2 # /etc/siproxd.conf - siproxd configuration file
4 # !! This is a sample file, adapt it to your needs before using it !!
6 # !! Strings MUST NOT contain spaces !!
9 ######################################################################
10 # The interface names of INBOUND and OUTBOUND interface.
16 ######################################################################
18 # Access lists in the form: IP/mask (ex. 10.0.0.1/24)
19 # Multiple entries may be separated by commas NO SPACES ARE ALLOWED!!
20 # Empty list means 'does not apply' - no filtering is done then.
21 # For *allow* lists this means: always allow, for *deny* lists that
22 # this means never deny.
24 # hosts_allow_reg: defines nets from which we accept registrations
25 # hosts_allow_sip: defines nets from which we accept SIP traffic
26 # hosts_deny_sip: defines nets from which we deny SIP traffic
28 # - The deny list takes precedence over the allow lists.
29 # - The allow_reg list also implies allowance for sip.
32 # local private net -> allow_reg list
33 # external nets (from which we accept incoming calls) -> allow_sip
35 #hosts_allow_reg = 192.168.1.8/24
36 #hosts_allow_sip = 123.45.0.0/16,123.46.0.0/16
37 #hosts_deny_sip = 10.0.0.0/8,11.0.0.0/8
40 ######################################################################
41 # Port to listen for incoming SIP messages.
42 # 5060 is usually the correct choice - don't change this unless you
43 # know what you're doing
45 sip_listen_port = 5060
48 ######################################################################
53 ######################################################################
54 # What shall I log to syslog?
55 # 0 - DEBUGs, INFOs, WARNINGs and ERRORs (this is the default)
56 # 1 - INFOs, WARNINGs and ERRORs
57 # 2 - WARNINGs and ERRORs
59 # 4 - absolutely nothing (be careful - you will have no way to
60 # see what siproxd is doing - or NOT doing)
63 ######################################################################
64 # Shall I log call establishment to syslog?
68 ######################################################################
69 # Secure Enviroment settings:
70 # user: uid/gid to switch to after startup
71 # chrootjail: path to chroot to (chroot jail)
73 #chrootjail = /var/lib/siproxd/
75 ######################################################################
77 # Where to store the current registrations.
78 # An empty value means we do not save registrations. Make sure that
79 # the specified directory path does exist!
80 registration_file = /var/siproxd_registrations
82 ######################################################################
83 # global switch to control the RTP proxy behaviour
84 # 0 - RTP proxy disabled
85 # 1 - RTP proxy (UDP relay of siproxd)
87 # Note: IPCHAINS and IPTABLES(netfilter) support is no longer present!
91 ######################################################################
92 # Port range to allocate listen ports from for incoming RTP traffic
93 # This should be a range that is not blocked by the firewall
98 ######################################################################
99 # Timeout for RTP streams
100 # after this number of seconds, an RTP stream is considered dead
101 # and proxying for it will be stopped.
102 # Be aware that this timeout also applies to streams that are
107 ######################################################################
108 # Proxy authentication
109 # If proxy_auth_realm is defined (a string), clients will be forced
110 # to authenticate themselfes at the proxy (for registration only).
111 # To disable Authentication, simply comment out this line.
113 #proxy_auth_realm = Authentication_Realm
115 # the (global) password to use (will be the same for all local clients)
117 #proxy_auth_passwd = password
119 # OR use individual per user passwords stored in a file
121 #proxy_auth_pwfile = doc/siproxd_passwd.cfg
123 # 'proxy_auth_pwfile' has precedence over 'proxy_auth_passwd'
125 ######################################################################
126 # Debug level... (setting to -1 will enable everything)
128 # DBCLASS_BABBLE 0x00000001 // babble (like entering/leaving func)
129 # DBCLASS_NET 0x00000002 // network
130 # DBCLASS_SIP 0x00000004 // SIP manipulations
131 # DBCLASS_REG 0x00000008 // Client registration
132 # DBCLASS_NOSPEC 0x00000010 // non specified class
133 # DBCLASS_PROXY 0x00000020 // proxy
134 # DBCLASS_DNS 0x00000040 // DNS stuff
135 # DBCLASS_NETTRAF 0x00000080 // network traffic
136 # DBCLASS_CONFIG 0x00000100 // configuration
137 # DBCLASS_RTP 0x00000200 // RTP proxy
138 # DBCLASS_ACCESS 0x00000400 // Access list evaluation
139 # DBCLASS_AUTH 0x00000800 // Authentication
141 debug_level = 0x00000000
143 ######################################################################
144 # Mask feature (experimental)
146 # Some UAs will always use the host/ip they register with as
147 # host part in the registration record (which will be the inbound
148 # ip address / hostname of the proxy) and can not be told to register a
149 # different host (public IP address). This Mask feature allows to force
150 # such a UA to be masqueraded to a different host.
151 # -> Siemens SIP Phones seem to need this feature.
153 # mask_host=<inbound_ip/hostname>
154 # masked_host=<hostname_to_be_masqueraded_as>
156 # mask_host=<10.0.1.1> -- inbound IP address of proxy
157 # masked_host=<my.public.host> -- outbound hostname proxy
159 ######################################################################
162 # Siproxd itself can be told to send all traffic to another
164 # You can use this feature to 'chain' multiple siproxd proxies
165 # if you have several masquerading firewalls to cross.
167 # outbound_proxy_host = my.outboundproxy.org
168 # outbound_proxy_port = 5060