欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  网络运营

关于opensips用户认证配置文件 opensips.cfg 使用介绍

程序员文章站 2023-12-29 08:11:46
opensips用户认证配置文件-opensips.cfg opensips.cfg配置文件,红色标记的为添加修改的部分,亲自测试! ## $id: opensips.c...

opensips用户认证配置文件-opensips.cfg opensips.cfg配置文件,红色标记的为添加修改的部分,亲自测试!

#
# $id: opensips.cfg 9742 2013-02-05 10:24:48z vladut-paiu $
#
# opensips residential configuration script
#     by opensips solutions <team@opensips-solutions.com>
#
# this script was generated via "make menuconfig", from
#   the "residential" scenario.
# you can enable / disable more features / functionalities by
#   re-generating the scenario with different options.#
#
# please refer to the core cookbook at:
#      http://www.opensips.org/resources/docscookbooks
# for a explanation of possible statements, functions and parameters.
#


####### global parameters #########

debug=3
log_stderror=no
log_facility=log_local0

fork=yes
children=4

/* uncomment the following lines to enable debugging */
#debug=6
#fork=no
#log_stderror=yes

/* uncomment the next line to enable the auto temporary blacklisting of
   not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable ipv6 lookup after ipv4 dns
   lookup failures (default disabled) */
#dns_try_ipv6=yes

/* comment the next line to enable the auto discovery of local aliases
   based on revers dns on ips */
auto_aliases=no


# listen=udp:127.0.0.1:5060   # customize me
listen=udp:192.168.139.121:5060   # customize me


disable_tcp=yes

#disable_tls=yes


####### modules section ########

#set module path
mpath="//lib/opensips/modules/"

#### mysql
loadmodule "db_mysql.so"


#### signaling module
loadmodule "signaling.so"

#### stateless module
loadmodule "sl.so"

#### transaction module
loadmodule "tm.so"
modparam("tm", "fr_timer", 5)
modparam("tm", "fr_inv_timer", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)

#### record route module
loadmodule "rr.so"
/* do not append from tag to the rr (no need for this script) */
modparam("rr", "append_fromtag", 0)

#### max forward module
loadmodule "maxfwd.so"

#### sip msg operations module
loadmodule "sipmsgops.so"

#### fifo management interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)

#### uri module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)

#### user location module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "nat")
modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("usrloc", "db_mode", 2)

#### registrar module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "tcp_persistent")

/* uncomment the next line not to allow more than 10 contacts per aor */
#modparam("registrar", "max_contacts", 10)

#### accounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
   if you enable this parameter, be sure the enable "append_fromtag"
   in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", "acc_failed")
/* account triggers (flags) */
modparam("acc", "log_flag", "acc_do")
modparam("acc", "log_missed_flag", "acc_missed")

#### auth support
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth", "calculate_ha1", yes)
modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("auth_db", "password_column", "password")

####### routing logic ########

# main request routing logic

route{
 if (!mf_process_maxfwd_header("10")) {
  sl_send_reply("483","too many hops");
  exit;
 }

 if (has_totag()) {
  # sequential request withing a dialog should
  # take the path determined by record-routing
  if (loose_route()) {
   if (is_method("bye")) {
    setflag(acc_do); # do accounting ...
    setflag(acc_failed); # ... even if the transaction fails
   } else if (is_method("invite")) {
    # even if in most of the cases is useless, do rr for
    # re-invites alos, as some buggy clients do change route set
    # during the dialog.
    record_route();
   }

   # route it out to whatever destination was set by loose_route()
   # in $du (destination uri).
   route(relay);
  } else {
   if ( is_method("ack") ) {
    if ( t_check_trans() ) {
     # non loose-route, but stateful ack; must be an ack after
     # a 487 or e.g. 404 from upstream server
     t_relay();
     exit;
    } else {
     # ack without matching transaction ->
     # ignore and discard
     exit;
    }
   }
   sl_send_reply("404","not here");
  }
  exit;
 }

 # cancel processing
 if (is_method("cancel"))
 {
  if (t_check_trans())
   t_relay();
  exit;
 }

 t_check_trans();

 if ( !(is_method("register")  ) ) {
  if (from_uri==myself)
  {
  } else {
   # if caller is not local, then called number must be local
   if (!uri==myself) {
    send_reply("403","rely forbidden");
    exit;
   }
  }
 }

 # preloaded route checking
 if (loose_route()) {
  xlog("l_err",
  "attempt to route with preloaded route's [$fu/$tu/$ru/$ci]");
  if (!is_method("ack"))
   sl_send_reply("403","preload route denied");
  exit;
 }

 # record routing
 if (!is_method("register|message"))
  record_route();

 # account only invites
 if (is_method("invite")) {
  setflag(acc_do); # do accounting
 }


 if (!uri==myself) {
  append_hf("p-hint: outbound\r\n");
  route(relay);
 }

 # requests for my domain
 if (is_method("publish|subscribe"))
 {
  sl_send_reply("503", "service unavailable");
  exit;
 }

 if (is_method("register"))
 {
  #auth user using mysql db
   if (!www_authorize("192.168.139.121", "subscriber")) {
   www_challenge("192.168.139.121", "0");
          exit;
  }
  #end auth user

  if (   0 ) setflag(tcp_persistent);

  if (!save("location"))
   sl_reply_error();

  exit;
 }

 if ($ru==null) {
  # request with no username in ruri
  sl_send_reply("484","address incomplete");
  exit;
 }

 # do lookup with method filtering
 if (!lookup("location","m")) {
  t_newtran();
  t_reply("404", "not found");
  exit;
 }

 # when routing via usrloc, log the missed calls also
 setflag(acc_missed);
 route(relay);
}


route[relay] {
 # for invites enable some additional helper routes
 if (is_method("invite")) {
  t_on_branch("per_branch_ops");
  t_on_reply("handle_nat");
  #t_on_reply();
  t_on_failure("missed_call");
 }

 if (!t_relay()) {
  send_reply("500","internal error");
 };
 exit;
}


branch_route[per_branch_ops] {
 xlog("new branch at $ru\n");
}


onreply_route[handle_nat] {

 xlog("incoming reply\n");
}


failure_route[missed_call] {
 if (t_was_cancelled()) {
  exit;
 }

 # uncomment the following lines if you want to block client
 # redirect based on 3xx replies.
 ##if (t_check_status("3[0-9][0-9]")) {
 ##t_reply("404","not found");
 ## exit;
 ##}

}

上一篇:

下一篇: