· 7 years ago · Dec 08, 2018, 12:18 AM
1#!KAMAILIO
2# EXISTING CONFIG FILE
3#
4#!define WITH_MYSQL
5#!define WITH_AUTH
6#!define WITH_IPAUTH
7#!define WITH_UAC
8#!define WITH_USRLOCDB
9#!define WITH_ACCDB
10#!define WITH_DROUTE
11##!define WITH_DEBUG
12#!define WITH_NAT
13#!define WITH_SERVERNAT
14#!define WITH_MULTIDOMAIN
15#!define WITH_TELEBLOCK
16##!define WITH_ANTIFLOOD
17#
18#!substdef "!INTERNAL_IP_ADDR!10.20.0.8!g"
19#!substdef "!INTERNAL_IP_NET!10.20.0..*!g"
20#!substdef "!EXTERNAL_IP_ADDR!104.248.104.188!g"
21#
22
23# Kamailio (OpenSER) SIP Server v5.1 - default configuration script
24# - web: http://www.kamailio.org
25# - git: http://sip-router.org
26#
27# Direct your questions about this file to: <sr-users@lists.sip-router.org>
28#
29# Refer to the Core CookBook at http://www.kamailio.org/wiki/
30# for an explanation of possible statements, functions and parameters.
31#
32# Several features can be enabled using '#!define WITH_FEATURE' directives:
33#
34# *** To run in debug mode:
35# - define WITH_DEBUG
36#
37# *** To enable mysql:
38# - define WITH_MYSQL
39#
40# *** To enable authentication execute:
41# - enable mysql
42# - define WITH_AUTH
43# - add users using 'kamctl'
44#
45# *** To enable IP authentication execute:
46# - enable mysql
47# - enable authentication
48# - define WITH_IPAUTH
49# - add IP addresses with group id '1' to 'address' table
50#
51# *** To enable persistent user location execute:
52# - enable mysql
53# - define WITH_USRLOCDB
54#
55# *** To enable presence server execute:
56# - enable mysql
57# - define WITH_PRESENCE
58#
59# *** To enable nat traversal execute:
60# - define WITH_NAT
61# - install RTPProxy: http://www.rtpengine.org
62# - start RTPProxy:
63# rtpengine -l _your_public_ip_ -s udp:localhost:7722
64# - option for NAT SIP OPTIONS keepalives: WITH_NATSIPPING
65#
66# *** To enable PSTN gateway routing execute:
67# - define WITH_PSTN
68# - set the value of pstn.gw_ip
69# - check route[PSTN] for regexp routing condition
70#
71# *** To enable database aliases lookup execute:
72# - enable mysql
73# - define WITH_ALIASDB
74#
75# *** To enable speed dial lookup execute:
76# - enable mysql
77# - define WITH_SPEEDDIAL
78#
79# *** To enable multi-domain support execute:
80# - enable mysql
81# - define WITH_MULTIDOMAIN
82#
83# *** To enable TLS support execute:
84# - adjust CFGDIR/tls.cfg as needed
85# - define WITH_TLS
86#
87# *** To enable XMLRPC support execute:
88# - define WITH_XMLRPC
89# - adjust route[XMLRPC] for access policy
90#
91# *** To enable anti-flood detection execute:
92# - adjust pike and htable=>ipban settings as needed (default is
93# block if more than 16 requests in 2 seconds and ban for 300 seconds)
94# - define WITH_ANTIFLOOD
95#
96# *** To block 3XX redirect replies execute:
97# - define WITH_BLOCK3XX
98#
99# *** To enable VoiceMail routing execute:
100# - define WITH_VOICEMAIL
101# - set the value of voicemail.srv_ip
102# - adjust the value of voicemail.srv_port
103#
104# *** To enhance accounting execute:
105# - enable mysql
106# - define WITH_ACCDB
107# - add following columns to database
108#!ifdef ACCDB_COMMENT
109 ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
110 ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
111 ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default '';
112 ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
113 ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
114 ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
115 ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT '';
116 ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT '';
117 ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default '';
118 ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT '';
119 ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT '';
120 ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT '';
121#!endif
122
123####### Include Local Config If Exists #########
124import_file "kamailio-local.cfg"
125
126####### Defined Values #########
127
128# *** Value defines - IDs used later in config
129#!ifdef WITH_MYSQL
130# - database URL - used to connect to database server by modules such
131# as: auth_db, acc, usrloc, a.s.o.
132#!ifndef DBURL
133#!define DBURL "mysql://------@localhost/kamailio"
134#!endif
135#!endif
136#!ifdef WITH_MULTIDOMAIN
137# - the value for 'use_domain' parameters
138#!define MULTIDOMAIN 1
139#!else
140#!define MULTIDOMAIN 0
141#!endif
142
143# - flags
144# FLT_ - per transaction (message) flags
145# FLB_ - per branch flags
146#!define FLT_ACC 1
147#!define FLT_ACCMISSED 2
148#!define FLT_ACCFAILED 3
149#!define FLT_NATS 5
150
151#!define FLB_NATB 6
152#!define FLB_NATSIPPING 7
153
154#!define FLT_CARRIER 8
155#!define FLT_PBX 9
156#!define FLT_DOMAINROUTING 10
157#!define FLT_PBX_AUTH 11
158#!define FLT_CARRIER_AUTH 12
159
160####### Global Parameters #########
161
162### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR
163#!ifdef WITH_DEBUG
164debug=4
165log_stderror=no
166#!else
167debug=2
168log_stderror=no
169#!endif
170
171memdbg=5
172memlog=5
173
174log_facility=LOG_LOCAL0
175
176fork=yes
177children=1
178
179/* uncomment the next line to disable TCP (default on) */
180#disable_tcp=yes
181
182/* uncomment the next line to disable the auto discovery of local aliases
183 based on reverse DNS on IPs (default on) */
184#auto_aliases=no
185
186/* add local domain aliases */
187#alias="INTERNAL_IP_ADDR:5060"
188
189/* uncomment and configure the following line if you want Kamailio to
190 bind on a specific interface/port/proto (default bind on all available) */
191#!ifdef WITH_SERVERNAT
192listen=udp:INTERNAL_IP_ADDR:5060 advertise EXTERNAL_IP_ADDR:5060
193#!endif
194
195/* port to listen to
196 * - can be specified more than once if needed to listen on many ports */
197port=5060
198
199#!ifdef WITH_TLS
200enable_tls=yes
201#!endif
202
203# life time of TCP connection when there is no traffic
204# - a bit higher than registration expires to cope with UA behind NAT
205tcp_connection_lifetime=3605
206
207####### Custom Parameters #########
208
209# These parameters can be modified runtime via RPC interface
210# - see the documentation of 'cfg_rpc' module.
211#
212# Format: group.id = value 'desc' description
213# Access: $sel(cfg_get.group.id) or @cfg_get.group.id
214#
215
216#!ifdef WITH_PSTN
217# PSTN GW Routing
218#
219# - pstn.gw_ip: valid IP or hostname as string value, example:
220# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address"
221#
222# - by default is empty to avoid misrouting
223pstn.gw_ip = "" desc "PSTN GW Address"
224pstn.gw_port = "" desc "PSTN GW Port"
225#!endif
226
227#!ifdef WITH_VOICEMAIL
228# VoiceMail Routing on offline, busy or no answer
229#
230# - by default Voicemail server IP is empty to avoid misrouting
231voicemail.srv_ip = "" desc "VoiceMail IP Address"
232voicemail.srv_port = "5060" desc "VoiceMail Port"
233#!endif
234
235#!ifdef WITH_TELEBLOCK
236teleblock.gw_enabled = 0 desc "Enable Teleblock support"
237teleblock.gw_ip = "66.203.90.197" desc "Teleblock IP"
238teleblock.gw_port = "5066" desc "Teleblock Port"
239teleblock.media_ip = "" desc "Teleblock media ip"
240teleblock.media_port = "" desc "Teleblock media port"
241#!endif
242
243
244####### Modules Section ########
245
246# set paths to location of modules (to sources or installation folders)
247#!ifdef WITH_SRCPATH
248mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/"
249#!else
250mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/"
251#!endif
252
253#!ifdef WITH_MYSQL
254loadmodule "db_mysql.so"
255#!endif
256
257loadmodule "kex.so"
258loadmodule "corex.so"
259loadmodule "tm.so"
260loadmodule "tmx.so"
261loadmodule "sl.so"
262loadmodule "rr.so"
263loadmodule "path.so"
264loadmodule "pv.so"
265loadmodule "maxfwd.so"
266loadmodule "usrloc.so"
267loadmodule "registrar.so"
268loadmodule "textops.so"
269loadmodule "siputils.so"
270loadmodule "xlog.so"
271loadmodule "sanity.so"
272loadmodule "ctl.so"
273loadmodule "cfg_rpc.so"
274loadmodule "acc.so"
275loadmodule "jsonrpcs.so"
276loadmodule "htable.so"
277loadmodule "topoh.so"
278# -- for siremis CDRs --------------
279loadmodule "rtimer.so"
280loadmodule "sqlops.so"
281
282#!ifdef WITH_AUTH
283loadmodule "auth.so"
284loadmodule "auth_db.so"
285
286#!ifdef WITH_IPAUTH
287loadmodule "permissions.so"
288#!endif
289#!ifdef WITH_UAC
290loadmodule "uac.so"
291#!endif
292
293
294#!ifdef WITH_ALIASDB
295loadmodule "alias_db.so"
296#!endif
297
298#!ifdef WITH_SPEEDDIAL
299loadmodule "speeddial.so"
300#!endif
301
302#!ifdef WITH_MULTIDOMAIN
303loadmodule "domain.so"
304#!endif
305
306#!ifdef WITH_PRESENCE
307loadmodule "presence.so"
308loadmodule "presence_xml.so"
309#!endif
310
311#!ifdef WITH_NAT
312loadmodule "nathelper.so"
313loadmodule "rtpengine.so"
314#!endif
315
316#!ifdef WITH_TLS
317loadmodule "tls.so"
318#!endif
319
320#!ifdef WITH_ANTIFLOOD
321loadmodule "htable.so"
322loadmodule "pike.so"
323#!endif
324
325#!ifdef WITH_XMLRPC
326loadmodule "xmlrpc.so"
327#!endif
328
329#!ifdef WITH_DEBUG
330loadmodule "debugger.so"
331#!endif
332
333#!ifdef WITH_DROUTE
334loadmodule "drouting.so"
335#!endif
336
337# ----------------- setting module-specific parameters ---------------
338
339# ---- topoh params ----
340modparam("topoh", "mask_key", "f4gPSS52QuZywk")
341# Mask Ixica IP
342modparam("topoh", "mask_ip", "208.43.27.75")
343# Mask Anveo IP
344modparam("topoh", "mask_ip", "50.22.101.14")
345modparam("topoh", "mask_callid", 1)
346
347
348# ----- jsonrpcs params -----
349modparam("jsonrpcs", "pretty_format", 1)
350modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamailio_rpc.fifo")
351#modparam("jsonrpcs", "dgram_socket", "/var/run/kamailio/kamailio_rpc.sock")
352
353
354# ----- ctl params -----
355modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")
356
357
358# ----- tm params -----
359# auto-discard branches from previous serial forking leg
360modparam("tm", "failure_reply_mode", 3)
361# default retransmission timeout: 30sec
362modparam("tm", "fr_timer", 30000)
363# default invite retransmission timeout after 1xx: 120sec
364modparam("tm", "fr_inv_timer", 120000)
365
366
367# ----- rr params -----
368# set next param to 1 to add value to ;lr param (helps with some UAs)
369modparam("rr", "enable_full_lr", 1)
370# append from tag to the RR (no need for this script)
371modparam("rr", "append_fromtag", 1)
372
373
374# ----- registrar params -----
375modparam("registrar", "method_filtering", 1)
376/* uncomment the next line to disable parallel forking via location */
377# modparam("registrar", "append_branches", 0)
378/* uncomment the next line not to allow more than 10 contacts per AOR */
379#modparam("registrar", "max_contacts", 10)
380# max value for expires of registrations
381modparam("registrar", "max_expires", 3600)
382# set it to 1 to enable GRUU
383modparam("registrar", "gruu_enabled", 0)
384
385
386# ----- acc params -----
387/* what special events should be accounted ? */
388modparam("acc", "early_media", 0)
389modparam("acc", "report_ack", 0)
390modparam("acc", "report_cancels", 0)
391/* by default ww do not adjust the direct of the sequential requests.
392 if you enable this parameter, be sure the enable "append_fromtag"
393 in "rr" module */
394modparam("acc", "detect_direction", 0)
395/* account triggers (flags) */
396modparam("acc", "log_flag", FLT_ACC)
397modparam("acc", "log_missed_flag", FLT_ACCMISSED)
398modparam("acc", "log_extra",
399 "src_user=$fU;src_domain=$fd;src_ip=$si;"
400 "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd")
401modparam("acc", "failed_transaction_flag", FLT_ACCFAILED)
402/* enhanced DB accounting */
403#!ifdef WITH_ACCDB
404modparam("acc", "db_flag", FLT_ACC)
405modparam("acc", "db_missed_flag", FLT_ACCMISSED)
406modparam("acc", "db_url", DBURL)
407modparam("acc", "db_extra",
408 "src_user=$fU;src_domain=$fd;src_ip=$si;"
409 "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd;calltype=$avp(calltype)")
410#!endif
411
412
413# ----- usrloc params -----
414/* enable DB persistency for location entries */
415#!ifdef WITH_USRLOCDB
416modparam("usrloc", "db_url", DBURL)
417modparam("usrloc", "db_mode", 3)
418modparam("usrloc", "use_domain", MULTIDOMAIN)
419#!endif
420
421
422# ----- auth_db params -----
423#!ifdef WITH_AUTH
424modparam("auth_db", "db_url", DBURL)
425modparam("auth_db", "calculate_ha1", yes)
426modparam("auth_db", "password_column", "password")
427# We use the rpid field of the subscriber table to track the assigned gateway, which can be a pbx, endpoint, or carrier
428modparam("auth_db", "load_credentials", "$avp(s:gatewayid)=rpid;")
429modparam("auth_db", "use_domain", MULTIDOMAIN)
430
431# ----- permissions params -----
432#!ifdef WITH_IPAUTH
433modparam("permissions", "db_url", DBURL)
434modparam("permissions", "db_mode", 1)
435#!endif
436
437#!endif
438
439
440# ----- alias_db params -----
441#!ifdef WITH_ALIASDB
442modparam("alias_db", "db_url", DBURL)
443modparam("alias_db", "use_domain", MULTIDOMAIN)
444#!endif
445
446
447# ----- speeddial params -----
448#!ifdef WITH_SPEEDDIAL
449modparam("speeddial", "db_url", DBURL)
450modparam("speeddial", "use_domain", MULTIDOMAIN)
451#!endif
452
453
454# ----- domain params -----
455#!ifdef WITH_MULTIDOMAIN
456modparam("domain", "db_url", DBURL)
457# register callback to match myself condition with domains list
458modparam("domain", "register_myself", 1)
459#!endif
460
461
462#!ifdef WITH_PRESENCE
463# ----- presence params -----
464modparam("presence", "db_url", DBURL)
465
466# ----- presence_xml params -----
467modparam("presence_xml", "db_url", DBURL)
468modparam("presence_xml", "force_active", 1)
469#!endif
470
471
472#!ifdef WITH_NAT
473# ----- rtpengine params -----
474modparam("rtpengine", "rtpengine_sock", "udp:127.0.0.1:7722")
475
476# ----- nathelper params -----
477modparam("nathelper", "natping_interval", 30)
478modparam("nathelper", "ping_nated_only", 1)
479modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
480modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
481
482# params needed for NAT traversal in other modules
483modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
484modparam("usrloc", "nat_bflag", FLB_NATB)
485#!endif
486
487
488#!ifdef WITH_TLS
489# ----- tls params -----
490modparam("tls", "config", "//etc/kamailio/tls.cfg")
491#!endif
492
493#!ifdef WITH_ANTIFLOOD
494# ----- pike params -----
495modparam("pike", "sampling_time_unit", 2)
496modparam("pike", "reqs_density_per_unit", 16)
497modparam("pike", "remove_latency", 4)
498
499# ----- htable params -----
500# ip ban htable with autoexpire after 15 minutes
501modparam("htable", "htable", "a=>size=8;autoexpire=920;")
502#!endif
503
504
505#!ifdef WITH_XMLRPC
506# ----- xmlrpc params -----
507modparam("xmlrpc", "route", "XMLRPC");
508modparam("xmlrpc", "url_match", "^/RPC")
509#!endif
510
511#!ifdef WITH_DEBUG
512# ----- debugger params -----
513modparam("debugger", "cfgtrace", 1)
514modparam("debugger", "log_level_name", "exec")
515#!endif
516
517#!ifdef WITH_UAC
518# ----- uac params -----
519modparam("uac", "restore_mode", "auto")
520modparam("uac", "reg_db_url", DBURL)
521modparam("uac", "reg_db_table", "uacreg")
522modparam("uac", "reg_timer_interval", 60)
523modparam("uac", "reg_retry_interval", 120)
524modparam("uac", "reg_keep_callid", 1)
525modparam("uac", "credential", "username:domain:password")
526modparam("uac", "auth_realm_avp", "$avp(i:10)")
527modparam("uac", "auth_username_avp", "$avp(i:11)")
528modparam("uac", "auth_password_avp", "$avp(i:12)")
529modparam("uac", "reg_contact_addr", "EXTERNAL_IP_ADDR:5060")
530#!endif
531
532#!ifdef WITH_DROUTE
533# ----- drouting params -----
534modparam("drouting", "db_url", DBURL)
535modparam("drouting", "ruri_avp", "$avp(dr_ruri)")
536modparam("drouting", "attrs_avp", "$avp(dr_attrs)")
537modparam("drouting", "use_domain", 0)
538modparam("drouting", "force_dns", 0) #Do not resolve DNS names during load
539#!endif
540
541# ----- htable params for from/to prefix lookup -----
542modparam("htable", "db_url", DBURL)
543modparam("htable", "htable", "tofromprefix=>size=8;autoexpire=0;dbtable=dsip_lcr;cols='pattern,dr_groupid';")
544
545# ----- rtimer params -----
546modparam("rtimer", "timer", "name=cdr;interval=300;mode=1;")
547modparam("rtimer", "exec", "timer=cdr;route=CDRS")
548
549# ----- sqlops params -----
550modparam("sqlops", "sqlcon", "cb=>mysql://-------@localhost/kamailio")
551
552####### Routing Logic ########
553
554
555# Main SIP request routing logic
556# - processing of any incoming SIP request starts with this route
557# - note: this is the same as route { ... }
558request_route {
559
560 # per request initial checks
561 route(REQINIT);
562
563 # TESTING
564 #$rU = "prefix_" + $rU;
565 #insert_hf("To: sip:prefix_$rU@$rd\r\n", "From");
566
567 # NAT detection
568 route(NATDETECT);
569
570 # CANCEL processing
571 if (is_method("CANCEL")) {
572 if (t_check_trans()) {
573 route(RELAY);
574 }
575 exit;
576 }
577
578
579 # handle requests within SIP dialogs
580 route(WITHINDLG);
581
582 ### only initial requests (no To tag)
583
584 # handle retransmissions
585 if(t_precheck_trans()) {
586 t_check_trans();
587 exit;
588 }
589 t_check_trans();
590
591 # authentication
592 route(AUTH);
593
594 # record routing for dialog forming requests (in case they are routed)
595 # - remove preloaded route headers
596 #remove_hf("Route");
597 #if (is_method("INVITE|SUBSCRIBE"))
598 # record_route();
599
600 # account only INVITEs
601 if (is_method("INVITE")) {
602 setflag(FLT_ACC); # do accounting
603 }
604
605 # dispatch requests to foreign domains
606 #route(SIPOUT);
607
608 ### requests for my local domains
609
610 # handle presence related requests
611 route(PRESENCE);
612
613 # handle registrations
614 route(REGISTRAR);
615
616 if ($rU==$null) && is_method("INVITE") {
617 # request with no Username in RURI
618 sl_send_reply("484","Address Incomplete");
619 exit;
620 }
621
622 # dispatch to local endpoints that registered thru the proxy
623 route(LOCATION);
624
625 # dispatch destinations to PSTN
626 #route(PSTN);
627
628 # Reformat US Based RURI's into a canonical format of 10 digits
629 #route(REFORMATRURI);
630
631 # route the call to the next hop
632 route(NEXTHOP);
633}
634
635
636route[REFORMATRURI] {
637
638
639 #Check for +1 and remove it from the RURI and the To header
640 if ($(rU{s.substr,0,2}) == "+1") {
641
642 $rU = $(rU{s.substr,2,0});
643
644 #Change the To header as well
645
646 remove_hf("To");
647 insert_hf("To: sip:$rU@$rd\r\n");
648 }
649
650 #Check for 1 and remove it from the RURI and the To header
651 if ($(rU{s.substr,0,1}) == "1") {
652
653 $rU = $(rU{s.substr,1,0});
654
655 #Change the To header as well
656
657 remove_hf("To");
658 insert_hf("To: sip:$rU@$rd\r\n");
659
660 }
661}
662
663
664
665#Route the call to the next hop, which can be a PBX or Carrier
666route[NEXTHOP] {
667
668 #Route to a PBX if DOMAINROUTING is enabled
669 if (isflagset(FLT_DOMAINROUTING)) {
670 #Grab the value of the avp that contains the domain_pbx_ip.
671 #This is where requests for that domain should be routed
672
673 $var(rd) = $(avp(domain_pbx_ip){s.select,0,:});
674 $var(rp) = $(avp(domain_pbx_ip){s.select,1,:});
675
676 $rd = $var(rd);
677 $rp = $var(rp);
678
679 xlog("L_DEBUG", "NEXTHOP-DOMAINROUTING: should be routed to $rd:$rp");
680
681 #We are going to pass this request on to the backend server
682 #record_route();
683
684 #Fix NAT'd contact so that calls are routed back correctly when a BYE occurs
685 #fix_nated_contact();
686 #subst_hf("Contact", "/@.*;/@$si:$sp;/", "f");
687
688 route(RELAY);
689 exit;
690 }
691
692#!ifdef WITH_DROUTE
693
694 # Check if this is coming from carrier
695 if (allow_source_address(FLT_CARRIER) || isflagset(FLT_CARRIER_AUTH)) {
696
697 # DEBUG:
698 if (allow_source_address(FLT_CARRIER))
699 xlog("L_INFO", "allow_source_address(FLT_CARRIER)==TRUE");
700 if (isflagset(FLT_CARRIER_AUTH))
701 xlog("L_INFO", "isflagset(FLT_CARRIER_AUTH)==TRUE");
702
703 # Route to PBX
704 xlog("L_DEBUG","Logic for routing to PBX");
705 append_hf("P-hint: inbound\r\n");
706 $avp(calltype) = "inbound";
707
708 if (do_routing("9000")) {
709#!ifdef WITH_SERVERNAT
710
711 # Create a Record Route based on the destionation network
712 $var(local_subnet) = "INTERNAL_IP_NET";
713 # Replace the dots with \.
714 $var(local_subnet) = $(var(local_subnet){s.replace,.,\.});
715 # Repace the 0 with .*
716 $var(local_subnet) = $(var(local_subnet){s.replace,*,.*});
717
718 if ($rd=~$var(local_subnet)){
719 record_route_advertised_address("INTERNAL_IP_ADDR");
720 }
721 else {
722 record_route();
723 }
724#!else
725 record_route();
726
727#!endif
728 route(RELAY);
729 exit;
730 }
731
732 }
733
734 else if (allow_source_address(FLT_PBX) || isflagset(FLT_PBX_AUTH)) {
735
736 # DEBUG:
737 if (allow_source_address(FLT_PBX))
738 xlog("L_INFO", "allow_source_address(FLT_PBX)==TRUE");
739 if (isflagset(FLT_PBX_AUTH))
740 xlog("L_INFO", "isflagset(FLT_PBX_AUTH)==TRUE");
741
742 # Route to Carrier
743 xlog("L_DEBUG","Logic for routing to Carriers");
744 append_hf("P-hint: outbound\r\n");
745 $avp(calltype) = "outbound";
746
747 # LCR Routing (US Based)
748 # the from number has to have 3 digits
749 # the to number has to have 3 digits
750 # TODO: we should store and retrieve the # of digits dynamically,
751 # thus allowing variable-length prefixes
752
753 $avp(from)=$(fU{s.substr,0,3});
754 $avp(to)=$(rU{s.substr,0,3});
755
756 $avp(lookup) = $avp(from) + "-" + $avp(to);
757
758 xlog("L_DEBUG", "***Lookup: $avp(lookup)***");
759
760 if ($sht(tofromprefix=>$avp(lookup)) != $null) {
761 $avp(carrier_groupid) = $sht(tofromprefix=>$avp(lookup));
762 }
763 else {
764 $avp(carrier_groupid) = "8000";
765 }
766
767 if (do_routing($avp(carrier_groupid))) {
768 record_route();
769 route(RELAY);
770 exit;
771 }
772 }
773 else
774 sl_send_reply("407", "Proxy Authentication Required. Add the PBX or Carrier IP using GUI");
775
776#!endif
777
778}
779
780
781# TeleBlock routing
782route[TELEBLOCK] {
783 # Only route if is PBX
784 if (!allow_source_address(FLT_PBX)) {
785 xlog("L_DEBUG", "[TELEBLOCK] $si not in allowed addresses\n");
786 return;
787 }
788
789# TODO: This should be dynamic
790 # Only route to teleblock if User-to-User header is present
791# if (!is_present_hf("User-to-User")) {
792# xlog("L_DEBUG", "[TELEBLOCK] User-to-User header not found\n");
793# return;
794# }
795
796 # Change source address to this proxy server
797 $fu = "sip:" + $fU + "@" + $Ri + ":" + $Rp;
798
799 # Send Invite to TeleBlock with header fields:
800 # Number == To Username
801 # CPN == From Username
802 # BTN == Billing Number (optional)
803 # Zipcode == US Postal Code (optional)
804 # refkey == Record ID (optional)
805
806 $ru = "sip:" + $rU + "@" + $sel(cfg_get.teleblock.gw_ip) + ":" + $sel(cfg_get.teleblock.gw_port);
807
808 xlog("L_DEBUG", "[TELEBLOCK] From Username: $fU\n");
809 xlog("L_DEBUG", "[TELEBLOCK] To Username: $tU\n");
810 xlog("L_DEBUG", "[TELEBLOCK] Request URI: $ru\n");
811
812 # set failure route
813 if (is_method("INVITE")) {
814 t_on_failure("TELEBLOCK_FAILURE");
815 }
816}
817
818
819failure_route[TELEBLOCK_FAILURE] {
820 if (t_is_canceled()) {
821 exit;
822 }
823
824 xlog("L_DEBUG", "[TELEBLOCK_FAILURE] Processing reply for: $rU\n");
825
826
827 # Check if a media server is setup for telelblock
828 if (strempty($sel(cfg_get.teleblock.media_ip)) || strempty($sel(cfg_get.teleblock.media_port))){
829 $avp(s:teleblock_media_enabled) = "0";
830 }
831 else {
832 $avp(s:teleblock_media_enabled) = "1";
833 }
834
835 # interpret teleblock response
836 if (t_check_status("499")) {
837 $rU = $tU;
838 if (do_routing("8000")) {
839 record_route();
840 t_relay();
841 }
842 }
843 else {
844 xlog("L_DEBUG", "[TELEBLOCK_FAILURE] Relaying to: $sel(cfg_get.teleblock.media_ip):$sel(cfg_get.teleblock.media_port)\n");
845
846 if (t_check_status("403|433")) {
847 if ($avp(s:teleblock_media_enabled) == "1") {
848 # make sure media server can route back to kamailio
849 record_route();
850 $ru = "sip:" + $rU + "@" + $sel(cfg_get.teleblock.media_ip) + ":" + $sel(cfg_get.teleblock.media_port);
851 if (!t_relay()) t_reply("403", "Do-Not-Contact");
852 }
853 else
854 if (!t_relay()) t_reply("403", "Do-Not-Contact");
855 }
856 else {
857 if ($avp(s:teleblock_media_enabled) == "1") {
858 # make sure media server can route back to kamailio
859 record_route();
860 $ru = "sip:" + $rU + "@" + $sel(cfg_get.teleblock.media_ip) + ":" + $sel(cfg_get.teleblock.media_port);
861 if (!t_relay()) t_reply("500", "Connection Failure");
862 }
863 }
864 }
865 exit;
866}
867
868
869# Wrapper for relaying requests
870route[RELAY] {
871
872 # Check TeleBlock Blacklist
873#!ifdef WITH_TELEBLOCK
874
875# Check if Teleblock is enabled
876if ($sel(cfg_get.teleblock.gw_enabled) == 1)
877 route(TELEBLOCK);
878#!endif
879 # enable additional event routes for forwarded requests
880 # - serial forking, RTP relaying handling, a.s.o.
881 if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) {
882 if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH");
883 }
884 if (is_method("INVITE|SUBSCRIBE|UPDATE")) {
885 if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY");
886 }
887 if (is_method("INVITE")) {
888 if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE");
889 }
890
891 if (!t_relay()) {
892 sl_reply_error();
893 }
894 exit;
895}
896
897# Per SIP request initial checks
898route[REQINIT] {
899#!ifdef WITH_ANTIFLOOD
900 # flood dection from same IP and traffic ban for a while
901 # be sure you exclude checking trusted peers, such as pstn gateways
902 # - local host excluded (e.g., loop to self)
903 if(src_ip!=myself) {
904 if($sht(ipban=>$si)!=$null) {
905 # ip is already blocked
906 xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
907 exit;
908 }
909 if (!pike_check_req()) {
910 xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
911 $sht(ipban=>$si) = 1;
912 exit;
913 }
914 }
915 if($ua =~ "friendly-scanner") {
916 sl_send_reply("200", "OK");
917 exit;
918 }
919#!endif
920
921 if (!mf_process_maxfwd_header("10")) {
922 sl_send_reply("483","Too Many Hops");
923 exit;
924 }
925
926 # Only reply to option messages if the endpoint or the carrier is defined
927 if(is_method("OPTIONS") && allow_source_address_group()) {
928 sl_send_reply("200","Keepalive");
929 exit;
930 }
931
932 if(!sanity_check("1511", "7")) {
933 xlog("Malformed SIP message from $si:$sp\n");
934 exit;
935 }
936}
937
938# Handle requests within SIP dialogs
939route[WITHINDLG] {
940 if (!has_totag()) return;
941
942
943 # sequential request withing a dialog should
944 # take the path determined by record-routing
945 if (loose_route()) {
946 route(DLGURI);
947 if (is_method("BYE")) {
948 setflag(FLT_ACC); # do accounting ...
949 setflag(FLT_ACCFAILED); # ... even if the transaction fails
950 }
951 else if ( is_method("ACK") ) {
952 # ACK is forwarded statelessy
953 xlog("L_DEBUG","ACK|UPDATE");
954 route(NATMANAGE);
955 }
956 else if ( is_method("NOTIFY") ) {
957 # Add Record-Route for in-dialog NOTIFY as per RFC 6665.
958 record_route();
959 }
960 route(RELAY);
961 exit;
962 }
963
964 if (is_method("SUBSCRIBE") && uri == myself) {
965 # in-dialog subscribe requests
966 route(PRESENCE);
967 exit;
968 }
969 if ( is_method("ACK|UPDATE|INVITE|BYE") ) {
970 if ( is_method("BYE|INVITE") ) {
971 handle_ruri_alias();
972 }
973 if ( t_check_trans() ) {
974 # no loose-route, but stateful ACK;
975 # must be an ACK after a 487
976 # or e.g. 404 from upstream server
977 route(RELAY);
978 exit;
979 } else {
980 # ACK without matching transaction. Try to route anyway - being optimistic
981 # since it has at least a To Tag
982 route(RELAY);
983 exit;
984 }
985 }
986 sl_send_reply("404","Not here");
987 exit;
988}
989
990# Handle SIP registrations
991route[REGISTRAR] {
992 if (!is_method("REGISTER")) return;
993
994 if(isflagset(FLT_NATS)) {
995 setbflag(FLB_NATB);
996#!ifdef WITH_NATSIPPING
997 # do SIP NAT pinging
998 setbflag(FLB_NATSIPPING);
999#!endif
1000 }
1001
1002 if (isflagset(FLT_PBX_AUTH)) {
1003
1004 #We are now acting as a REGISTRAR
1005 if (!save("location"))
1006 sl_reply_error();
1007
1008 xlog("L_DEBUG","update the gwid $avp(gatewayid) to use the register ip:port:transport of $su");
1009 # Remove the sip: from the front of the $su
1010 $var(su) = $(su{s.substr,4,0});
1011 sql_query("cb","update dr_gateways set address='$var(su)' where gwid=$avp(gatewayid)","rb");
1012 jsonrpc_exec('{"jsonrpc": "2.0", "method": "drouting.reload", "id": 1}');
1013 exit;
1014
1015 }
1016
1017
1018 if (isflagset(FLT_DOMAINROUTING)) {
1019
1020 # Save the location, but DON'T send a 200 reply back.
1021 # Let the upstream PBX authenticate the UAC (aka endpont)
1022
1023 if (!save("location", "0x02"))
1024 sl_reply_error();
1025
1026 #Grab the value of the avp that contains the domain_pbx_ip.
1027 #This is where requests for that domain should be routed
1028
1029 $var(rd) = $(avp(domain_pbx_ip){s.select,0,:});
1030 $var(rp) = $(avp(domain_pbx_ip){s.select,1,:});
1031
1032 $rd = $var(rd);
1033 $rp = $var(rp);
1034
1035 #Add the Path header - so that we know how to route back
1036 add_path_received();
1037
1038 #Fix NAT'd contact so that calls are routed back correctly when a BYE occurs
1039 #fix_nated_contact();
1040
1041 #We are going to pass this request on to the backend server
1042 route(RELAY);
1043 exit;
1044 }
1045}
1046
1047# User location service
1048route[LOCATION] {
1049
1050#Return immediately if the source address if not a PBX. Only PBX's should be trying to route to endpoints
1051if !(allow_source_address(FLT_PBX))
1052 return;
1053
1054#Local calling maximum digits for the initialting PBX - PBX sending the INVITE. Hardcoding for now. TODO: make dynamic
1055$var(pbx_max_local_digits) = 5;
1056
1057#Return if the rU is more then local calling maximum digits for the initiating PBX
1058if ($(rU{s.len}) > $var(pbx_max_local_digits))
1059 return;
1060
1061#!ifdef WITH_SPEEDDIAL
1062 # search for short dialing - 2-digit extension
1063 if($rU=~"^[0-9][0-9]$")
1064 if(sd_lookup("speed_dial"))
1065 route(SIPOUT);
1066#!endif
1067
1068#!ifdef WITH_ALIASDB
1069 # search in DB-based aliases
1070 if(alias_db_lookup("dbaliases"))
1071 route(SIPOUT);
1072#!endif
1073 $avp(oexten) = $rU;
1074 # Lookup the location of the endpont by username@from_domain
1075 if (!lookup("location","sip:$rU@$fd")) {
1076 $var(rc) = $rc;
1077 route(TOVOICEMAIL);
1078 t_newtran();
1079 switch ($var(rc)) {
1080 case -1:
1081 case -3:
1082 send_reply("404", "Not Found");
1083 exit;
1084 case -2:
1085 send_reply("405", "Method Not Allowed");
1086 exit;
1087 }
1088 }
1089
1090 # when routing via usrloc, log the missed calls also
1091 if (is_method("INVITE")) {
1092 setflag(FLT_ACCMISSED);
1093 }
1094 #Set the INVITE timeout for sending calls to invites
1095 t_set_fr(120000,10000);
1096
1097 route(RELAY);
1098 exit;
1099}
1100
1101# Presence server processing
1102route[PRESENCE] {
1103 if(!is_method("PUBLISH|SUBSCRIBE"))
1104 return;
1105
1106 if(is_method("SUBSCRIBE") && $hdr(Event)=="message-summary") {
1107 route(TOVOICEMAIL);
1108 # returns here if no voicemail server is configured
1109 sl_send_reply("404", "No voicemail service");
1110 exit;
1111 }
1112
1113#!ifdef WITH_PRESENCE
1114 if (!t_newtran()) {
1115 sl_reply_error();
1116 exit;
1117 }
1118
1119 if(is_method("PUBLISH")) {
1120 handle_publish();
1121 t_release();
1122 } else if(is_method("SUBSCRIBE")) {
1123 handle_subscribe();
1124 t_release();
1125 }
1126 exit;
1127#!endif
1128
1129 # if presence enabled, this part will not be executed
1130 if (is_method("PUBLISH") || $rU==$null) {
1131 sl_send_reply("404", "Not here");
1132 exit;
1133 }
1134 return;
1135}
1136
1137# IP authorization and user authentication
1138route[AUTH] {
1139#!ifdef WITH_AUTH
1140
1141 # AUTH route logic summary:
1142 # 1) attempt domain auth
1143 # 2) attempt UAC auth (remote or local)
1144 # 3) attempt IP auth
1145
1146 # Check if this is any type of SIP request from a known domain
1147 if (lookup_domain("$fd", "domain_")) {
1148 xlog("L_DEBUG", "$fd should be routed to $avp(domain_pbx_ip)\n");
1149 # Turn on domain routing by setting the FLT_DOMAINROUTING flag
1150 setflag(FLT_DOMAINROUTING);
1151 return;
1152 }
1153
1154#!ifdef WITH_UAC
1155
1156 # TODO: do we need to forward UAC REGISTER requests to remote UAS?
1157# # register client UAC auth info w/ remote SIP provider
1158# if (is_method("REGISTER")) {
1159# xlog("SCRIPT: Creating UAC Request (si=$si) (fU=$fU) (au=$au) (du=$du) (tU=$tU) (ru=$ru)");
1160#
1161# if ($du != null) {
1162# $var(destIP) = $(du{s.select,1,:});
1163# }
1164# else {
1165# $var(destIP) = $rd;
1166# }
1167#
1168# $uac_req(method) = "REGISTER";
1169# $uac_req(ruri) = "sip:" + $var(destIP) + ":" + "5060";
1170# $uac_req(furi) = "sip:" + $tU + "@" + $ru + "5060";
1171# $uac_req(turi) = "sip:" + $tU + "@" + $ru + "5060";
1172# $uac_req(callid) = $(mb{s.md5});
1173# $uac_req(evroute) = 1;
1174# $uac_req(hdrs) = "Contact: <sip:" + $tU + "@" + $var(destIP) + ":" "5060" + ">\r\n";
1175#
1176# if ($sel(contact.expires) != null) {
1177# $uac_req(hdrs) = $uac_req(hdrs) + "Expires: " + $sel(contact.expires) + "\r\n";
1178# }
1179# else {
1180# $uac_req(hdrs) = $uac_req(hdrs) + "Expires: " + $hdr(Expires) + "\r\n";
1181# }
1182#
1183# uac_req_send();
1184# }
1185
1186
1187 # try local auth first, try remote auth on fail
1188 if (is_method("INVITE")) {
1189 # l_uuid corresponds to $rU@$rd of carrier
1190 $var(uac_status) = uac_reg_status("$rU@$rd");
1191 xlog("L_INFO", "UAC Reg Status [$var(uac_status)]");
1192
1193 if ($var(uac_status) == 1) {
1194 setflag(FLT_CARRIER_AUTH);
1195 return;
1196 }
1197
1198 # TODO: do we need to account for remote username lookups?
1199# if (uac_reg_lookup("$rU", "$ru")) {
1200# xlog("L_INFO", "Request from a remote SIP provider [$ou => $ru]\n");
1201# lookup("location");
1202# }
1203#
1204# t_on_failure("REMOTE_AUTH");
1205# t_relay();
1206# return;
1207
1208 }
1209#!endif
1210
1211
1212#!ifdef WITH_IPAUTH
1213 # If domain not known, then check IP AUTH to see if the user if allowed to connect
1214 # Changed from allow_source_address to allow_source_addess_group because it will allow any addresses within any address group.
1215 # This means that both carriers and pbx's will be allowed to access the proxy with one function call
1216 if((!is_method("REGISTER")) && allow_source_address_group()) {
1217 # source IP allowed
1218 return;
1219 }
1220#!endif
1221
1222 if (is_method("REGISTER|INVITE") || from_uri==myself) {
1223 # authenticate requests
1224 if (!auth_check("$fd", "subscriber", "3")) {
1225 auth_challenge("$fd", "0");
1226 exit;
1227 }
1228 # user authenticated - remove auth header
1229 if(!is_method("REGISTER|PUBLISH"))
1230 consume_credentials();
1231
1232 # Set a flag denoting that a PBX has authenticated with username/password
1233 setflag(FLT_PBX_AUTH);
1234 }
1235
1236#!endif
1237 return;
1238}
1239
1240#failure_route[REMOTE_AUTH] {
1241# if (t_is_canceled()) {
1242# exit;
1243# }
1244#
1245# if (t_check_status("401|407")) {
1246# xlog("L_INFO", "Attempting client UAC auth\n");
1247# uac_auth();
1248# }
1249#}
1250#
1251#event_route[uac:reply] {
1252# xlog("L_INFO", "Request sent to $uac_req(ruri) [$uac_req(evcode)]\n");
1253#}
1254
1255# Caller NAT detection
1256route[NATDETECT] {
1257#!ifdef WITH_NAT
1258 force_rport();
1259 if (nat_uac_test("19")) {
1260 if (is_method("REGISTER")) {
1261 fix_nated_register();
1262 } else {
1263 if(is_first_hop())
1264 set_contact_alias();
1265 }
1266 setflag(FLT_NATS);
1267 }
1268#!endif
1269#!ifdef WITH_SERVERNAT
1270 setflag(FLT_NATS);
1271#!endif
1272
1273 return;
1274}
1275
1276# RTPProxy control and singaling updates for NAT traversal
1277route[NATMANAGE] {
1278#!ifdef WITH_NAT
1279 if (is_request()) {
1280 if(has_totag()) {
1281 if(check_route_param("nat=yes")) {
1282 setbflag(FLB_NATB);
1283 }
1284 }
1285 }
1286 if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
1287 return;
1288
1289#!ifdef WITH_SERVERNAT
1290 #Build a regular expression for figuring out if the request is going towards a local machine
1291 $var(local_subnet) = "INTERNAL_IP_NET";
1292 # Replace the dots with \.
1293 $var(local_subnet) = $(var(local_subnet){s.replace,.,\.});
1294 # Repace the 0 with .*
1295 $var(local_subnet) = $(var(local_subnet){s.replace,*,.*});
1296
1297 xlog("L_DEBUG", "[NATMANAGE] SERVERNAT ENABLED - rd: $rd, local_subnet: $var(local_subnet) branch(send_socket): $branch(send_socket)");
1298
1299 if (($rd=~$var(local_subnet)) || (allow_source_address(FLT_CARRIER)))
1300 rtpengine_manage("media-address=INTERNAL_IP_ADDR");
1301 else
1302 rtpengine_manage();
1303#!else
1304 rtpengine_manage();
1305#!endif
1306
1307 if (is_request()) {
1308 if (!has_totag()) {
1309 if(t_is_branch_route()) {
1310 add_rr_param(";nat=yes");
1311 }
1312 }
1313 }
1314 if (is_reply()) {
1315 if(isbflagset(FLB_NATB)) {
1316 if(is_first_hop())
1317 set_contact_alias();
1318 }
1319 }
1320#!endif
1321 return;
1322}
1323
1324# URI update for dialog requests
1325route[DLGURI] {
1326#!ifdef WITH_NAT
1327 if(!isdsturiset()) {
1328 handle_ruri_alias();
1329 }
1330#!endif
1331 return;
1332}
1333
1334# Routing to foreign domains
1335route[SIPOUT] {
1336 if (uri==myself) return;
1337
1338 append_hf("P-hint: outbound\r\n");
1339 route(RELAY);
1340 exit;
1341}
1342
1343# PSTN GW routing
1344route[PSTN] {
1345#!ifdef WITH_PSTN
1346 # check if PSTN GW IP is defined
1347 if (strempty($sel(cfg_get.pstn.gw_ip))) {
1348 xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n");
1349 return;
1350 }
1351
1352 # route to PSTN dialed numbers starting with '+' or '00'
1353 # (international format)
1354 # - update the condition to match your dialing rules for PSTN routing
1355 if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$"))
1356 return;
1357
1358 # only local users allowed to call
1359 if(from_uri!=myself) {
1360 sl_send_reply("403", "Not Allowed");
1361 exit;
1362 }
1363
1364 if (strempty($sel(cfg_get.pstn.gw_port))) {
1365 $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
1366 } else {
1367 $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) + ":"
1368 + $sel(cfg_get.pstn.gw_port);
1369 }
1370
1371 route(RELAY);
1372 exit;
1373#!endif
1374
1375 return;
1376}
1377
1378# XMLRPC routing
1379#!ifdef WITH_XMLRPC
1380route[XMLRPC] {
1381 # allow XMLRPC from localhost
1382 if ((method=="POST" || method=="GET")
1383 && (src_ip==127.0.0.1)) {
1384 # close connection only for xmlrpclib user agents (there is a bug in
1385 # xmlrpclib: it waits for EOF before interpreting the response).
1386 if ($hdr(User-Agent) =~ "xmlrpclib")
1387 set_reply_close();
1388 set_reply_no_connect();
1389 dispatch_rpc();
1390 exit;
1391 }
1392 send_reply("403", "Forbidden");
1393 exit;
1394}
1395#!endif
1396
1397# Routing to voicemail server
1398route[TOVOICEMAIL] {
1399#!ifdef WITH_VOICEMAIL
1400 if(!is_method("INVITE|SUBSCRIBE"))
1401 return;
1402
1403 # check if VoiceMail server IP is defined
1404 if (strempty($sel(cfg_get.voicemail.srv_ip))) {
1405 xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n");
1406 return;
1407 }
1408 if(is_method("INVITE")) {
1409 if($avp(oexten)==$null)
1410 return;
1411 $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip)
1412 + ":" + $sel(cfg_get.voicemail.srv_port);
1413 } else {
1414 if($rU==$null)
1415 return;
1416 $ru = "sip:" + $rU + "@" + $sel(cfg_get.voicemail.srv_ip)
1417 + ":" + $sel(cfg_get.voicemail.srv_port);
1418 }
1419 route(RELAY);
1420 exit;
1421#!endif
1422
1423 return;
1424}
1425
1426# ======================================================
1427# Populate CDRs Table of Siremis
1428# ======================================================
1429route[CDRS] {
1430 sql_query("cb","call kamailio_cdrs()","rb");
1431 sql_query("cb","call kamailio_rating('default')","rb");
1432 }
1433
1434# Manage outgoing branches
1435branch_route[MANAGE_BRANCH] {
1436 xdbg("new branch [$T_branch_idx] to $ru\n");
1437
1438 # ---- START SKYSWITCH FROM REWRITE ---- (12/06/2018)
1439
1440 xlog("L_DBG","$mb \n| New branch \n");
1441 if($fd!="104.248.104.188") {
1442 xlog("L_DBG","$mb \n| RELAY | Masking X call from: $fu $fd");
1443 xlog("L_DBG","$mb \n| RELAY | From: $fu $fd");
1444 uac_replace_from("","sip:$fU@104.248.104.188");
1445 xlog("L_DBG","$mb \n| RELAY | Call masked from: $fu");
1446 }
1447 # We do not trust the user, let's remove the P-Asserted-Identity, if any:
1448 remove_hf("P-Asserted-Identity");
1449 remove_hf("P-Preferred-Identity");
1450
1451 # ---- END SKYSWITCH FROM REWRITE ---- (12/06/2018)
1452
1453 #if($td="104.248.104.188") {
1454 # uac_replace_to("","sip:$tU@70.42.44.94");
1455 #}
1456 $td="70.42.44.94";
1457
1458 route(NATMANAGE);
1459}
1460
1461# Manage incoming replies
1462onreply_route[MANAGE_REPLY] {
1463 xdbg("incoming reply\n");
1464 if (status=="200" && !allow_source_address(FLT_CARRIER)) {
1465 fix_nated_contact();
1466 }
1467#!ifdef WITH_SERVERNAT
1468 if (status=="200" && allow_source_address(FLT_CARRIER)) {
1469 subst_hf("Record-Route","/EXTERNAL_IP_ADDR/INTERNAL_IP_ADDR/","f");
1470 }
1471 if (status=="200" && allow_source_address(FLT_PBX)) {
1472 subst_hf("Record-Route","/INTERNAL_IP_ADDR/EXTERNAL_IP_ADDR/","f");
1473
1474 }
1475#!endif
1476
1477 if (status=~"[12][0-9][0-9]") {
1478 route(NATMANAGE);
1479 }
1480}
1481
1482# Manage failure routing cases
1483failure_route[MANAGE_FAILURE] {
1484 route(NATMANAGE);
1485
1486 if (t_is_canceled()) {
1487 exit;
1488 }
1489
1490#!ifdef WITH_DROUTE
1491 if (t_check_status("[0-6][0-9][0-9]")) {
1492 if (use_next_gw()) {
1493 route(RELAY);
1494 exit;
1495 }
1496 else {
1497 exit;
1498 }
1499 }
1500#!endif
1501
1502#!ifdef WITH_BLOCK3XX
1503 # block call redirect based on 3xx replies.
1504 if (t_check_status("3[0-9][0-9]")) {
1505 t_reply("404","Not found");
1506 exit;
1507 }
1508#!endif
1509
1510#!ifdef WITH_VOICEMAIL
1511 # serial forking
1512 # - route to voicemail on busy or no answer (timeout)
1513 if (t_check_status("486|408")) {
1514 $du = $null;
1515 route(TOVOICEMAIL);
1516 exit;
1517 }
1518#!endif
1519}