Re: [Flexisip-developers] domain-registrations.conf

2016-07-20 15:03 GMT+02:00 Ivan Jurišić <address@hidden>:

This mail-list is alive?

On 07/06/2016 04:24 PM, Ivan Jurišić wrote:
> Hello !!!
>
> I install Flexisip on Debian 8 Jessie from repos:
>
> deb http://linphone.org/snapshots/debian jessie main
>
> But have problem when I try to start flexisip service:
>
> Jul 06 15:56:09 jura1 flexisip[21593]: Stopping SIP proxy: flexisip.
> Jul 06 15:56:09 jura1 flexisip[21605]: [LAUNCHER] Watchdog PID: 21606
> Jul 06 15:56:09 jura1 flexisip[21608]: Starting flexisip version 1.0.10
> (git 1.0.10-24-g28c61f7)
> Jul 06 15:56:09 jura1 flexisip[21608]: getaddrinfo error: Name or
> service not known for host []
> Jul 06 15:56:09 jura1 flexisip[21608]: Cannot open domain registration
> configuration file '/etc/flexisip/domain-registrations.conf'
> Jul 06 15:56:09 jura1 flexisip[21608]: Incorrect line format: (error:
> basic_ios::clear)
> Jul 06 15:56:09 jura1 flexisip[21608]: Monitor::createAccounts(): Could
> not find local IP address
> Jul 06 15:56:09 jura1 flexisip[21601]: Starting SIP proxy:
> flexisipWarning: Failed to connect to the agentx master agent ([NIL]):
> Jul 06 15:56:09 jura1 flexisip[21605]: [LAUNCHER] Flexisip failed to start.
> Jul 06 15:56:09 jura1 flexisip[21601]: failed!
>
> 1. I check for file /etc/flexisip/domain-registrations.conf and I don't
> have that file, then try to seek on wiki page but can't to find what I
> need to put in that file.
>
> 2. Can't to find local IP address ?
>
> Please help !!!
>
>
>
> my configuration file is :
>
> ##
> ## This is the default Flexisip configuration file
> ##
>
>
>
>
> ##
> ## Some global settings of the flexisip proxy.
> ##
> [global]
>
>
>
> # Outputs very detailed logs
> # Default value: false
> debug=false
>
> # Generate a corefile when crashing
> # Default value: true
> dump-corefiles=true
>
> # Automatically respawn flexisip in case of abnormal termination
> # (crashes)
> # Default value: true
> auto-respawn=true
>
> # List of white space separated host names pointing to this machine.
> # This is to prevent loops while routing SIP messages.
> # Default value: localhost
> aliases=sip.jurisic.org
>
> # List of white space separated SIP uris where the proxy must listen.
> # Wildcard (*) can be used to mean 'all local ip addresses'. If
> # 'transport' prameter is unspecified, it will listen to both udp
> # and tcp. A local address to bind onto can be indicated in the
> # 'maddr' parameter, while the domain part of the uris are used
> # as public domain or ip address.
> # The 'sips' transport definitions accept two optional parameters:
> # - 'tls-certificates-dir' taking for value a path, with the same
> # meaning as the 'tls-certificates-dir' property of this section
> # and overriding it for this given transport.
> # - 'require-peer-certificate' taking for value '0' or '1', to
> # indicate whether clients connecting are required to present a
> # client certificate.
> # Specifying a sip uri with transport=tls is not allowed: the 'sips'
> # scheme must be used. As requested by SIP RFC, IPv6 address must
> # be enclosed within brakets.
> # Here are some examples to understand:
> # * listen on all local interfaces for udp and tcp, on standart
> # port:
> # transports=sip:*
> # * listen on all local interfaces for udp,tcp and tls, on standart
> # ports:
> # transports=sip:* sips:*
> # * listen only a specific IPv6 interface, on standart ports, with
> # udp, tcp and tls
> # transports=sip:[2a01:e34:edc3:4d0:7dac:4a4f:22b6:2083]
> sips:[2a01:e34:edc3:4d0:7dac:4a4f:22b6:2083]
> # * listen on tls localhost with 2 different ports and SSL certificates:
> # transports=sips:localhost:5061;tls-certificates-dir=path_a
> sips:localhost:5062;tls-certificates-dir=path_b
> # * listen on tls localhost with 2 peer certificate requirements:
> # transports=sips:localhost:5061;require-peer-certificate=0
> sips:localhost:5062;require-peer-certificate=1
> # * listen on 192.168.0.29:6060 with tls, but public hostname is
> # 'sip.linphone.org' used in SIP messages. Bind address won't appear
> # in messages:
> # transports=sips:sip.linphone.org:6060;maddr=192.168.0.29
> # Default value: sip:*
> transports=sip:*
>
> # Path to the directory where TLS server certificate and private
> # key can be found, concatenated inside an 'agent.pem' file. Any
> # chain certificates must be put into a file named 'cafile.pem'.
> # The setup of agent.pem, and eventually cafile.pem is required
> # for TLS transport to work.
> # Default value: /etc/flexisip/tls
> tls-certificates-dir=/etc/flexisip/tls
>
> # Time interval in seconds after which inactive connections are
> # closed.
> # Default value: 3600
> idle-timeout=3600
>
> # Require client certificate from peer.
> # Default value: false
> require-peer-certificate=false
>
> # SIP transaction timeout in milliseconds. It is T1*64 (32000 ms)
> # by default.
> # Default value: 32000
> transaction-timeout=32000
>
> # The UDP MTU. Flexisip will fallback to TCP when sending a message
> # whose size exceeds the UDP MTU. Please read
> http://sofia-sip.sourceforge.net/refdocs/nta/nta__tag_8h.html#a6f51c1ff713ed4b285e95235c4cc999a
> # for more details. If sending large packets over UDP is not a problem,
> # then set a big value such as 65535. Unlike the recommandation
> # of the RFC, the default value of UDP MTU is 1460 in Flexisip (instead
> # of 1300).
> # Default value: 1460
> udp-mtu=1460
>
> ##
> ## Should the server be part of a cluster, this section enable to
> ## describe the topology of the cluster.
> ##
> [cluster]
>
>
>
> # Set to 'true' if that node is part of a cluster
> # Default value: false
> enabled=false
>
> # List of IP addresses of all nodes present in the cluster
> # Default value:
> nodes=
>
> ##
> ## Flexisip monitor parameters
> ##
> [monitor]
>
>
>
> # Enable or disable the Flexisip monitor daemon
> # Default value: false
> enabled=true
>
> # Time between two consecutive tests
> # Default value: 30
> test-interval=30
>
> # Path to the log file
> # Default value: /etc/flexisip/flexisip_monitor.log
> logfile=/etc/flexisip/flexisip_monitor.log
>
> # Port to open/close folowing the test succeed or not
> # Default value: 12345
> switch-port=12345
>
> # Salt used to generate the passwords of each test account
> # Default value:
> password-salt=
>
> ##
> ## STUN server parameters.
> ##
> [stun-server]
>
>
>
> # Enable or disable stun server.
> # Default value: true
> enabled=true
>
> # Local ip address where to bind the socket.
> # Default value: 0.0.0.0
> bind-address=0.0.0.0
>
> # STUN server port number.
> # Default value: 3478
> port=3478
>
> ##
> ## Event logs contain per domain and user information about processed
> ## registrations, calls and messages.
> ##
> [event-logs]
>
>
>
> # Enable event logs.
> # Default value: false
> enabled=true
>
> # Directory where event logs are written as a filesystem (case where
> # odb output is not active).
> # Default value: /var/log/flexisip
> dir=/var/log/flexisip
>
> # Use odb for storing logs in database. The list of arguments below
> # are used for the connection to the database.
> # Default value: false
> use-odb=false
>
> # Name of the database
> # Default value:
> odb-database=
>
> # User
> # Default value:
> odb-user=
>
> # Password
> # Default value:
> odb-password=
>
> # Host
> # Default value:
> odb-host=
>
> # Port
> # Default value:
> odb-port=
>
> # Number of thread max for writing in database
> # Default value: 500
> nb-thread-max=500
>
> ##
> ## This module bans user when they are sending too much packets on
> ## a given timelapseTo see the list of currently banned ips/ports,
> ## use iptables -LYou can also check the queue of unban commands
> ## using atq
> ##
> [module::DoSProtection]
>
>
>
> # Indicate whether the module is activated.
> # Default value: true
> enabled=false
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # Number of milliseconds to consider to compute the packet rate
> # Default value: 3000
> time-period=3000
>
> # Maximum packet rate in packets/seconds, averaged over [time-period]
> # millisecond(s) to consider it as a DoS attack.
> # Default value: 20
> packet-rate-limit=20
>
> # Number of minutes to ban the ip/port using iptables (might be
> # less because it justs uses the minutes of the clock, not the seconds.
> # So if the unban command is queued at 13:11:56 and scheduled and
> # the ban time is 1 minute, it will be executed at 13:12:00)
> # Default value: 2
> ban-time=2
>
> ##
> ## The SanitCheck module checks that required fields of a SIP message
> ## are present to avoid unecessary checking while processing message
> ## further. If the message doesn't meet these sanity check criterias,
> ## then it is stopped and bad request response is sent.
> ##
> [module::SanityChecker]
>
>
>
> # Indicate whether the module is activated.
> # Default value: true
> enabled=true
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> ##
> ## The ModuleGarbageIn module collects incoming garbage and prevent
> ## any further processing.
> ##
> [module::GarbageIn]
>
>
>
> # Indicate whether the module is activated.
> # Default value: false
> enabled=false
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value: false
> filter=false
>
> ##
> ## The NatHelper module executes small tasks to make SIP work smoothly
> ## despite firewalls.It corrects the Contact headers that contain
> ## obviously inconsistent addresses, and adds a Record-Route to ensure
> ## subsequent requests are routed also by the proxy, through the
> ## UDP or TCP channel each client opened to the proxy.
> ##
> [module::NatHelper]
>
>
>
> # Indicate whether the module is activated.
> # Default value: true
> enabled=true
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # Internal URI parameter added to response contact by first proxy
> # and cleaned by last one.
> # Default value: verified
> contact-verified-param=verified
>
> # Fix record-routes, to workaround proxies behind firewalls but
> # not aware of it.
> # Default value: false
> fix-record-routes=false
>
> # Policy to recognize nat'd record-route and fix them. There are
> # two modes: 'safe' and 'always'
> # Default value: safe
> fix-record-routes-policy=safe
>
> ##
> ## The authentication module challenges and authenticates SIP requests
> ## using two possible methods:
> ## * if the request is received via a TLS transport and
> 'require-peer-certificate'
> ## is set in transport definition in [Global] section for this transport,
> ## then the From header of the request is matched with the CN claimed
> ## by the client certificate. The CN must contain sip:address@hidden
> ## or alternate name with URI=sip:address@hidden corresponding to the
> ## URI in the from header for the request to be accepted.
> ## * if no TLS client based authentication can be performed, or
> ## is failed, then a SIP digest authentication is performed. The
> ## password verification is made by querying a database or a password
> ## file on disk.
> ##
> [module::Authentication]
>
>
>
> # Indicate whether the module is activated.
> # Default value: false
> enabled=false
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # List of whitespace separated domain names to challenge. Others
> # are denied.
> # Default value: localhost
> auth-domains=sip.jurisic.org
>
> # List of whitespace separated IP which will not be challenged.
> # Default value:
> trusted-hosts=
>
> # Database backend implementation [odbc,soci,file,fixed].
> # Default value: fixed
> db-implementation=file
>
> # Odbc connection string to use for connecting to database. ex1:
> # DSN=myodbc3; where 'myodbc3' is the datasource name. ex2:
> DRIVER={MySQL};SERVER=host;DATABASE=db;USER=user;PASSWORD=pass;OPTION=3;
> # for a DSN-less connection. ex3: /etc/flexisip/passwd; for a file
> # containing one 'address@hidden password' by line.
> # Default value:
> datasource=/etc/flexisip/users.db.txt
>
> # Expiration time of nonces, in seconds.
> # Default value: 3600
> nonce-expires=3600
>
> # Duration of the validity of the credentials added to the cache
> # in seconds.
> # Default value: 1800
> cache-expire=1800
>
> # True if retrieved passwords from the database are hashed. HA1=MD5(A1)
> # = MD5(username:realm:pass).
> # Default value: false
> hashed-passwords=false
>
> # Don't reply 403, but 401 or 407 even in case of wrong authentication.
> # Default value: false
> no-403=false
>
> # List of whitespace separated username or address@hidden CN which
> # will trusted. If no domain is given it is computed.
> # Default value:
> trusted-client-certificates=
>
> # When receiving a proxy authenticate challenge, generate a new
> # challenge for this proxy.
> # Default value: false
> new-auth-on-407=false
>
> # Enable a feature useful for automatic tests, allowing a client
> # to create a temporary account in the password database in memory.This
> # MUST not be used for production as it is a real security hole.
> # Default value: false
> enable-test-accounts-creation=false
>
> # Disable the QOP authentication method. Default is to use it, use
> # this flag to disable it if needed.
> # Default value: false
> disable-qop-auth=false
>
> # Odbc SQL request to execute to obtain the password
> # . Named parameters are :id (the user found in the from header),
> # :domain (the authorization realm) and :authid (the authorization
> # username). The use of the :id parameter is mandatory.
> # Default value: select password from accounts where id = :id and
> domain = :domain and authid=:authid
> request=select password from accounts where id = :id and domain =
> :domain and authid=:authid
>
> # Use pooling in ODBC (improves performances). This is not guaranteed
> # to succeed, because if you are using unixODBC, it consults the
> # /etc/odbcinst.inifile in section [ODBC] to check for Pooling=yes/no
> # option. You should make sure that this flag is set before expecting
> # this option to work.
> # Default value: true
> odbc-pooling=true
>
> # Display timing statistics after this count of seconds
> # Default value: 0
> odbc-display-timings-interval=0
>
> # Display timing statistics once the number of samples reach this
> # number.
> # Default value: 0
> odbc-display-timings-after-count=0
>
> # Soci SQL request to execute to obtain the password.
> # Named parameters are:
> # -':id' : the user found in the from header,
> # -':domain' : the authorization realm, and
> # -':authid' : the authorization username.
> # The use of the :id parameter is mandatory.
> # Default value: select password from accounts where id = :id and
> domain = :domain and authid=:authid
> soci-password-request=select password from accounts where id = :id and
> domain = :domain and authid=:authid
>
> # Size of the pool of connections that Soci will use. We open a
> # thread for each DB query, and this pool will allow each thread
> # to get a connection.
> # The threads are blocked until a connection is released back to
> # the pool, so increasing the pool size will allow more connections
> # to occur simultaneously.
> # On the other hand, you should not keep too many open connections
> # to your DB at the same time.
> # Default value: 100
> soci-poolsize=100
>
> # Choose the type of backend that Soci will use for the connection.
> # Depending on your Soci package and the modules you installed,
> # this could be 'mysql', 'oracle', 'postgresql' or something else.
> # Default value: mysql
> soci-backend=mysql
>
> # The configuration parameters of the Soci backend.
> # The basic format is "key=value key2=value2". For a mysql backend,
> # this is a valid config: "db=mydb user=user password='pass'
> host=myhost.com".
> # Please refer to the Soci documentation of your backend, for intance:
> # http://soci.sourceforge.net/doc/3.2/backends/mysql.html
> # Default value: db=mydb user=myuser password='mypass' host=myhost.com
> soci-connection-string=db=mydb user=myuser password='mypass' host=myhost.com
>
> # Amount of queries that will be allowed to be queued before bailing
> # password requests.
> # This value should be chosen accordingly with 'soci-poolsize',
> # so that you have a coherent behavior.
> # This limit is here mainly as a safeguard against out-of-control
> # growth of the queue in the event of a flood or big delays in the
> # database backend.
> # Default value: 1000
> soci-max-queue-size=1000
>
> ##
> ## This module redirect sip request with a 302 move temporarily.
> ##
> [module::Redirect]
>
>
>
> # Indicate whether the module is activated.
> # Default value: false
> enabled=false
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # A contact where to redirect requests. ex: <sip:127.0.0.1:5065>;expires=100
> # Default value:
> contact=
>
> ##
> ## The ModuleRegistrar module accepts REGISTERs for domains it manages,
> ## and store the address of record in order to allow routing requests
> ## destinated to the client who registered.
> ##
> [module::Registrar]
>
>
>
> # Indicate whether the module is activated.
> # Default value: true
> enabled=true
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # List of whitespace separated domain names to be managed by the
> # registrar. It can eventually be the '*' (wildcard) in order to
> # match any domain name.
> # Default value: localhost
> reg-domains=sip.jurisic.org
>
> # Register users based on response obtained from a back-end server.
> # This mode is for using flexisip as a front-end server to hold
> # client connections but registeracceptance is deferred to backend
> # server to which the REGISTER is routed.
> # Default value: false
> reg-on-response=false
>
> # Maximum number of registered contacts of an address of record.
> # Default value: 12
> max-contacts-by-aor=12
>
> # List of contact uri parameters that can be used to identify a
> # user's device. The contact parameters are searched in the order
> # of the list, the first matching parameter is used and the others
> # ignored.
> # Default value: +sip.instance pn-tok line
> unique-id-parameters=+sip.instance pn-tok line
>
> # Maximum expire time for a REGISTER, in seconds.
> # Default value: 86400
> max-expires=86400
>
> # Minimum expire time for a REGISTER, in seconds.
> # Default value: 60
> min-expires=60
>
> # File containing the static records to add to database at startup.
> # Format: one 'sip_uri contact_header' by line. Example:
> # <sip:address@hidden> <sip:127.0.0.1:5460>,<sip:192.168.0.1:5160>
> # Default value:
> static-records-file=
>
> # Timeout in seconds after which the static records file is re-read
> # and the contacts updated.
> # Default value: 600
> static-records-timeout=600
>
> # Implementation used for storing address of records contact uris.
> # [redis, internal]
> # Default value: internal
> db-implementation=internal
>
> # Domain of the redis server.
> # Default value: localhost
> redis-server-domain=localhost
>
> # Port of the redis server.
> # Default value: 6379
> redis-server-port=6379
>
> # Authentication password for redis. Empty to disable.
> # Default value:
> redis-auth-password=
>
> # Timeout in milliseconds of the redis connection.
> # Default value: 1500
> redis-server-timeout=1500
>
> # Serialize contacts with: [C, protobuf, json, msgpack]
> # Default value: protobuf
> redis-record-serializer=protobuf
>
> # When Redis is configured in master-slave, flexisip will periodically
> # ask what are the slaves and the master.This is the period with
> # which it will query the server.It will then determine whether
> # is is connected to the master, and if not, let go of the connection
> # and migrate to the master.Note: This requires that all redis instances
> # have the same password. Otherwise the authentication will fail.
> # Default value: 60
> redis-slave-check-period=60
>
> # Sequence of proxies (space-separated) where requests will be redirected
> # through (RFC3608)
> # Default value:
> service-route=
>
> ##
> ## The purpose of the StatisticsCollector module is to collect call
> ## statistics (RFC 6035) and store them on the server.
> ##
> [module::StatisticsCollector]
>
>
>
> # Indicate whether the module is activated.
> # Default value: false
> enabled=false
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # SIP URI of the statistics collector. Note that application/vq-rtcpxr
> # messages for this address will be deleted by this module and thus
> # not be delivered.
> # Default value:
> collector-address=
>
> ##
> ## The ModuleRouter module routes requests for domains it manages.
> ##
> [module::Router]
>
>
>
> # Indicate whether the module is activated.
> # Default value: true
> enabled=true
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # Store and retrieve contacts without using the domain.
> # Default value: false
> use-global-domain=false
>
> # Fork messages to all registered devices
> # Default value: true
> fork=true
>
> # Force forking and thus the creation of an outgoing transaction
> # even when only one contact found
> # Default value: true
> stateful=true
>
> # Fork invites to late registers
> # Default value: false
> fork-late=false
>
> # All the forked have to decline in order to decline the caller
> # invite
> # Default value: false
> fork-no-global-decline=false
>
> # Treat 603 Declined answers as urgent. Only relevant if
> fork-no-global-decline
> # is set to true.
> # Default value: false
> treat-decline-as-urgent=false
>
> # During a fork procedure, treat all failure response as urgent
> # Default value: false
> treat-all-as-urgent=false
>
> # Maximum time for a call fork to try to reach a callee, in seconds.
> # Default value: 90
> call-fork-timeout=90
>
> # Maximum time before delivering urgent responses during a call
> # fork, in seconds. The typical fork process requires to wait the
> # best response from all branches before transmitting it to the
> # client. However some error responses are retryable immediately
> # (like 415 unsupported media, 401, 407) thus it is painful for
> # the client to need to wait the end of the transaction time (32
> # seconds) for these error codes.
> # Default value: 5
> call-fork-urgent-timeout=5
>
> # Optional timer to detect lack of push response, in seconds.
> # Default value: 0
> call-push-response-timeout=0
>
> # Fork messages to client registering lately.
> # Default value: true
> message-fork-late=true
>
> # Maximum duration for delivering a text message. This property
> # applies only if message-fork-late if set to true, otherwise the
> # duration can't exceed the normal transaction duration.
> # Default value: 3600
> message-delivery-timeout=3600
>
> # Maximum duration for accepting a text message if no response is
> # received from any recipients. This property is meaningful when
> # message-fork-late is set to true.
> # Default value: 15
> message-accept-timeout=15
>
> # During a call forking, allow several INVITEs going to the same
> # next hop to be grouped into a single one. A proprietary custom
> # header 'X-target-uris' is added to the INVITE to indicate the
> # final targets of the INVITE.
> # Default value: false
> allow-target-factorization=false
>
> # Generate a contact from the TO header and route it to the above
> # destination. [sip:host:port]
> # Default value:
> generated-contact-route=
>
> # Require presence of authorization header for specified realm.
> # [Realm]
> # Default value:
> generated-contact-expected-realm=
>
> # Generate a contact route even on filled AOR.
> # Default value: false
> generate-contact-even-on-filled-aor=false
>
> # Remove to tag from 183, 180, and 101 responses to workaround buggy
> # gateways
> # Default value: false
> remove-to-tag=false
>
> # rewrite username with given value.
> # Default value:
> preroute=
>
> ##
> ## This module performs push notifications to mobile phone notification
> ## systems: apple, android, windows, as well as a generic http get/post
> ## to a custom server to which actual sending of the notification
> ## is delegated. The push notification is sent when an INVITE or
> ## MESSAGE request is not answered by the destination of the request
> ## within a certain period of time, configurable hereunder as 'timeout'
> ## parameter.
> ##
> [module::PushNotification]
>
>
>
> # Indicate whether the module is activated.
> # Default value: false
> enabled=false
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # Number of second to wait before sending a push notification to
> # device(if <=0 then disabled)
> # Default value: 5
> timeout=5
>
> # Maximum number of notifications queued for each client
> # Default value: 100
> max-queue-size=100
>
> # Enable push notification for apple devices
> # Default value: true
> apple=true
>
> # Path to directory where to find Apple Push Notification service
> # certificates. They should bear the appid of the application, suffixed
> # by the release mode and .pem extension. For example: org.linphone.dev.pem
> # org.linphone.prod.pem com.somephone.dev.pem etc... The files should
> # be .pem format, and made of certificate followed by private key.
> # Default value: /etc/flexisip/apn
> apple-certificate-dir=/etc/flexisip/apn
>
> # Enable push notification for android devices
> # Default value: true
> google=true
>
> # List of couples projectId:ApiKey for each android project that
> # supports push notifications
> # Default value:
> google-projects-api-keys=
>
> # Enable push notification for windows phone 8 devices
> # Default value: true
> windowsphone=true
>
> # Unique identifier for your Windows Store app. For example:
> ms-app://s-1-15-2-2345030743-3098444494-743537440-5853975885-5950300305-5348553438-505324794
> # Default value:
> windowsphone-package-sid=
>
> # Client secret. For example: Jrp1UoVt4C6CYpVVJHUPdcXLB1pEdRoB
> # Default value:
> windowsphone-application-secret=
>
> # Set the badge value to 0 for apple push
> # Default value: false
> no-badge=false
>
> # Instead of having Flexisip sending the push notification directly
> # to the Google/Apple/Microsoft push servers, send an http request
> # to an http server with all required information encoded in URL,
> # to which the actual sending of the push notification is delegated.
> # The following arguments can be substitued in the http request
> # uri, with the following values:
> # - $type : apple, google, wp
> # - $event : call, message
> # - $from-name : the display name in the from header
> # - $from-uri : the sip uri of the from header
> # - $from-tag : the tag of the from header
> # - $call-id : the call-id of the INVITE or MESSAGE request
> # - $to-uri : the sip uri of the to header
> # - $api-key : the api key to use (google only)
> # - $msgid : the message id to put in the notification
> # - $sound : the sound file to play with the notification
> #
> The content of the text message is put in the body of the http
> # request as text/plain, if any.
> # Example:
> http://292.168.0.2/$type/$event?from-uri=$from-uri&tag=$from-tag&callid=$callid&to=$to-uri
> # Default value:
> external-push-uri=
>
> # Method for reaching external-push-uri, typically GET or POST
> # Default value: GET
> external-push-method=GET
>
> ##
> ## The MediaRelay module masquerades SDP message so that all RTP
> ## and RTCP streams go through the proxy. The RTP and RTCP streams
> ## are then routed so that each client receives the stream of the
> ## other. MediaRelay makes sure that RTP is ALWAYS established, even
> ## with uncooperative firewalls.
> ##
> [module::MediaRelay]
>
>
>
> # Indicate whether the module is activated.
> # Default value: true
> enabled=true
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # SDP attribute set by the first proxy to forbid subsequent proxies
> # to provide relay. Use 'disable' to disable.
> # Default value: nortpproxy
> nortpproxy=nortpproxy
>
> # The minimal value of SDP port range
> # Default value: 1024
> sdp-port-range-min=1024
>
> # The maximal value of SDP port range
> # Default value: 65535
> sdp-port-range-max=65535
>
> # Sends a ACK and BYE to 200Ok for INVITEs not belonging to any
> # established call.
> # Default value: false
> bye-orphan-dialogs=false
>
> # Maximum concurrent calls processed by the media-relay. Calls arriving
> # when the limit is exceed will be rejected. A value of 0 means
> # no limit.
> # Default value: 0
> max-calls=0
>
> # When true, the 'c=' line and port number are set to the relay
> # ip/port even if ICE candidates are present in the request. This
> # is allow non-ice clients to have their streams relayed.
> # Default value: true
> force-relay-for-non-ice-targets=true
>
> # Prevent media-relay ports to loop between them, which can cause
> # 100% cpu on the media relay thread.You need to set this property
> # to false if you are running test calls from clients running on
> # the same IP address as the flexisip server
> # Default value: true
> prevent-loops=true
>
> # In case multiples 183 Early media responses are received for a
> # call, only the first one will have RTP streams forwarded back
> # to caller. This feature prevents the caller to receive 'mixed'
> # streams, but it breaks scenarios where multiple servers play early
> # media announcement in sequence.
> # Default value: true
> early-media-relay-single=true
>
> # Maximum number of relayed early media streams per call. This is
> # useful to limit the cpu usage due to early media relaying on embedded
> # systems. A value of 0 stands for unlimited.
> # Default value: 0
> max-early-media-per-call=0
>
> ##
> ## This module executes the basic routing task of SIP requests and
> ## pass them to the transport layer. It must always be enabled.
> ##
> [module::Forward]
>
>
>
> # Indicate whether the module is activated.
> # Default value: true
> enabled=true
>
> # A request/response enters module if the boolean filter evaluates
> # to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
> # in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
> # && (user-agent == 'Linphone v2')
> # Default value:
> filter=
>
> # A sip uri where to send all requests
> # Default value:
> route=
>
> # Add a path header of this proxy
> # Default value: true
> add-path=true
>
> # Rewrite request-uri's host and port according to above route
> # Default value: false
> rewrite-req-uri=false
>
> ##
> ## Inter domain connections is a set of feature allowing to dynamically
> ## connect several flexisip servers together in order to manage SIP
> ## routing at local and global scope. Let's suppose you have two
> ## SIP network a.example.net and b.example.net run privately and
> ## independently (no one from a.example.net needs to call someone
> ## at b.example.net). However, when people from a and b are outside
> ## of their network, they register to a worldwide available flexisip
> ## instance running on 'global.example.net'. It is then possible
> ## to:
> ## * have calls made within a.example.net routed locally and sent
> ## to global.example.net in order to reach users inside and outside
> ## of a's network. Example: address@hidden calls address@hidden.
> ## If 2 is registered on a.example.net then the call is routed locally.
> ## On the contrary if 2 is absent and registered, the call is then
> ## sent to global.example.net and then routed by the global proxy.
> ## * when global.example.net receives a call from a user not within
> ## its native network (ex: address@hidden calls address@hidden),
> ## it can route this call to the proxy that is responsible for managing
> ## the local domain (a.example.net).
> ## This system is dynamic, that is the physical IP address of a and
> ## b network can change (dynamic ip address)
> ## .This scenario is achieved with two key features:
> ## * a.example.net sends a REGISTER to global.example.net to indicate
> ## that it is the responsible for the entire domain a.example.net.
> ## The global.example.net authenticates this REGISTER thanks to TLS
> ## client certificate presented by a.example.net.
> ## * global.example.net is configured to accept this domain registration
> ## and route all calls it receives directly and estinated to a.example.net
> ## domain through the connection established by a.example.net during
> ## the domain registration.
> ##
> [inter-domain-connections]
>
>
>
> # Whether flexisip shall accept registrations for entire domains
> # Default value: false
> accept-domain-registrations=false
>
> # Whether flexisip shall assume that there is a unique server per
> # registered domain, which allows to clean old registrations and
> # simplifies the routing logic.
> # Default value: false
> assume-unique-domains=false
>
> # Path to a text file describing the domain registrations to make.
> # This file must contains lines like:
> # <local domain name> <SIP URI of proxy/registrar where to send
> # the domain REGISTER>
> # where:
> # <local domain name> is a domain name managed locally by this
> # proxy
> # <SIP URI of proxy/registrar> is the SIP URI where the domain
> # registration will be sent. The special uri parameter 'tls-certificate-dir'
> # is understood in order to specify a TLS client certificate to
> # present to the remote proxy.
> # If the file is absent or empty, no registrations are done.
> # Default value: /etc/flexisip/domain-registrations.conf
> domain-registrations=/etc/flexisip/domain-registrations.conf
>
> # When submitting a domain registration to a server over TLS, verify
> # the certificate presented by the server. Disabling this option
> # is only for test, because it is a security flaw
> # Default value: true
> verify-server-certs=true
>
> # Interval in seconds for sending \r\n\r\n keepalives throug the
> # outgoing domain registration connection.A value of zero disables
> # keepalives.
> # Default value: 30
> keepalive-interval=30
>
>

From:	Simon MORLAT
Subject:	Re: [Flexisip-developers] domain-registrations.conf
Date:	Thu, 24 Nov 2016 10:32:04 +0100