opensips 安装及基本配置

  • 格式:rtf
  • 大小:82.95 KB
  • 文档页数:20

opensips 安装及基本配置1 . 官方网站 / 的 download 中下载 opensips 软件包2 . 编译:Java代码1. tar zxvf opensips-1.6.2-tls_src.tar.gz2. cd opensips-1.6.2-tlstar zxvf opensips-1.6.2-tls_src.tar.gzcd opensips-1.6.2-tls3 . 安装之前更改 makefile :删除 Makefile 中的 exclude_modules 的 db-mysql,使opensips使用mysql数据4. 安装make all可能会缺少一下工具,缺少什么装什么就是了。

另外可能提示找不到mysql.h等文件,只要把文件拷贝到对应的地方就行了。

make install默认安装路径 /usr/local 下5. 配置 vim /usr/local/etc/opensips/opensipsctlrc,把 mysql 的相关的注释去掉Java代码1. ## database type: MYSQL, PGSQL, ORACLE, DB_BERKELEY, or DBTEXT, by default noneis loaded2. # If you want to setup a database with opensipsdbctl, you must at least specify3. # this parameter.4. DBENGINE=MYSQL5. ## database host6. DBHOST=localhost7. ## database name (for ORACLE this is TNS name)8. DBNAME=opensips9. # database path used by dbtext or db_berkeley10. DB_PATH="/usr/local/etc/opensips/dbtext"11. ## database read/write user12. DBRWUSER=opensips13. ## password for database read/write user14. DBRWPW="opensipsrw"15. ## database read only user16. DBROUSER=opensipsro17. ## password for database read only user18. DBROPW=opensipsro19. ## database super user (for ORACLE this is 'scheme-creator' user)20. DBROOTUSER="root"21. # user name column22. USERCOL="username"## database type: MYSQL, PGSQL, ORACLE, DB_BERKELEY, or DBTEXT, by default none is loaded# If you want to setup a database with opensipsdbctl, you must at least specify # this parameter.DBENGINE=MYSQL## database hostDBHOST=localhost## database name (for ORACLE this is TNS name)DBNAME=opensips# database path used by dbtext or db_berkeleyDB_PATH="/usr/local/etc/opensips/dbtext"## database read/write userDBRWUSER=opensips## password for database read/write userDBRWPW="opensipsrw"## database read only userDBROUSER=opensipsro## password for database read only userDBROPW=opensipsro## database super user (for ORACLE this is 'scheme-creator' user)DBROOTUSER="root"# user name columnUSERCOL="username"6. 执行 opensips/sbin/ 下的 opensipsdbctlJava代码1. ./opensipsdbctl create ( 生成 opensips 数据库 )./opensipsdbctl create ( 生成 opensips 数据库 )7. 这个时候如果重新登录phpmyadmin,会看到已经新建了opensips数据库8. opensips的运行Java代码1. /usr/local/sbin/下的opensipsctl start来启动opensips2. ps aux | grep opensips 检查应该已经运行了。

3. opensips/sbin/下的opensipsctl stop来停止opensips/usr/local/sbin/下的opensipsctl start来启动opensipsps aux | grep opensips 检查应该已经运行了。

opensips/sbin/下的opensipsctl stop来停止opensips至此基本的opensips配置已经完成了,可以用软件software phone来连接到这个sip server 上面并注册成功,不需要先在mysql数据库中添加对应的记录。

9. opensips 认证功能的实现Java代码1. labuser@cnta02:/etc/init.d$ cat /usr/local/etc/opensips/opensips.cfg2. #3. # $Id: opensips.cfg 6464 2009-12-24 08:00:54Z bogdan_iancu $4. #5. # OpenSIPS basic configuration script6. # by Anca Vamanu <anca@voice-system.ro>7. #8. # Please refer to the Core CookBook at:9. # /index.php?n=Resources.DocsCookbooks10. # for a explanation of possible statements, functions and parameters.11. #12.13.14. ####### Global Parameters #########15.16. debug=317. log_stderror=no18. log_facility=LOG_LOCAL019.20. fork=yes21. children=422.23. /* uncomment the following lines to enable debugging */24. debug=625. #fork=no26. log_stderror=yes27.28. /* uncomment the next line to disable TCP (default on) */29. #disable_tcp=yes30.31. /* uncomment the next line to enable the auto temporary blacklisting of32. not available destinations (default disabled) */33. #disable_dns_blacklist=no34.35. /* uncomment the next line to enable IPv6 lookup after IPv4 dns36. lookup failures (default disabled) */37. #dns_try_ipv6=yes38.39. /* uncomment the next line to disable the auto discovery of local aliases40. based on revers DNS on IPs (default on) */41. #auto_aliases=no42.43. /* uncomment the following lines to enable TLS support (default off) */44. #disable_tls = no45. #listen = tls:your_IP:506146. #tls_verify_server = 147. #tls_verify_client = 148. #tls_require_client_certificate = 049. #tls_method = TLSv150. #tls_certificate = "/usr/local/etc/opensips/tls/user/user-cert.pem"51. #tls_private_key = "/usr/local/etc/opensips/tls/user/user-privkey.pem"52. #tls_ca_list = "/usr/local/etc/opensips/tls/user/user-calist.pem"53.54.55. port=506056.57. /* uncomment and configure the following line if you want opensips to58. bind on a specific interface/port/proto (default bind on all available) */59. #listen=udp:192.168.1.2:506060.61.62. ####### Modules Section ########63.64. #set module path65. mpath="/usr/local/lib/opensips/modules/"66.67. /* uncomment next line for MySQL DB support */68. loadmodule "db_mysql.so"69. loadmodule "signaling.so"70. loadmodule "sl.so"71. loadmodule "tm.so"72. loadmodule "rr.so"73. loadmodule "maxfwd.so"74. loadmodule "usrloc.so"75. loadmodule "registrar.so"76. loadmodule "textops.so"77. loadmodule "mi_fifo.so"78. loadmodule "uri.so"79. loadmodule "xlog.so"80. loadmodule "acc.so"81. /* uncomment next lines for MySQL based authentication support82. NOTE: a DB (like db_mysql) module must be also loaded */83. loadmodule "auth.so"84. loadmodule "auth_db.so"85. /* uncomment next line for aliases support86. NOTE: a DB (like db_mysql) module must be also loaded */87. loadmodule "alias_db.so"88. /* uncomment next line for multi-domain support89. NOTE: a DB (like db_mysql) module must be also loaded90. NOTE: be sure and enable multi-domain support in all used modules91. (see "multi-module params" section ) */92. #loadmodule "domain.so"93. /* uncomment the next two lines for presence server support94. NOTE: a DB (like db_mysql) module must be also loaded */95. #loadmodule "presence.so"96. #loadmodule "presence_xml.so"97.98.99. # ----------------- setting module-specific parameters --------------- 100.101.102. # ----- mi_fifo params -----103. modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")104. modparam("mi_fifo", "fifo_mode", 0666)105.106. # ----- rr params -----107. # add value to ;lr param to cope with most of the UAs108. modparam("rr", "enable_full_lr", 1)109. # do not append from tag to the RR (no need for this script)110. modparam("rr", "append_fromtag", 0)111.112.113. # ----- registrar params -----114. /* uncomment the next line not to allow more than 10 contacts per AOR */ 115. #modparam("registrar", "max_contacts", 10)116.117.118. # ----- usrloc params -----119. modparam("usrloc", "db_mode", 0)120. /* uncomment the following lines if you want to enable DB persistency121. for location entries */122. modparam("usrloc", "db_mode", 2)123. #modparam("usrloc", "db_url",124. # "mysql://opensips:opensipsrw@localhost/opensips")125.126.127. # ----- uri params -----128. modparam("uri", "use_uri_table", 0)129.130.131. # ----- acc params -----132. /* what sepcial events should be accounted ? */133. modparam("acc", "early_media", 1)134. modparam("acc", "report_ack", 1)135. modparam("acc", "report_cancels", 1)136. /* by default ww do not adjust the direct of the sequential requests.137. if you enable this parameter, be sure the enable "append_fromtag"138. in "rr" module */139. modparam("acc", "detect_direction", 0)140. /* account triggers (flags) */141. modparam("acc", "failed_transaction_flag", 3)142. modparam("acc", "log_flag", 1)143. modparam("acc", "log_missed_flag", 2)144. /* uncomment the following lines to enable DB accounting also */145. modparam("acc", "db_flag", 1)146. modparam("acc", "db_missed_flag", 2)147.148.149. # ----- auth_db params -----150. /* uncomment the following lines if you want to enable the DB based151. authentication */152. modparam("auth_db", "calculate_ha1", yes)153. modparam("auth_db", "password_column", "password")154. #modparam("auth_db", "db_url",155. # "mysql://opensips:opensipsrw@localhost/opensips")156. #modparam("auth_db", "load_credentials", "")157.158.159. # ----- alias_db params -----160. /* uncomment the following lines if you want to enable the DB based161. aliases */162. #modparam("alias_db", "db_url",163. # "mysql://opensips:opensipsrw@localhost/opensips")164.165.166. # ----- domain params -----167. /* uncomment the following lines to enable multi-domain detection168. support */169. #modparam("domain", "db_url",170. # "mysql://opensips:opensipsrw@localhost/opensips")171. #modparam("domain", "db_mode", 1) # Use caching172.173.174. # ----- multi-module params -----175. /* uncomment the following line if you want to enable multi-domain support 176. in the modules (dafault off) */177. #modparam("alias_db|auth_db|usrloc|uri", "use_domain", 1)178.179.180. # ----- presence params -----181. /* uncomment the following lines if you want to enable presence */182. #modparam("presence|presence_xml", "db_url",183. # "mysql://opensips:opensipsrw@localhost/opensips")184. #modparam("presence_xml", "force_active", 1)185. #modparam("presence", "server_address", "sip:192.168.1.2:5060")186.187.188. ####### Routing Logic ########189.190.191. # main request routing logic192.193. route{194.195. if (!mf_process_maxfwd_header("10")) {196. sl_send_reply("483","Too Many Hops");197. exit;198. }199.200. if (has_totag()) {201. # sequential request withing a dialog should202. # take the path determined by record-routing203. if (loose_route()) {204. if (is_method("BYE")) {205. setflag(1); # do accounting ...206. setflag(3); # ... even if the transaction fails207. } else if (is_method("INVITE")) {208. # even if in most of the cases is useless, do RR for209. # re-INVITEs alos, as some buggy clients do change route set 210. # during the dialog.211. record_route();212. }213. # route it out to whatever destination was set by loose_route() 214. # in $du (destination URI).215. route(1);216. } else {217. /* uncomment the following lines if you want to enable presence*/218. ##if (is_method("SUBSCRIBE") && $rd == "your.server.ip.address") {219. ## # in-dialog subscribe requests220. ## route(2);221. ## exit;222. ##}223. if ( is_method("ACK") ) {224. if ( t_check_trans() ) {225. # non loose-route, but stateful ACK; must be an ACK after 226. # a 487 or e.g. 404 from upstream server227. t_relay();228. exit;229. } else {230. # ACK without matching transaction ->231. # ignore and discard232. exit;233. }234. }235. sl_send_reply("404","Not here");236. }237. exit;238. }240. #initial requests241.242. # CANCEL processing243. if (is_method("CANCEL"))244. {245. if (t_check_trans())246. t_relay();247. exit;248. }249.250. t_check_trans();251.252. # authenticate if from local subscriber (uncomment to enable auth)253. # authenticate all initial non-REGISTER request that pretend to be254. # generated by local subscriber (domain from FROM URI is local)255. if (!(method=="REGISTER") && from_uri==myself) /*no multidomain version*/ 256. ##if (!(method=="REGISTER") && is_from_local()) /*multidomain version*/ 257. {258. if (!proxy_authorize("", "subscriber")) {259. proxy_challenge("", "0");260. exit;261. }262. if (!db_check_from()) {263. sl_send_reply("403","Forbidden auth ID");264. exit;265. }266.267. consume_credentials();268. # caller authenticated269. }270.271. # preloaded route checking272. if (loose_route()) {273. xlog("L_ERR",274. "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");275. if (!is_method("ACK"))276. sl_send_reply("403","Preload Route denied");277. exit;278. }279.280. # record routing281. if (!is_method("REGISTER|MESSAGE"))282. record_route();284. # account only INVITEs285. if (is_method("INVITE")) {286. setflag(1); # do accounting287. }288. if (!uri==myself)289. ## replace with following line if multi-domain support is used290. ##if (!is_uri_host_local())291. {292. append_hf("P-hint: outbound\r\n");293. # if you have some interdomain connections via TLS294. ##if($rd=="tls_") {295. ## t_relay("tls:");296. ## exit;297. ##} else if($rd=="tls_") {298. ## t_relay("tls:");299. ## exit;300. ##}301. route(1);302. }303.304. # requests for my domain305.306. ## uncomment this if you want to enable presence server307. ## and comment the next 'if' block308. ## NOTE: uncomment also the definition of route[2] from below309. ##if( is_method("PUBLISH|SUBSCRIBE"))310. ## route(2);311.312. if (is_method("PUBLISH"))313. {314. sl_send_reply("503", "Service Unavailable");315. exit;316. }317.318.319. if (is_method("REGISTER"))320. {321. # authenticate the REGISTER requests (uncomment to enable auth) 322. if (!www_authorize("", "subscriber"))323. {324. www_challenge("", "0");325. exit;326. }327.328. if (!db_check_to())329. {330. sl_send_reply("403","Forbidden auth ID");331. exit;332. }333.334. if (!save("location"))335. sl_reply_error();336.337. exit;338. }339.340. if ($rU==NULL) {341. # request with no Username in RURI342. sl_send_reply("484","Address Incomplete");343. exit;344. }345.346. # apply DB based aliases (uncomment to enable)347. alias_db_lookup("dbaliases");348.349. # do lookup with method filtering350. if (!lookup("location","m")) {351. switch ($retcode) {352. case -1:353. case -3:354. t_newtran();355. t_reply("404", "Not Found");356. exit;357. case -2:358. sl_send_reply("405", "Method Not Allowed"); 359. exit;360. }361. }362.363. # when routing via usrloc, log the missed calls also364. setflag(2);365.366. route(1);367. }368.369.370. route[1] {371. # for INVITEs enable some additional helper routes372. if (is_method("INVITE")) {373. t_on_branch("2");374. t_on_reply("2");375. t_on_failure("1");376. }377.378. if (!t_relay()) {379. sl_reply_error();380. };381. exit;382. }383.384.385. # Presence route386. /* uncomment the whole following route for enabling presence387. NOTE: do not forget to enable the call of this route from the main 388. route */389. ##route[2]390. ##{391. ## if (!t_newtran())392. ## {393. ## sl_reply_error();394. ## exit;395. ## };396. ##397. ## if(is_method("PUBLISH"))398. ## {399. ## handle_publish();400. ## t_release();401. ## }402. ## else403. ## if( is_method("SUBSCRIBE"))404. ## {405. ## handle_subscribe();406. ## t_release();407. ## }408. ##409. ## exit;410. ##}411.412.413. branch_route[2] {414. xlog("new branch at $ru\n");416.417.418. onreply_route[2] {419. xlog("incoming reply\n");420. }421.422.423. failure_route[1] {424. if (t_was_cancelled()) {425. exit;426. }427.428. # uncomment the following lines if you want to block client429. # redirect based on 3xx replies.430. ##if (t_check_status("3[0-9][0-9]")) {431. ##t_reply("404","Not found");432. ## exit;433. ##}434.435. # uncomment the following lines if you want to redirect the failed 436. # calls to a different new destination437. ##if (t_check_status("486|408")) {438. ## sethostport("192.168.2.100:5060");439. ## # do not set the missed call flag again440. ## t_relay();441. ##}442. }labuser@cnta02:/etc/init.d$ cat /usr/local/etc/opensips/opensips.cfg## $Id: opensips.cfg 6464 2009-12-24 08:00:54Z bogdan_iancu $## OpenSIPS basic configuration script# by Anca Vamanu <anca@voice-system.ro>## Please refer to the Core CookBook at:# /index.php?n=Resources.DocsCookbooks# for a explanation of possible statements, functions and parameters.######## Global Parameters #########log_stderror=nolog_facility=LOG_LOCAL0fork=yeschildren=4/* uncomment the following lines to enable debugging */debug=6#fork=nolog_stderror=yes/* uncomment the next line to disable TCP (default on) */#disable_tcp=yes/* uncomment the next line to enable the auto temporary blacklisting ofnot available destinations (default disabled) */#disable_dns_blacklist=no/* uncomment the next line to enable IPv6 lookup after IPv4 dnslookup failures (default disabled) */#dns_try_ipv6=yes/* uncomment the next line to disable the auto discovery of local aliasesbased on revers DNS on IPs (default on) */#auto_aliases=no/* uncomment the following lines to enable TLS support (default off) */#disable_tls = no#listen = tls:your_IP:5061#tls_verify_server = 1#tls_verify_client = 1#tls_require_client_certificate = 0#tls_method = TLSv1#tls_certificate = "/usr/local/etc/opensips/tls/user/user-cert.pem"#tls_private_key = "/usr/local/etc/opensips/tls/user/user-privkey.pem"#tls_ca_list = "/usr/local/etc/opensips/tls/user/user-calist.pem"port=5060/* uncomment and configure the following line if you want opensips tobind on a specific interface/port/proto (default bind on all available) */ #listen=udp:192.168.1.2:5060####### Modules Section #########set module pathmpath="/usr/local/lib/opensips/modules/"/* uncomment next line for MySQL DB support */loadmodule "db_mysql.so"loadmodule "signaling.so"loadmodule "sl.so"loadmodule "tm.so"loadmodule "rr.so"loadmodule "maxfwd.so"loadmodule "usrloc.so"loadmodule "registrar.so"loadmodule "textops.so"loadmodule "mi_fifo.so"loadmodule "uri.so"loadmodule "xlog.so"loadmodule "acc.so"/* uncomment next lines for MySQL based authentication supportNOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "auth.so"loadmodule "auth_db.so"/* uncomment next line for aliases supportNOTE: a DB (like db_mysql) module must be also loaded */ loadmodule "alias_db.so"/* uncomment next line for multi-domain supportNOTE: a DB (like db_mysql) module must be also loadedNOTE: be sure and enable multi-domain support in all used modules (see "multi-module params" section ) */#loadmodule "domain.so"/* uncomment the next two lines for presence server supportNOTE: a DB (like db_mysql) module must be also loaded */#loadmodule "presence.so"#loadmodule "presence_xml.so"# ----------------- setting module-specific parameters ---------------# ----- mi_fifo params -----modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")modparam("mi_fifo", "fifo_mode", 0666)# ----- rr params -----# add value to ;lr param to cope with most of the UAsmodparam("rr", "enable_full_lr", 1)# do not append from tag to the RR (no need for this script)modparam("rr", "append_fromtag", 0)# ----- registrar params -----/* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10)# ----- usrloc params -----modparam("usrloc", "db_mode", 0)/* uncomment the following lines if you want to enable DB persistencyfor location entries */modparam("usrloc", "db_mode", 2)#modparam("usrloc", "db_url",# "mysql://opensips:opensipsrw@localhost/opensips")# ----- uri params -----modparam("uri", "use_uri_table", 0)# ----- acc params -----/* what sepcial events should be accounted ? */modparam("acc", "early_media", 1)modparam("acc", "report_ack", 1)modparam("acc", "report_cancels", 1)/* by default ww do not adjust the direct of the sequential requests.if you enable this parameter, be sure the enable "append_fromtag"in "rr" module */modparam("acc", "detect_direction", 0)/* account triggers (flags) */modparam("acc", "failed_transaction_flag", 3)modparam("acc", "log_flag", 1)modparam("acc", "log_missed_flag", 2)/* uncomment the following lines to enable DB accounting also */ modparam("acc", "db_flag", 1)modparam("acc", "db_missed_flag", 2)# ----- auth_db params -----/* uncomment the following lines if you want to enable the DB basedauthentication */modparam("auth_db", "calculate_ha1", yes)modparam("auth_db", "password_column", "password")#modparam("auth_db", "db_url",# "mysql://opensips:opensipsrw@localhost/opensips")#modparam("auth_db", "load_credentials", "")# ----- alias_db params -----/* uncomment the following lines if you want to enable the DB basedaliases */#modparam("alias_db", "db_url",# "mysql://opensips:opensipsrw@localhost/opensips")# ----- domain params -----/* uncomment the following lines to enable multi-domain detectionsupport */#modparam("domain", "db_url",# "mysql://opensips:opensipsrw@localhost/opensips")#modparam("domain", "db_mode", 1) # Use caching# ----- multi-module params -----/* uncomment the following line if you want to enable multi-domain support in the modules (dafault off) */#modparam("alias_db|auth_db|usrloc|uri", "use_domain", 1)# ----- presence params -----/* uncomment the following lines if you want to enable presence */#modparam("presence|presence_xml", "db_url",# "mysql://opensips:opensipsrw@localhost/opensips")#modparam("presence_xml", "force_active", 1)#modparam("presence", "server_address", "sip:192.168.1.2:5060")####### Routing Logic ######### main request routing logicroute{if (!mf_process_maxfwd_header("10")) {sl_send_reply("483","Too Many Hops");exit;}if (has_totag()) {# sequential request withing a dialog should# take the path determined by record-routingif (loose_route()) {if (is_method("BYE")) {setflag(1); # do accounting ...setflag(3); # ... even if the transaction fails} else if (is_method("INVITE")) {# even if in most of the cases is useless, do RR for# re-INVITEs alos, as some buggy clients do change route set# during the dialog.record_route();}# route it out to whatever destination was set by loose_route()# in $du (destination URI).route(1);} else {/* uncomment the following lines if you want to enable presence */##if (is_method("SUBSCRIBE") && $rd == "your.server.ip.address") {## # in-dialog subscribe requests## route(2);## exit;##}if ( is_method("ACK") ) {if ( t_check_trans() ) {# non loose-route, but stateful ACK; must be an ACK after# a 487 or e.g. 404 from upstream servert_relay();exit;} else {# ACK without matching transaction -># ignore and discardexit;}}sl_send_reply("404","Not here");}exit;}#initial requests# CANCEL processingif (is_method("CANCEL")){if (t_check_trans())t_relay();exit;}t_check_trans();# authenticate if from local subscriber (uncomment to enable auth)# authenticate all initial non-REGISTER request that pretend to be# generated by local subscriber (domain from FROM URI is local)if (!(method=="REGISTER") && from_uri==myself) /*no multidomain version*/ ##if (!(method=="REGISTER") && is_from_local()) /*multidomain version*/ {if (!proxy_authorize("", "subscriber")) {proxy_challenge("", "0");exit;}if (!db_check_from()) {sl_send_reply("403","Forbidden auth ID");exit;}consume_credentials();# caller authenticated}# preloaded route checkingif (loose_route()) {xlog("L_ERR","Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");if (!is_method("ACK"))sl_send_reply("403","Preload Route denied");exit;}# record routingif (!is_method("REGISTER|MESSAGE"))record_route();# account only INVITEsif (is_method("INVITE")) {setflag(1); # do accounting}if (!uri==myself)## replace with following line if multi-domain support is used##if (!is_uri_host_local()){append_hf("P-hint: outbound\r\n");# if you have some interdomain connections via TLS##if($rd=="tls_") {## t_relay("tls:");## exit;##} else if($rd=="tls_") {## t_relay("tls:");## exit;##}route(1);}# requests for my domain## uncomment this if you want to enable presence server## and comment the next 'if' block## NOTE: uncomment also the definition of route[2] from below##if( is_method("PUBLISH|SUBSCRIBE"))## route(2);if (is_method("PUBLISH")){sl_send_reply("503", "Service Unavailable");exit;}if (is_method("REGISTER")){# authenticate the REGISTER requests (uncomment to enable auth) if (!www_authorize("", "subscriber")){。