OpenSER安装配置指南

OpenSER安装配置指南

主页

http://www.openser.org

下载
http://www.openser.org/pub/openser/latest-1.2.x/src/openser-1.2.2-tls_src.tar.gz

准备

试验平台为Fedora8, 预先装好了MYSQL-5.0.45;

需要安装相应的MySQL-devel-5.0.45开发包， 到这里下载

http://ftp.plusline.de/mysql/Downloads/MySQL-5.0/MySQL-devel-5.0.45-0.i386.rpm

最好为mysql设置一个root密码。

编译

代码:

tar zxvf openser-1.2.2-tls_src.tar.gz

cd openser-1.2.2-tls
make all
make prefix=/usr/local install

# 预先我编译了几个测试的模块和mysql
make prefix=/usr/local include_modules="dialog sl mysql" modules
make prefix=/usr/local include_modules="dialog sl mysql" install

设置域名
* 如果你的机器有域名，直接使用就可以了，如果没有，可以编辑一下/etc/hosts，加上一行：

代码:

127.0.0.1 openser.fc8.home

* 把域名加入到root用户的OpenSER的资源文件中

代码:

export SIP_DOMAIN=openser.fc8.home

运行

代码:

/usr/local/sbin/openser_mysql.sh create

运行之后需要输入上面提到的mysql数据库的root密码。

编辑配置文件
编辑/usr/local/etc/openser/openser.cfg，以下是我的配置，红色部分是需要修改的，不用多讲，看注释就明白啦！:)

代码:

# ----------- global configuration parameters ------------------------

debug=3 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
children=4
#dns=yes
#rev_dns=yes

# Uncomment these lines to enter debugging mode
#fork=no
#log_stderror=yes
#
# 这里是使用调试模式，可以将这两个参数打开调试你的配置文件是否
有错

port=5060

# uncomment the following lines for TLS support
#disable_tls = 0
#listen = tls:your_IP:5061
#tls_verify_server = 1
#tls_verify_client = 1
#tls_require_client_certificate = 0
#tls_method = TLSv1
#tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
#tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
#tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"

# ------------------ module loading ----------------------------------

#set module path
mpath="/usr/local/lib/openser/modules/"

# Uncomment this if you want to use SQL database
loadmodule "mysql.so"

loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "rr.so"
loadmodule "maxfwd.so"
loadmodule "usrloc.so"
loadmodule "registrar.so"
loadmodule "textops.so"
loadmodule "mi_fifo.so"

# Uncomment this if you want digest authentication
# mysql.so must be loaded !
loadmodule "auth.so"
loadmodule "auth_db.so"

# ----------------- setting module-specific parameters ---------------

# -- mi_fifo params --

modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")

# -- usrloc params --

modparam("usrloc", "db_mode", 0)

# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
modparam("usrloc", "db_mode", 2)

# -- auth params --
# Uncomment if you are using auth module
#
modparam("auth_db", "calculate_ha1", yes)
#

# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
modparam("auth_db", "password_column", "password")

# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)

# ------------------------- request routing logic -------------------

# main routing logic

route{

# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
};

if (msg:len >= 2048 ) {
sl_send_reply("513", "Message too big");
exit;
};

# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
if (!method=="REGISTER")
record_route();

# subsequent messages withing a dialog should take the
# path determined by record-routing

if (loose_route()) {
# mark routing logic in request
append_hf("P-hint: rr-enforced\r\n");
route(1);
};

if (!uri==myself) {
# mark routing logic in request
append_hf("P-hint: outbound\r\n");
# if you have some interdomain connections via TLS
#if(uri=~"@tls_domain1.net") {
# t_relay("tls:domain1.net");
# exit;
#} else if(uri=~"@tls_domain2.net") {
# t_relay("tls:domain2.net");
# exit;
#}
route(1);
};

# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {

if (method=="REGISTER") {

# Uncomment this if you want to use digest authentication
if (!www_authorize("openser.org", "subscriber")) {
www_challenge("openser.org", "0");
exit;
};

save("location");
exit;
};

lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
};

# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
exit;
};
append_hf("P-hint: usrloc applied\r\n");
};

route(1);
}

route[1] {
# send it out now; use stateful forwarding as it works reliably
# even for UDP2TCP
if (!t_relay()) {
sl_reply_error();
};
exit;
}

代码:

/usr/local/sbin/openserctl add 8001 1111 8001@tcl.com

运行

代码:

/usr/local/sbin/openserctl start

大功告成!使用eyeBeam测试通过. :)

编辑/usr/local/etc/openser/openserctlrc，将mysql相关的条目注释去掉。

代码:

## your SIP domain
SIP_DOMAIN=openser.fc8.home

## database type: MYSQL or PGSQL, by defaulte none is loaded
DBENGINE=MYSQL

## database host
DBHOST=localhost

## database name
DBNAME=openser

## database read/write user
DBRWUSER=openser

# 这条是没有的需要自己添加
DBRWPW=openserrw

## database read only user
# DBROUSER=openserro

## password for database read only user
# DBROPW=openserro

## database super user
DBROOTUSER="root"

## type of aliases used: DB - database aliases; UL - usrloc aliases
## - default: none
#ALIASES_TYPE="DB"

## control engine: FIFO or UNIXSOCK
## - default FIFO
# CTLENGINE="FIFO"

## path to FIFO file
# OSER_FIFO="FIFO"

## check ACL names; default on (1); off (0)
# VERIFY_ACL=1

## ACL names - if VERIFY_ACL is set, only the ACL names from below list
## are accepted
# ACL_GROUPS="local ld int voicemail free-pstn"

## presence of serweb tables - default "no"
# HAS_SERWEB="yes"

## verbose - debug purposes - default '0'
# VERBOSE=1

## do (1) or don't (0) store plaintext passwords
## in the subscriber table - default '1'
# STORE_PLAINTEXT_PW=0

添加用户