summaryrefslogtreecommitdiffstats
path: root/contrib/testpbx/configs/internal.xml
blob: 2a679fb181f0c460f7f3a7c301222720e3f556c3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
<profile name="internal">
  <!--
      This is a sofia sip profile/user agent.  This will service exactly one ip and port.
      In FreeSWITCH you can run multiple sip user agents on their own ip and port.

      When you hear someone say "sofia profile" this is what they are talking about.
  -->

  <!-- http://wiki.freeswitch.org/wiki/Sofia_Configuration_Files -->
  <!--aliases are other names that will work as a valid profile name for this profile-->
  <aliases>
    <!--
        <alias name="default"/>
    -->
  </aliases>
  <!-- Outbound Registrations -->
  <gateways>
  </gateways>

  <domains>
    <!-- indicator to parse the directory for domains with parse="true" to get gateways-->
    <domain name="$${domain}" parse="true"/>
    <!-- indicator to parse the directory for domains with parse="true" to get gateways and alias every domain to this profile -->
    <!--<domain name="all" alias="true" parse="true"/>-->
    <domain name="all" alias="true" parse="false"/>
  </domains>

  <settings>


    <!-- inject delay between dtmf digits on send to help some slow interpreters (also per channel with rtp_digit_delay var -->
    <!-- <param name="rtp-digit-delay" value="40"/>-->

    <!--
        When calls are in no media this will bring them back to media
        when you press the hold button.
    -->
    <!--<param name="media-option" value="resume-media-on-hold"/> -->

    <!--
        This will allow a call after an attended transfer go back to
        bypass media after an attended transfer.
    -->
    <!--<param name="media-option" value="bypass-media-after-att-xfer"/>-->

    <!-- Can be set to "_undef_" to remove the User-Agent header -->
    <!-- <param name="user-agent-string" value="FreeSWITCH Rocks!"/> -->

    <param name="debug" value="0"/>
    <!-- If you want FreeSWITCH to shutdown if this profile fails to load, uncomment the next line. -->
    <!-- <param name="shutdown-on-fail" value="true"/> -->
    <param name="sip-trace" value="no"/>
    <param name="sip-capture" value="no"/>

    <!-- Use presence_map.conf.xml to convert extension regex to presence protos for routing -->
    <!-- <param name="presence-proto-lookup" value="true"/> -->


    <!-- Don't be picky about negotiated DTMF just always offer 2833 and accept both 2833 and INFO -->
    <!--<param name="liberal-dtmf" value="true"/>-->


    <!--
        Sometimes, in extremely rare edge cases, the Sofia SIP stack may stop
        responding. These options allow you to enable and control a watchdog
        on the Sofia SIP stack so that if it stops responding for the
        specified number of milliseconds, it will cause FreeSWITCH to crash
        immediately. This is useful if you run in an HA environment and
        need to ensure automated recovery from such a condition. Note that if
        your server is idle a lot, the watchdog may fire due to not receiving
        any SIP messages. Thus, if you expect your system to be idle, you
        should leave the watchdog disabled. It can be toggled on and off
        through the FreeSWITCH CLI either on an individual profile basis or
        globally for all profiles. So, if you run in an HA environment with a
        master and slave, you should use the CLI to make sure the watchdog is
        only enabled on the master.
        If such crash occurs, FreeSWITCH will dump core if allowed. The
        stacktrace will include function watchdog_triggered_abort().
    -->
    <param name="watchdog-enabled" value="no"/>
    <param name="watchdog-step-timeout" value="30000"/>
    <param name="watchdog-event-timeout" value="30000"/>

    <param name="log-auth-failures" value="false"/>
    <param name="forward-unsolicited-mwi-notify" value="false"/>

    <param name="context" value="public"/>
    <param name="rfc2833-pt" value="101"/>
    <!-- port to bind to for sip traffic -->
    <param name="sip-port" value="$${internal_sip_port}"/>
    <param name="dialplan" value="XML"/>
    <param name="dtmf-duration" value="2000"/>
    <param name="inbound-codec-prefs" value="$${global_codec_prefs}"/>
    <param name="outbound-codec-prefs" value="$${global_codec_prefs}"/>
    <param name="rtp-timer-name" value="soft"/>
    <!-- ip address to use for rtp, DO NOT USE HOSTNAMES ONLY IP ADDRESSES -->
    <param name="rtp-ip" value="$${local_ip_v4}"/>
    <!-- ip address to bind to, DO NOT USE HOSTNAMES ONLY IP ADDRESSES -->
    <param name="sip-ip" value="$${local_ip_v4}"/>
    <param name="hold-music" value="$${hold_music}"/>
    <param name="apply-nat-acl" value="nat.auto"/>


    <!-- (default true) set to false if you do not wish to have called party info in 1XX responses -->
    <!-- <param name="cid-in-1xx" value="false"/> -->

    <!-- extended info parsing -->
    <!-- <param name="extended-info-parsing" value="true"/> -->

    <!--<param name="aggressive-nat-detection" value="true"/>-->
    <!--
        There are known issues (asserts and segfaults) when 100rel is enabled.
        It is not recommended to enable 100rel at this time.
    -->
    <!--<param name="enable-100rel" value="true"/>-->

    <!-- uncomment if you don't wish to try a next SRV destination on 503 response -->
    <!-- RFC3263 Section 4.3 -->
    <!--<param name="disable-srv503" value="true"/>-->

    <!-- Enable Compact SIP headers. -->
    <!--<param name="enable-compact-headers" value="true"/>-->
    <!--
        enable/disable session timers
    -->
    <!--<param name="enable-timer" value="false"/>-->
    <!--<param name="minimum-session-expires" value="120"/>-->
    <!-- <param name="apply-inbound-acl" value="domains"/>-->
    <!--
        This defines your local network, by default we detect your local network
        and create this localnet.auto ACL for this.
    -->
    <param name="local-network-acl" value="localnet.auto"/>
    <!--<param name="apply-register-acl" value="domains"/>-->
    <!--<param name="dtmf-type" value="info"/>-->


    <!-- 'true' means every time 'first-only' means on the first register -->
    <!--<param name="send-message-query-on-register" value="true"/>-->

    <!-- 'true' means every time 'first-only' means on the first register -->
    <!--<param name="send-presence-on-register" value="first-only"/> -->


    <!-- Caller-ID type (choose one, can be overridden by inbound call type and/or sip_cid_type channel variable -->
    <!-- Remote-Party-ID header -->
    <!--<param name="caller-id-type" value="rpid"/>-->

    <!-- P-*-Identity family of headers -->
    <!--<param name="caller-id-type" value="pid"/>-->

    <!-- neither one -->
    <!--<param name="caller-id-type" value="none"/>-->



    <param name="record-path" value="$${recordings_dir}"/>
    <param name="record-template" value="${caller_id_number}.${target_domain}.${strftime(%Y-%m-%d-%H-%M-%S)}.wav"/>
    <!--enable to use presence -->
    <param name="manage-presence" value="true"/>
    <!-- send a presence probe on each register to query devices to send presence instead of sending presence with less info -->
    <!--<param name="presence-probe-on-register" value="true"/>-->
    <!--<param name="manage-shared-appearance" value="true"/>-->
    <!-- used to share presence info across sofia profiles -->
    <!-- Name of the db to use for this profile -->
    <!--<param name="dbname" value="share_presence"/>-->
    <param name="presence-hosts" value="$${domain},$${local_ip_v4}"/>
    <param name="presence-privacy" value="$${presence_privacy}"/>
    <!-- ************************************************* -->

    <!-- This setting is for AAL2 bitpacking on G726 -->
    <!-- <param name="bitpacking" value="aal2"/> -->
    <!--max number of open dialogs in proceeding -->
    <!--<param name="max-proceeding" value="1000"/>-->
    <!--session timers for all call to expire after the specified seconds -->
    <!--<param name="session-timeout" value="1800"/>-->
    <!-- Can be 'true' or 'contact' -->
    <!--<param name="multiple-registrations" value="contact"/>-->
    <!--set to 'greedy' if you want your codec list to take precedence -->
    <param name="inbound-codec-negotiation" value="generous"/>
    <!-- if you want to send any special bind params of your own -->
    <!--<param name="bind-params" value="transport=udp"/>-->
    <!--<param name="unregister-on-options-fail" value="true"/>-->
    <!-- Send an OPTIONS packet to all registered endpoints -->
    <!--<param name="all-reg-options-ping" value="true"/>-->
    <!-- Send an OPTIONS packet to NATed registered endpoints. Can be 'true' or 'udp-only'. -->
    <!--<param name="nat-options-ping" value="true"/>-->
    <!--<param name="sip-options-respond-503-on-busy" value="true"/>-->
    <!--<param name="sip-messages-respond-200-ok" value="true"/>-->
    <!--<param name="sip-subscribe-respond-200-ok" value="true"/>-->

    <!-- TLS: disabled by default, set to "true" to enable -->
    <param name="tls" value="$${internal_ssl_enable}"/>
    <!-- Set to true to not bind on the normal sip-port but only on the TLS port -->
    <param name="tls-only" value="false"/>
    <!-- additional bind parameters for TLS -->
    <param name="tls-bind-params" value="transport=tls"/>
    <!-- Port to listen on for TLS requests. (5061 will be used if unspecified) -->
    <param name="tls-sip-port" value="$${internal_tls_port}"/>
    <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
    <!--<param name="tls-cert-dir" value=""/>-->
    <!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->
    <param name="tls-passphrase" value=""/>
    <!-- Verify the date on TLS certificates -->
    <param name="tls-verify-date" value="true"/>
    <!-- TLS verify policy, when registering/inviting gateways with other servers (outbound) or handling inbound registration/invite requests how should we verify their certificate -->
    <!-- set to 'in' to only verify incoming connections, 'out' to only verify outgoing connections, 'all' to verify all connections, also 'subjects_in', 'subjects_out' and 'subjects_all' for subject validation. Multiple policies can be split with a '|' pipe -->
    <param name="tls-verify-policy" value="none"/>
    <!-- Certificate max verify depth to use for validating peer TLS certificates when the verify policy is not none -->
    <param name="tls-verify-depth" value="2"/>
    <!-- If the tls-verify-policy is set to subjects_all or subjects_in this sets which subjects are allowed, multiple subjects can be split with a '|' pipe -->
    <param name="tls-verify-in-subjects" value=""/>
    <!-- TLS version default: tlsv1,tlsv1.1,tlsv1.2 -->
    <param name="tls-version" value="$${sip_tls_version}"/>

    <!-- TLS ciphers default: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH  -->
    <param name="tls-ciphers" value="$${sip_tls_ciphers}"/>

    <!-- turn on auto-flush during bridge (skip timer sleep when the socket already has data)
         (reduces delay on latent connections default true, must be disabled explicitly)-->
    <!--<param name="rtp-autoflush-during-bridge" value="false"/>-->

    <!--If you don't want to pass through timestamps from 1 RTP call to another (on a per call basis with rtp_rewrite_timestamps chanvar)-->
    <!--<param name="rtp-rewrite-timestamps" value="true"/>-->
    <!--<param name="pass-rfc2833" value="true"/>-->
    <!--If you have ODBC support and a working dsn you can use it instead of SQLite-->
    <!--<param name="odbc-dsn" value="dsn:user:pass"/>-->

    <!-- Or, if you have PGSQL support, you can use that -->
    <!--<param name="odbc-dsn" value="pgsql://hostaddr=127.0.0.1 dbname=freeswitch user=freeswitch password='' options='-c client_min_messages=NOTICE' application_name='freeswitch'" />-->

    <!--Uncomment to set all inbound calls to no media mode-->
    <!--<param name="inbound-bypass-media" value="true"/>-->

    <!--Uncomment to set all inbound calls to proxy media mode-->
    <!--<param name="inbound-proxy-media" value="true"/>-->

    <!-- Let calls hit the dialplan before selecting codec for the a-leg -->
    <param name="inbound-late-negotiation" value="true"/>

    <!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
    <param name="inbound-zrtp-passthru" value="true"/>

    <!-- this lets anything register -->
    <!--  comment the next line and uncomment one or both of the other 2 lines for call authentication -->
    <!-- <param name="accept-blind-reg" value="true"/> -->

    <!-- accept any authentication without actually checking (not a good feature for most people) -->
    <!-- <param name="accept-blind-auth" value="true"/> -->

    <!-- suppress CNG on this profile or per call with the 'suppress_cng' variable -->
    <!-- <param name="suppress-cng" value="true"/> -->

    <!--TTL for nonce in sip auth-->
    <param name="nonce-ttl" value="60"/>
    <!--Uncomment if you want to force the outbound leg of a bridge to only offer the codec
        that the originator is using-->
    <!--<param name="disable-transcoding" value="true"/>-->
    <!-- Handle 302 Redirect in the dialplan -->
    <!--<param name="manual-redirect" value="true"/> -->
    <!-- Disable Transfer -->
    <!--<param name="disable-transfer" value="true"/> -->
    <!-- Disable Register -->
    <!--<param name="disable-register" value="true"/> -->
    <!-- Used for when phones respond to a challenged ACK with method INVITE in the hash -->
    <!--<param name="NDLB-broken-auth-hash" value="true"/>-->
    <!-- add a ;received="<ip>:<port>" to the contact when replying to register for nat handling -->
    <!--<param name="NDLB-received-in-nat-reg-contact" value="true"/>-->
    <param name="auth-calls" value="$${internal_auth_calls}"/>
    <!-- Force the user and auth-user to match. -->
    <param name="inbound-reg-force-matching-username" value="true"/>
    <!-- on authed calls, authenticate *all* the packets not just invite -->
    <param name="auth-all-packets" value="false"/>

    <!-- external_sip_ip
         Used as the public IP address for SDP.
         Can be an one of:
         ip address            - "12.34.56.78"
         a stun server lookup  - "stun:stun.server.com"
         a DNS name            - "host:host.server.com"
         auto                  - Use guessed ip.
         auto-nat              - Use ip learned from NAT-PMP or UPNP
    -->
    <param name="ext-rtp-ip" value="127.0.0.1"/>
    <param name="ext-sip-ip" value="127.0.0.1"/>

    <!-- rtp inactivity timeout -->
    <param name="rtp-timeout-sec" value="300"/>
    <param name="rtp-hold-timeout-sec" value="1800"/>
    <!-- VAD choose one (out is a good choice); -->
    <!-- <param name="vad" value="in"/> -->
    <!-- <param name="vad" value="out"/> -->
    <!-- <param name="vad" value="both"/> -->
    <!--<param name="alias" value="sip:10.0.1.251:5555"/>-->
    <!--
        These are enabled to make the default config work better out of the box.
        If you need more than ONE domain you'll need to not use these options.

    -->
    <!--all inbound reg will look in this domain for the users -->
    <param name="force-register-domain" value="$${domain}"/>
    <!--force the domain in subscriptions to this value -->
    <param name="force-subscription-domain" value="$${domain}"/>
    <!--all inbound reg will stored in the db using this domain -->
    <param name="force-register-db-domain" value="$${domain}"/>


    <!-- for sip over websocket support -->
    <param name="ws-binding"  value=":5066"/>

    <!-- for sip over secure websocket support -->
    <!-- You need wss.pem in $${certs_dir} for wss or one will be created for you -->
    <param name="wss-binding" value=":7443"/>

    <!--<param name="delete-subs-on-register" value="false"/>-->

    <!-- launch a new thread to process each new inbound register when using heavier backends -->
    <!-- <param name="inbound-reg-in-new-thread" value="true"/> -->

    <!-- enable rtcp on every channel also can be done per leg basis with rtcp_audio_interval_msec variable set to passthru to pass it across a call-->
    <!--<param name="rtcp-audio-interval-msec" value="5000"/>-->
    <!--<param name="rtcp-video-interval-msec" value="5000"/>-->

    <!--force suscription expires to a lower value than requested-->
    <!--<param name="force-subscription-expires" value="60"/>-->

    <!-- add a random deviation to the expires value of the 202 Accepted -->
    <!--<param name="sip-subscription-max-deviation" value="120"/>-->

    <!-- disable register and transfer which may be undesirable in a public switch -->
    <!--<param name="disable-transfer" value="true"/>-->
    <!--<param name="disable-register" value="true"/>-->

    <!--
        enable-3pcc can be set to either 'true' or 'proxy', true accepts the call
        right away, proxy waits until the call has been answered then sends accepts
    -->
    <!--<param name="enable-3pcc" value="true"/>-->

    <!-- use at your own risk or if you know what this does.-->
    <!--<param name="NDLB-force-rport" value="true"/>-->
    <!--
        Choose the realm challenge key. Default is auto_to if not set.

        auto_from  - uses the from field as the value for the sip realm.
        auto_to    - uses the to field as the value for the sip realm.
        <anyvalue> - you can input any value to use for the sip realm.

        If you want URL dialing to work you'll want to set this to auto_from.

        If you use any other value besides auto_to or auto_from you'll
        loose the ability to do multiple domains.

        Note: comment out to restore the behavior before 2008-09-29
    -->
    <param name="challenge-realm" value="auto_from"/>
    <!--<param name="disable-rtp-auto-adjust" value="true"/>-->
    <!-- on inbound calls make the uuid of the session equal to the sip call id of that call -->
    <!--<param name="inbound-use-callid-as-uuid" value="true"/>-->
    <!-- on outbound calls set the callid to match the uuid of the session -->
    <!--<param name="outbound-use-uuid-as-callid" value="true"/>-->
    <!-- set to false disable this feature -->
    <!--<param name="rtp-autofix-timing" value="false"/>-->

    <!-- set this param to false if your gateway for some reason hates X- headers that it is supposed to ignore-->
    <!--<param name="pass-callee-id" value="false"/>-->

    <!-- clear clears them all or supply the name to add or the name
         prefixed with ~ to remove valid values:

           clear
           CISCO_SKIP_MARK_BIT_2833
           SONUS_SEND_INVALID_TIMESTAMP_2833

    -->
    <!--<param name="auto-rtp-bugs" data="clear"/>-->

    <!-- the following can be used as workaround with bogus SRV/NAPTR records -->
    <!--<param name="disable-srv" value="false" />-->
    <!--<param name="disable-naptr" value="false" />-->

    <!-- The following can be used to fine-tune timers within sofia's transport layer
         Those settings are for advanced users and can safely be left as-is -->

    <!-- Initial retransmission interval (in milliseconds).
         Set the T1 retransmission interval used by the SIP transaction engine.
         The T1 is the initial duration used by request retransmission timers A and E (UDP) as well as response retransmission timer G.   -->
    <!-- <param name="timer-T1" value="500" /> -->

    <!--  Transaction timeout (defaults to T1 * 64).
         Set the T1x64 timeout value used by the SIP transaction engine.
         The T1x64 is duration used for timers B, F, H, and J (UDP) by the SIP transaction engine.
         The timeout value T1x64 can be adjusted separately from the initial retransmission interval T1. -->
    <!-- <param name="timer-T1X64" value="32000" /> -->


    <!-- Maximum retransmission interval (in milliseconds).
         Set the maximum retransmission interval used by the SIP transaction engine.
         The T2 is the maximum duration used for the timers E (UDP) and G by the SIP transaction engine.
         Note that the timer A is not capped by T2. Retransmission interval of INVITE requests grows exponentially
         until the timer B fires.  -->
    <!-- <param name="timer-T2" value="4000" /> -->

    <!--
        Transaction lifetime (in milliseconds).
        Set the lifetime for completed transactions used by the SIP transaction engine.
        A completed transaction is kept around for the duration of T4 in order to catch late responses.
        The T4 is the maximum duration for the messages to stay in the network and the duration of SIP timer K. -->
    <!-- <param name="timer-T4" value="4000" /> -->

    <!-- Turn on a jitterbuffer for every call -->
    <!-- <param name="auto-jitterbuffer-msec" value="60"/> -->


    <!-- By default mod_sofia will ignore the codecs in the sdp for hold/unhold operations
         Set this to true if you want to actually parse the sdp and re-negotiate the codec during hold/unhold.
         It's probably not what you want so stick with the default unless you really need to change this.
    -->
    <!--<param name="renegotiate-codec-on-hold" value="true"/>-->

  </settings>
</profile>