opensips.cfg

#
# Copyright (C) 2024 SIP Point Consulting SRL
#
# This file is part of opensips, a free SIP server.
#
# opensips is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version
#
# opensips is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
#


####### Global Parameters #########


log_level = 3
xlog_level=3
stderror_enabled=yes
syslog_enabled=no
syslog_facility=LOG_LOCAL0

udp_workers = 4
tcp_workers = 4

/* uncomment the following lines to enable debugging */
#debug_mode=yes

/* uncomment the next line to enable the auto temporary blacklisting of
   not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable IPv6 lookup after IPv4 dns
   lookup failures (default disabled) */
#dns_try_ipv6=yes

/* comment the next line to enable the auto discovery of local aliases
   based on reverse DNS on IPs */
auto_aliases = no

disable_dns_failover = no

## IDs
server_header="Server: OpenSIPS CE SoftSwitch"
user_agent_header="User-Agent: OpenSIPS CE SoftSwitch"


socket=udp:${OPENSIPS_IP}:5060 as ${HOST_IP}
socket=tcp:${OPENSIPS_IP}:5060 as ${HOST_IP}

ifelse(`${ENABLE_HOMER}',`yes',`
socket=hep_udp:${OPENSIPS_IP}:9060
')


####### Modules Section ########

#set module path
mpath = "/usr/lib/x86_64-linux-gnu/opensips/modules"

#### HTTPD module
loadmodule "httpd.so"
modparam("httpd", "ip", "${OPENSIPS_IP}")

#### MI_HTTP module
loadmodule "mi_http.so"

#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")

#### SIGNALING module
loadmodule "signaling.so"

#### StateLess module
loadmodule "sl.so"

#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "wt_timer", 5)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
modparam("tm", "disable_6xx_block", 1)

#### Record Route Module
loadmodule "rr.so"
modparam("rr", "append_fromtag", 1)

#### MAX ForWarD module
loadmodule "maxfwd.so"

#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"

#### TEXT OPerationS module
loadmodule "textops.so"

#### MYSQL module
loadmodule "db_mysql.so"

#### DIALOG Module
loadmodule "dialog.so"
modparam("dialog", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")
modparam("dialog", "dlg_match_mode", 1)
modparam("dialog", "db_mode", 2)
modparam("dialog", "default_timeout", 21600)  # 6 hours timeout

#### TOPOLOGY HIDING Module
loadmodule "topology_hiding.so"

#### DOMAINS module
loadmodule "domain.so"
modparam("domain", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")
modparam("domain", "db_mode", 1)

### SQL_OPS module
loadmodule "sqlops.so"
modparam("sqlops", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")

#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "working_mode_preset", "single-instance-sql-write-back")
modparam("usrloc", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")
modparam("usrloc", "use_domain", 1)
modparam("usrloc", "timer_interval", 10)
modparam("usrloc", "nat_bflag", "NAT_DST")
modparam("usrloc", "desc_time_order", 1)

#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
modparam("registrar", "received_avp", "$avp(received)")
modparam("registrar", "max_contacts", 10)
modparam("registrar", "max_expires", 3600)

#### NAT Helper module
loadmodule "nathelper.so"
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "received_avp", "$avp(received)")
modparam("nathelper", "sipping_bflag", "NAT_DST")
modparam("nathelper", "sipping_from", "sip:pinger@${OPENSIPS_IP}")

#### AUTH module
loadmodule "auth.so"
modparam("auth", "nonce_expire",  30)
modparam("auth", "disable_nonce_check", 1)

##### AUTH_DB module
loadmodule "auth_db.so"
modparam("auth_db", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")
modparam("auth_db", "use_domain", 1)
modparam("auth_db", "password_column", "ha1")
modparam("auth_db", "calculate_ha1", 0)
modparam("auth_db", "load_credentials","$avp(caller_acls)=acls; $avp(caller_cli)=cli;")

#### ACCounting module
loadmodule "acc.so"
modparam("acc", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")
modparam("acc", "extra_fields", "db: caller_ip; caller_ua; callee_ip; callee_ua")
modparam("acc", "leg_fields", "db:  caller_id;
								    callee_id;
									leg_status;
									")

#### DIALPLAN module
loadmodule "dialplan.so"
modparam("dialplan", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")

#### Dynamic ROUTING module
loadmodule "drouting.so"
modparam("drouting", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")

#### Alias-DB module
loadmodule "alias_db.so"
modparam("alias_db", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")

#### UAC module
loadmodule "uac.so"

#### RTP_RELAY module
loadmodule "rtp_relay.so"

#### RTPPROXY module
loadmodule "rtpproxy.so"
modparam("rtpproxy", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")

#### Core Presence modules
loadmodule "presence.so"
loadmodule "presence_xml.so"
modparam("presence", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")
modparam("presence_xml","force_active",1)

#### XCap parameters
loadmodule "xcap.so"
modparam("xcap", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")

#### Dispatcher module
loadmodule "dispatcher.so"
modparam("dispatcher", "db_url", "mysql://${MYSQL_USER}:${MYSQL_PASSWORD}@${MYSQL_IP}/${MYSQL_DATABASE}")
modparam("dispatcher", "ds_ping_from", "sip:ds@PRIV_IP")
modparam("dispatcher", "ds_ping_interval", 30)
modparam("dispatcher", "ds_probing_threshhold", 1)
modparam("dispatcher", "options_reply_codes", "404")
modparam("dispatcher", "setid_pvar", "$avp(ds_set)")

#### ConFiG UTILS module
loadmodule "cfgutils.so"

ifelse(`${ENABLE_HOMER}',`yes',`
#### HEP module
loadmodule "proto_hep.so"
modparam("proto_hep", "hep_id", "[hid] ${HOMER_IP}:${HOMER_PORT}; transport=udp; version=3")

#### TRACER module
loadmodule "tracer.so"
modparam("tracer", "trace_on", 1)
modparam("tracer", "trace_id", "[tid] uri=hep:hid")
')

loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"


####### Routing Logic ########


# main request routing logic

route{

	ifelse(`${ENABLE_HOMER}',`yes',`trace("tid", "t", "sip|xlog");')

	force_rport();

	route(handle_pings);

	xlog("[$ci] incoming $rm from $si:$sp, From=$fu, RURI=$ru\n");

	route(sanity_checks);

	route(do_nat_detection);

	route(handle_sequentials);

	# CANCEL processing
	if (is_method("CANCEL")) {
		if (t_check_trans())
			t_relay();
		exit;
	}

	# absorb retransmissions, but do not create transaction
	t_check_trans();

	# strip any pre-loaded Route hdrs
	remove_hf("Route");

	xlog("[$ci] handling initial request\n");

	if (is_method("REGISTER"))
		route(handle_register);

	route(do_auth);

	route(do_inter_domain_routing);

	### valid initial requests for our local domains
	### continue handling requests per method

	$avp(start_ts) = $Ts;

	if (is_method("INVITE"))
		route(handle_invite);

	if (is_method("SUBSCRIBE|PUBLISH"))
		route(handle_presence);

	send_reply(405, "Method Not Allowed");
	exit;
}


route[handle_pings]
{
	# keepalive notifies replied ok
	if ( is_method("NOTIFY|OPTIONS") && !has_totag() && is_myself("$rd") ) {
		send_reply(200, "OK");
		exit;
	}
}


route[sanity_checks]
{
	if (!mf_process_maxfwd_header(10)) {
		send_reply(483,"Too Many Hops");
		exit;
	}
}


route[do_nat_detection]
{
	# test only received differences (port and IP)
	if (nat_uac_test("private-contact,diff-ip-src-via,diff-port-src-via"))
		setflag("NAT_SRC");

	if (isflagset("NAT_SRC") && !is_method("REGISTER"))
		fix_nated_contact(";bnat=yes");
}


route[handle_sequentials]
{
	if (has_totag()) {

		# handle hop-by-hop ACK (no routing required)
		if ( is_method("ACK") && t_check_trans() ) {
			t_relay();
			exit;
		}

		# handle sequential presence
		if (is_method("SUBSCRIBE|NOTIFY") && is_myself("$rd")) {
			# in-dialog subscribe requests for presence
			route(handle_presence);
			exit;
		}

		if ( !topology_hiding_match() && !loose_route() ) {
			send_reply(404,"Not here");
			exit;
		}

		# RURI pointing to a nated destination
		if (ruri_has_param("bnat", "yes")) {
			setbflag("NAT_DST");
			ruri_del_param("bnat");
		}

		xlog("[$ci] routing sequential request to $ru/$du\n");

		route(relay);
		exit;
	}
}


route[handle_register]
{
	if (!is_domain_local("$td")) {
		xlog("[$ci] trying to register non local domain <$td>\n");
		send_reply(403, "Forbidden domain" );
		exit;
	}

	t_newtran();
	if (!www_authorize("","subscriber")) {
		www_challenge("","auth");
		exit;
	}

	if ($au!=$tU) {
		xlog("[$ci] user $tu using wrong register credentials $au / $ar\n");
		send_reply(403, "Forbidden ID");
		exit;
	}

	if (!is_acl_set(caller_acls, ACL_ENABLED)) {
		xlog("[$ci] registration forbidden for disabled user\n");
		send_reply(403, "Forbidden");
		exit;
	}

	if (!is_acl_set(caller_acls, ACL_FORCE_NAT))
		setflag("NAT_SRC");

	# save source NAT flag
	if (isflagset("NAT_SRC")) {
		fix_nated_register();
		setbflag("NAT_DST");
	}

	if ($socket_in(proto)!="UDP")
		setflag("TCP_PERSISTENT");

	xlog("[$ci] saving contacts for user $tu\n");
	if (!save("location")) {
		sl_reply_error();
	}

	exit;
}


route[do_auth]
{
	if (is_from_gw(1)) {

		# call from an known GW
		xlog("[$ci] call from GW $si/$sp ($avp(___dr_gw_id__)) detected\n");

		# mark source leg as GW
		setflag("GW_ORIG_SRC");
		setflag("GW_SRC");

		route(start_accounting);

		$acc_leg(caller_id) = "sip:"+$fU+"@pstn";

		remove_hf("User-Agent");
		append_hf("User-Agent: OpenSIPS CE SoftSwitch\r\n");

	} else
	if (is_domain_local("$fd")) {

		# pretends to be a local subscriber
		xlog("[$ci] local caller detected, doing auth\n");

		# do digest auth
		if (!proxy_authorize("","subscriber")) {
			proxy_challenge("", "auth");
			exit;
		}

		# auth succesfully done

		if ($au!=$fU) {
			xlog("[$ci] user $fu using wrong credentials $au / $ar\n");
			send_reply(403, "Forbidden FROM");
			exit;
		}

		if (!is_acl_set(caller_acls, ACL_ENABLED)) {
			xlog("[$ci] calling user is not enabled, blocking\n");
			send_reply(403, "Forbidden");
			exit;
		}

		# remove the credentials from the request
		consume_credentials();

		xlog("[$ci] auth successfully done, proceeding\n");

		# mark source leg as local subscriber
		setflag("LOCAL_SRC");

		route(start_accounting);

		$acc_leg(caller_id) = "sip:"+$fU+"@"+$fd;

	}
	else {

		# caller from a foreign domain
		$acc_leg(caller_id) = "sip:"+$fU+"@"+$fd;

	}
}


route[do_inter_domain_routing]
{
	if (isflagset("GW_SRC"))
		return;

	if (!is_domain_local("$rd")) {
		# destination domain is not local
		if (!isflagset("LOCAL_SRC")) {
			xlog("[$ci] declining relaying from user $fu to $rd\n");
			send_reply(403,"Forbidden relay");
			exit;
		}

		# route a call from local user to a foreign domain
		#  allow for now

		xlog("[$ci] routing to a foreign request\n");
		route(relay_initial);
		exit;
	}

	if (!isflagset("LOCAL_SRC")) {
		# call from a foregin domain
		#  reject for now
		xlog("[$ci] declining call from foreign user $fu to $rd\n");
		send_reply(403,"Forbidden");
		exit;
	}
}


route[handle_invite]
{
	if (!create_dialog("B")) {
		xlog("L_ERR", "[$ci] cannot create dialog!\n");
		send_reply(500, "Server Internal Error 1");
		exit;
	}

	if (!topology_hiding(""))
		xlog("L_ERR", "[$ci] cannot engage topology hiding!\n");


	route(extract_cli);

	xlog("[$ci] local $rm from $fu to $ru\n");

	route(handle_local_destination);
	# this does not return

	exit;
}


route[handle_local_destination]
{

	# apply dialplan
	xlog("[$ci] applying dialplan on <$rU>\n");

	while ([1]) {

		$var(dp_type) = NULL;

		if (!dp_translate(1, $rU, $rU, $var(dp_type))) {
			xlog("[$ci] local username <$rU> not recognized by dialplan\n");
			send_reply(404,"Not Found");
			exit;
		}

		xlog("[$ci] dialled number translated to <$rU> @ <$rd>, "
			"type $var(dp_type)\n");

		if ($var(dp_type)==NULL || $var(dp_type)=="") {
			xlog("[$ci] provisioning BUG in dialplan, type is not valid\n");
			send_reply(404,"Not Found");
			exit;
		}

		switch( $var(dp_type) ) {

			case "DP_DID":

				if (!alias_db_lookup("dids")) {
					## Call to PSTN
					route(to_pstn);
					exit;
				}
				# continue translating the new URI
				break;

			case "DP_USER":

				## Call to subscriber/user
				route( to_user );
				break;

			case "DP_DND_ON":

				## call to DND
				route( handle_starcode, "DND_ON");
				break;

			case "DP_DND_OFF":

				## call to DND
				route( handle_starcode, "DND_OFF");
				break;

			case "DP_VMLISTEN":

				## Call to voicemail for listening messages
				route( listen_voicemail );
				break;

			default:

				xlog("[$ci] provisioning BUG in dialplan, type $var(dp_type) "
					"is not supported\n");
				send_reply(404,"Not Found");
				exit;

		} /* switch */

	} /* while */

	# end (not ever reached)
}


route[to_user]
{
	# routing to user
	xlog("[$ci] routing to user <$rU@$rd>, loading profile first\n");

	$avp(callee_acls) := NULL;
	$avp(callee_cfaw_uri) := NULL;
	$avp(callee_cfbs_uri) := NULL;
	$avp(callee_cfna_uri) := NULL;
	$avp(callee_cfnf_uri) := NULL;

	$var(rc) = sql_query_one("select acls, cfaw_uri, cfbs_uri, cfna_uri, cfnf_uri from subscriber where username='$rU' and domain='$rd'",
		"$avp(callee_acls), $avp(callee_cfaw_uri), $avp(callee_cfbs_uri), $avp(callee_cfna_uri), $avp(callee_cfnf_uri)");
	if ( $rc<0 || $avp(callee_acls)==NULL) {
		xlog("[$ci] failed to load profile for user <$rU@$rd>\n");
		send_reply( 404, "User Not Found");
		exit;
	}

	xlog("[$ci] profile for <$ru> loaded acls=<$avp(callee_acls)>,  cfaw_uri=<$avp(callee_cfaw_uri)>, cfbs_uri=<$avp(callee_cfbs_uri)>, cfna_uri=<$avp(callee_cfna_uri)>, cfnf_uri=<$avp(callee_cfnf_uri)>\n");

	setflag("LOCAL_DST");
	$ru = "sip:" + $rU + "@" + $rd;
	$acc_leg(callee_id) = $ru;

	# is permanent Call Forward enabled?
	if ($avp(callee_cfaw_uri)!=NULL) {
		route( do_call_forward, $avp(callee_cfaw_uri) );
		# if CF fails, we will continue
	}

	if (is_acl_set(callee_acls, ACL_VM_ALWAYS)) {
		xlog("[$ci] user had the permanent VM redirect\n");
		route( redirect_to_voicemail );
		t_reply(480, "Unavailable");
		exit;
	}

	# is DND ACL on?
	if (is_acl_set(callee_acls, ACL_DND)) {
		xlog("[$ci] user had the DND turned on, rejecting\n");
		route( redirect_to_voicemail );
		# if no VM, we will continue
		t_reply(486, "Busy Here");
		exit;
	}

	xlog("[$ci] routing to registered AOR <$rU@$rd>\n");

	if (!lookup("location","method-filtering")) {
		# ok, user not registered, check CF and VM options
		if ($avp(callee_cfnf_uri)!=NULL) {
			route( do_call_forward, $avp(callee_cfnf_uri) );
		}
		if (is_acl_set(callee_acls, ACL_VM_NOT_FOUND)) {
			route( redirect_to_voicemail );
			# if no VM, we will continue
		}
		t_reply(480, "Unavailable");
		exit;
	}

	t_on_failure("missed_call");

	route(relay_initial);
}


route[to_pstn]
{
	if (!isflagset("LOCAL_SRC") || !is_acl_set(caller_acls, ACL_ALLOW_PSTN)) {
		send_reply(403,"Forbidden service");
		exit;
	}

	$acc_leg(callee_id) = "sip:"+$rU+"@pstn";

	xlog("[$ci] routing to DID <$rU> from $acc_leg(caller_id)\n");

	ruri_del_param("transport");
	stream_delete("video");

	if ( !do_routing(1,"W") ){
		xlog("[$ci] no rule matching destination $rU in group 1\n");
		t_reply(404, "Destination not available");
		exit;
	}

	t_on_failure("gw_failover");

	xlog("[$ci] routing to GW <$rd>/$avp(___dr_gw_id__), via <$socket_out> as <$ru>\n");

	setflag("GW_DST");

	route(relay_initial);
}


failure_route[gw_failover]
{
	xlog("[$ci] GW call failed to established with $T_reply_code code\n");

	if (t_was_cancelled()) {
		t_reply(487,"Request cancelled");
		exit;
	}

	# failure indication about GWs?
	if ( t_check_status("[56][0-9][0-9]")
	|| (t_check_status("408") && t_local_replied("all"))
	) {
		xlog("[$ci] GW $rd failed  with $T_reply_code -> retry\n ");

		dr_disable();

		if ( use_next_gw() ) {

			xlog("[$ci] using next GW <$rd>/$avp(___dr_gw_id__), via <$socket_out> as <$ru>\n");

			# send it out again
			t_on_failure("gw_failover");
			t_relay();
			exit;
		} else {
			xlog("[$ci] no other GW to retry\n ");
			t_reply(503,"PSTN not available");
			exit;
		}
	}

	# if call failure, allow the reply to propagate to caller
	exit;
}


################### Voicemail handling related routes #####################

route[to_mediaserver]
{
	$rd = "${FREESWITCH_IP}";
	$rp = 5060;
	ruri_del_param("transport");
	setbflag("MEDIA_DST");

	route(relay_initial);
}


route[redirect_to_voicemail]
{
	xlog("[$ci] caller $acc_leg(caller_id) leaving message for "
		"callee <$acc_leg(callee_id)>\n");

	if ( !is_acl_set(callee_acls, ACL_VM_ENABLED) ) {
		xlog("[$ci] callee does not have the VM service enabled\n");
		return;
	}

	$ru = $acc_leg(callee_id);
	prefix("VM_LV_");

	xlog("[$ci] leaving message for VM BOX $ru\n");

	$acc_leg(callee_id) = $ru;

	route(to_mediaserver);
	# does not return
}


route[listen_voicemail]
{
	# the caller leg is the party dialling
	# to listen/manage the recordings of a vmbox

	if (!isflagset("LOCAL_SRC")) {
		send_reply(403,"Forbidden service");
		exit;
	}

	xlog("[$ci] caller $acc_leg(caller_id) listening his vmbox\n");

	if ( !is_acl_set(caller_acls, ACL_VM_ENABLED) ) {
		xlog("[$ci] caller does not have the VM service enabled\n");
		send_reply(404,"VM not found");
		exit;
	}

	$ru = $acc_leg(caller_id);
	prefix("VM_LT_");

	xlog("[$ci] listening message for VM BOX $rU\n");

	$acc_leg(callee_id) = $ru;

	route(to_mediaserver);
	# does not return
}


################### StarCodes related routes #####################
route[handle_starcode]
{
	xlog("[$ci] handling star code $param(1) from $acc_leg(caller_id)\n");

	# takes one mandatory param which is the name of STAR CODE
	if ($param(1) == "DND_ON") {

		# set DND
		sql_query("update subscriber set acls=concat(REPLACE(acls,'ACL_DND',''),'ACL_DND') where username='$(acc_leg(caller_id){uri.user})' and domain='$(acc_leg(caller_id){uri.host})'");
		$rU = "ANN_SERVICE_SET_DND";

	} else
	if ($param(1) == "DND_OFF") {

		# reset DND
		sql_query("update subscriber set acls=REPLACE(acls,'ACL_DND','') where username='$(acc_leg(caller_id){uri.user})' and domain='$(acc_leg(caller_id){uri.host})'");
		$rU = "ANN_SERVICE_RESET_DND";

	} else {

		xlog("[$ci] configuration error - unsupported star code\n");
		t_reply(404,"Unknown service");
		exit;

	}

	route(to_mediaserver);
	exit;
}


################### Relaying related routes #####################

route[extract_cli]
{
	$avp(new_cli_username) := NULL;

	xlog("[$ci] computing CLI for caller $acc_leg(caller_id) ($fU/$fd, configured-CLI=$avp(caller_cli))\n");


	if (isflagset("GW_SRC")) {

		# caller is PSTN
		if ( is_present_hf("Remote-Party-ID") ) {
			$avp(new_cli_username) := $(hdr(Remote-Party-ID){nameaddr.uri}{uri.user}) ;
			if ( $(hdr(Remote-Party-ID){nameaddr.param,privacy}) == "full" )
				setflag("ANONYMOUS_CALLER");
		} else if ( is_present_hf("P-Asserted-Identity") ) {
			$avp(new_cli_username) := $(hdr(P-Asserted-Identity){nameaddr.uri}{uri.user}) ;
			if (is_present_hf("Privacy") && $hdr(Privacy)=="id")
				setflag("ANONYMOUS_CALLER");
		} else
			$avp(new_cli_username) :=  $fU;
		xlog("[$ci] extracted CLI from PSTN is <$avp(new_cli_username)>\n");

	} else if (isflagset("LOCAL_SRC")) {

		# caller is a subscriber
		$var(cli_username) = NULL;
		resetflag("ANONYMOUS_CALLER");

		# find and extract any presented CLI
		if ( is_present_hf("P-Preferred-Identity") ) {
			$var(cli_username) := $(hdr(P-Preferred-Identity){nameaddr.uri}{uri.user}) ;
			if (is_present_hf("Privacy") && $hdr(Privacy)=="id")
				setflag("ANONYMOUS_CALLER");
		} else if ($avp(caller_cli)!=NULL) {
			# -> CLI is the "cli" field of the user / PBX
			$avp(new_cli_username) = $avp(caller_cli);
			if ($fU=="anonymous")
				setflag("ANONYMOUS_CALLER");
		}

	}

	xlog("[$ci] newly computed CLI is <$avp(new_cli_username)>\n");
}


route[relay_initial]
{
	if (is_method("INVITE")) {
		setflag("INITIAL_INVITE");
		replace("100rel", "123abc");
	}

	route(relay);
}


route[relay] {
	if (is_method("INVITE")) {
		t_on_branch("handle_branch");
	}

	t_on_reply("reply_handler");

	t_relay();

	exit;
}


branch_route[handle_branch]
{
	xlog("L_INFO", "[$ci] branching to $$ru=$ru, $$du=$du\n");

	if (isflagset("INITIAL_INVITE") && (
			isflagset("NAT_SRC") ||
			isbflagset("NAT_DST") ||
			isbflagset("MEDIA_DST"))) {
		# take care of media relay
		$rtp_relay = "fcos";
		$rtp_relay_peer = "fcos";
		if (!nat_uac_test("private-sdp"))
			$rtp_relay_peer += "r";
		if (isbflagset("MEDIA_DST"))
			$rtp_relay(ip) = "${RTPPROXY_IP}";
		if (rtp_relay_engage("rtpproxy"))
			setbflag("INUSE_RTP_RELAY");
	}

	# inject the new CLI
	remove_hf("Remote-Party-ID");
	remove_hf("P-Asserted-Identity");
	remove_hf("P-Preferred-Identity");
	remove_hf("Privacy");
	if (isflagset("INITIAL_INVITE") && $avp(new_cli_username)!=NULL) {

		if ( isflagset("GW_DST") ) {

			# destination is PSTN
			$avp(new_cli_domain) := $(acc_leg(caller_id){uri.host});

			if ( isflagset("ANONYMOUS_CALLER") ) {
				append_hf("P-Asserted-Identity: <sip:$avp(new_cli_username)@$avp(new_cli_domain)>\r\nPrivacy: id\r\n");
				uac_replace_from("Anonymous", "sip:anonymous@anonymous.invalid");
			} else {
				append_hf("P-Asserted-Identity: <sip:$avp(new_cli_username)@$avp(new_cli_domain)>\r\n");
				uac_replace_from("$avp(new_cli_username)", "sip:$avp(new_cli_username)@$avp(new_cli_domain)");
			}

		} else {

			# destination is user
			if ( isflagset("ANONYMOUS_CALLER") ) {
				uac_replace_from("Anonymous", "sip:anonymous@anonymous.invalid");
			} else {
				$avp(new_cli_domain) := $(acc_leg(callee_id){uri.host});
				uac_replace_from("$var(new_cli_username)", "sip:$avp(new_cli_username)@$avp(new_cli_domain)");
			}

		}
	}
}


onreply_route[reply_handler]
{
	xlog("[$ci] reply received <$rm:$rs:$rr> on branch $T_branch_idx\n");

	# take care of NAT traversal
	if ((isbflagset("NAT_DST") && $rs!~"^3[0-9][0-9]") || isflagset("GW_DST")) {
		fix_nated_contact(";bnat=yes");
	}

	# take care of media relay
	if (isbflagset("INUSE_RTP_RELAY")) {
		if (has_body_part("application/sdp")) {
			if (!nat_uac_test("private-sdp"))
				$rtp_relay += "r";
		}
	}

	if (isflagset("INITIAL_INVITE")) {

		# collect accounting data
		if ( $rs >= 200 ) {
			$acc_extra(callee_ip)= $socket_in(proto)+":"+$si+":"+$sp;
			if (is_present_hf("User-Agent"))
				$acc_extra(callee_ua)=$(hdr(User-Agent));
			else if (is_present_hf("Server"))
				$acc_extra(callee_ua)=$(hdr(Server));
			else $acc_extra(callee_ua)=NULL;
		}

	}
}


failure_route[missed_call]
{
	xlog("[$ci] call failed to established with $T_reply_code code\n");

	if (isbflagset("INUSE_RTP_RELAY")) {
		rtpproxy_unforce();
		resetbflag("INUSE_RTP_RELAY");
	}

	if (t_was_cancelled()) {
		exit;
	}

	resetflag("NAT_DST");

	# redirect in case of busy
	if ($T_reply_code == 486) {
		xlog("[$ci] try on busy redirect\n");
		# ok, user is busy, check CF and VM options
		if ($avp(callee_cfbs_uri)!=NULL) {
			route( do_call_forward, $avp(callee_cfbs_uri) );
		}
		if (is_acl_set(callee_acls, ACL_VM_BUSY)) {
			route( redirect_to_voicemail );
			# if no VM, we will continue
		}
	}

	# redirect in timeout / no answer
	else
	if ($T_reply_code == 408) {
		xlog("[$ci] try on no-answer redirect\n");
		# ok, user not answering, check CF and VM options
		if ($avp(callee_cfna_uri)!=NULL) {
			route( do_call_forward, $avp(callee_cfna_uri) );
		}
		if (is_acl_set(callee_acls, ACL_VM_NO_ANSWER)) {
			route( redirect_to_voicemail );
			# if no VM, we will continue
		}
	}

	if (t_check_status("30[12]")) {
		send_reply(486, "Busy");
		exit;
	}
}


################### Call Forward related routes #####################


route[do_call_forward]
{
	# expects :
	#  param 1 - new SIP URI

	xlog("[$ci] call forwarding for <$acc_leg(callee_id)> to <$param(1)>\n");

	$ru = $param(1);

	$acc_leg(leg_status) = "redirected_"+$acc_current_leg;

	acc_new_leg();

	# move the acls
	$avp(caller_acls) := $avp(callee_acls);
	$avp(callee_acls) = NULL;

	/* reset flags related to destination */
	resetflag("GW_DST");
	resetflag("LOCAL_DST");

	/* set/reset flags related to the source */
	resetflag("GW_SRC");
	setflag("LOCAL_SRC");

	$acc_leg(leg_status) = "established";

	# previous callee is the new caller
	$acc_leg(caller_id)     = $(acc_leg(callee_id)[-2]);


	route(handle_local_destination);
	# this does not return

	exit;
}


################### Presence related routes #####################

route[handle_presence]
{
	if (!t_newtran()){
		sl_reply_error();
		exit;
	}
	
	# MWI is handled by external Media Server
	if ($hdr(Event)=="message-summary") {
		if (!has_totag()) {
			xlog("[$ci] user <$fu> subscribing to MWI <$ru>\n");
			record_route();
			route(to_mediaserver);
			exit;
		}
		if (!loose_route()) {
			send_reply(487,"Transaction/Leg Does not exists");
			exit;
		}
		route(relay);
		exit;
	}

	# handle local events
	if ($hdr(Event)!="presence") {
		send_reply(489,"Bad Event");
		exit;
	}

	if (is_method("PUBLISH")) {
		handle_publish();
	} else
	if (is_method("SUBSCRIBE")) {
		handle_subscribe();
	}

	exit;
}


################### Accounting related routes #####################

route[start_accounting]
{
	if (!is_method("INVITE"))
		return;

	do_accounting("db", "cdr|failed");

	$acc_leg(leg_status) = "established";

	$acc_extra(caller_ip)= $socket_in(proto)+":"+$si+":"+$sp;

	if (is_present_hf("User-Agent"))
		$acc_extra(caller_ua)=$(hdr(User-Agent));
	else if (is_present_hf("Server"))
		$acc_extra(caller_ua)=$(hdr(Server));
}