<br>            }<br>            if ( is_method("ACK") ) {<br>                # ACK is forwarded statelessy<br>                route(NATMANAGE);<br>            }<br>            route(RELAY);<br>        } else {<br>            if (is_method("SUBSCRIBE") && uri == myself) {<br>                # in-dialog subscribe requests<br>                route(PRESENCE);<br>                exit;<br>            }<br>            if ( is_method("ACK") ) {<br>                if ( t_check_trans() ) {<br>                    # no loose-route, but stateful ACK;<br>                    # must be an ACK after a 487<br>                    # or e.g. 404 from upstream server<br>                    t_relay();<br>                    exit;<br>                } else {<br>                    # ACK without matching transaction ... ignore and discard<br>                    exit;<br>                }<br>            }<br>            sl_send_reply("404","Not here");<br>        }<br>        exit;<br>    }<br>}<br> <br># Handle SIP registrations<br>route[REGISTRAR] {<br>    if (is_method("REGISTER"))<br>    {<br>        if(isflagset(FLT_NATS))<br>        {<br>            setbflag(FLB_NATB);<br>            # uncomment next line to do SIP NAT pinging <br>            ## setbflag(FLB_NATSIPPING);<br>        }<br>        if (!save("location"))<br>            sl_reply_error();<br> <br>#!ifdef WITH_ASTERISK<br>        route(REGFWD);<br>#!endif<br> <br>        exit;<br>    }<br>}<br> <br># USER location service<br>route[LOCATION] {<br> <br>#!ifdef WITH_SPEEDIAL<br>    # search for short dialing - 2-digit extension<br>    if($rU=~"^[0-9][0-9]$")<br>        if(sd_lookup("speed_dial"))<br>            route(SIPOUT);<br>#!endif<br> <br>#!ifdef WITH_ALIASDB<br>    # search in DB-based aliases<br>    if(alias_db_lookup("dbaliases"))<br>        route(SIPOUT);<br>#!endif<br> <br>#!ifdef WITH_ASTERISK<br>    if(is_method("INVITE") && (!route(FROMASTERISK))) {<br>        # if new call from out there - send to Asterisk<br>        # - non-INVITE request are routed directly by Kamailio<br>        # - traffic from Asterisk is routed also directy by Kamailio<br>        route(TOASTERISK);<br>        exit;<br>    }<br>#!endif<br> <br>    $avp(oexten) = $rU;<br>    if (!lookup("location")) {<br>        $var(rc) = $rc;<br>        route(TOVOICEMAIL);<br>        t_newtran();<br>        switch ($var(rc)) {<br>            case -1:<br>            case -3:<br>                send_reply("404", "Not Found");<br>                exit;<br>            case -2:<br>                send_reply("405", "Method Not Allowed");<br>                exit;<br>        }<br>    }<br> <br>    # when routing via usrloc, log the missed calls also<br>    if (is_method("INVITE"))<br>    {<br>        setflag(FLT_ACCMISSED);<br>    }<br>}<br> <br># Presence server route<br>route[PRESENCE] {<br>    if(!is_method("PUBLISH|SUBSCRIBE"))<br>        return;<br> <br>#!ifdef WITH_PRESENCE<br>    if (!t_newtran())<br>    {<br>        sl_reply_error();<br>        exit;<br>    };<br> <br>    if(is_method("PUBLISH"))<br>    {<br>        handle_publish();<br>        t_release();<br>    }<br>    else<br>    if( is_method("SUBSCRIBE"))<br>    {<br>        handle_subscribe();<br>        t_release();<br>    }<br>    exit;<br>#!endif<br> <br>    # if presence enabled, this part will not be executed<br>    if (is_method("PUBLISH") || $rU==$null)<br>    {<br>        sl_send_reply("404", "Not here");<br>        exit;<br>    }<br>    return;<br>}<br> <br># Authentication route<br>route[AUTH] {<br> <br>    # if caller is not local subscriber, then check if it calls<br>    # a local destination, otherwise deny, not an open relay here<br>    if (from_uri!=myself && uri!=myself)<br>    {<br>        sl_send_reply("403","Not relaying");<br>        exit;<br>    }<br> <br>#!ifdef WITH_AUTH<br> <br>#!ifdef WITH_ASTERISK<br>    # do not auth traffic from Asterisk - trusted!<br>    if(route(FROMASTERISK))<br>        return;<br>#!endif<br> <br>#!ifdef WITH_IPAUTH<br>    if((!is_method("REGISTER")) && allow_source_address())<br>    {<br>        # source IP allowed<br>        return;<br>    }<br>#!endif<br> <br>    if (is_method("REGISTER") || from_uri==myself)<br>    {<br>        # authenticate requests<br>#!ifdef WITH_ASTERISK<br>        if (!auth_check("$fd", "sipusers", "1")) {<br>#!else<br>        if (!auth_check("$fd", "subscriber", "1")) {<br>#!endif<br>            auth_challenge("$fd", "0");<br>            exit;<br>        }<br>        # user authenticated - remove auth header<br>        if(!is_method("REGISTER|PUBLISH"))<br>            consume_credentials();<br>    }<br>#!endif<br>    return;<br>}<br> <br># Caller NAT detection route<br>route[NATDETECT] {<br>#!ifdef WITH_NAT<br>    force_rport();<br>    if (nat_uac_test("19")) {<br>        if (is_method("REGISTER")) {<br>            fix_nated_register();<br>        } else {<br>            fix_nated_contact();<br>        }<br>        setflag(FLT_NATS);<br>    }<br>#!endif<br>    return;<br>}<br> <br># RTPProxy control<br>route[NATMANAGE] {<br>#!ifdef WITH_NAT<br>    if (is_request()) {<br>        if(has_totag()) {<br>            if(check_route_param("nat=yes")) {<br>                setbflag(FLB_NATB);<br>            }<br>        }<br>    }<br>    if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))<br>        return;<br> <br>    rtpproxy_manage();<br> <br>    if (is_request()) {<br>        if (!has_totag()) {<br>            add_rr_param(";nat=yes");<br>        }<br>    }<br>    if (is_reply()) {<br>        if(isbflagset(FLB_NATB)) {<br>            fix_nated_contact();<br>        }<br>    }<br>#!endif<br>    return;<br>}<br> <br># Routing to foreign domains<br>route[SIPOUT] {<br>    if (!uri==myself)<br>    {<br>        append_hf("P-hint: outbound\r\n");<br>        route(RELAY);<br>    }<br>}<br> <br># PSTN GW routing<br>route[PSTN] {<br>#!ifdef WITH_PSTN<br>    # check if PSTN GW IP is defined<br>    if (strempty($sel(cfg_get.pstn.gw_ip))) {<br>        xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");<br>        return;<br>    }<br> <br>    # route to PSTN dialed numbers starting with '+' or '00'<br>    #     (international format)<br>    # - update the condition to match your dialing rules for PSTN routing<br>    if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))<br>        return;<br> <br>    # only local users allowed to call<br>    if(from_uri!=myself) {<br>        sl_send_reply("403", "Not Allowed");<br>        exit;<br>    }<br> <br>    $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);<br> <br>    route(RELAY);<br>    exit;<br>#!endif<br> <br>    return;<br>}<br> <br># XMLRPC routing<br>#!ifdef WITH_XMLRPC<br>route[XMLRPC] {<br>    # allow XMLRPC from localhost<br>    if ((method=="POST" || method=="GET")<br>            && (src_ip==127.0.0.1)) {<br>        # close connection only for xmlrpclib user agents (there is a bug in<br>        # xmlrpclib: it waits for EOF before interpreting the response).<br>        if ($hdr(User-Agent) =~ "xmlrpclib")<br>            set_reply_close();<br>        set_reply_no_connect();<br>        dispatch_rpc();<br>        exit;<br>    }<br>    send_reply("403", "Forbidden");<br>    exit;<br>}<br>#!endif<br> <br># route to voicemail server<br>route[TOVOICEMAIL] {<br>#!ifdef WITH_VOICEMAIL<br>    if(!is_method("INVITE"))<br>        return;<br> <br>    # check if VoiceMail server IP is defined<br>    if (strempty($sel(cfg_get.voicemail.srv_ip))) {<br>        xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n");<br>        return;<br>    }<br>    if($avp(oexten)==$null)<br>        return;<br> <br>    $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip)<br>                + ":" + $sel(cfg_get.voicemail.srv_port);<br>    route(RELAY);<br>    exit;<br>#!endif<br> <br>    return;<br>}<br> <br># manage outgoing branches<br>branch_route[MANAGE_BRANCH] {<br>    xdbg("new branch [$T_branch_idx] to $ru\n");<br>    route(NATMANAGE);<br>}<br> <br># manage incoming replies<br>onreply_route[MANAGE_REPLY] {<br>    xdbg("incoming reply\n");<br>    if(status=~"[12][0-9][0-9]")<br>        route(NATMANAGE);<br>}<br> <br># manage failure routing cases<br>failure_route[MANAGE_FAILURE] {<br>    route(NATMANAGE);<br> <br>    if (t_is_canceled()) {<br>        exit;<br>    }<br> <br>#!ifdef WITH_BLOCK3XX<br>    # block call redirect based on 3xx replies.<br>    if (t_check_status("3[0-9][0-9]")) {<br>        t_reply("404","Not found");<br>        exit;<br>    }<br>#!endif<br> <br>#!ifdef WITH_VOICEMAIL<br>    # serial forking<br>    # - route to voicemail on busy or no answer (timeout)<br>    if (t_check_status("486|408")) {<br>        route(TOVOICEMAIL);<br>        exit;<br>    }<br>#!endif<br>}<br> <br>#!ifdef WITH_ASTERISK<br># Test if coming from Asterisk<br>route[FROMASTERISK] {<br>    if($si==$sel(cfg_get.asterisk.bindip)<br>            && $sp==$sel(cfg_get.asterisk.bindport))<br>        return 1;<br>    return -1;<br>}<br> <br># Send to Asterisk<br>route[TOASTERISK] {<br>    $du = "sip:" + $sel(cfg_get.asterisk.bindip) + ":"<br>            + $sel(cfg_get.asterisk.bindport);<br>    route(RELAY);<br>    exit;<br>}<br> <br># Forward REGISTER to Asterisk<br>route[REGFWD] {<br>    if(!is_method("REGISTER"))<br>    {<br>        return;<br>    }<br>    $var(rip) = $sel(cfg_get.asterisk.bindip);<br>    $uac_req(method)="REGISTER";<br>    $uac_req(ruri)="sip:" + $var(rip) + ":" + $sel(cfg_get.asterisk.bindport);<br>    $uac_req(furi)="sip:" + $au + "@" + $var(rip);<br>    $uac_req(turi)="sip:" + $au + "@" + $var(rip);<br>    $uac_req(hdrs)="Contact: <sip:" + $au + "@"<br>                + $sel(cfg_get.kamailio.bindip)<br>                + ":" + $sel(cfg_get.kamailio.bindport) + ">\r\n";<br>    if($sel(contact.expires) != $null)<br>        $uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $sel(contact.expires) + "\r\n";<br>    else<br>        $uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $hdr(Expires) + "\r\n";<br>    uac_req_send();<br>}<br>#!endif<br><br></div></div>