· 7 years ago · Nov 03, 2018, 10:06 PM
1#!KAMAILIO
2#!define WITH_MYSQL
3#!define WITH_AUTH
4#!define WITH_IPAUTH
5#!define WITH_UAC
6#!define WITH_USRLOCDB
7#!define WITH_ACCDB
8#!define WITH_DROUTE
9#!define WITH_DEBUG
10#!define WITH_NAT
11#!define WITH_SERVERNAT
12#!define WITH_MULTIDOMAIN
13#!define WITH_TELEBLOCK
14#
15#!substdef "!INTERNAL_IP_ADDR!10.60.1.7!g"
16#!substdef "!INTERNAL_IP_NET!10.60.1.*!g"
17#!substdef "!EXTERNAL_IP_ADDR!104.209.182.247!g"
18#
19
20# Kamailio (OpenSER) SIP Server v5.1 - default configuration script
21# - web: http://www.kamailio.org
22# - git: http://sip-router.org
23#
24# Direct your questions about this file to: <sr-users@lists.sip-router.org>
25#
26# Refer to the Core CookBook at http://www.kamailio.org/wiki/
27# for an explanation of possible statements, functions and parameters.
28#
29# Several features can be enabled using '#!define WITH_FEATURE' directives:
30#
31# *** To run in debug mode:
32# - define WITH_DEBUG
33#
34# *** To enable mysql:
35# - define WITH_MYSQL
36#
37# *** To enable authentication execute:
38# - enable mysql
39# - define WITH_AUTH
40# - add users using 'kamctl'
41#
42# *** To enable IP authentication execute:
43# - enable mysql
44# - enable authentication
45# - define WITH_IPAUTH
46# - add IP addresses with group id '1' to 'address' table
47#
48# *** To enable persistent user location execute:
49# - enable mysql
50# - define WITH_USRLOCDB
51#
52# *** To enable presence server execute:
53# - enable mysql
54# - define WITH_PRESENCE
55#
56# *** To enable nat traversal execute:
57# - define WITH_NAT
58# - install RTPProxy: http://www.rtpengine.org
59# - start RTPProxy:
60# rtpengine -l _your_public_ip_ -s udp:localhost:7722
61# - option for NAT SIP OPTIONS keepalives: WITH_NATSIPPING
62#
63# *** To enable PSTN gateway routing execute:
64# - define WITH_PSTN
65# - set the value of pstn.gw_ip
66# - check route[PSTN] for regexp routing condition
67#
68# *** To enable database aliases lookup execute:
69# - enable mysql
70# - define WITH_ALIASDB
71#
72# *** To enable speed dial lookup execute:
73# - enable mysql
74# - define WITH_SPEEDDIAL
75#
76# *** To enable multi-domain support execute:
77# - enable mysql
78# - define WITH_MULTIDOMAIN
79#
80# *** To enable TLS support execute:
81# - adjust CFGDIR/tls.cfg as needed
82# - define WITH_TLS
83#
84# *** To enable XMLRPC support execute:
85# - define WITH_XMLRPC
86# - adjust route[XMLRPC] for access policy
87#
88# *** To enable anti-flood detection execute:
89# - adjust pike and htable=>ipban settings as needed (default is
90# block if more than 16 requests in 2 seconds and ban for 300 seconds)
91# - define WITH_ANTIFLOOD
92#
93# *** To block 3XX redirect replies execute:
94# - define WITH_BLOCK3XX
95#
96# *** To enable VoiceMail routing execute:
97# - define WITH_VOICEMAIL
98# - set the value of voicemail.srv_ip
99# - adjust the value of voicemail.srv_port
100#
101# *** To enhance accounting execute:
102# - enable mysql
103# - define WITH_ACCDB
104# - add following columns to database
105#!ifdef ACCDB_COMMENT
106 ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
107 ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
108 ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
109 ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
110 ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
111 ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
112 ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
113 ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
114 ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
115 ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
116 ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
117 ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
118#!endif
119
120####### Include Local Config If Exists #########
121import_file "kamailio-local.cfg"
122
123####### Defined Values #########
124
125# *** Value defines - IDs used later in config
126#!ifdef WITH_MYSQL
127# - database URL - used to connect to database server by modules such
128# as: auth_db, acc, usrloc, a.s.o.
129#!ifndef DBURL
130#!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio"
131#!endif
132#!endif
133#!ifdef WITH_MULTIDOMAIN
134# - the value for 'use_domain' parameters
135#!define MULTIDOMAIN 1
136#!else
137#!define MULTIDOMAIN 0
138#!endif
139
140# - flags
141# FLT_ - per transaction (message) flags
142# FLB_ - per branch flags
143#!define FLT_ACC 1
144#!define FLT_ACCMISSED 2
145#!define FLT_ACCFAILED 3
146#!define FLT_NATS 5
147
148#!define FLB_NATB 6
149#!define FLB_NATSIPPING 7
150
151#!define FLT_CARRIER 8
152#!define FLT_PBX 9
153#!define FLT_DOMAINROUTING 10
154#!define FLT_PBX_AUTH 11
155#!define FLT_CARRIER_AUTH 12
156
157####### Global Parameters #########
158
159### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
160#!ifdef WITH_DEBUG
161debug=4
162log_stderror=no
163#!else
164debug=4
165log_stderror=no
166#!endif
167
168memdbg=5
169memlog=5
170
171log_facility=LOG_LOCAL0
172
173fork=yes
174children=1
175
176/* uncomment the next line to disable TCP (default on) */
177#disable_tcp=yes
178
179/* uncomment the next line to disable the auto discovery of local aliases
180 based on reverse DNS on IPs (default on) */
181#auto_aliases=no
182
183/* add local domain aliases */
184#alias="INTERNAL_IP_ADDR:5060"
185
186/* uncomment and configure the following line if you want Kamailio to
187 bind on a specific interface/port/proto (default bind on all available) */
188#!ifdef WITH_SERVERNAT
189listen=udp:INTERNAL_IP_ADDR:5060 advertise EXTERNAL_IP_ADDR:5060
190#!endif
191
192/* port to listen to
193 * - can be specified more than once if needed to listen on many ports */
194port=5060
195
196#!ifdef WITH_TLS
197enable_tls=yes
198#!endif
199
200# life time of TCP connection when there is no traffic
201# - a bit higher than registration expires to cope with UA behind NAT
202tcp_connection_lifetime=3605
203
204####### Custom Parameters #########
205
206# These parameters can be modified runtime via RPC interface
207# - see the documentation of 'cfg_rpc' module.
208#
209# Format: group.id = value 'desc' description
210# Access: $sel(cfg_get.group.id) or @cfg_get.group.id
211#
212
213#!ifdef WITH_PSTN
214# PSTN GW Routing
215#
216# - pstn.gw_ip: valid IP or hostname as string value, example:
217# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
218#
219# - by default is empty to avoid misrouting
220pstn.gw_ip = "" desc "PSTN GW Address"
221pstn.gw_port = "" desc "PSTN GW Port"
222#!endif
223
224#!ifdef WITH_VOICEMAIL
225# VoiceMail Routing on offline, busy or no answer
226#
227# - by default Voicemail server IP is empty to avoid misrouting
228voicemail.srv_ip = "" desc "VoiceMail IP Address"
229voicemail.srv_port = "5060" desc "VoiceMail Port"
230#!endif
231
232#!ifdef WITH_TELEBLOCK
233teleblock.gw_enabled = 0 desc "Enable Teleblock support"
234teleblock.gw_ip = "66.203.90.197" desc "Teleblock IP"
235teleblock.gw_port = "5066" desc "Teleblock Port"
236teleblock.media_ip = "" desc "Teleblock media ip"
237teleblock.media_port = "" desc "Teleblock media port"
238#!endif
239
240
241####### Modules Section ########
242
243# set paths to location of modules (to sources or installation folders)
244#!ifdef WITH_SRCPATH
245mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/"
246#!else
247mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/"
248#!endif
249
250#!ifdef WITH_MYSQL
251loadmodule "db_mysql.so"
252#!endif
253
254loadmodule "kex.so"
255loadmodule "corex.so"
256loadmodule "tm.so"
257loadmodule "tmx.so"
258loadmodule "sl.so"
259loadmodule "rr.so"
260loadmodule "path.so"
261loadmodule "pv.so"
262loadmodule "maxfwd.so"
263loadmodule "usrloc.so"
264loadmodule "registrar.so"
265loadmodule "textops.so"
266loadmodule "siputils.so"
267loadmodule "xlog.so"
268loadmodule "sanity.so"
269loadmodule "ctl.so"
270loadmodule "cfg_rpc.so"
271loadmodule "acc.so"
272loadmodule "jsonrpcs.so"
273loadmodule "htable.so"
274
275# -- for siremis CDRs --------------
276loadmodule "rtimer.so"
277loadmodule "sqlops.so"
278
279#!ifdef WITH_AUTH
280loadmodule "auth.so"
281loadmodule "auth_db.so"
282#!ifdef WITH_IPAUTH
283loadmodule "permissions.so"
284#!endif
285#!ifdef WITH_UAC
286loadmodule "uac.so"
287#!endif
288#!endif
289
290#!ifdef WITH_ALIASDB
291loadmodule "alias_db.so"
292#!endif
293
294#!ifdef WITH_SPEEDDIAL
295loadmodule "speeddial.so"
296#!endif
297
298#!ifdef WITH_MULTIDOMAIN
299loadmodule "domain.so"
300#!endif
301
302#!ifdef WITH_PRESENCE
303loadmodule "presence.so"
304loadmodule "presence_xml.so"
305#!endif
306
307#!ifdef WITH_NAT
308loadmodule "nathelper.so"
309loadmodule "rtpengine.so"
310#!endif
311
312#!ifdef WITH_TLS
313loadmodule "tls.so"
314#!endif
315
316#!ifdef WITH_ANTIFLOOD
317loadmodule "htable.so"
318loadmodule "pike.so"
319#!endif
320
321#!ifdef WITH_XMLRPC
322loadmodule "xmlrpc.so"
323#!endif
324
325#!ifdef WITH_DEBUG
326loadmodule "debugger.so"
327#!endif
328
329#!ifdef WITH_DROUTE
330loadmodule "drouting.so"
331#!endif
332
333# ----------------- setting module-specific parameters ---------------
334
335# ----- jsonrpcs params -----
336modparam("jsonrpcs", "pretty_format", 1)
337modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamailio_rpc.fifo")
338#modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio/kamailio_rpc.sock")
339
340
341# ----- ctl params -----
342modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")
343
344
345# ----- tm params -----
346# auto-discard branches from previous serial forking leg
347modparam("tm", "failure_reply_mode", 3)
348# default retransmission timeout: 30sec
349modparam("tm", "fr_timer", 30000)
350# default invite retransmission timeout after 1xx: 120sec
351modparam("tm", "fr_inv_timer", 120000)
352
353
354# ----- rr params -----
355# set next param to 1 to add value to ;lr param (helps with some UAs)
356modparam("rr", "enable_full_lr", 1)
357# append from tag to the RR (no need for this script)
358modparam("rr", "append_fromtag", 1)
359
360
361# ----- registrar params -----
362modparam("registrar", "method_filtering", 1)
363/* uncomment the next line to disable parallel forking via location */
364# modparam("registrar", "append_branches", 0)
365/* uncomment the next line not to allow more than 10 contacts per AOR */
366#modparam("registrar", "max_contacts", 10)
367# max value for expires of registrations
368modparam("registrar", "max_expires", 3600)
369# set it to 1 to enable GRUU
370modparam("registrar", "gruu_enabled", 0)
371
372
373# ----- acc params -----
374/* what special events should be accounted ? */
375modparam("acc", "early_media", 0)
376modparam("acc", "report_ack", 0)
377modparam("acc", "report_cancels", 0)
378/* by default ww do not adjust the direct of the sequential requests.
379 if you enable this parameter, be sure the enable "append_fromtag"
380 in "rr" module */
381modparam("acc", "detect_direction", 0)
382/* account triggers (flags) */
383modparam("acc", "log_flag", FLT_ACC)
384modparam("acc", "log_missed_flag", FLT_ACCMISSED)
385modparam("acc", "log_extra",
386 "src_user=$fU;src_domain=$fd;src_ip=$si;"
387 "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
388modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
389/* enhanced DB accounting */
390#!ifdef WITH_ACCDB
391modparam("acc", "db_flag", FLT_ACC)
392modparam("acc", "db_missed_flag", FLT_ACCMISSED)
393modparam("acc", "db_url", DBURL)
394modparam("acc", "db_extra",
395 "src_user=$fU;src_domain=$fd;src_ip=$si;"
396 "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd;calltype=$avp(calltype)")
397#!endif
398
399
400# ----- usrloc params -----
401/* enable DB persistency for location entries */
402#!ifdef WITH_USRLOCDB
403modparam("usrloc", "db_url", DBURL)
404modparam("usrloc", "db_mode", 3)
405modparam("usrloc", "use_domain", MULTIDOMAIN)
406#!endif
407
408
409# ----- auth_db params -----
410#!ifdef WITH_AUTH
411modparam("auth_db", "db_url", DBURL)
412modparam("auth_db", "calculate_ha1", yes)
413modparam("auth_db", "password_column", "password")
414# We use the rpid field of the subscriber table to track the assigned gateway, which can be a pbx, endpoint, or carrier
415modparam("auth_db", "load_credentials", "$avp(s:gatewayid)=rpid;")
416modparam("auth_db", "use_domain", MULTIDOMAIN)
417
418# ----- permissions params -----
419#!ifdef WITH_IPAUTH
420modparam("permissions", "db_url", DBURL)
421modparam("permissions", "db_mode", 1)
422#!endif
423
424#!endif
425
426
427# ----- alias_db params -----
428#!ifdef WITH_ALIASDB
429modparam("alias_db", "db_url", DBURL)
430modparam("alias_db", "use_domain", MULTIDOMAIN)
431#!endif
432
433
434# ----- speeddial params -----
435#!ifdef WITH_SPEEDDIAL
436modparam("speeddial", "db_url", DBURL)
437modparam("speeddial", "use_domain", MULTIDOMAIN)
438#!endif
439
440
441# ----- domain params -----
442#!ifdef WITH_MULTIDOMAIN
443modparam("domain", "db_url", DBURL)
444# register callback to match myself condition with domains list
445modparam("domain", "register_myself", 1)
446#!endif
447
448
449#!ifdef WITH_PRESENCE
450# ----- presence params -----
451modparam("presence", "db_url", DBURL)
452
453# ----- presence_xml params -----
454modparam("presence_xml", "db_url", DBURL)
455modparam("presence_xml", "force_active", 1)
456#!endif
457
458
459#!ifdef WITH_NAT
460# ----- rtpengine params -----
461modparam("rtpengine", "rtpengine_sock", "udp:127.0.0.1:7722")
462
463# ----- nathelper params -----
464modparam("nathelper", "natping_interval", 30)
465modparam("nathelper", "ping_nated_only", 1)
466modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
467modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
468
469# params needed for NAT traversal in other modules
470modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
471modparam("usrloc", "nat_bflag", FLB_NATB)
472#!endif
473
474
475#!ifdef WITH_TLS
476# ----- tls params -----
477modparam("tls", "config", "//etc/kamailio/tls.cfg")
478#!endif
479
480#!ifdef WITH_ANTIFLOOD
481# ----- pike params -----
482modparam("pike", "sampling_time_unit", 2)
483modparam("pike", "reqs_density_per_unit", 16)
484modparam("pike", "remove_latency", 4)
485
486# ----- htable params -----
487# ip ban htable with autoexpire after 5 minutes
488modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
489#!endif
490
491
492#!ifdef WITH_XMLRPC
493# ----- xmlrpc params -----
494modparam("xmlrpc", "route", "XMLRPC");
495modparam("xmlrpc", "url_match", "^/RPC")
496#!endif
497
498#!ifdef WITH_DEBUG
499# ----- debugger params -----
500modparam("debugger", "cfgtrace", 1)
501modparam("debugger", "log_level_name", "exec")
502#!endif
503
504#!ifdef WITH_UAC
505# ----- uac params -----
506modparam("uac", "restore_mode", "auto")
507modparam("uac", "reg_db_url", DBURL)
508modparam("uac", "reg_db_table", "uacreg")
509modparam("uac", "reg_timer_interval", 60)
510modparam("uac", "reg_retry_interval", 120)
511modparam("uac", "reg_keep_callid", 1)
512modparam("uac", "credential", "username:domain:password")
513modparam("uac", "auth_realm_avp", "$avp(i:10)")
514modparam("uac", "auth_username_avp", "$avp(i:11)")
515modparam("uac", "auth_password_avp", "$avp(i:12)")
516modparam("uac", "reg_contact_addr", "EXTERNAL_IP_ADDR:5060")
517#!endif
518
519#!ifdef WITH_DROUTE
520# ----- drouting params -----
521modparam("drouting", "db_url", DBURL)
522modparam("drouting", "ruri_avp", "$avp(dr_ruri)")
523modparam("drouting", "attrs_avp", "$avp(dr_attrs)")
524modparam("drouting", "use_domain", 0)
525modparam("drouting", "force_dns", 0) #Do not resolve DNS names during load
526#!endif
527
528# ----- htable params for from/to prefix lookup -----
529modparam("htable", "db_url", DBURL)
530modparam("htable", "htable", "tofromprefix=>size=8;autoexpire=0;dbtable=dsip_lcr;cols='pattern,dr_groupid';")
531
532# ----- rtimer params -----
533modparam("rtimer", "timer", "name=cdr;interval=300;mode=1;")
534modparam("rtimer", "exec", "timer=cdr;route=CDRS")
535
536# ----- sqlops params -----
537modparam("sqlops", "sqlcon", "cb=>mysql://kamailio:kamailiorw@localhost/kamailio")
538
539####### Routing Logic ########
540
541
542# Main SIP request routing logic
543# - processing of any incoming SIP request starts with this route
544# - note: this is the same as route { ... }
545request_route {
546
547 # per request initial checks
548 route(REQINIT);
549
550 # NAT detection
551 route(NATDETECT);
552
553 # CANCEL processing
554 if (is_method("CANCEL")) {
555 if (t_check_trans()) {
556 route(RELAY);
557 }
558 exit;
559 }
560
561
562 # handle requests within SIP dialogs
563 route(WITHINDLG);
564
565 ### only initial requests (no To tag)
566
567 # handle retransmissions
568 if(t_precheck_trans()) {
569 t_check_trans();
570 exit;
571 }
572 t_check_trans();
573
574 # authentication
575 route(AUTH);
576
577 # record routing for dialog forming requests (in case they are routed)
578 # - remove preloaded route headers
579 #remove_hf("Route");
580 #if (is_method("INVITE|SUBSCRIBE"))
581 # record_route();
582
583 # account only INVITEs
584 if (is_method("INVITE")) {
585 setflag(FLT_ACC); # do accounting
586 }
587
588 # dispatch requests to foreign domains
589 #route(SIPOUT);
590
591 ### requests for my local domains
592
593 # handle presence related requests
594 route(PRESENCE);
595
596 # handle registrations
597 route(REGISTRAR);
598
599 if ($rU==$null) && is_method("INVITE") {
600 # request with no Username in RURI
601 sl_send_reply("484","Address Incomplete");
602 exit;
603 }
604
605 # dispatch to local endpoints that registered thru the proxy
606 route(LOCATION);
607
608 # dispatch destinations to PSTN
609 #route(PSTN);
610
611 # Reformat US Based RURI's into a canonical format of 10 digits
612 #route(REFORMATRURI);
613
614 # route the call to the next hop
615 route(NEXTHOP);
616}
617
618
619route[REFORMATRURI] {
620
621
622 #Check for +1 and remove it from the RURI and the To header
623 if ($(rU{s.substr,0,2}) == "+1") {
624
625 $rU = $(rU{s.substr,2,0});
626
627 #Change the To header as well
628
629 remove_hf("To");
630 insert_hf("To: sip:$rU@$rd\r\n");
631 }
632
633 #Check for 1 and remove it from the RURI and the To header
634 if ($(rU{s.substr,0,1}) == "1") {
635
636 $rU = $(rU{s.substr,1,0});
637
638 #Change the To header as well
639
640 remove_hf("To");
641 insert_hf("To: sip:$rU@$rd\r\n");
642
643 }
644}
645
646
647
648#Route the call to the next hop, which can be a PBX or Carrier
649route[NEXTHOP] {
650
651 #Route to a PBX if DOMAINROUTING is enabled
652 if (isflagset(FLT_DOMAINROUTING)) {
653 #Grab the value of the avp that contains the domain_pbx_ip.
654 #This is where requests for that domain should be routed
655
656 $var(rd) = $(avp(domain_pbx_ip){s.select,0,:});
657 $var(rp) = $(avp(domain_pbx_ip){s.select,1,:});
658
659 $rd = $var(rd);
660 $rp = $var(rp);
661
662 xlog("L_DEBUG", "NEXTHOP-DOMAINROUTING: should be routed to $rd:$rp");
663
664 #We are going to pass this request on to the backend server
665 #record_route();
666
667 #Fix NAT'd contact so that calls are routed back correctly when a BYE occurs
668 #fix_nated_contact();
669 #subst_hf("Contact", "/@.*;/@$si:$sp;/", "f");
670
671 route(RELAY);
672 exit;
673 }
674
675#!ifdef WITH_DROUTE
676
677 # Check if this is coming from carrier
678 if (allow_source_address(FLT_CARRIER) || isflagset(FLT_CARRIER_AUTH)) {
679
680 # DEBUG:
681 if (allow_source_address(FLT_CARRIER))
682 xlog("L_INFO", "allow_source_address(FLT_CARRIER)==TRUE");
683 if (isflagset(FLT_CARRIER_AUTH))
684 xlog("L_INFO", "isflagset(FLT_CARRIER_AUTH)==TRUE");
685
686 # Route to PBX
687 xlog("L_DEBUG","Logic for routing to PBX");
688 append_hf("P-hint: inbound\r\n");
689 $avp(calltype) = "inbound";
690
691 if (do_routing("9000")) {
692#!ifdef WITH_SERVERNAT
693
694 # Create a Record Route based on the destionation network
695 $var(local_subnet) = "INTERNAL_IP_NET";
696 # Replace the dots with \.
697 $var(local_subnet) = $(var(local_subnet){s.replace,.,\.});
698 # Repace the 0 with .*
699 $var(local_subnet) = $(var(local_subnet){s.replace,*,.*});
700
701 if ($rd=~$var(local_subnet)){
702 record_route_advertised_address("INTERNAL_IP_ADDR");
703 }
704 else {
705 record_route();
706 }
707#!else
708 record_route();
709
710#!endif
711 route(RELAY);
712 exit;
713 }
714
715 }
716
717 else if (allow_source_address(FLT_PBX) || isflagset(FLT_PBX_AUTH)) {
718
719 # DEBUG:
720 if (allow_source_address(FLT_PBX))
721 xlog("L_INFO", "allow_source_address(FLT_PBX)==TRUE");
722 if (isflagset(FLT_PBX_AUTH))
723 xlog("L_INFO", "isflagset(FLT_PBX_AUTH)==TRUE");
724
725 # Route to Carrier
726 xlog("L_DEBUG","Logic for routing to Carriers");
727 append_hf("P-hint: outbound\r\n");
728 $avp(calltype) = "outbound";
729
730 # LCR Routing (US Based)
731 # the from number has to have 3 digits
732 # the to number has to have 3 digits
733 # TODO: we should store and retrieve the # of digits dynamically,
734 # thus allowing variable-length prefixes
735
736 $avp(from)=$(fU{s.substr,0,3});
737 $avp(to)=$(rU{s.substr,0,3});
738
739 $avp(lookup) = $avp(from) + "-" + $avp(to);
740
741 xlog("L_DEBUG", "***Lookup: $avp(lookup)***");
742
743 if ($sht(tofromprefix=>$avp(lookup)) != $null) {
744 $avp(carrier_groupid) = $sht(tofromprefix=>$avp(lookup));
745 }
746 else {
747 $avp(carrier_groupid) = "8000";
748 }
749
750 if (do_routing($avp(carrier_groupid))) {
751 record_route();
752 route(RELAY);
753 exit;
754 }
755 }
756 else
757 sl_send_reply("407", "Proxy Authentication Required. Add the PBX or Carrier IP using GUI");
758
759#!endif
760
761}
762
763
764# TeleBlock routing
765route[TELEBLOCK] {
766 # Only route if is PBX
767 if (!allow_source_address(FLT_PBX)) {
768 xlog("L_DEBUG", "[TELEBLOCK] $si not in allowed addresses\n");
769 return;
770 }
771
772# TODO: This should be dynamic
773 # Only route to teleblock if User-to-User header is present
774# if (!is_present_hf("User-to-User")) {
775# xlog("L_DEBUG", "[TELEBLOCK] User-to-User header not found\n");
776# return;
777# }
778
779 # Change source address to this proxy server
780 $fu = "sip:" + $fU + "@" + $Ri + ":" + $Rp;
781
782 # Send Invite to TeleBlock with header fields:
783 # Number == To Username
784 # CPN == From Username
785 # BTN == Billing Number (optional)
786 # Zipcode == US Postal Code (optional)
787 # refkey == Record ID (optional)
788
789 $ru = "sip:" + $rU + "@" + $sel(cfg_get.teleblock.gw_ip) + ":" + $sel(cfg_get.teleblock.gw_port);
790
791 xlog("L_DEBUG", "[TELEBLOCK] From Username: $fU\n");
792 xlog("L_DEBUG", "[TELEBLOCK] To Username: $tU\n");
793 xlog("L_DEBUG", "[TELEBLOCK] Request URI: $ru\n");
794
795 # set failure route
796 if (is_method("INVITE")) {
797 t_on_failure("TELEBLOCK_FAILURE");
798 }
799}
800
801
802failure_route[TELEBLOCK_FAILURE] {
803 if (t_is_canceled()) {
804 exit;
805 }
806
807 xlog("L_DEBUG", "[TELEBLOCK_FAILURE] Processing reply for: $rU\n");
808
809
810 # Check if a media server is setup for telelblock
811 if (strempty($sel(cfg_get.teleblock.media_ip)) || strempty($sel(cfg_get.teleblock.media_port))){
812 $avp(s:teleblock_media_enabled) = "0";
813 }
814 else {
815 $avp(s:teleblock_media_enabled) = "1";
816 }
817
818 # interpret teleblock response
819 if (t_check_status("499")) {
820 $rU = $tU;
821 if (do_routing("8000")) {
822 record_route();
823 t_relay();
824 }
825 }
826 else {
827 xlog("L_DEBUG", "[TELEBLOCK_FAILURE] Relaying to: $sel(cfg_get.teleblock.media_ip):$sel(cfg_get.teleblock.media_port)\n");
828
829 if (t_check_status("403|433")) {
830 if ($avp(s:teleblock_media_enabled) == "1") {
831 # make sure media server can route back to kamailio
832 record_route();
833 $ru = "sip:" + $rU + "@" + $sel(cfg_get.teleblock.media_ip) + ":" + $sel(cfg_get.teleblock.media_port);
834 if (!t_relay()) t_reply("403", "Do-Not-Contact");
835 }
836 else
837 if (!t_relay()) t_reply("403", "Do-Not-Contact");
838 }
839 else {
840 if ($avp(s:teleblock_media_enabled) == "1") {
841 # make sure media server can route back to kamailio
842 record_route();
843 $ru = "sip:" + $rU + "@" + $sel(cfg_get.teleblock.media_ip) + ":" + $sel(cfg_get.teleblock.media_port);
844 if (!t_relay()) t_reply("500", "Connection Failure");
845 }
846 }
847 }
848 exit;
849}
850
851
852# Wrapper for relaying requests
853route[RELAY] {
854
855 # Check TeleBlock Blacklist
856#!ifdef WITH_TELEBLOCK
857
858# Check if Teleblock is enabled
859if ($sel(cfg_get.teleblock.gw_enabled) == 1)
860 route(TELEBLOCK);
861#!endif
862 # enable additional event routes for forwarded requests
863 # - serial forking, RTP relaying handling, a.s.o.
864 if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
865 if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
866 }
867 if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
868 if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
869 }
870 if (is_method("INVITE")) {
871 if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
872 }
873
874 if (!t_relay()) {
875 sl_reply_error();
876 }
877 exit;
878}
879
880# Per SIP request initial checks
881route[REQINIT] {
882#!ifdef WITH_ANTIFLOOD
883 # flood dection from same IP and traffic ban for a while
884 # be sure you exclude checking trusted peers, such as pstn gateways
885 # - local host excluded (e.g., loop to self)
886 if(src_ip!=myself) {
887 if($sht(ipban=>$si)!=$null) {
888 # ip is already blocked
889 xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
890 exit;
891 }
892 if (!pike_check_req()) {
893 xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
894 $sht(ipban=>$si) = 1;
895 exit;
896 }
897 }
898 if($ua =~ "friendly-scanner") {
899 sl_send_reply("200", "OK");
900 exit;
901 }
902#!endif
903
904 if (!mf_process_maxfwd_header("10")) {
905 sl_send_reply("483","Too Many Hops");
906 exit;
907 }
908
909 # Only reply to option messages if the endpoint or the carrier is defined
910 if(is_method("OPTIONS") && allow_source_address_group()) {
911 sl_send_reply("200","Keepalive");
912 exit;
913 }
914
915 if(!sanity_check("1511", "7")) {
916 xlog("Malformed SIP message from $si:$sp\n");
917 exit;
918 }
919}
920
921# Handle requests within SIP dialogs
922route[WITHINDLG] {
923 if (!has_totag()) return;
924
925
926 # sequential request withing a dialog should
927 # take the path determined by record-routing
928 if (loose_route()) {
929 route(DLGURI);
930 if (is_method("BYE")) {
931 setflag(FLT_ACC); # do accounting ...
932 setflag(FLT_ACCFAILED); # ... even if the transaction fails
933 }
934 else if ( is_method("ACK") ) {
935 # ACK is forwarded statelessy
936 xlog("L_DEBUG","ACK|UPDATE");
937 route(NATMANAGE);
938 }
939 else if ( is_method("NOTIFY") ) {
940 # Add Record-Route for in-dialog NOTIFY as per RFC 6665.
941 record_route();
942 }
943 route(RELAY);
944 exit;
945 }
946
947 if (is_method("SUBSCRIBE") && uri == myself) {
948 # in-dialog subscribe requests
949 route(PRESENCE);
950 exit;
951 }
952 if ( is_method("ACK|UPDATE|INVITE|BYE") ) {
953 if ( is_method("BYE|INVITE") ) {
954 handle_ruri_alias();
955 }
956 if ( t_check_trans() ) {
957 # no loose-route, but stateful ACK;
958 # must be an ACK after a 487
959 # or e.g. 404 from upstream server
960 route(RELAY);
961 exit;
962 } else {
963 # ACK without matching transaction. Try to route anyway - being optimistic
964 # since it has at least a To Tag
965 route(RELAY);
966 exit;
967 }
968 }
969 sl_send_reply("404","Not here");
970 exit;
971}
972
973# Handle SIP registrations
974route[REGISTRAR] {
975 if (!is_method("REGISTER")) return;
976
977 if(isflagset(FLT_NATS)) {
978 setbflag(FLB_NATB);
979#!ifdef WITH_NATSIPPING
980 # do SIP NAT pinging
981 setbflag(FLB_NATSIPPING);
982#!endif
983 }
984
985 if (isflagset(FLT_PBX_AUTH)) {
986
987 #We are now acting as a REGISTRAR
988 if (!save("location"))
989 sl_reply_error();
990
991 xlog("L_DEBUG","update the gwid $avp(gatewayid) to use the register ip:port:transport of $su");
992 # Remove the sip: from the front of the $su
993 $var(su) = $(su{s.substr,4,0});
994 sql_query("cb","update dr_gateways set address='$var(su)' where gwid=$avp(gatewayid)","rb");
995 jsonrpc_exec('{"jsonrpc": "2.0", "method": "drouting.reload", "id": 1}');
996 exit;
997
998 }
999
1000
1001 if (isflagset(FLT_DOMAINROUTING)) {
1002
1003 # Save the location, but DON'T send a 200 reply back.
1004 # Let the upstream PBX authenticate the UAC (aka endpont)
1005
1006 if (!save("location", "0x02"))
1007 sl_reply_error();
1008
1009 #Grab the value of the avp that contains the domain_pbx_ip.
1010 #This is where requests for that domain should be routed
1011
1012 $var(rd) = $(avp(domain_pbx_ip){s.select,0,:});
1013 $var(rp) = $(avp(domain_pbx_ip){s.select,1,:});
1014
1015 $rd = $var(rd);
1016 $rp = $var(rp);
1017
1018 #Add the Path header - so that we know how to route back
1019 add_path_received();
1020
1021 #Fix NAT'd contact so that calls are routed back correctly when a BYE occurs
1022 #fix_nated_contact();
1023
1024 #We are going to pass this request on to the backend server
1025 route(RELAY);
1026 exit;
1027 }
1028}
1029
1030# User location service
1031route[LOCATION] {
1032
1033#Return immediately if the source address if not a PBX. Only PBX's should be trying to route to endpoints
1034if !(allow_source_address(FLT_PBX))
1035 return;
1036
1037#Local calling maximum digits for the initialting PBX - PBX sending the INVITE. Hardcoding for now. TODO: make dynamic
1038$var(pbx_max_local_digits) = 5;
1039
1040#Return if the rU is more then local calling maximum digits for the initiating PBX
1041if ($(rU{s.len}) > $var(pbx_max_local_digits))
1042 return;
1043
1044#!ifdef WITH_SPEEDDIAL
1045 # search for short dialing - 2-digit extension
1046 if($rU=~"^[0-9][0-9]$")
1047 if(sd_lookup("speed_dial"))
1048 route(SIPOUT);
1049#!endif
1050
1051#!ifdef WITH_ALIASDB
1052 # search in DB-based aliases
1053 if(alias_db_lookup("dbaliases"))
1054 route(SIPOUT);
1055#!endif
1056 $avp(oexten) = $rU;
1057 # Lookup the location of the endpont by username@from_domain
1058 if (!lookup("location","sip:$rU@$fd")) {
1059 $var(rc) = $rc;
1060 route(TOVOICEMAIL);
1061 t_newtran();
1062 switch ($var(rc)) {
1063 case -1:
1064 case -3:
1065 send_reply("404", "Not Found");
1066 exit;
1067 case -2:
1068 send_reply("405", "Method Not Allowed");
1069 exit;
1070 }
1071 }
1072
1073 # when routing via usrloc, log the missed calls also
1074 if (is_method("INVITE")) {
1075 setflag(FLT_ACCMISSED);
1076 }
1077 #Set the INVITE timeout for sending calls to invites
1078 t_set_fr(120000,10000);
1079
1080 route(RELAY);
1081 exit;
1082}
1083
1084# Presence server processing
1085route[PRESENCE] {
1086 if(!is_method("PUBLISH|SUBSCRIBE"))
1087 return;
1088
1089 if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") {
1090 route(TOVOICEMAIL);
1091 # returns here if no voicemail server is configured
1092 sl_send_reply("404", "No voicemail service");
1093 exit;
1094 }
1095
1096#!ifdef WITH_PRESENCE
1097 if (!t_newtran()) {
1098 sl_reply_error();
1099 exit;
1100 }
1101
1102 if(is_method("PUBLISH")) {
1103 handle_publish();
1104 t_release();
1105 } else if(is_method("SUBSCRIBE")) {
1106 handle_subscribe();
1107 t_release();
1108 }
1109 exit;
1110#!endif
1111
1112 # if presence enabled, this part will not be executed
1113 if (is_method("PUBLISH") || $rU==$null) {
1114 sl_send_reply("404", "Not here");
1115 exit;
1116 }
1117 return;
1118}
1119
1120# IP authorization and user authentication
1121route[AUTH] {
1122#!ifdef WITH_AUTH
1123
1124 # AUTH route logic summary:
1125 # 1) attempt domain auth
1126 # 2) attempt UAC auth (remote or local)
1127 # 3) attempt IP auth
1128
1129 # Check if this is any type of SIP request from a known domain
1130 if (lookup_domain("$fd", "domain_")) {
1131 xlog("L_DEBUG", "$fd should be routed to $avp(domain_pbx_ip)\n");
1132 # Turn on domain routing by setting the FLT_DOMAINROUTING flag
1133 setflag(FLT_DOMAINROUTING);
1134 return;
1135 }
1136
1137#!ifdef WITH_UAC
1138
1139 # TODO: do we need to forward UAC REGISTER requests to remote UAS?
1140# # register client UAC auth info w/ remote SIP provider
1141# if (is_method("REGISTER")) {
1142# xlog("SCRIPT: Creating UAC Request (si=$si) (fU=$fU) (au=$au) (du=$du) (tU=$tU) (ru=$ru)");
1143#
1144# if ($du != null) {
1145# $var(destIP) = $(du{s.select,1,:});
1146# }
1147# else {
1148# $var(destIP) = $rd;
1149# }
1150#
1151# $uac_req(method) = "REGISTER";
1152# $uac_req(ruri) = "sip:" + $var(destIP) + ":" + "5060";
1153# $uac_req(furi) = "sip:" + $tU + "@" + $ru + "5060";
1154# $uac_req(turi) = "sip:" + $tU + "@" + $ru + "5060";
1155# $uac_req(callid) = $(mb{s.md5});
1156# $uac_req(evroute) = 1;
1157# $uac_req(hdrs) = "Contact: <sip:" + $tU + "@" + $var(destIP) + ":" "5060" + ">\r\n";
1158#
1159# if ($sel(contact.expires) != null) {
1160# $uac_req(hdrs) = $uac_req(hdrs) + "Expires: " + $sel(contact.expires) + "\r\n";
1161# }
1162# else {
1163# $uac_req(hdrs) = $uac_req(hdrs) + "Expires: " + $hdr(Expires) + "\r\n";
1164# }
1165#
1166# uac_req_send();
1167# }
1168
1169
1170 # try local auth first, try remote auth on fail
1171 if (is_method("INVITE")) {
1172 # l_uuid corresponds to $rU@$rd of carrier
1173 $var(uac_status) = uac_reg_status("$rU@$rd");
1174 xlog("L_INFO", "UAC Reg Status [$var(uac_status)]");
1175
1176 if ($var(uac_status) == 1) {
1177 setflag(FLT_CARRIER_AUTH);
1178 return;
1179 }
1180
1181 # TODO: do we need to account for remote username lookups?
1182# if (uac_reg_lookup("$rU", "$ru")) {
1183# xlog("L_INFO", "Request from a remote SIP provider [$ou => $ru]\n");
1184# lookup("location");
1185# }
1186#
1187# t_on_failure("REMOTE_AUTH");
1188# t_relay();
1189# return;
1190
1191 }
1192#!endif
1193
1194
1195#!ifdef WITH_IPAUTH
1196 # If domain not known, then check IP AUTH to see if the user if allowed to connect
1197 # Changed from allow_source_address to allow_source_addess_group because it will allow any addresses within any address group.
1198 # This means that both carriers and pbx's will be allowed to access the proxy with one function call
1199 if((!is_method("REGISTER")) && allow_source_address_group()) {
1200 # source IP allowed
1201 return;
1202 }
1203#!endif
1204
1205 if (is_method("REGISTER|INVITE") || from_uri==myself) {
1206 # authenticate requests
1207 if (!auth_check("$fd", "subscriber", "3")) {
1208 auth_challenge("$fd", "0");
1209 exit;
1210 }
1211 # user authenticated - remove auth header
1212 if(!is_method("REGISTER|PUBLISH"))
1213 consume_credentials();
1214
1215 # Set a flag denoting that a PBX has authenticated with username/password
1216 setflag(FLT_PBX_AUTH);
1217 }
1218
1219#!endif
1220 return;
1221}
1222
1223#failure_route[REMOTE_AUTH] {
1224# if (t_is_canceled()) {
1225# exit;
1226# }
1227#
1228# if (t_check_status("401|407")) {
1229# xlog("L_INFO", "Attempting client UAC auth\n");
1230# uac_auth();
1231# }
1232#}
1233#
1234#event_route[uac:reply] {
1235# xlog("L_INFO", "Request sent to $uac_req(ruri) [$uac_req(evcode)]\n");
1236#}
1237
1238# Caller NAT detection
1239route[NATDETECT] {
1240#!ifdef WITH_NAT
1241 force_rport();
1242 if (nat_uac_test("19")) {
1243 if (is_method("REGISTER")) {
1244 fix_nated_register();
1245 } else {
1246 if(is_first_hop())
1247 set_contact_alias();
1248 }
1249 setflag(FLT_NATS);
1250 }
1251#!endif
1252#!ifdef WITH_SERVERNAT
1253 setflag(FLT_NATS);
1254#!endif
1255
1256 return;
1257}
1258
1259# RTPProxy control and singaling updates for NAT traversal
1260route[NATMANAGE] {
1261#!ifdef WITH_NAT
1262 if (is_request()) {
1263 if(has_totag()) {
1264 if(check_route_param("nat=yes")) {
1265 setbflag(FLB_NATB);
1266 }
1267 }
1268 }
1269 if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
1270 return;
1271
1272#!ifdef WITH_SERVERNAT
1273 #Build a regular expression for figuring out if the request is going towards a local machine
1274 $var(local_subnet) = "INTERNAL_IP_NET";
1275 # Replace the dots with \.
1276 $var(local_subnet) = $(var(local_subnet){s.replace,.,\.});
1277 # Repace the 0 with .*
1278 $var(local_subnet) = $(var(local_subnet){s.replace,*,.*});
1279
1280 xlog("L_DEBUG", "[NATMANAGE] SERVERNAT ENABLED - rd: $rd, local_subnet: $var(local_subnet) branch(send_socket): $branch(send_socket)");
1281
1282 if (($rd=~$var(local_subnet)) || (allow_source_address(FLT_CARRIER)))
1283 rtpengine_manage("media-address=INTERNAL_IP_ADDR");
1284 else
1285 rtpengine_manage();
1286#!else
1287 rtpengine_manage();
1288#!endif
1289
1290 if (is_request()) {
1291 if (!has_totag()) {
1292 if(t_is_branch_route()) {
1293 add_rr_param(";nat=yes");
1294 }
1295 }
1296 }
1297 if (is_reply()) {
1298 if(isbflagset(FLB_NATB)) {
1299 if(is_first_hop())
1300 set_contact_alias();
1301 }
1302 }
1303#!endif
1304 return;
1305}
1306
1307# URI update for dialog requests
1308route[DLGURI] {
1309#!ifdef WITH_NAT
1310 if(!isdsturiset()) {
1311 handle_ruri_alias();
1312 }
1313#!endif
1314 return;
1315}
1316
1317# Routing to foreign domains
1318route[SIPOUT] {
1319 if (uri==myself) return;
1320
1321 append_hf("P-hint: outbound\r\n");
1322 route(RELAY);
1323 exit;
1324}
1325
1326# PSTN GW routing
1327route[PSTN] {
1328#!ifdef WITH_PSTN
1329 # check if PSTN GW IP is defined
1330 if (strempty($sel(cfg_get.pstn.gw_ip))) {
1331 xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");
1332 return;
1333 }
1334
1335 # route to PSTN dialed numbers starting with '+' or '00'
1336 # (international format)
1337 # - update the condition to match your dialing rules for PSTN routing
1338 if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))
1339 return;
1340
1341 # only local users allowed to call
1342 if(from_uri!=myself) {
1343 sl_send_reply("403", "Not Allowed");
1344 exit;
1345 }
1346
1347 if (strempty($sel(cfg_get.pstn.gw_port))) {
1348 $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
1349 } else {
1350 $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) + ":"
1351 + $sel(cfg_get.pstn.gw_port);
1352 }
1353
1354 route(RELAY);
1355 exit;
1356#!endif
1357
1358 return;
1359}
1360
1361# XMLRPC routing
1362#!ifdef WITH_XMLRPC
1363route[XMLRPC] {
1364 # allow XMLRPC from localhost
1365 if ((method=="POST" || method=="GET")
1366 && (src_ip==127.0.0.1)) {
1367 # close connection only for xmlrpclib user agents (there is a bug in
1368 # xmlrpclib: it waits for EOF before interpreting the response).
1369 if ($hdr(User-Agent) =~ "xmlrpclib")
1370 set_reply_close();
1371 set_reply_no_connect();
1372 dispatch_rpc();
1373 exit;
1374 }
1375 send_reply("403", "Forbidden");
1376 exit;
1377}
1378#!endif
1379
1380# Routing to voicemail server
1381route[TOVOICEMAIL] {
1382#!ifdef WITH_VOICEMAIL
1383 if(!is_method("INVITE|SUBSCRIBE"))
1384 return;
1385
1386 # check if VoiceMail server IP is defined
1387 if (strempty($sel(cfg_get.voicemail.srv_ip))) {
1388 xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n");
1389 return;
1390 }
1391 if(is_method("INVITE")) {
1392 if($avp(oexten)==$null)
1393 return;
1394 $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip)
1395 + ":" + $sel(cfg_get.voicemail.srv_port);
1396 } else {
1397 if($rU==$null)
1398 return;
1399 $ru = "sip:" + $rU + "@" + $sel(cfg_get.voicemail.srv_ip)
1400 + ":" + $sel(cfg_get.voicemail.srv_port);
1401 }
1402 route(RELAY);
1403 exit;
1404#!endif
1405
1406 return;
1407}
1408
1409# ======================================================
1410# Populate CDRs Table of Siremis
1411# ======================================================
1412route[CDRS] {
1413 sql_query("cb","call kamailio_cdrs()","rb");
1414 sql_query("cb","call kamailio_rating('default')","rb");
1415 }
1416
1417# Manage outgoing branches
1418branch_route[MANAGE_BRANCH] {
1419 xdbg("new branch [$T_branch_idx] to $ru\n");
1420 route(NATMANAGE);
1421}
1422
1423# Manage incoming replies
1424onreply_route[MANAGE_REPLY] {
1425 xdbg("incoming reply\n");
1426 if (status=="200" && !allow_source_address(FLT_CARRIER)) {
1427 fix_nated_contact();
1428 }
1429#!ifdef WITH_SERVERNAT
1430 if (status=="200" && allow_source_address(FLT_CARRIER)) {
1431 subst_hf("Record-Route","/EXTERNAL_IP_ADDR/INTERNAL_IP_ADDR/","f");
1432 }
1433 if (status=="200" && allow_source_address(FLT_PBX)) {
1434 subst_hf("Record-Route","/INTERNAL_IP_ADDR/EXTERNAL_IP_ADDR/","f");
1435
1436 }
1437#!endif
1438
1439 if (status=~"[12][0-9][0-9]") {
1440 route(NATMANAGE);
1441 }
1442}
1443
1444# Manage failure routing cases
1445failure_route[MANAGE_FAILURE] {
1446 route(NATMANAGE);
1447
1448 if (t_is_canceled()) {
1449 exit;
1450 }
1451
1452#!ifdef WITH_DROUTE
1453 if (t_check_status("[0-6][0-9][0-9]")) {
1454 if (use_next_gw()) {
1455 route(RELAY);
1456 exit;
1457 }
1458 else {
1459 exit;
1460 }
1461 }
1462#!endif
1463
1464#!ifdef WITH_BLOCK3XX
1465 # block call redirect based on 3xx replies.
1466 if (t_check_status("3[0-9][0-9]")) {
1467 t_reply("404","Not found");
1468 exit;
1469 }
1470#!endif
1471
1472#!ifdef WITH_VOICEMAIL
1473 # serial forking
1474 # - route to voicemail on busy or no answer (timeout)
1475 if (t_check_status("486|408")) {
1476 $du = $null;
1477 route(TOVOICEMAIL);
1478 exit;
1479 }
1480#!endif
1481}