关于opensips用户认证配置文件 opensips.cfg 使用介绍

时间:2016-09-25

opensips用户认证配置文件-opensips.cfg opensips.cfg配置文件,红色标记的为添加修改的部分,亲自测试!

#
# $Id: opensips.cfg 9742 2013-02-05 10:24:48Z vladut-paiu $
#
# OpenSIPS residential configuration script
#     by OpenSIPS Solutions <team@opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
#   the "Residential" scenario.
# You can enable / disable more features / functionalities by
#   re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
#      http://www.opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#


####### Global Parameters #########

debug=3
log_stderror=no
log_facility=LOG_LOCAL0

fork=yes
children=4

/* uncomment the following lines to enable debugging */
#debug=6
#fork=no
#log_stderror=yes

/* uncomment the next line to enable the auto temporary blacklisting of
   not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable IPv6 lookup after IPv4 dns
   lookup failures (default disabled) */
#dns_try_ipv6=yes

/* comment the next line to enable the auto discovery of local aliases
   based on revers DNS on IPs */
auto_aliases=no


# listen=udp:127.0.0.1:5060   # CUSTOMIZE ME
listen=udp:192.168.139.121:5060   # CUSTOMIZE ME


disable_tcp=yes

#disable_tls=yes


####### Modules Section ########

#set module path
mpath="//lib/opensips/modules/"

#### MySQL
loadmodule "db_mysql.so"


#### SIGNALING module
loadmodule "signaling.so"

#### StateLess module
loadmodule "sl.so"

#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timer", 5)
modparam("tm", "fr_inv_timer", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)

#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)

#### MAX ForWarD module
loadmodule "maxfwd.so"

#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"

#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)

#### URI module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)

#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("usrloc", "db_mode", 2)

#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")

/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)

#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
   if you enable this parameter, be sure the enable "append_fromtag"
   in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", "ACC_FAILED")
/* account triggers (flags) */
modparam("acc", "log_flag", "ACC_DO")
modparam("acc", "log_missed_flag", "ACC_MISSED")

#### Auth support
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth", "calculate_ha1", yes)
modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("auth_db", "password_column", "password")

####### Routing Logic ########

# main request routing logic

route{
 if (!mf_process_maxfwd_header("10")) {
  sl_send_reply("483","Too Many Hops");
  exit;
 }

 if (has_totag()) {
  # sequential request withing a dialog should
  # take the path determined by record-routing
  if (loose_route()) {
   if (is_method("BYE")) {
    setflag(ACC_DO); # do accounting ...
    setflag(ACC_FAILED); # ... even if the transaction fails
   } else if (is_method("INVITE")) {
    # even if in most of the cases is useless, do RR for
    # re-INVITEs alos, as some buggy clients do change route set
    # during the dialog.
    record_route();
   }

   # route it out to whatever destination was set by loose_route()
   # in $du (destination URI).
   route(relay);
  } else {
   if ( is_method("ACK") ) {
    if ( t_check_trans() ) {
     # non loose-route, but stateful ACK; must be an ACK after
     # a 487 or e.g. 404 from upstream server
     t_relay();
     exit;
    } else {
     # ACK without matching transaction ->
     # ignore and discard
     exit;
    }
   }
   sl_send_reply("404","Not here");
  }
  exit;
 }

 # CANCEL processing
 if (is_method("CANCEL"))
 {
  if (t_check_trans())
   t_relay();
  exit;
 }

 t_check_trans();

 if ( !(is_method("REGISTER")  ) ) {
  if (from_uri==myself)
  {
  } else {
   # if caller is not local, then called number must be local
   if (!uri==myself) {
    send_reply("403","Rely forbidden");
    exit;
   }
  }
 }

 # preloaded route checking
 if (loose_route()) {
  xlog("L_ERR",
  "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
  if (!is_method("ACK"))
   sl_send_reply("403","Preload Route denied");
  exit;
 }

 # record routing
 if (!is_method("REGISTER|MESSAGE"))
  record_route();

 # account only INVITEs
 if (is_method("INVITE")) {
  setflag(ACC_DO); # do accounting
 }


 if (!uri==myself) {
  append_hf("P-hint: outbound\r\n");
  route(relay);
 }

 # requests for my domain
 if (is_method("PUBLISH|SUBSCRIBE"))
 {
  sl_send_reply("503", "Service Unavailable");
  exit;
 }

 if (is_method("REGISTER"))
 {
  #auth user using mysql DB
   if (!www_authorize("192.168.139.121", "subscriber")) {
   www_challenge("192.168.139.121", "0");
          exit;
  }
  #end auth user

  if (   0 ) setflag(TCP_PERSISTENT);

  if (!save("location"))
   sl_reply_error();

  exit;
 }

 if ($rU==NULL) {
  # request with no Username in RURI
  sl_send_reply("484","Address Incomplete");
  exit;
 }

 # do lookup with method filtering
 if (!lookup("location","m")) {
  t_newtran();
  t_reply("404", "Not Found");
  exit;
 }

 # when routing via usrloc, log the missed calls also
 setflag(ACC_MISSED);
 route(relay);
}


route[relay] {
 # for INVITEs enable some additional helper routes
 if (is_method("INVITE")) {
  t_on_branch("per_branch_ops");
  t_on_reply("handle_nat");
  #t_on_reply();
  t_on_failure("missed_call");
 }

 if (!t_relay()) {
  send_reply("500","Internal Error");
 };
 exit;
}


branch_route[per_branch_ops] {
 xlog("new branch at $ru\n");
}


onreply_route[handle_nat] {

 xlog("incoming reply\n");
}


failure_route[missed_call] {
 if (t_was_cancelled()) {
  exit;
 }

 # uncomment the following lines if you want to block client
 # redirect based on 3xx replies.
 ##if (t_check_status("3[0-9][0-9]")) {
 ##t_reply("404","Not found");
 ## exit;
 ##}

}

上一条:win2003防止暴力破解的防范方法 下一条:opensips源代码安装与配置的技巧方法

相关文章

最新文章