From 5c5db8dde522ad90e577d03ddb944c19aa33f7cd Mon Sep 17 00:00:00 2001 From: altanai Date: Tue, 23 Jul 2019 23:02:57 +0530 Subject: [PATCH] renamed few projects --- psql_webrtc_rtpproxy/README.md | 92 ++ .../psql_webrtc_ws_kamailio.cfg | 1081 +++++++++++++++++ {Record routing => record_routing}/README.md | 1 + .../kamailio_record_route.cfg | 2 +- sipcapture_siptrace_homer/README.md | 102 -- .../sipcapture_capturenode.cfg | 75 -- .../siptrace_tracenode.cfg | 76 -- .../README.md | 45 + .../tls.cfg | 0 .../webrtc_to_sip_kamailio.cfg | 894 ++++++++++++++ .../webrtc_ws_rtpengine_kamailio.cfg | 2 +- 11 files changed, 2115 insertions(+), 255 deletions(-) create mode 100644 psql_webrtc_rtpproxy/README.md create mode 100644 psql_webrtc_rtpproxy/psql_webrtc_ws_kamailio.cfg rename {Record routing => record_routing}/README.md (99%) rename {Record routing => record_routing}/kamailio_record_route.cfg (98%) delete mode 100644 sipcapture_siptrace_homer/README.md delete mode 100644 sipcapture_siptrace_homer/sipcapture_capturenode.cfg delete mode 100644 sipcapture_siptrace_homer/siptrace_tracenode.cfg create mode 100644 webrtc_to_sip_ipv4_ipv6_with_rtpengine/README.md create mode 100644 webrtc_to_sip_ipv4_ipv6_with_rtpengine/tls.cfg create mode 100644 webrtc_to_sip_ipv4_ipv6_with_rtpengine/webrtc_to_sip_kamailio.cfg diff --git a/psql_webrtc_rtpproxy/README.md b/psql_webrtc_rtpproxy/README.md new file mode 100644 index 0000000..e0fa942 --- /dev/null +++ b/psql_webrtc_rtpproxy/README.md @@ -0,0 +1,92 @@ +# PSQL Account storage for a Webrtc client on WS using RTPproxy to relay media stream + +features : + DB integration on postrgress for auth , location etc + RTP proxy + flood detection + presence + voice mail + pstn + msrp + xmlrpc + nathelper + +## Flags to turn on + + To run in debug mode: + - define WITH_DEBUG + + To enable mysql: + - define WITH_MYSQL + + To enable authentication execute: + - enable mysql + - define WITH_AUTH + - add users using 'kamctl' + + To enable IP authentication execute: + - enable mysql + - enable authentication + - define WITH_IPAUTH + - add IP addresses with group id '1' to 'address' table + + To enable persistent user location execute: + - enable mysql + - define WITH_USRLOCDB + + To enable presence server execute: + - enable mysql + - define WITH_PRESENCE + + To enable nat traversal execute: + - define WITH_NAT + - install RTPProxy: http://www.rtpproxy.org + - start RTPProxy: + rtpproxy -l _your_public_ip_ -s udp:localhost:7722 + + To enable PSTN gateway routing execute: + - define WITH_PSTN + - set the value of pstn.gw_ip + - check route[PSTN] for regexp routing condition + + To enable database aliases lookup execute: + - enable mysql + - define WITH_ALIASDB + + To enable speed dial lookup execute: + - enable mysql + - define WITH_SPEEDDIAL + + To enable multi-domain support execute: + - enable mysql + - define WITH_MULTIDOMAIN + + To enable TLS support execute: + - adjust CFGDIR/tls.cfg as needed + - define WITH_TLS + + To enable XMLRPC support execute: + - define WITH_XMLRPC + - adjust route[XMLRPC] for access policy + + To enable anti-flood detection execute: + - adjust pike and htable=>ipban settings as needed (default is + block if more than 16 requests in 2 seconds and ban for 300 seconds) + - define WITH_ANTIFLOOD + + To block 3XX redirect replies execute: + - define WITH_BLOCK3XX + + To enable VoiceMail routing execute: + - define WITH_VOICEMAIL + - set the value of voicemail.srv_ip + - adjust the value of voicemail.srv_port + + To enhance accounting execute: + - enable mysql + - define WITH_ACCDB + - add following columns to database + + + +Ref : https://gist.github.com/soufianeEL/514fb8fd9e26f8d18030 \ No newline at end of file diff --git a/psql_webrtc_rtpproxy/psql_webrtc_ws_kamailio.cfg b/psql_webrtc_rtpproxy/psql_webrtc_ws_kamailio.cfg new file mode 100644 index 0000000..03be04d --- /dev/null +++ b/psql_webrtc_rtpproxy/psql_webrtc_ws_kamailio.cfg @@ -0,0 +1,1081 @@ +#!KAMAILIO + +#!ifdef ACCDB_COMMENT + ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; + ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; + ALTER TABLE acc ADD COLUMN src_ip varchar(64) NOT NULL default ''; + ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; + ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; + ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; + ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; + ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; + ALTER TABLE missed_calls ADD COLUMN src_ip varchar(64) NOT NULL default ''; + ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; + ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; + ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; +#!endif + +####### Include Local Config If Exists ######### +import_file "kamailio-local.cfg" + +####### Defined Values ######### + +#!define WITH_POSTGRES +#!define WITH_WEBSOCKETS + +#!define WITH_AUTH +#!define WITH_USRLOCDB + +#!define WITH_ACCDB + +##!define WITH_AUTH_DB +##!define LOCAL_TEST_RUN +##!define WITH_TLS +##!define WITH_MSRP + +#!substdef "!MY_IP_ADDR!192.168.2.63!g" +#!substdef "!MY_DOMAIN!192.168.2.63!g" +#!substdef "!MY_WS_PORT!8084!g" +#!substdef "!MY_WSS_PORT!4443!g" +#!substdef "!MY_MSRP_PORT!9000!g" +#!substdef "!MY_WS_ADDR!tcp:MY_IP_ADDR:MY_WS_PORT!g" +#!substdef "!MY_WSS_ADDR!tls:MY_IP_ADDR:MY_WSS_PORT!g" +#!substdef "!MY_MSRP_ADDR!tls:MY_IP_ADDR:MY_MSRP_PORT!g" +#!substdef "!MSRP_MIN_EXPIRES!1800!g" +#!substdef "!MSRP_MAX_EXPIRES!3600!g" + +###!substdef "!DBURL!postgres://user:pass@127.0.0.1/kamailio!g" + +#!ifdef WITH_POSTGRES +#!ifndef DBURL +#!define DBURL "postgres://user:pass@localhost:5432/kamailio" +#!endif +#!endif + +#!ifdef WITH_MULTIDOMAIN +# - the value for 'use_domain' parameters +#!define MULTIDOMAIN 1 +#!else +#!define MULTIDOMAIN 0 +#!endif + +# - flags +# FLT_ - per transaction (message) flags +# FLB_ - per branch flags +#!define FLT_ACC 1 +#!define FLT_ACCMISSED 2 +#!define FLT_ACCFAILED 3 +#!define FLT_NATS 5 + +#!define FLB_NATB 6 +#!define FLB_NATSIPPING 7 + +####### Global Parameters ######### + +### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR +#!ifdef WITH_DEBUG +debug=4 +log_stderror=yes +#!else +debug=2 +log_stderror=no +#!endif + +memdbg=5 +memlog=5 + +log_facility=LOG_LOCAL0 + +fork=yes +children=4 + +/* uncomment the next line to disable TCP (default on) */ +#disable_tcp=yes + +/* uncomment the next line to disable the auto discovery of local aliases + based on reverse DNS on IPs (default on) */ +#auto_aliases=no + +/* add local domain aliases */ +#alias="sip.mydomain.com" + +/* uncomment and configure the following line if you want Kamailio to + bind on a specific interface/port/proto (default bind on all available) */ +#listen=udp:10.0.0.10:5060 + +/* port to listen to + * - can be specified more than once if needed to listen on many ports */ +port=5060 + +#!ifdef WITH_TLS +enable_tls=yes +#!endif + +listen=MY_IP_ADDR +#!ifdef WITH_WEBSOCKETS +listen=MY_WS_ADDR +#!ifdef WITH_TLS +listen=MY_WSS_ADDR +#!endif +#!endif +#!ifdef WITH_MSRP +listen=MY_MSRP_ADDR +#!endif + +tcp_connection_lifetime=3604 +tcp_accept_no_cl=yes +tcp_rd_buf_size=16384 + +###syn_branch=0 + +# life time of TCP connection when there is no traffic +# - a bit higher than registration expires to cope with UA behind NAT +# tcp_connection_lifetime=3605 + +####### Custom Parameters ######### + +# These parameters can be modified runtime via RPC interface +# - see the documentation of 'cfg_rpc' module. +# +# Format: group.id = value 'desc' description +# Access: $sel(cfg_get.group.id) or @cfg_get.group.id +# + +#!ifdef WITH_PSTN +# PSTN GW Routing +# +# - pstn.gw_ip: valid IP or hostname as string value, example: +# pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" +# +# - by default is empty to avoid misrouting +pstn.gw_ip = "" desc "PSTN GW Address" +pstn.gw_port = "" desc "PSTN GW Port" +#!endif + +#!ifdef WITH_VOICEMAIL +# VoiceMail Routing on offline, busy or no answer +# +# - by default Voicemail server IP is empty to avoid misrouting +voicemail.srv_ip = "" desc "VoiceMail IP Address" +voicemail.srv_port = "5060" desc "VoiceMail Port" +#!endif + +####### Modules Section ######## + +# set paths to location of modules (to sources or installation folders) +#!ifdef WITH_SRCPATH +mpath="modules/" +#!else +mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/" +#!endif + + +#!ifdef WITH_POSTGRES +loadmodule "db_postgres.so" +#!endif + +loadmodule "mi_fifo.so" +loadmodule "kex.so" +loadmodule "corex.so" +loadmodule "tm.so" +loadmodule "tmx.so" +loadmodule "sl.so" +loadmodule "rr.so" +loadmodule "pv.so" +loadmodule "maxfwd.so" +loadmodule "usrloc.so" +loadmodule "registrar.so" +loadmodule "textops.so" +loadmodule "siputils.so" +loadmodule "xlog.so" +loadmodule "sanity.so" +loadmodule "ctl.so" +loadmodule "cfg_rpc.so" +loadmodule "mi_rpc.so" +loadmodule "acc.so" + +#!ifdef WITH_AUTH +loadmodule "auth.so" +loadmodule "auth_db.so" +#!ifdef WITH_IPAUTH +loadmodule "permissions.so" +#!endif +#!endif + +#!ifdef WITH_ALIASDB +loadmodule "alias_db.so" +#!endif + +#!ifdef WITH_SPEEDDIAL +loadmodule "speeddial.so" +#!endif + +#!ifdef WITH_MULTIDOMAIN +loadmodule "domain.so" +#!endif + +#!ifdef WITH_PRESENCE +loadmodule "presence.so" +loadmodule "presence_xml.so" +#!endif + +#!ifdef WITH_NAT +loadmodule "nathelper.so" +loadmodule "rtpproxy.so" +#!endif + +#!ifdef WITH_TLS +loadmodule "tls.so" +#!endif + +#!ifdef WITH_MSRP +loadmodule "msrp.so" +loadmodule "htable.so" +loadmodule "cfgutils.so" +#!endif + +#!ifdef WITH_WEBSOCKETS +loadmodule "xhttp.so" +loadmodule "websocket.so" +loadmodule "nathelper.so" +#!endif + +#!ifdef WITH_ANTIFLOOD +loadmodule "htable.so" +loadmodule "pike.so" +#!endif + +#!ifdef WITH_XMLRPC +loadmodule "xmlrpc.so" +#!endif + +#!ifdef WITH_DEBUG +loadmodule "debugger.so" +#!endif + +# ----------------- setting module-specific parameters --------------- + + +# ----- mi_fifo params ----- +modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo") + + +# ----- tm params ----- +# auto-discard branches from previous serial forking leg +modparam("tm", "failure_reply_mode", 3) +# default retransmission timeout: 30sec +modparam("tm", "fr_timer", 30000) +# default invite retransmission timeout after 1xx: 120sec +modparam("tm", "fr_inv_timer", 120000) + + +# ----- rr params ----- +# add value to ;lr param to cope with most of the UAs +modparam("rr", "enable_full_lr", 1) +# do not append from tag to the RR (no need for this script) +modparam("rr", "append_fromtag", 0) + + +# ----- registrar params ----- +modparam("registrar", "method_filtering", 1) +/* uncomment the next line to disable parallel forking via location */ +# modparam("registrar", "append_branches", 0) +/* uncomment the next line not to allow more than 10 contacts per AOR */ +#modparam("registrar", "max_contacts", 10) +# max value for expires of registrations +modparam("registrar", "max_expires", 120) +# set it to 1 to enable GRUU Globally routable user agent URI +modparam("registrar", "gruu_enabled", 0) + + +# ----- acc params ----- +/* what special events should be accounted ? */ +modparam("acc", "early_media", 0) +modparam("acc", "report_ack", 0) +modparam("acc", "report_cancels", 0) +/* by default ww do not adjust the direct of the sequential requests. + if you enable this parameter, be sure the enable "append_fromtag" + in "rr" module */ +modparam("acc", "detect_direction", 0) +/* account triggers (flags) */ +modparam("acc", "log_flag", FLT_ACC) +modparam("acc", "log_missed_flag", FLT_ACCMISSED) +modparam("acc", "log_extra", + "src_user=$fU;src_domain=$fd;src_ip=$si;" + "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") +modparam("acc", "failed_transaction_flag", FLT_ACCFAILED) +/* enhanced DB accounting */ +#!ifdef WITH_ACCDB +modparam("acc", "db_flag", FLT_ACC) +modparam("acc", "db_missed_flag", FLT_ACCMISSED) +modparam("acc", "db_url", DBURL) +modparam("acc", "db_extra", + "src_user=$fU;src_domain=$fd;src_ip=$si;" + "dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") +#!endif + + +# ----- usrloc params ----- +/* enable DB persistency for location entries */ +#!ifdef WITH_USRLOCDB +modparam("usrloc", "db_url", DBURL) +modparam("usrloc", "db_mode", 2) +modparam("usrloc", "use_domain", MULTIDOMAIN) +#!endif + + +# ----- auth_db params ----- +#!ifdef WITH_AUTH +modparam("auth_db", "db_url", DBURL) +modparam("auth_db", "calculate_ha1", yes) +modparam("auth_db", "password_column", "password") +modparam("auth_db", "load_credentials", "") +modparam("auth_db", "use_domain", MULTIDOMAIN) + +# ----- permissions params ----- +#!ifdef WITH_IPAUTH +modparam("permissions", "db_url", DBURL) +modparam("permissions", "db_mode", 1) +#!endif + +#!endif + + +# ----- alias_db params ----- +#!ifdef WITH_ALIASDB +modparam("alias_db", "db_url", DBURL) +modparam("alias_db", "use_domain", MULTIDOMAIN) +#!endif + + +# ----- speeddial params ----- +#!ifdef WITH_SPEEDDIAL +modparam("speeddial", "db_url", DBURL) +modparam("speeddial", "use_domain", MULTIDOMAIN) +#!endif + + +# ----- domain params ----- +#!ifdef WITH_MULTIDOMAIN +modparam("domain", "db_url", DBURL) +# register callback to match myself condition with domains list +modparam("domain", "register_myself", 1) +#!endif + + +#!ifdef WITH_PRESENCE +# ----- presence params ----- +modparam("presence", "db_url", DBURL) + +# ----- presence_xml params ----- +modparam("presence_xml", "db_url", DBURL) +modparam("presence_xml", "force_active", 1) +#!endif + + +#!ifdef WITH_NAT +# ----- rtpproxy params ----- +modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722") + +# ----- nathelper params ----- +modparam("nathelper", "natping_interval", 30) +modparam("nathelper", "ping_nated_only", 1) +modparam("nathelper", "sipping_bflag", FLB_NATSIPPING) +modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org") + +# params needed for NAT traversal in other modules +modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") +modparam("usrloc", "nat_bflag", FLB_NATB) +#!endif + + +#!ifdef WITH_TLS +# ----- tls params ----- +modparam("tls", "config", "/etc/kamailio/tls.cfg") +#!endif + +#!ifdef WITH_WEBSOCKETS +# ----- nathelper params ----- +modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") +# Note: leaving NAT pings turned off here as nathelper is _only_ being used for +# WebSocket connections. NAT pings are not needed as WebSockets have +# their own keep-alives. +#!endif + +#!ifdef WITH_MSRP +# ----- htable params ----- +modparam("htable", "htable", "msrp=>size=8;autoexpire=MSRP_MAX_EXPIRES;") +#!endif + +#!ifdef WITH_ANTIFLOOD +# ----- pike params ----- +modparam("pike", "sampling_time_unit", 2) +modparam("pike", "reqs_density_per_unit", 16) +modparam("pike", "remove_latency", 4) + +# ----- htable params ----- +# ip ban htable with autoexpire after 5 minutes +modparam("htable", "htable", "ipban=>size=8;autoexpire=300;") +#!endif + +#!ifdef WITH_XMLRPC +# ----- xmlrpc params ----- +modparam("xmlrpc", "route", "XMLRPC"); +modparam("xmlrpc", "url_match", "^/RPC") +#!endif + +#!ifdef WITH_DEBUG +# ----- debugger params ----- +modparam("debugger", "cfgtrace", 1) +#!endif + +####### Routing Logic ######## + + +# Main SIP request routing logic + +request_route { + + # per request initial checks + route(REQINIT); + +#!ifdef WITH_WEBSOCKETS + if (nat_uac_test(64)) { + # NAT traversal stuff for requests from a WebSocket + force_rport(); + if (is_method("REGISTER")) { + fix_nated_register(); + } else { + if (!add_contact_alias()) { + xlog("L_ERR", "Error aliasing contact <$ct>\n"); + sl_send_reply("400", "Bad Request"); + exit; + } + } + } +#!endif + + # NAT detection + route(NATDETECT); + + # CANCEL processing + if (is_method("CANCEL")) + { + if (t_check_trans()) { + route(RELAY); + } + exit; + } + + # handle requests within SIP dialogs + route(WITHINDLG); + + ### here on, only initial requests (no To tag) can pass + + t_check_trans(); + + # authentication + route(AUTH); + + # record routing for dialog forming requests (in case they are routed) + # - remove preloaded route headers + remove_hf("Route"); + if (is_method("INVITE|SUBSCRIBE")) + record_route(); + + # account only INVITEs + if (is_method("INVITE")) + { + setflag(FLT_ACC); # do accounting + } + + # dispatch requests to foreign domains + route(SIPOUT); + + ### requests for my local domains + + # handle presence related requests + route(PRESENCE); + + # handle registrations + route(REGISTRAR); + + if ($rU==$null) + { + # request with no Username in RURI + sl_send_reply("484","Address Incomplete"); + exit; + } + + # dispatch destinations to PSTN + route(PSTN); + + # user location service + route(LOCATION); +} + + +route[RELAY] { + + # enable additional event routes for forwarded requests + if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { + if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH"); + } + if (is_method("INVITE|SUBSCRIBE|UPDATE")) { + if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY"); + } + if (is_method("INVITE")) { + if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE"); + } + + if (!t_relay()) { + sl_reply_error(); + } + exit; +} + +# Per SIP request initial checks +route[REQINIT] { +#!ifdef WITH_ANTIFLOOD + # flood dection from same IP and traffic ban + if(src_ip!=myself) + { + if($sht(ipban=>$si)!=$null) + { + # ip is already blocked + xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n"); + exit; + } + if (!pike_check_req()) + { + xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n"); + $sht(ipban=>$si) = 1; + exit; + } + } +#!endif + + if (!mf_process_maxfwd_header("10")) { + sl_send_reply("483","Too Many Hops"); + exit; + } + + if(!sanity_check("1511", "7")) + { + xlog("Malformed SIP message from $si:$sp\n"); + exit; + } +} + +# Handle requests within SIP dialogs +route[WITHINDLG] { + if (has_totag()) { + # sequential request withing a dialog should take the path determined by record-routing + if (loose_route()) { +#!ifdef WITH_WEBSOCKETS + if ($du == "") { + if (!handle_ruri_alias()) { + xlog("L_ERR", "Bad alias <$ru>\n"); + sl_send_reply("400", "Bad Request"); + exit; + } + } +#!endif + route(DLGURI); + if (is_method("BYE")) { + setflag(FLT_ACC); # do accounting ... + setflag(FLT_ACCFAILED); # ... even if the transaction fails + } + else if ( is_method("ACK") ) { + # ACK is forwarded statelessy + route(NATMANAGE); + } + else if ( is_method("NOTIFY") ) { + # Add Record-Route for in-dialog NOTIFY as per RFC 6665. + record_route(); + } + route(RELAY); + } else { + if (is_method("SUBSCRIBE") && uri == myself) { + # in-dialog subscribe requests + route(PRESENCE); + exit; + } + if ( is_method("ACK") ) { + if ( t_check_trans() ) { + # no loose-route, but stateful ACK; + route(RELAY); + exit; + } else { + # ACK without matching transaction, ignore and discard + exit; + } + } + sl_send_reply("404","Not here"); + } + exit; + } +} + +# Handle SIP registrations +route[REGISTRAR] { + if (is_method("REGISTER")) + { + if(isflagset(FLT_NATS)) + { + setbflag(FLB_NATB); + # uncomment next line to do SIP NAT pinging + ## setbflag(FLB_NATSIPPING); + } + if (!save("location")) + sl_reply_error(); + + exit; + } +} + +# USER location service +route[LOCATION] { + +#!ifdef WITH_SPEEDDIAL + # search for short dialing - 2-digit extension + if($rU=~"^[0-9][0-9]$") + if(sd_lookup("speed_dial")) + route(SIPOUT); +#!endif + +#!ifdef WITH_ALIASDB + # search in DB-based aliases + if(alias_db_lookup("dbaliases")) + route(SIPOUT); +#!endif + + $avp(oexten) = $rU; + if (!lookup("location")) { + $var(rc) = $rc; + route(TOVOICEMAIL); + t_newtran(); + switch ($var(rc)) { + case -1: + case -3: + send_reply("404", "Not Found"); + exit; + case -2: + send_reply("405", "Method Not Allowed"); + exit; + } + } + + # when routing via usrloc, log the missed calls also + if (is_method("INVITE")) + { + setflag(FLT_ACCMISSED); + } + + route(RELAY); + exit; +} + +# Presence server route +route[PRESENCE] { + if(!is_method("PUBLISH|SUBSCRIBE")) + return; + +#!ifdef WITH_PRESENCE + if (!t_newtran()) + { + sl_reply_error(); + exit; + }; + + if(is_method("PUBLISH")) + { + handle_publish(); + t_release(); + } + else + if( is_method("SUBSCRIBE")) + { + handle_subscribe(); + t_release(); + } + exit; +#!endif + + # if presence enabled, this part will not be executed + if (is_method("PUBLISH") || $rU==$null) + { + sl_send_reply("404", "Not here"); + exit; + } + return; +} + +# Authentication route +route[AUTH] { +#!ifdef WITH_AUTH + +#!ifdef WITH_IPAUTH + if((!is_method("REGISTER")) && allow_source_address()) + { + # source IP allowed + return; + } +#!endif + + if (is_method("REGISTER") || from_uri==myself) + { + # authenticate requests + if (!auth_check("$fd", "subscriber", "1")) { + auth_challenge("$fd", "0"); + exit; + } + # user authenticated - remove auth header + if(!is_method("REGISTER|PUBLISH")) + consume_credentials(); + } + # if caller is not local subscriber, then check if it calls + # a local destination, otherwise deny, not an open relay here + if (from_uri!=myself && uri!=myself) + { + sl_send_reply("403","Not relaying"); + exit; + } + +#!endif + return; +} + +# Caller NAT detection route +route[NATDETECT] { +#!ifdef WITH_NAT + force_rport(); + if (nat_uac_test("19")) { + if (is_method("REGISTER")) { + fix_nated_register(); + } else { + add_contact_alias(); + } + setflag(FLT_NATS); + } +#!endif + return; +} + +# RTPProxy control +route[NATMANAGE] { +#!ifdef WITH_NAT + if (is_request()) { + if(has_totag()) { + if(check_route_param("nat=yes")) { + setbflag(FLB_NATB); + } + } + } + if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) + return; + + rtpproxy_manage(); + + if (is_request()) { + if (!has_totag()) { + add_rr_param(";nat=yes"); + } + } + if (is_reply()) { + if(isbflagset(FLB_NATB)) { + add_contact_alias(); + } + } +#!endif + return; +} + +# URI update for dialog requests +route[DLGURI] { +#!ifdef WITH_NAT + if(!isdsturiset()) { + handle_ruri_alias(); + } +#!endif + return; +} + +# Routing to foreign domains +route[SIPOUT] { + if (!uri==myself) + { + append_hf("P-hint: outbound\r\n"); + route(RELAY); + } +} + +# PSTN GW routing +route[PSTN] { +#!ifdef WITH_PSTN + # check if PSTN GW IP is defined + if (strempty($sel(cfg_get.pstn.gw_ip))) { + xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n"); + return; + } + + # route to PSTN dialed numbers starting with '+' or '00' + # (international format) + # - update the condition to match your dialing rules for PSTN routing + if(!($rU=~"^(\+|00)[1-9][0-9]{3,20}$")) + return; + + # only local users allowed to call + if(from_uri!=myself) { + sl_send_reply("403", "Not Allowed"); + exit; + } + + if (strempty($sel(cfg_get.pstn.gw_port))) { + $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip); + } else { + $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip) + ":" + + $sel(cfg_get.pstn.gw_port); + } + + route(RELAY); + exit; +#!endif + + return; +} + +# XMLRPC routing +#!ifdef WITH_XMLRPC +route[XMLRPC] { + # allow XMLRPC from localhost + if ((method=="POST" || method=="GET") && (src_ip==127.0.0.1)) { + # close connection only for xmlrpclib user agents (there is a bug in + # xmlrpclib: it waits for EOF before interpreting the response). + if ($hdr(User-Agent) =~ "xmlrpclib") + set_reply_close(); + set_reply_no_connect(); + dispatch_rpc(); + exit; + } + send_reply("403", "Forbidden"); + exit; +} +#!endif + +# route to voicemail server +route[TOVOICEMAIL] { +#!ifdef WITH_VOICEMAIL + if(!is_method("INVITE")) + return; + + # check if VoiceMail server IP is defined + if (strempty($sel(cfg_get.voicemail.srv_ip))) { + xlog("SCRIPT: VoiceMail rotuing enabled but IP not defined\n"); + return; + } + if($avp(oexten)==$null) + return; + + $ru = "sip:" + $avp(oexten) + "@" + $sel(cfg_get.voicemail.srv_ip) + + ":" + $sel(cfg_get.voicemail.srv_port); + route(RELAY); + exit; +#!endif + + return; +} + +# manage outgoing branches +branch_route[MANAGE_BRANCH] { + xdbg("new branch [$T_branch_idx] to $ru\n"); + route(NATMANAGE); +} + +# manage incoming replies +onreply_route[MANAGE_REPLY] { + xdbg("incoming reply\n"); + if(status=~"[12][0-9][0-9]") + route(NATMANAGE); +} + +# manage failure routing cases +failure_route[MANAGE_FAILURE] { + route(NATMANAGE); + + if (t_is_canceled()) { + exit; + } + +#!ifdef WITH_BLOCK3XX + # block call redirect based on 3xx replies. + if (t_check_status("3[0-9][0-9]")) { + t_reply("404","Not found"); + exit; + } +#!endif + +#!ifdef WITH_VOICEMAIL + # serial forking - route to voicemail on busy or no answer (timeout) + if (t_check_status("486|408")) { + route(TOVOICEMAIL); + exit; + } +#!endif +} + +#!ifdef WITH_WEBSOCKETS +onreply_route { + if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT) + && !(proto == WS || proto == WSS)) || $Rp == MY_MSRP_PORT) { + xlog("L_WARN", "SIP response received on $Rp\n"); + drop; + exit; + } + + if (nat_uac_test(64)) { + # Do NAT traversal stuff for replies to a WebSocket connection + # - even if it is not behind a NAT! + # This won't be needed in the future if Kamailio and the + # WebSocket client support Outbound and Path. + add_contact_alias(); + } +} + +event_route[xhttp:request] { + set_reply_close(); + set_reply_no_connect(); + + if ($Rp != MY_WS_PORT +#!ifdef WITH_TLS + && $Rp != MY_WSS_PORT +#!endif + ) { + xlog("L_WARN", "HTTP request received on $Rp\n"); + xhttp_reply("403", "Forbidden", "", ""); + exit; + } + + xlog("L_DBG", "HTTP Request Received\n"); + + if ($hdr(Upgrade)=~"websocket" + && $hdr(Connection)=~"Upgrade" + && $rm=~"GET") { + + # Validate Host - make sure the client is using the correct alias for WebSockets + if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) { + xlog("L_WARN", "Bad host $hdr(Host)\n"); + xhttp_reply("403", "Forbidden", "", ""); + exit; + } + + # Optional... validate Origin - make sure the client is from an + # authorised website. For example, + # + # if ($hdr(Origin) != "http://communicator.MY_DOMAIN" + # && $hdr(Origin) != "https://communicator.MY_DOMAIN") { + # xlog("L_WARN", "Unauthorised client $hdr(Origin)\n"); + # xhttp_reply("403", "Forbidden", "", ""); + # exit; + # } + + # Optional... perform HTTP authentication + + # ws_handle_handshake() exits (no further configuration file + # processing of the request) when complete. + if (ws_handle_handshake()) + { + # Optional.. cache some information about the successful connection + exit; + } + } + + xhttp_reply("404", "Not Found", "", ""); +} + +event_route[websocket:closed] { + xlog("L_INFO", "WebSocket connection from $si:$sp has closed\n"); +} +#!endif + +#!ifdef WITH_MSRP +event_route[msrp:frame-in] { + msrp_reply_flags("1"); + + if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT) + && !(proto == WS || proto == WSS)) && $Rp != MY_MSRP_PORT) { + xlog("L_WARN", "MSRP request received on $Rp\n"); + msrp_reply("403", "Action-not-allowed"); + exit; + } + + if (msrp_is_reply()) { + msrp_relay(); + } else if($msrp(method)=="AUTH") { + if($msrp(nexthops)>0) { + msrp_relay(); + exit; + } + + if (!www_authenticate("MY_DOMAIN", "subscriber", + "$msrp(method)")) { + if (auth_get_www_authenticate("MY_DOMAIN", "1", + "$var(wauth)")) { + msrp_reply("401", "Unauthorized", + "$var(wauth)"); + } else { + msrp_reply("500", "Server Error"); + } + exit; + } + + if ($hdr(Expires) != $null) { + $var(expires) = (int) $hdr(Expires); + if ($var(expires) < MSRP_MIN_EXPIRES) { + msrp_reply("423", "Interval Out-of-Bounds", + "Min-Expires: MSRP_MIN_EXPIRES\r\n"); + exit; + } else if ($var(expires) > MSRP_MAX_EXPIRES) { + msrp_reply("423", "Interval Out-of-Bounds", + "Max-Expires: MSRP_MAX_EXPIRES\r\n"); + exit; + } + } else { + $var(expires) = MSRP_MAX_EXPIRES; + } + + $var(cnt) = $var(cnt) + 1; + pv_printf("$var(sessid)", "s.$(pp).$(var(cnt)).$(RANDOM)"); + $sht(msrp=>$var(sessid)::srcaddr) = $msrp(srcaddr); + $sht(msrp=>$var(sessid)::srcsock) = $msrp(srcsock); + $shtex(msrp=>$var(sessid)) = $var(expires) + 5; + # - Use-Path: the MSRP address for server + session id + $var(hdrs) = "Use-Path: msrps://MY_IP_ADDR:MY_MSRP_PORT/" + + $var(sessid) + ";tcp\r\n" + + "Expires: " + $var(expires) + "\r\n"; + msrp_reply("200", "OK", "$var(hdrs)"); + } else if ($msrp(method)=="SEND" || $msrp(method)=="REPORT") { + if ($msrp(nexthops)>1) { + if ($msrp(method)!="REPORT") { + msrp_reply("200", "OK"); + } + msrp_relay(); + exit; + } + $var(sessid) = $msrp(sessid); + if ($sht(msrp=>$var(sessid)::srcaddr) == $null) { + # one more hop, but we don't have address in htable + msrp_reply("481", "Session-does-not-exist"); + exit; + } else if ($msrp(method)!="REPORT") { + msrp_reply("200", "OK"); + } + msrp_relay_flags("1"); + msrp_set_dst("$sht(msrp=>$var(sessid)::srcaddr)", + "$sht(msrp=>$var(sessid)::srcsock)"); + msrp_relay(); + } else { + msrp_reply("501", "Request-method-not-understood"); + } +} +#!endif \ No newline at end of file diff --git a/Record routing/README.md b/record_routing/README.md similarity index 99% rename from Record routing/README.md rename to record_routing/README.md index dc1ccbd..9765027 100644 --- a/Record routing/README.md +++ b/record_routing/README.md @@ -1,3 +1,4 @@ +# Record Routing ## To setup a call , use sipp UAS server diff --git a/Record routing/kamailio_record_route.cfg b/record_routing/kamailio_record_route.cfg similarity index 98% rename from Record routing/kamailio_record_route.cfg rename to record_routing/kamailio_record_route.cfg index 4a65d7f..4fc136e 100644 --- a/Record routing/kamailio_record_route.cfg +++ b/record_routing/kamailio_record_route.cfg @@ -30,7 +30,7 @@ children=4 log_facility=LOG_LOCAL0 log_prefix="{$mt $hdr(CSeq) $ci} " -#listen=10.130.42.37 +#listen=kamailio_pvtip port=5060 mpath = "/usr/local/lib64/kamailio/modules/:/usr/lib/x86_64-linux-gnu/kamailio/modules/" diff --git a/sipcapture_siptrace_homer/README.md b/sipcapture_siptrace_homer/README.md deleted file mode 100644 index 528b7ac..0000000 --- a/sipcapture_siptrace_homer/README.md +++ /dev/null @@ -1,102 +0,0 @@ - -## sipcapture module - -Listens to traffic and saves incoming messages to the database -kamailio Homer's sipcapture module allows native support for HEPv1/v2, IPIP Encapsulation protocols and switch mirroring/monitoring port traffic. - -Kamailio can be configured either as -- Capture Agent (siptrace module) sampling and forwarding packets -- Capture Node (sipcapture module) collecting, indexing and storing SIP packets as received from the available Capture Agents (HEP), SBCs (IPIP) or directly from the ethernet wire. - -A stand-alone capture agent (captagent) is provided enabling HEP encapsulation for unsupported systems and soft-switches. - -### sipcapture vs siptrace - -Sender or server with sip trace module - lets you capture sip tarffic to database. Using HEP protocol messages can be send form one server to another server over the network. - -Receiver or server with sip capture module - can listens to traffic and saves incoming messages to the database. can filter which messages you want to save in a normal Kamailio routing script - -## homer -open source software -selfcontained SIP Analysis and Troubleshooting environment -capture SIP messages from a running Kamailio production server or from a mirrored port in a switch in your network - -###features of homer -can generate searchable database of your SIP traffic -visual diagrams of individual SIP sessions -centralized access to present and past signaling & stats -Full SIP/SDP payload with precise timestamping -Automatic correlation of sessions and reports -Visual representation of multi session call-flows -Fast detection of usage and system anomalies - -sender captures traffic and forwards to a receiver. For homer we need a database and a web server with PHP support. - -### HOMER server installation -using bash script approach on debian 9 or centos 7 -``` -cd /usr/src -wget https://cdn.rawgit.com/sipcapture/homer-installer/master/homer_installer.sh -chmod +x homer_installer.sh -./homer_installer.sh -``` -end of installation should look like -``` -************************************************************ - ,;;;;, - ;;;;;;;;. Congratulations! HOMER has been installed! - ;;;;;;;;;;;; - ;;;; ;; ;;;; <--------------- INVITE --------------- - ;;;; ;; ;;;; --------------- 200 OK ---------------> - ;;;; .. ;;;; - ;;;; ;;;; Your system should be now ready to rock! - ;;;; ;; ;;;; Please verify/complete the configuration - ,;;; ;; ;;;; files generated by the installer below. - ;;;;;;;;;;;; - :;;;;;;;;; THIS SCRIPT IS PROVIDED AS-IS, USE AT - ;;;;;;;; YOUR *OWN* RISK, REVIEW LICENSE & DOCS - -************************************************************* - - * Verify configuration for HOMER-API: - '/api/configuration.php' - '/api/preferences.php' - - * Start/stop Homer SIP Capture: - 'systemtcl start|stop heplify' - - * Access HOMER UI: - http://10.130.74.199 - [default: admin/sipcapture] - - * Send HEP/EEP Encapsulated Packets: - hep://10.130.74.199:9060 -``` -## Install kamailio with sip capture - -Depedencies bison , flex -``` - apt-get install bison flex -``` - -for mysql server and client to get mysql.h file , if libmysqlclient-dev is not working -like it wsnt for me on debian 9 on AWS (Package 'libmysqlclient-dev' has no installation candidate) , then -Look into apt-cache -``` ->apt-cache search libmysqlclient -``` -from the list choose choose any candidate such as default-libmysqlclient-dev - -Then get kamaikio source code , build and install -``` -git clone --depth 1 https://github.com/kamailio/kamailio kamailio -cd kamailio; -make FLAVOUR=kamailio include_modules="db_mysql sipcapture pv textops rtimer xlog sqlops htable sl siputils" cfg -make all && make install -``` - -Ref : -HOMER - https://www.kamailio.org/w/2013/02/tips-homer/ -homer bash installer - https://github.com/sipcapture/homer-installer#page_with_curl-bash-installer -sip capture homer - https://github.com/sipcapture/homer/wiki/Examples%3A-Kamailio -sipcapture sorce code - https://github.com/sipcapture/ \ No newline at end of file diff --git a/sipcapture_siptrace_homer/sipcapture_capturenode.cfg b/sipcapture_siptrace_homer/sipcapture_capturenode.cfg deleted file mode 100644 index f6c076e..0000000 --- a/sipcapture_siptrace_homer/sipcapture_capturenode.cfg +++ /dev/null @@ -1,75 +0,0 @@ -!KAMAILIO -# -####### Global Parameters ######### -debug=1 -log_stderror=no -memdbg=5 -memlog=5 -log_facility=LOG_LOCAL0 -fork=yes -children=5 -disable_tcp=yes - -/* IP and port for HEP capturing) */ -listen=udp:10.0.0.1:9060 - -/* enable it only in mirroring scenario, not for HEP! */ -/* #!define SIPCAPTURE_MIRRORING_PORT */ - -mpath="/usr/local/lib64/kamailio/modules_k/:/usr/local/lib64/kamailio/modules/" - -loadmodule "pv.so" -loadmodule "db_mysql.so" -loadmodule "sipcapture.so" - -# ----- mi_fifo params ----- - -####### Routing Logic ######## -modparam("sipcapture", "db_url", "mysql://homer:password@localhost/homer_data") -modparam("sipcapture", "capture_on", 1) -modparam("sipcapture", "table_name", "sip_capture") -modparam("sipcapture", "hep_capture_on", 1) -modparam("siptrace", "hep_capture_id", 301) -modparam("siptrace", "hep_version", 2) - -#!ifdef SIPCAPTURE_MIRRORING_PORT -/* IP to listen. Port/Portrange apply only on mirroring port capturing */ -modparam("sipcapture", "raw_socket_listen", "192.168.254.1:5060-5080") -/* Name of interface to bind on raw socket */ -modparam("sipcapture", "raw_interface", "eth1") -/* activate monitoring/mirroring port capturing */ -modparam("sipcapture", "raw_moni_capture_on", 1) -/* children for raw socket */ -modparam("sipcapture", "raw_sock_children", 4) - -/* Linux only */ -/* Promiscious mode RAW socket. Mirroring port. */ -modparam("sipcapture", "promiscious_on", 1) -/* activate BPF */ -modparam("sipcapture", "raw_moni_bpf_on", 1) - -#endif - -/* insert delayed */ -#modparam("sipcapture", "db_insert_mode", 1) - - -# Main SIP request routing logic -# - processing of any incoming SIP request starts with this route -route { - - #For example, you can capture only needed methods... - if (!(method =~ "^(NOTIFY|SUBSCRIBE|OPTIONS)"))) { - sip_capture(); - } - drop; -} - -onreply_route { - - #And replies of request methods - if(!($rm =~ "^(NOTIFY|SUBSCRIBE|OPTIONS)")) { - sip_capture(); - } - drop; -} diff --git a/sipcapture_siptrace_homer/siptrace_tracenode.cfg b/sipcapture_siptrace_homer/siptrace_tracenode.cfg deleted file mode 100644 index 92c0c0c..0000000 --- a/sipcapture_siptrace_homer/siptrace_tracenode.cfg +++ /dev/null @@ -1,76 +0,0 @@ -#!KAMAILIO - -debug=1 -log_stderror=no - -memdbg=5 -memlog=5 - -log_facility=LOG_LOCAL0 - -fork=yes -children=4 - -disable_tcp=yes - -listen=udp:192.168.0.1:5060 - -/* port to listen to - * - can be specified more than once if needed to listen on many ports */ -port=5060 - -####### Modules Section ######## - -mpath="/usr/local/lib64/kamailio/modules_k/:/usr/local/lib64/kamailio/modules/" - -loadmodule "mi_fifo.so" -loadmodule "kex.so" -loadmodule "tm.so" -loadmodule "sl.so" -loadmodule "rr.so" -loadmodule "pv.so" -loadmodule "maxfwd.so" -loadmodule "xlog.so" -loadmodule "textops.so" -loadmodule "siputils.so" -loadmodule "siptrace.so" - - -modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo") -modparam("tm", "failure_reply_mode", 3) -modparam("tm", "fr_timer", 30000) -modparam("tm", "fr_inv_timer", 120000) -modparam("rr", "enable_full_lr", 1) -modparam("rr", "append_fromtag", 0) - -#Siptrace -modparam("siptrace", "duplicate_uri", "sip:10.0.0.1:9060") -modparam("siptrace", "hep_mode_on", 1) -modparam("siptrace", "trace_to_database", 0) -modparam("siptrace", "trace_flag", 22) -modparam("siptrace", "trace_on", 1) -modparam("siptrace", "hep_version", 3) - -####### Routing Logic ######## - -# Main SIP request routing logic -# - processing of any incoming SIP request starts with this route -route { - - .... - #start duplicate the SIP message now - sip_trace(); - - setflag(22); - - .... - route(RELAY); -} - -route[RELAY] { - - if (!t_relay()) { - sl_reply_error(); - } - exit; -} diff --git a/webrtc_to_sip_ipv4_ipv6_with_rtpengine/README.md b/webrtc_to_sip_ipv4_ipv6_with_rtpengine/README.md new file mode 100644 index 0000000..ac181ae --- /dev/null +++ b/webrtc_to_sip_ipv4_ipv6_with_rtpengine/README.md @@ -0,0 +1,45 @@ +# WebRTC to SIP + + +Issues : unistr.h: No such file or directory +Solution its is unicode file install it by typing +``` +apt-get install libunistring-dev +``` + + + +Ref: +https://github.com/havfo/WEBRTC-to-SIP/blob/master/etc/kamailio/kamailio.cfg + +https://stackoverflow.com/questions/44612215/kamailiortpenginesip-js-failed-to-set-remote-answer-sdp-called-with-sdp-witho + + + + +https://github.com/caruizdiaz/kamailio-ws + + if ($ru =~ "transport=ws") { + xlog("L_INFO", "Request going to WS"); + if(sdp_with_transport("RTP/SAVPF")) { + rtpengine_manage("force trust-address replace-origin replace-session-connection ICE=force"); + t_on_reply("REPLY_WS_TO_WS"); + return; + } + +# rtpengine_manage("froc+SP"); + rtpengine_manage("force trust-address replace-origin replace-session-connection ICE=force RTP/SAVPF"); + t_on_reply("REPLY_FROM_WS"); + } + else if ($proto =~ "ws") { + xlog("L_INFO", "Request coming from WS"); +# rtpengine_manage("froc-sp"); + rtpengine_manage("force trust-address replace-origin replace-session-connection ICE=remove RTP/AVP"); + t_on_reply("REPLY_TO_WS"); + } + else { + xlog("L_INFO", "This is a classic phone call"); +# rtpengine_manage("co"); + rtpengine_manage("replace-origin replace-session-connection"); + t_on_reply("MANAGE_CLASSIC_REPLY"); + } \ No newline at end of file diff --git a/webrtc_to_sip_ipv4_ipv6_with_rtpengine/tls.cfg b/webrtc_to_sip_ipv4_ipv6_with_rtpengine/tls.cfg new file mode 100644 index 0000000..e69de29 diff --git a/webrtc_to_sip_ipv4_ipv6_with_rtpengine/webrtc_to_sip_kamailio.cfg b/webrtc_to_sip_ipv4_ipv6_with_rtpengine/webrtc_to_sip_kamailio.cfg new file mode 100644 index 0000000..18f87fc --- /dev/null +++ b/webrtc_to_sip_ipv4_ipv6_with_rtpengine/webrtc_to_sip_kamailio.cfg @@ -0,0 +1,894 @@ +#!KAMAILIO +# + +#!define WITH_MYSQL +#!define WITH_AUTH +#!define WITH_USRLOCDB +#!define WITH_TLS +#!define WITH_HOMER +#!define WITH_WEBSOCKETS +#!define WITH_ANTIFLOOD +#!define WITH_IPV6 +##!define WITH_BRIDGE_ON_FAIL +#!define WITH_LOCALHOST_WS +##!define WITH_LOCALHOST_SIP + +#!substdef "!MY_SIP_PORT!5060!g" +#!substdef "!MY_SIPS_PORT!5061!g" +#!substdef "!MY_WS_PORT!8080!g" +#!substdef "!MY_WSS_PORT!4443!g" + +#!substdef "!MY_IP4_ADDR!!g" +#!substdef "!MY_EXTERNAL_IP!!g" +#!substdef "!IP4_LOCALHOST!127.0.0.1!g" +#!substdef "!MY_WS4_ADDR!tcp:MY_IP4_ADDR:MY_WS_PORT!g" +#!substdef "!MY_WSS4_ADDR!tls:MY_IP4_ADDR:MY_WSS_PORT!g" +#!substdef "!LOCALHOST_WS4_ADDR!tcp:IP4_LOCALHOST:MY_WS_PORT!g" +#!substdef "!LOCALHOST_WSS4_ADDR!tls:IP4_LOCALHOST:MY_WSS_PORT!g" + +#!ifdef WITH_IPV6 +#!substdef "!MY_IP6_ADDR![XXXXXX-XXXXXX]!g" +#!substdef "!IP6_LOCALHOST![::1]!g" +#!substdef "!MY_WS6_ADDR!tcp:MY_IP6_ADDR:MY_WS_PORT!g" +#!substdef "!MY_WSS6_ADDR!tls:MY_IP6_ADDR:MY_WSS_PORT!g" +#!substdef "!LOCALHOST_WS6_ADDR!tcp:IP6_LOCALHOST:MY_WS_PORT!g" +#!substdef "!LOCALHOST_WSS6_ADDR!tls:IP6_LOCALHOST:MY_WSS_PORT!g" +#!endif + +#!substdef "!MY_DOMAIN!XXXX-XXXX!g" + +# *** Value defines - IDs used later in config +#!ifdef WITH_MYSQL +# - database URL - used to connect to database server by modules such +# as: auth_db, acc, usrloc, a.s.o. +#!ifndef DBURL +#!define DBURL "mysql://kamailio:kamailiorw@localhost/kamailio" +#!endif +#!endif + +# - flags +# FLT_ - per transaction (message) flags +# FLB_ - per branch flags +#!define FLT_NATS 5 + +#!define FLB_NATB 6 +#!define FLB_NATSIPPING 7 +#!define FLB_RTPWS 8 +#!define FLB_IPV6 9 +#!define FLB_V4V6 10 +#!define FLB_BRIDGE 11 + +####### Global Parameters ######### + +### LOG Levels: 3=DBG, 2=INFO, 1=NOTICE, 0=WARN, -1=ERR +#!ifdef WITH_DEBUG +debug=4 +log_stderror=no +#!else +debug=2 +log_stderror=no +#!endif + +memdbg=5 +memlog=5 + +log_facility=LOG_LOCAL0 + +fork=yes +children=4 + +port=MY_SIP_PORT +tls_port_no=MY_SIPS_PORT + +#!ifdef WITH_TLS +enable_tls=yes +#!endif + + +listen=udp:MY_IP4_ADDR:MY_SIP_PORT advertise MY_EXTERNAL_IP:MY_SIP_PORT +listen=udp:MY_IP4_ADDR:MY_SIPS_PORT advertise MY_EXTERNAL_IP:MY_SIPS_PORT +#listen=MY_IP4_ADDR +#!ifdef WITH_LOCALHOST_SIP +listen=IP4_LOCALHOST +#!endif +#!ifdef WITH_IPV6 +listen=MY_IP6_ADDR +#!ifdef WITH_LOCALHOST_SIP +listen=IP6_LOCALHOST +#!endif +#!endif + +#!ifdef WITH_WEBSOCKETS +listen=MY_WS4_ADDR +#!ifdef WITH_LOCALHOST_WS +listen=LOCALHOST_WS4_ADDR +#!endif +#!ifdef WITH_IPV6 +listen=MY_WS6_ADDR +#!ifdef WITH_LOCALHOST_WS +listen=LOCALHOST_WS6_ADDR +#!endif +#!endif + +#!ifdef WITH_TLS +listen=MY_WSS4_ADDR +#!ifdef WITH_LOCALHOST_WS +listen=LOCALHOST_WSS4_ADDR +#!endif +#!ifdef WITH_IPV6 +listen=MY_WSS6_ADDR +#!ifdef WITH_LOCALHOST_WS +listen=LOCALHOST_WSS6_ADDR +#!endif +#!endif + +#!endif +#!endif + +use_dns_cache = on # Use KAMAILIO internal DNS cache +use_dns_failover = on # Depends on KAMAILIO internal DNS cache +dns_srv_loadbalancing = on # +dns_try_naptr = on # +dns_retr_time=1 # Time in seconds before retrying a DNS request +dns_retr_no=3 # Number of DNS retransmissions before giving up + +# Set protocol preference order - ignore target priority +dns_naptr_ignore_rfc= yes # Ignore target NAPTR priority +dns_tls_pref=50 # First priority: TLS +dns_tcp_pref=30 # Second priority: TCP +dns_udp_pref=10 # Third priority: UDP + +tcp_connection_lifetime=3604 +tcp_accept_no_cl=yes +tcp_rd_buf_size=16384 + + +# set paths to location of modules (to sources or installation folders) +#!ifdef WITH_SRCPATH +mpath="modules/" +#!else +mpath="/usr/lib/x86_64-linux-gnu/kamailio/modules/" +#!endif + +#!ifdef WITH_MYSQL +loadmodule "db_mysql.so" +#!endif + +loadmodule "kex.so" +loadmodule "corex.so" +loadmodule "tm.so" +loadmodule "tmx.so" +loadmodule "sl.so" +loadmodule "rr.so" +loadmodule "pv.so" +loadmodule "maxfwd.so" +loadmodule "usrloc.so" +loadmodule "registrar.so" +loadmodule "textops.so" +loadmodule "siputils.so" +loadmodule "xlog.so" +loadmodule "sanity.so" +loadmodule "ctl.so" +loadmodule "cfg_rpc.so" +loadmodule "sdpops.so" +loadmodule "textopsx.so" + +#!ifdef WITH_AUTH +loadmodule "auth.so" +loadmodule "auth_db.so" +#!ifdef WITH_IPAUTH +loadmodule "permissions.so" +#!endif +#!endif + +#!ifdef WITH_PRESENCE +loadmodule "presence.so" +loadmodule "presence_xml.so" +#!endif + +#!ifdef WITH_TLS +loadmodule "tls.so" +#!endif + +#!ifdef WITH_HOMER +loadmodule "siptrace.so" +#!endif + +#!ifdef WITH_WEBSOCKETS +loadmodule "xhttp.so" +loadmodule "websocket.so" +loadmodule "nathelper.so" +loadmodule "rtpengine.so" +#!endif + +#!ifdef WITH_ANTIFLOOD +loadmodule "htable.so" +loadmodule "pike.so" +#!endif + +#!ifdef WITH_DEBUG +loadmodule "debugger.so" +#!endif + +# ----------------- setting module-specific parameters --------------- + + +# ----- rr params ----- +# add value to ;lr param to cope with most of the UAs +modparam("rr", "enable_full_lr", 1) +# do not append from tag to the RR (no need for this script) +modparam("rr", "append_fromtag", 0) + + +# ----- registrar params ----- +modparam("registrar", "method_filtering", 1) +# max value for expires of registrations +modparam("registrar", "max_expires", 3600) + + +# ----- usrloc params ----- +/* enable DB persistency for location entries */ +#!ifdef WITH_USRLOCDB +modparam("usrloc", "db_url", DBURL) +modparam("usrloc", "db_mode", 2) +#!endif + + +# ----- auth_db params ----- +#!ifdef WITH_AUTH +modparam("auth_db", "db_url", DBURL) +modparam("auth_db", "calculate_ha1", 1) +modparam("auth_db", "password_column", "password") +modparam("auth_db", "load_credentials", "") +#!endif + +#!ifdef WITH_PRESENCE +# ----- presence params ----- +modparam("presence", "db_url", DBURL) + +# ----- presence_xml params ----- +modparam("presence_xml", "db_url", DBURL) +modparam("presence_xml", "force_active", 1) +#!endif + + +##!ifdef WITH_NAT +# ----- rtpproxy params ----- +modparam("rtpengine", "rtpengine_sock", "udp:127.0.0.1:22222") +modparam("rtpengine", "extra_id_pv", "$avp(extra_id)") + +# ----- nathelper params ----- +modparam("nathelper", "natping_interval", 30) +modparam("nathelper", "ping_nated_only", 1) +modparam("nathelper", "sipping_bflag", FLB_NATSIPPING) +modparam("nathelper", "sipping_from", "sip:pinger@XXXX-XXXX") +modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") +modparam("usrloc", "nat_bflag", FLB_NATB) +##!endif + +# ----- corex params ----- +modparam("corex", "alias_subdomains", "MY_DOMAIN") + +#!ifdef WITH_TLS +# ----- tls params ----- +modparam("tls", "config", "tls.cfg") +modparam("tls", "tls_force_run", 1) +#!endif + +#!ifdef WITH_WEBSOCKETS +modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") +#!endif + +#!ifdef WITH_HOMER +#Siptrace +modparam("siptrace", "duplicate_uri", "sip:127.0.0.1:9060") +modparam("siptrace", "hep_mode_on", 1) +modparam("siptrace", "trace_to_database", 0) +modparam("siptrace", "trace_flag", 22) +modparam("siptrace", "trace_on", 1) +#!endif + +#!ifdef WITH_ANTIFLOOD +# ----- pike params ----- +modparam("pike", "sampling_time_unit", 2) +modparam("pike", "reqs_density_per_unit", 16) +modparam("pike", "remove_latency", 4) + +# ----- htable params ----- +# ip ban htable with autoexpire after 5 minutes +modparam("htable", "htable", "ipban=>size=8;autoexpire=300;") +#!endif + +#!ifdef WITH_DEBUG +# ----- debugger params ----- +modparam("debugger", "cfgtrace", 1) +#!endif + +####### Routing Logic ######## +request_route { +#!ifdef WITH_HOMER + # start duplicate the SIP message here + sip_trace(); + setflag(22); +#!endif + + # per request initial checks + route(REQINIT); + + xlog("L_INFO", "START: $rm from $fu (IP:$si:$sp)\n"); + +#!ifdef WITH_WEBSOCKETS + if (nat_uac_test(64)) { + # Do NAT traversal stuff for requests from a WebSocket connection - even if it is not behind a NAT! + # This won't be needed in the future if Kamailio and the WebSocket client support Outbound and Path. + force_rport(); + if (is_method("REGISTER")) { + fix_nated_register(); + } else if (!add_contact_alias()) { + xlog("L_ERR", "Error aliasing contact <$ct>\n"); + sl_send_reply("400", "Bad Request"); + exit; + } + } +#!endif + + # NAT detection + route(NATDETECT); + + # CANCEL processing + if (is_method("CANCEL")) { + if (t_check_trans()) { + route(RELAY); + } + exit; + } + + # handle requests within SIP dialogs + route(WITHINDLG); + + ### only initial requests (no To tag) + + t_check_trans(); + + # authentication + #route(AUTH); + + # record routing for dialog forming requests (in case they are routed) + # - remove preloaded route headers + remove_hf("Route"); + if (is_method("INVITE|SUBSCRIBE")) { + record_route(); + } + + # dispatch requests to foreign domains + route(SIPOUT); + + ### requests for my local domains + + # handle presence related requests + route(PRESENCE); + + # handle registrations + route(REGISTRAR); + + if ($rU == $null) { + # request with no Username in RURI + sl_send_reply("484","Address Incomplete"); + exit; + } + + # user location service + route(LOCATION); +} + +# Wrapper for relaying requests +route[RELAY] { + # enable additional event routes for forwarded requests + # - serial forking, RTP relaying handling, a.s.o. + if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { + if (!t_is_set("branch_route")) { + t_on_branch("MANAGE_BRANCH"); + } + } + + if (is_method("INVITE|SUBSCRIBE|UPDATE")) { + if (!t_is_set("onreply_route")) { + t_on_reply("MANAGE_REPLY"); + } + } + + if (is_method("INVITE")) { + if (!t_is_set("failure_route")) { + t_on_failure("MANAGE_FAILURE"); + } + } + + if (!t_relay()) { + sl_reply_error(); + } + exit; +} + +# Per SIP request initial checks +route[REQINIT] { +#!ifdef WITH_ANTIFLOOD + # flood dection from same IP and traffic ban for a while + # be sure you exclude checking trusted peers, such as pstn gateways + # - local host excluded (e.g., loop to self) + if (src_ip != myself) { + if ($sht(ipban=>$si) != $null) { + # ip is already blocked + xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n"); + exit; + } + + if (!pike_check_req()) { + xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n"); + $sht(ipban=>$si) = 1; + exit; + } + } +#!endif + + if (!mf_process_maxfwd_header("10")) { + sl_send_reply("483","Too Many Hops"); + exit; + } + + if (!sanity_check("1511", "7")) { + xlog("Malformed SIP message from $si:$sp\n"); + exit; + } +} + +# Handle requests within SIP dialogs +route[WITHINDLG] { + if (has_totag()) { + # sequential request withing a dialog should + # take the path determined by record-routing + if (loose_route()) { +#!ifdef WITH_WEBSOCKETS + if ($du == "") { + if (!handle_ruri_alias()) { + xlog("L_ERR", "Bad alias <$ru>\n"); + sl_send_reply("400", "Bad Request"); + exit; + } + } +#!endif + route(DLGURI); + if (is_method("ACK")) { + # ACK is forwarded statelessy + route(NATMANAGE); + } else if (is_method("NOTIFY")) { + # Add Record-Route for in-dialog NOTIFY as per RFC 6665. + record_route(); + } + route(RELAY); + } else { + if (is_method("SUBSCRIBE") && uri == myself) { + # in-dialog subscribe requests + route(PRESENCE); + exit; + } + if (is_method("ACK")) { + if (t_check_trans()) { + # no loose-route, but stateful ACK; + # must be an ACK after a 487 + # or e.g. 404 from upstream server + route(RELAY); + exit; + } else { + # ACK without matching transaction ... ignore and discard + exit; + } + } + sl_send_reply("404","Not here"); + } + exit; + } +} + +# Handle SIP registrations +route[REGISTRAR] { + if (is_method("REGISTER")) { + if (isflagset(FLT_NATS)) { + setbflag(FLB_NATB); + # uncomment next line to do SIP NAT pinging + ## setbflag(FLB_NATSIPPING); + } + +#!ifdef WITH_IPV6 + if (af == INET6) { + setbflag(FLB_IPV6); + } +#!endif + + if (!save("location")) { + sl_reply_error(); + } + + exit; + } +} + +# USER location service +route[LOCATION] { + if (!lookup("location")) { + $var(rc) = $rc; + t_newtran(); + switch ($var(rc)) { + case -1: + case -3: + send_reply("404", "Not Found"); + exit; + case -2: + send_reply("405", "Method Not Allowed"); + exit; + } + } + + route(RELAY); + exit; +} + +# Presence server route +route[PRESENCE] { + if (!is_method("PUBLISH|SUBSCRIBE")) { + return; + } + + if (is_method("SUBSCRIBE") && $hdr(Event) == "message-summary") { + # returns here if no voicemail server is configured + sl_send_reply("404", "No voicemail service"); + exit; + } + +#!ifdef WITH_PRESENCE + if (!t_newtran()) { + sl_reply_error(); + exit; + } + + if (is_method("PUBLISH")) { + handle_publish(); + t_release(); + } else if (is_method("SUBSCRIBE")) { + handle_subscribe(); + t_release(); + } + exit; +#!endif + + # if presence enabled, this part will not be executed + if (is_method("PUBLISH") || $rU == $null) { + sl_send_reply("404", "Not here"); + exit; + } + return; +} + +# Authentication route +route[AUTH] { +#!ifdef WITH_AUTH + if (is_method("REGISTER") || from_uri == myself) { + # authenticate requests + if (!auth_check("$fd", "subscriber", "1")) { + auth_challenge("$fd", "0"); + exit; + } + # user authenticated - remove auth header + if (!is_method("REGISTER|PUBLISH")) { + consume_credentials(); + } + } + # if caller is not local subscriber, then check if it calls + # a local destination, otherwise deny, not an open relay here + if (from_uri != myself && uri != myself) { + sl_send_reply("403","Not relaying"); + exit; + } + +#!endif + return; +} + +# Caller NAT detection route +route[NATDETECT] { +#!ifdef WITH_IPV6 + if(af==INET6) { + return; + } +#!endif + + force_rport(); + if (nat_uac_test("19")) { + if (is_method("REGISTER")) { + fix_nated_register(); + } else if (is_first_hop()) { + set_contact_alias(); + } + setflag(FLT_NATS); + } + return; +} + +# NAT handling +route[NATMANAGE] { + if (is_request()) { + if (has_totag()) { + if (check_route_param("nat=yes")) { + setbflag(FLB_NATB); + } + + if (check_route_param("rtp=bridge")) { + setbflag(FLB_BRIDGE); + } + + if (check_route_param("rtp=ws")) { + setbflag(FLB_RTPWS); + } + +#!ifdef WITH_IPV6 + if (check_route_param("rtp=v46")) { + setbflag(FLB_V4V6); + } +#!endif + } + } + + if (!isbflagset(FLB_BRIDGE)) { + return; + } + + if ( + !(isflagset(FLT_NATS) + || isbflagset(FLB_NATB) + || isbflagset(FLB_RTPWS) +#!ifdef WITH_IPV6 + || isbflagset(FLB_V4V6) +#!endif + )) { + return; + } + + $xavp(r=>$T_branch_idx) = "replace-origin replace-session-connection"; + + if (!nat_uac_test("8")) { + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " trust-address"; + } + + + if (is_request()) { + if (!has_totag()) { + if (!t_is_failure_route()) { + $avp(extra_id) = @via[1].branch + $T_branch_idx; + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " via-branch=extra"; + } + } + } + + if (is_reply()) { + $avp(extra_id) = @via[2].branch + $T_branch_idx; + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " via-branch=extra"; + } + +#!ifdef WITH_IPV6 + if (af == INET && isbflagset(FLB_IPV6)) { # IPv4 --> IPv6 + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " address-family=IP6"; + } else if (af == INET6 && !isbflagset(FLB_IPV6)) { # IPv6 --> IPv4 + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " address-family=IP4"; + } +#!endif + + if (isbflagset(FLB_RTPWS)) { + if ($proto =~ "ws") { # web --> SIP + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " rtcp-mux-demux DTLS=off SDES-off ICE=remove RTP/AVP"; + } else { # SIP --> web + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " rtcp-mux-offer generate-mid DTLS=passive SDES-off ICE=force RTP/SAVPF"; + } + } else { + if ($proto =~ "ws") { # web --> web + $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + " generate-mid DTLS=passive SDES-off ICE=force"; + } + # else { + # $xavp(r=>$T_branch_idx) = $xavp(r=>$T_branch_idx) + ""; + # } + } + + xlog("L_INFO", "NATMANAGE branch_id:$T_branch_idx ruri: $ru, method:$rm, status:$rs, extra_id: $avp(extra_id), rtpengine_manage: $xavp(r=>$T_branch_idx)\n"); + + rtpengine_manage($xavp(r=>$T_branch_idx)); + + if (is_request()) { + if (!has_totag()) { + if (t_is_branch_route()) { + if (isbflagset(FLB_NATB)) { + add_rr_param(";nat=yes"); + } + + if (isbflagset(FLB_BRIDGE)) { + add_rr_param(";rtp=bridge"); + } + + if (isbflagset(FLB_RTPWS)) { + add_rr_param(";rtp=ws"); + } + +#!ifdef WITH_IPV6 + if (isbflagset(FLB_V4V6)) { + add_rr_param(";rtp=v46"); + } +#!endif + } + } + } + + if (is_reply()) { + if (isbflagset(FLB_NATB)) { + if (is_first_hop()) { + if (af == INET) { + set_contact_alias(); + } + } + } + } + return; +} + +# URI update for dialog requests +route[DLGURI] { + if (!isdsturiset()) { + handle_ruri_alias(); + } + return; +} + +# Routing to foreign domains +route[SIPOUT] { + if (!uri == myself) { + append_hf("P-hint: outbound\r\n"); + route(RELAY); + } +} + +route[BRIDGING] { + if (!has_totag()) { + if ($proto =~ "ws" && !($ru =~ "transport=ws")) { # Coming from WS, NOT to WS + setbflag(FLB_RTPWS); # Need bridging + } else if (!($proto =~ "ws") && $ru =~ "transport=ws") { # Coming from NOT WS, going to WS + setbflag(FLB_RTPWS); # Need bridging + } + +#!ifdef WITH_IPV6 + if (af == INET6 && !isbflagset(FLB_IPV6)) { + setbflag(FLB_V4V6); + } else if(af == INET && isbflagset(FLB_IPV6)) { + setbflag(FLB_V4V6); + } +#!endif + } +} + +# manage outgoing branches +branch_route[MANAGE_BRANCH] { + xlog("L_INFO", "MANAGE_BRANCH: New branch [$T_branch_idx] to $ru\n"); + + t_on_branch_failure("rtpengine"); + +#!ifndef WITH_BRIDGE_ON_FAIL + setbflag(FLB_BRIDGE); +#!endif + + route(BRIDGING); + route(NATMANAGE); +} + +# manage incoming replies +onreply_route[MANAGE_REPLY] { + xdbg("incoming reply\n"); + if (status =~ "[12][0-9][0-9]") { + route(NATMANAGE); + } +} + +# manage failure routing cases +failure_route[MANAGE_FAILURE] { + xlog("L_INFO", "Failure: $rs"); +} + +#!ifdef WITH_WEBSOCKETS +onreply_route { + if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT) + && !(proto == WS || proto == WSS))) { + xlog("L_WARN", "SIP response received on $Rp\n"); + drop; + } + + if (nat_uac_test(64)) { + # Do NAT traversal stuff for replies to a WebSocket connection + # - even if it is not behind a NAT! + # This won't be needed in the future if Kamailio and the + # WebSocket client support Outbound and Path. + add_contact_alias(); + } +} + +event_route[tm:branch-failure:rtpengine] { + xlog("L_INFO", "BRANCH FAILED: $sel(via[1].branch) + $T_branch_idx"); + +#!ifdef WITH_BRIDGE_ON_FAIL + if (!isbflagset(FLB_BRIDGE) && t_check_status("415|488")) { + t_reuse_branch(); + setbflag(FLB_BRIDGE); + xlog("L_INFO", "event_route[branch-failure:rtpengine]: trying again\n"); + + route(RELAY); + } else { + $avp(extra_id) = @via[1].branch + $T_branch_idx; + rtpengine_delete("via-branch=extra"); + xlog("L_INFO", "event_route[branch-failure:rtpengine]: failed\n"); + } +#!else + $avp(extra_id) = @via[1].branch + $T_branch_idx; + rtpengine_delete("via-branch=extra"); +#!endif +} + +event_route[xhttp:request] { + set_reply_close(); + set_reply_no_connect(); + + if ($Rp != MY_WS_PORT +#!ifdef WITH_TLS + && $Rp != MY_WSS_PORT +#!endif + ) { + xlog("L_WARN", "HTTP request received on $Rp\n"); + xhttp_reply("403", "Forbidden", "", ""); + exit; + } + + xlog("L_INFO", "HTTP Request Received\n"); + + if ($hdr(Upgrade) =~ "websocket" + && $hdr(Connection) =~ "Upgrade" + && $rm =~ "GET" + ) { + + # Validate Host - make sure the client is using the correct + # alias for WebSockets + if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) { + xlog("L_WARN", "Bad host $hdr(Host)\n"); + xhttp_reply("403", "Forbidden", "", ""); + exit; + } + + # Optional... validate Origin - make sure the client is from an + # authorised website. For example, + # + # if ($hdr(Origin) != "https://example.com" + # && $hdr(Origin) != "https://example.com") { + # xlog("L_WARN", "Unauthorised client $hdr(Origin)\n"); + # xhttp_reply("403", "Forbidden", "", ""); + # exit; + # } + + # Optional... perform HTTP authentication + + # ws_handle_handshake() exits (no further configuration file + # processing of the request) when complete. + if (ws_handle_handshake()) { + # Optional... cache some information about the + # successful connection + exit; + } + } + + xhttp_reply("404", "Not Found", "", ""); +} + +event_route[websocket:closed] { + xlog("L_INFO", "WebSocket connection from $si:$sp has closed\n"); +} +#!endif \ No newline at end of file diff --git a/webrtc_to_webrtc_RTPengine/webrtc_ws_rtpengine_kamailio.cfg b/webrtc_to_webrtc_RTPengine/webrtc_ws_rtpengine_kamailio.cfg index e0b3695..9860149 100644 --- a/webrtc_to_webrtc_RTPengine/webrtc_ws_rtpengine_kamailio.cfg +++ b/webrtc_to_webrtc_RTPengine/webrtc_ws_rtpengine_kamailio.cfg @@ -96,7 +96,7 @@ modparam("corex", "alias_subdomains", "MY_DOMAIN") # ----- tls params ----- modparam("tls", "tls_method", "SSLv23") modparam("tls", "certificate", "kamailio1_cert.pem") -modparam("tls", "private_key", "rivkey.pem") +modparam("tls", "private_key", "privkey.pem") modparam("tls", "ca_list","cacert.pem") #modparam("tls","ca_list", "calist.pem") #!endif