how to make openser work with asterisk 1.4+ a2b 1.3


callshop modules for a2billing
Linux NFS configuration services
flash based asterisk manager /callshop/call center /agent UI
show call status, sip/iax account register on web
telephone reminder system

I have been struggling between OPENSER(http://www.openser.org) and freeswitch(http://www.freeswitch.org),because I want to select one system as my next version large-scale,large volume sip servers,callingcard servers
both seems ok,I have been waiting for freeswitch's final release,then I can compare

but now according to customer's requirements,I must put one ser in front of serveral asterisk boxes ,so now I must do something now

it's not big problem to make ser working with mysql,with installed openser.cfg,I only uncomment some lines,and change openser.org to the openser server IP,then registration authentication via mysql done,also peer2peer call is ok

now let me check mediaproxy ,nathelper,and interworking with asterisk
ok,about mediaproxy working with openser,below is complete openser config file,I get the cfg file from one of my customer,thanks

# 199.199.199.199 is my serverip ( just example IP)
# 199.199.199.200 is termination(asterisk)
#Global settings
/* uncomment the following lines to enable debugging */
debug=3
fork=yes
log_stderror=yes
log_facility=LOG_LOCAL0

mhomed=no # Multihomed - set this to no if you set a "listen" addres
listen=199.199.199.199 # only want to bind to this ip
port=5060
children=4
tcp_children=4
tcp_accept_aliases=yes
alias=199.199.199.199 # your realm(my server ip)

# uncomment to override config values for debugging

dns=no
rev_dns=no

#fifo="/tmp/openser_fifo"
#fifo_mode=0666

#TLS specific settings
#disable_tls = 0

#tls_verify_client = 1
#tls_verify_server = 1
#tls_require_client_certificate = 1
#tls_method = SSLv23
#tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
#tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
#tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
#tls_ciphers_list="NULL-SHA:NULL-MD5:AES256-SHA:AES128-SHA"

mpath="/usr/local/lib/openser/modules" #path to openser modules
loadmodule "mysql.so"
loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "rr.so"
loadmodule "acc.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "auth.so"
loadmodule "auth_db.so"
loadmodule "uri.so"
loadmodule "uri_db.so"
loadmodule "mediaproxy.so"
#loadmodule "nathelper.so"
loadmodule "textops.so"
loadmodule "avpops.so"
loadmodule "domain.so"
#loadmodule "permissions.so"
loadmodule "group.so"
loadmodule "msilo.so"
loadmodule "xlog.so"
loadmodule "enum.so"
#loadmodule "lcr.so"
#loadmodule "pdt.so"

#nathelper, mediaproxy or both can be used
#we will only be using mediaproxy
#modparam("nathelper", "rtpproxy_disable", 1)
#modparam("nathelper", "natping_interval", 30)
#modparam("nathelper", "sipping_from", "sip:sip_nat_ping@OPENSER_REALM")

modparam("mediaproxy","natping_interval", 30)
modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock")
modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/openser/sip-clients")
modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/openser/rtp-clients")

# -- group params --
modparam("group", "table", "grp")
modparam("group", "use_domain", 0) # might be usefull for future expansions
modparam("group", "user_column", "username")
modparam("group", "domain_column", "domain")
modparam("group", "group_column", "grp")

modparam("usrloc", "db_mode", 1)
modparam("usrloc", "desc_time_order", 1)
modparam("usrloc","nat_bflag",6)

#modparam("registrar", "sip_natping_flag", 3)
#modparam("registrar", "nat_flag", 5)
#modparam("registrar", "desc_time_order", 1)

modparam("rr", "enable_full_lr", 1)

#modparam("avpops","avp_aliases","can_uri=i:34")

modparam("tm", "fr_timer", 20 )
modparam("tm", "fr_inv_timer", 20 )
modparam("tm", "wt_timer", 20 )
#modparam("tm", "via1_matching", 1)
#modparam("tm", "fr_inv_timer_avp", "inv_timeout")

#modparam("permissions", "db_mode", 1)
#modparam("permissions", "trusted_table", "trusted")

# -- acc params --
modparam("acc", "db_flag", 1 )
modparam("acc", "db_missed_flag", 2)

#--enum----
#modparam("enum", "domain_suffix", "e164.arpa.")

#--pdt--
#modparam("pdt", "db_table", "prefix_domain")
#modparam("pdt", "domain_column", "domain")
#modparam("pdt", "prefix_column", "prefix")

# -- domain
modparam("domain", "domain_table", "domain")
modparam("domain", "domain_col", "domain")

# ------------------------- request routing logic -------------------

# main routing logic

route {
# -----------------------------------------------------------------
# Configuration flags
# -----------------------------------------------------------------
setflag(6);
setflag(7);
# setflag(8);
setflag(9);
#setflag(10);
#setflag(12);
#setflag(13);

if (isflagset(13) && !is_method("ACK") && !is_method("REGISTER")) { #debug route
route(13);
};

if (!isflagset(12) ) {
resetflag(8);
};
# -----------------------------------------------------------------
# Sanity Check Section
# -----------------------------------------------------------------
if (!mf_process_maxfwd_header("10")) {
if (method!="ACK") {
sl_send_reply("483", "Too Many Hops");
};
return;
};

if (msg:len > max_len) {
if (method!="ACK") {
sl_send_reply("513", "Message Overflow");
};
return;
};

if (status=="482") { #loop detection
xlog("L_ERR", "Webur: $mi $rm $fu -> $ru status 482 Loop Detected\n");
return;
};

# -----------------------------------------------------------------
# Record Route Section
# -----------------------------------------------------------------
if (method=="INVITE") {
record_route();
if (client_nat_test("3") && isflagset(6)) {
add_rr_param(";nat=yes");
};
};
# -----------------------------------------------------------------
# Loose Route Section
# -----------------------------------------------------------------
if (loose_route()) {
if (isflagset(6)) {
if (has_totag() && (method=="INVITE" || method=="ACK" || method=="BYE")) {
if (client_nat_test("3")||search("^Route:.*;nat=yes")){
use_media_proxy();
};
};
};
route(6);
return;
};

# -----------------------------------------------------------------
# Call Tear Down Section
# -----------------------------------------------------------------

if (isflagset(6)) {
if (method=="BYE" || method=="CANCEL") {
end_media_session();
};
};

# -----------------------------------------------------------------
# Unauthorized relay
# -----------------------------------------------------------------

if (!is_uri_host_local()) {
if (is_from_local() ) { # We prevent unautherised relays
append_hf("P-hint: outbound\r\n");
route(10); # need to be authenticated
} else {
sl_send_reply("403", "Forbidden");
};
return;
};

# -----------------------------------------------------------------
# Call Type Processing Section
# -----------------------------------------------------------------

if (uri=~"sip:daemon@" ) {
sl_send_reply("410", "daemon has gone for a beer");
return;
};

if (method=="INVITE") {
route(3);
return;
} else if (method=="ACK") {
route(1);
return;
} else if (method=="BYE" || method=="CANCEL") {
route(1);
return;
} else if (method=="REGISTER") {
route(2);
return;
};

lookup("aliases");
if (uri!=myself) {
route(10);
return;
};
if (!lookup("location")) {
route(8);
return;
};

route(1); # Do not proxy authenticate - needed by system to send messages
return;
}

route[1] {

# -----------------------------------------------------------------
# Default Route relay Handler with NAT
# -----------------------------------------------------------------
if (isflagset(6)) {
if (client_nat_test("3")) {
setflag(4);
force_rport();
force_tcp_alias();
fix_contact();
};

if (isflagset(4) || isflagset(5)) {
use_media_proxy();
};
t_on_reply("1");
};
route(5); #TLS handeling
route(6); # Relay the call
return;
}

route[2] {

# -----------------------------------------------------------------
# REGISTER Message Handler
# -----------------------------------------------------------------
# This cool register script came from http://openser.org/docs/scripting.html

sl_send_reply("100", "Trying");

if (!route(7)) { # verify the user
return(0);
};

if (!search("^Contact:[ ]*\*") && client_nat_test("7") && isflagset(6)) {
setflag(3);
setflag(5);
force_rport();
force_tcp_alias();
fix_contact();
};

if (!is_user_in("From", "noauth")) { #no authentication required

if (!www_authorize("", "subscriber")) {
if (isflagset(13)) {
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$fu Authorization for $fu ($si) requested\n");
};
www_challenge("", "0");
return(0);
} else {
if (isflagset(13)){
xlog("L_NOTICE","Webur: $mi route[$rm][2] \
$fu Authorization OK\n");
};
};
if (!check_to()) {
if (isflagset(13)){
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$fu -> $ru REPLY 401 - Unauthorized check_to() failed\n");
};
sl_send_reply("401", "Unauthorized - account and username must match");
return(0);
};

consume_credentials();
};

if (!save("location")) {
if (isflagset(13)) {
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$fu save(location) Failed\n");
};
sl_reply_error();
return(0);
}else {
if (isflagset(13)) {
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$fu save(location)OK\n");
};

if (m_dump() && isflagset(10)){
if (isflagset(13)) {
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$fu m_dump() OK\n");
};
};
};
return;
}

route[3] {

# -----------------------------------------------------------------
# INVITE Message Handler
# -----------------------------------------------------------------
setflag(1); #turn on accounting
setflag(2); #also missed calls

# if (uri=~"^sip:[0-9]+@sipbroker.com") {
# prefix("*");
# };

#if (uri=~"sip:\*XXX[0-9]+@.*") { #prevent loops from Sipbroker
# strip(4);
#};

if (uri=~"^sip:011[0-9]+@199.199.199.199") {
rewritehost("199.199.199.200");
};

if (uri=~"^sip:00[0-9]+@199.199.199.199") {
rewritehost("199.199.199.200");
};

# if (uri=~"sip:8829XXX[0-9]+@.*") { #try to relay enum local first
# strip(7);
# };

# if (is_from_user_e164()) { # this does not work
# xlog("L_INFO","Enum lookup");
# enum_query("e164.arpa.","+sip+voice:sip+video:sip");
# enum_query("e164.info.","+sip+voice:sip+video:sip");
# enum_query("e164.org.");
## enum_query("freenum.org.","+sip+voice:sip+video:sip");
# };
#
lookup("aliases"); #in the event that an alias resolves to another domain.

if (uri!=myself) {
route(10); #check authentication
return;
};
if (!lookup("location")) {
if (src_ip==199\.199\.199\.199 || !isflagset(7)) { # loopback prevention
route(8);
return;
} else {
route(4);
return;
};
};

t_on_failure("1"); #call waiting,busy,DND,voicemail
if (isflagset(9)) {
route(1); #normal relay
}else{
route(10); #proxy auth
};
return;
}

route[4] {

# -----------------------------------------------------------------
# PSTN Handler
# -----------------------------------------------------------------

route(1);
return;
}

route[5] {

# -----------------------------------------------------------------
# TLS Handling
# -----------------------------------------------------------------

if (!is_uri_host_local()) {
remove_hf("Alert-Info");
if (method=="INVITE" ) {
append_hf("Alert-info: 1\r\n"); #cisco 7960
append_hf("Alert-info: Bellcore-dr4\r\n"); #cisco ATA
# append_hf("Alert-info: http://foo.bar/x.wav\r\n"); #snom
};

};
return;
}

route[6] {

# -----------------------------------------------------------------
# Route relay Handler
# -----------------------------------------------------------------

if (method=="INVITE" && (proto==tcp) && isflagset(11)) { #Voicemail handeling
t_reply("300", "Redirecting...");
route(9);
return;
};

if (!t_relay()) {
if (isflagset(6)) {
if (method=="INVITE" || method=="ACK") {
end_media_session();
};
};
sl_reply_error();
};
return;
}

route[7] {

# -----------------------------------------------------------------
# User verify
# -----------------------------------------------------------------
# Check for known domain(s)

if (!is_from_local()) {
if (isflagset(13)){
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$fu Unknown domain\n");
sl_send_reply("403", "Unknown domain");
};
return(0);
};

# Check to see that the user has not been disabled

if (is_user_in("From", "disabled")) {
if (isflagset(13)){
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$fu Your account has been disabled\n");
};
sl_send_reply("403", "Your account has been disabled");
return(0);
};
if (is_user_in("To", "disabled")) {
if (isflagset(13)) {
xlog("L_NOTICE", "Webur: $mi route[$rm][2] \
$tu That account has been disabled\n");
};
sl_send_reply("403", "That account has been disabled");
return(0);
};

return(1);
}

route[8] {
# -----------------------------------------------------------------
# Handling of unavailable user
# -----------------------------------------------------------------

# message store

# if (method=="MESSAGE" && isflagset(10)) {
# t_newtran();
# if (m_store("0")) {
# t_reply("202", "Accepted for Later Delivery");
# } else {
# t_reply("503", "Service Unavailable");
# };
# return;
# };

# non-Voip -- just send "off-line"
# if (!(method=="INVITE" || method=="ACK" || method=="CANCEL")) {
# #sl_send_reply("404", "Not Online");
# #route (9);
# return;
# };
#t_newtran();
#t_reply("404", "Not Online");
route (9);
# we account missed incoming calls; previous statteful processing
# guarantees that retransmissions are not accounted
acc_db_request("404 missed call", "missed_calls");
#t_on_failure("1");
return;
}
route[9] {

# -----------------------------------------------------------------
# Translate to UDP for voicemail
# -----------------------------------------------------------------

if (isflagset(6)) {
if (client_nat_test("3")) {
setflag(4);
force_rport();
force_tcp_alias();
fix_contact();
};
if (isflagset(4) || isflagset(5)) {
use_media_proxy();
};
t_on_reply("1");
};

if (!t_relay("udp:199.199.199.200:5060")) {
if (isflagset(6)) {
if (method=="INVITE" || method=="ACK") {
end_media_session();
};
};
sl_reply_error();
};
return;
}

route[10] {

# -----------------------------------------------------------------
# Default Message Handler with Proxy Authentication
# -----------------------------------------------------------------

if(method=="ACK") { #these you never proxy authenticate
route(1);
return;
};
if(method=="BYE" || method=="CANCEL") { #these you never proxy authenticate
route(1);
return;
};

xlog("L_INFO", "Proxy auth $fd $dP destination:$du $dd $ds");

if (!route(7)) { #verify the user
return(0);
};

if (!is_user_in("From", "noauth")) { #no authentication required
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
return;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
return;
};
#consume_credentials();
};

# if (is_user_in("Credentials", "local")) { # Uncomment to use the group options
route(1);
# }else{
# sl_send_reply("403", "Denied, you are not allowed this route");
# };

return;
}

onreply_route[1] {
# -----------------------------------------------------------------
# Return Route
# -----------------------------------------------------------------

if ((isflagset(4) || isflagset(5)) && isflagset(6) && (status=~"(180)|(183)|2[0-9][0-9]")) {
if (!search("^Content-Length:[ ]*0")) {
use_media_proxy();
};
};
if (client_nat_test("1") && isflagset(6)) {
fix_contact();
};
return;
}

failure_route[1] {
# -----------------------------------------------------------------
# No answer, cancel, busy handling
# -----------------------------------------------------------------

if (method=="MESSAGE" && isflagset(10)) {
if (m_store("1")) { # this in case the ua do not support messaging
t_reply("202", "Accepted");
} else {
t_reply("503", "Service Unavailable");
};
return;
};

if(t_check_status("408|480") && !src_ip==199\.199\.199\.200 && isflagset(8)) {
revert_uri();
rewritehostport("199.199.199.200:5060");
#prefix("vmail");
append_urihf("CC-Diversion: ", "\r\n");
append_hf("P-hint: OFFLINE-VOICEMAIL\r\n");
append_branch();
setflag(11);
route(6);
};
return;
}

route[13] {

# -----------------------------------------------------------------
# Debuging info
# -----------------------------------------------------------------

if (status=="100") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 100 Trying\n");
} else if (status=="180") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 180 Ringing\n");
} else if (status=="181") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 181 Call Is Being Forwarded\n");
} else if (status=="182") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 182 Queued\n");
} else if (status=="183") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 183 Session Progress\n");
} else if (status=="200") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 200 OK\n");
} else if (status=="202") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 202 Accepted\n");
} else if (status=="300") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 300 Multiple Choices $ct\n");
} else if (status=="301") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 301 Moved Permanently $ct\n");
} else if (status=="302") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 302 Moved Temporarily $ct\n");
} else if (status=="305") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 305 Use Proxy\n");
} else if (status=="380") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 380 Alternative Service\n");
} else if (status=="400") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 400 Bad Request\n");
} else if (status=="401") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 401 Unauthorized\n");
} else if (status=="402") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 402 Payment Required\n");
} else if (status=="403") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 403 Forbidden\n");
} else if (status=="404") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 404 Not Found\n");
} else if (status=="405") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 405 Method Not Allowed\n");
} else if (status=="406") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 406 Not Acceptable\n");
} else if (status=="407") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 407 Proxy Authentication Required\n");
} else if (status=="408") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 408 Request Timeout\n");
} else if (status=="409") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 409 Conflict\n");
} else if (status=="410") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 410 Gone\n");
} else if (status=="411") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 411 Length Required\n");
} else if (status=="412") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 412 Conditional Request Failed\n");
} else if (status=="413") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 413 Request Entity Too Large\n");
} else if (status=="414") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 414 Request-URI Too Long\n");
} else if (status=="415") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 415 Unsupported Media Type\n");
} else if (status=="416") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 416 Unsupported URI Scheme\n");
} else if (status=="420") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 420 Bad Extension\n");
} else if (status=="421") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 421 Extension Required\n");
} else if (status=="422") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 422 Session Interval Too Small\n");
} else if (status=="423") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 423 Interval Too Brief\n");
} else if (status=="429") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 429 Provide Referrer Identity\n");
} else if (status=="480") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 480 Temporarily Unavailable\n");
} else if (status=="481") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 481 Call Leg/Transaction Does Not Exist\n");
} else if (status=="482") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 482 Loop Detected\n");
} else if (status=="483") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 483 Too Many Hops\n");
} else if (status=="484") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 484 Address Incomplete\n");
} else if (status=="485") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 485 Ambiguous\n");
} else if (status=="486") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 486 Busy Here\n");
} else if (status=="487") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 487 Busy Here; Request Terminated\n");
} else if (status=="488") {
xlog("L_NOTICE", "Webur: $mi $rm $fu -> $ru status 488 Not Acceptable Here\n");
} else if (status=="489") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 489 Bad Event\n");
} else if (status=="491") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 491 Request Pending\n");
} else if (status=="493") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 493 Undecipherable\n");
} else if (status=="494") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 494 Security Agreement Required\n");
} else if (status=="500") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 500 Server Internal Error\n");
} else if (status=="501") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 501 Not Implemented\n");
} else if (status=="502") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 502 Bad Gateway\n");
} else if (status=="503") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 503 Service Unavailable\n");
} else if (status=="504") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 504 Server Timeout\n");
} else if (status=="505") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 505 Version Not Supported\n");
} else if (status=="513") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 513 Message Too Large\n");
} else if (status=="580") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 580 Precondition Failure\n");
} else if (status=="600") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 600 Busy Everywhere\n");
} else if (status=="603") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 603 Decline\n");
} else if (status=="604") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 604 Does Not Exist Anywhere\n");
} else if (status=="606") {
xlog("L_NOTICE",
"Webur: $mi $rm $fu -> $ru status 606 Not Acceptable\n");
} else {
xlog("L_NOTICE", "Webur: $mi $rm $fu -> $ru status not listed\n");
};
xlog("L_NOTICE", "Webur: $mi $mb\n");
return;
}

ok ,now peer2peer workings for NAT or non-NAT, call to termination working

I want to use a2billing as web management UI,to add customers,add sip friends,so I want to cc_sip_buddies data syncronize with openser.subscriber table
after digging openserctl codes and serweb-0.9.4 codes ,I realize subscriber table

username = cc_sip_buddies.username
domain = SERVERIP or domain name
password= cc_sip_buddies.secret
ha1 =md5('username:domain:password')
ha1b =md5('username@domain:domain:password')

we map subscriber as view of cc_sip_buddies ,this should work

since this user use mysql cluster,I need their system administator to create view for me

ok,the system administrator done it ,see below
create view openser.subscriber as
select id,name,
'aa.net' as domain ,secret as password,'' as first_name,'' as last_name ,
' test@1234.com' as email_address ,now() as datetime_created,
md5(concat(name,' : ','aa.net',' : ',secret)) as ha1,
md5(concat(name,'@','aa.net',' : ','aa.net',' : ',secret)) as ha1b ,'' as timezone,'' as rpid
from cc_sip_buddies

after pass this step: we'll have following functions
1. operator create customers,rates,etc ,via /a2billing
2. user register to openser,if peer2peer call, it will handled by openser
3. if goto pstn,it will send call to asterisk
4. it can have multiple asterisk servers to do loadbalancing etc,I still not check ,but I saw openser dispatcher module for such usage,also another solution ,both solutions can check from www.openser.org documents

BELOW IS ASTERISK LOGS

INVITE sip:00999@199.199.199.200:5061 SIP/2.0
Record-Route:
Via: SIP/2.0/UDP 199.199.199.200;branch=z9hG4bK608c.5e0ff5b3.0
Via: SIP/2.0/UDP 123.154.92.37;rport=5060;branch=z9hG4bK7b9a5c250000004647849843000046cd000000a7
Content-Length: 272
Contact:
Call-ID: C5137652-E551-46C8-830D-69D7A8039948@123.154.92.37
Content-Type: application/sdp
CSeq: 2 INVITE
From: "abc";tag=2481633425152
Max-Forwards: 69
To:
User-Agent: SJphone/1.60.289a (SJ Labs)
Proxy-Authorization: Digest username="3625475100",realm="asterisk",nonce="60906c9c",uri="sip:00999@81.171.111.189",response="8473624ce8f89451ee188fd7fd9e4f4e",algorithm="MD5"

v=0
o=- 3408860866 3408860866 IN IP4 123.154.92.37
s=SJphone
c=IN IP4 123.154.92.37
t=0 0
a=direction:passive
m=audio 49168 RTP/AVP 18 8 0 101
a=rtpmap:18 G729/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-11,16

<------------->
--- (14 headers 12 lines) ---
Sending to 199.199.199.200: 5060 (NAT)
Using INVITE request as basis request - C5137652-E551-46C8-830D-69D7A8039948@123.154.92.37
Found user '3625475100'
Found RTP audio format 18
Found RTP audio format 8
Found RTP audio format 0
Found RTP audio format 101
Peer audio RTP is at port 123.154.92.37:49168
Found audio description format G729 for ID 18
Found audio description format PCMA for ID 8
Found audio description format PCMU for ID 0
Found audio description format telephone-event for ID 101
Capabilities: us - 0x10e (gsm|ulaw|alaw|g729), peer - audio=0x10c (ulaw|alaw|g729)/video=0x0 (nothing), combined - 0x10c (ulaw|alaw|g729)
Non-codec capabilities (dtmf): us - 0x1 (telephone-event), peer - 0x1 (telephone-event), combined - 0x1 (telephone-event)
Peer audio RTP is at port 123.154.92.37:49168

provider's comment:

no comments

Comments

Wed, 04/30/2008 - 03:50 — hfvoip

maximize openser performance

1. Increase Private Memory Size (see http://www.openser.org/dokuwiki/doku.php/troubleshooting:private-memory-...)
I edit PKG_MEM_POOL_SIZE to 64 M
2.Increase Share Memory Size
openser -m 1024 (yes 1G memory)
3. process number to 64 ,so total 64 processes
4. listen on multiple IP/port, because 5060 is blocked somewhere,so need extra ports opened for blocked country

Mon, 03/24/2008 - 10:53 — hfvoip

Do you have problem with 'Proxy Authorized Required" ?

latest days I am implemenet openser+ asterisk loadbalancing
to make more safe,it has proxy_authorize("domain","subscriber"),
the astersisk will reply "proxy authorize required", and openser forward this reply to xlite or sjphone

I google ,below is one solution
1. add insecure=very and perimit=192.168.0.2/255.255.255.0(openser IP) to the sip.conf,so if your sip account is 123456, you will add 2 lines for [123456]

YES,it works

but it's not enough for me,I use sip realtime for asteisk,when I add this for cc_sip_buddies table,it doens'nt work

after digging into asterisk codes, I change cc_sip_buddies .secret to empty ,then everything works ,but secret must be empty
of course it's not good idea,we must have secret for each account,and on the other hand we must keep secret to empty to prevent asterisk send "proxy authorize required"
how to fix that ?easy solution isI create another table for asterisk rrealtime ,which is a view for cc_sip_buddies ,except secret is empty.
sip account still need login with sip username/secret,but asterisk wont ask for proxy authorization again

still not enough ,what if someone try to register to asterisk (NOT openser ) without secret,he will succeed, I simply block registeration function on the asterisk server from sip client
such as put asterisk behind firewall,etc

Thu, 02/07/2008 - 14:18 — lu

Hi hfvoip, Thannx. Its a

Hi hfvoip,

Thannx. Its a very usefull lesson , however i dont understand this part can you please be more clear on step by step how the mysql table have been altered?

"we map subscriber as view of cc_sip_buddies ,this should work

ok,the system administrator done it ,see below
create view openser.subscriber as
select id,username,
'199.199.199.199' as domain ,secret as password,'' as first_name,'' as last_name ,
' test@1234.com' as email_address ,now() as datetime_created,
md5(concat(username,' : ','199.199.199.199',' : ',secret)) as ha1,
md5(concat(username,'@','199.199.199.199',' : ','199.199.199.199',' : ',secret)) as ha1b ,'' as timezone,'' as rpid
from cc_sip_buddies "
WBR,
LU

Tue, 05/06/2008 - 07:37 — smaikol

Hi hfvoip, really nice job!

really nice job! May i ask you if you use asterisk in real time configuration? Always in realtime configuration when working with ser\openser? Asterisk working as a gateway for other technologies such as pstn, isdn, h323, and for functions that ser\openser usually doesn't accomplish?

Thanks
smaikol

All voip solutions

Navigation

Latest Solutions