Ubuntu 18.04.4 LTS 安装linphone系列相关的flexisip -- 配置填坑篇

准备

上一篇文章
哎，上一篇咱们讲了怎么在Ubuntu 18.04.4 LTS 安装linphone系列相关的flexisip，然而遇到了坑呜呜呜，启动是启动了，但是却一直不能登录。今天咱们填坑了，嘻嘻，赶紧看看吧。

开始

先说上一篇留下的坑哈。

坑1

启动的这一段错误，仔细看就是一些关于音视频的硬件检查的，目前还没有找到禁用的方法。但是它报错不影响使用哈。

2021-07-12 17:47:16:082 mediastreamer-message-Mediastreamer2 factory 4.5.0 (git: unknown) initialized.
2021-07-12 17:47:16:082 mediastreamer-message-CPU count set to 2
2021-07-12 17:47:16:082 mediastreamer-message-ms_factory_init() done: platform_tags=linux,x86,desktop
2021-07-12 17:47:16:082 mediastreamer-message-Registering all soundcard handlers
2021-07-12 17:47:16:087 mediastreamer-message-New PulseAudio context state: PA_CONTEXT_CONNECTING
2021-07-12 17:47:16:087 mediastreamer-message-New PulseAudio context state: PA_CONTEXT_FAILED
2021-07-12 17:47:16:088 mediastreamer-message-Connection to the pulseaudio server failed
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in confmisc.c:767 - cannot find card '0'
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:4528 - function snd_func_card_driver returned error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in confmisc.c:392 - error evaluating strings
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:4528 - function snd_func_concat returned error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in confmisc.c:1246 - error evaluating name
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:4528 - function snd_func_refer returned error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:5007 - Evaluate error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in pcm.c:2495 - Unknown PCM default
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in confmisc.c:767 - cannot find card '0'
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:4528 - function snd_func_card_driver returned error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in confmisc.c:392 - error evaluating strings
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:4528 - function snd_func_concat returned error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in confmisc.c:1246 - error evaluating name
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:4528 - function snd_func_refer returned error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in conf.c:5007 - Evaluate error: No such file or directory
2021-07-12 17:47:16:091 mediastreamer-message-alsa error in pcm.c:2495 - Unknown PCM default
2021-07-12 17:47:16:091 mediastreamer-message-Card 'ALSA Unknown: default' added with capabilities [none]
2021-07-12 17:47:16:091 mediastreamer-message-ms_factory_init_voip() done
2021-07-12 17:47:16:091 mediastreamer-message-Loading ms plugins from [/opt/belledonne-communications/lib/mediastreamer/plugins]
2021-07-12 17:47:16:091 mediastreamer-message-Cannot open directory /opt/belledonne-communications/lib/mediastreamer/plugins: No such file or directory

所以这个坑先留着后期找到解决办法在填吧。

坑2

2021-07-12 16:06:08:691 flexisip-error-Could not bind STUN server to 0.0.0.0 port 3478

哎这个很简单吗，因为本身服务器有一个countrun服务器运行，3478端口被占用了嘛，所以，嘻嘻。
解决方案有两。
一、禁用flexisip 本身的，用我们自己配置的countrun服务器，方便维护。

二、就不多说了，pkill turnserver,直接关闭conturn服务器。

坑三

无法登录，好吧这个呢需要你的配置了。
首先需要感谢这位大大的配置解决了我很多麻烦。
我这边之前根据官方配置数据库，却没有仔细研究，最终造成了低级错误。哎打脸啊！

这里建立了用户数据库，但是在配置文件中，默认配置的是这里数据库配置的查询语句，跟我新建的数据库不一样。

哎，所以以后要细心细心细心再细心。

我的配置

##
## This is the default Flexisip (v2.1.0-alpha-114-gabc387b8) configuration
## file
##





##
## Some global settings of the flexisip proxy.
##
[global]

# Servers started by default when no --server option is specified
# on command line. Possible values are 'proxy', 'presence', 'conference',
# 'regevent' separated by whitespaces.
# Default: proxy
default-servers=proxy presence conference

# Automatically respawn flexisip in case of abnormal termination
# (crashes). This has an effect if Flexisip has been launched with
# '--daemon' option only
# Default: true
auto-respawn=true

# Path to the directory where plugins can be found.
# Default: /opt/belledonne-communications/lib/flexisip/plugins
plugins-dir=/opt/belledonne-communications/lib/flexisip/plugins

# Plugins to load. Look at <prefix>/lib/flexisip/plugins to know
# the list of installed plugin. The name of a plugin can be derivated
# from the according library name by striping out the extension
# part and the leading 'lib' prefix.
# E.g. putting 'jweauth' in this setting will make libjweauth.so
# library to be load on runtime.
# Default: 
plugins=

# Generate a corefile when crashing. Note that by default linux
# will generate coredumps in '/' which is not so convenient. The
# following shell command can be added to /etc/rc.local in order
# to write core dumps a in specific directory, for example /home/cores:
# 	echo "/home/cores/core.%e.%t.%p" >/proc/sys/kernel/core_pattern
# Default: false
dump-corefiles=true

# Enable SNMP.
# Default: false
enable-snmp=true

# Directory where to create log files. Create logs are named as
# 'flexisip-<server_type>.log'. If If several server types have
# been specified by '--server' option or 'global/default-servers'
# parameter, then <server_type> is expanded by a concatenation of
# all the server types joined with '+' character.
# WARNING: Flexisip has no embedded log rotation system but provides
# a configuration file for logrotate. Please ensure that logrotate
# is installed and running on your system if you want to have Flexisip's
# logs rotated. Log rotation can be customized by editing /etc/logrotate.d/flexisip-logrotate.
# Default: /var/opt/belledonne-communications/log/flexisip
log-directory=/var/log/flexisip

# Name of the log file. Any occurences of '{server}' will be replaced
# by the server type which has been given by '--server' option or
# 'default-servers' parameter. If several server types have been
# given, then '{server}' will be replaced by the concatenation of
# these separated by '+' character (e.g. 'proxy+presence')
# Default: flexisip-{server}.log
log-filename=flexisip-{server}.log

# Log file verbosity. Possible values are debug, message, warning
# and error
# Default: error
log-level=message

# Syslog verbosity. Possible values are debug, message, warning
# and error
# Default: error
#syslog-level=error

# Log (on a different log domain) user errors like authentication,
# registration, routing, etc...
# Default: false
#user-errors-logs=false

# A boolean expression applied to current SIP message being processed.
# When matched, logs are output provided that there level is greater
# than the value defined in contextual-log-level. The definition
# of the SIP boolean expression is the same as for entry filters
# of modules, which is documented here: https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
#contextual-log-filter=

# Verbosity of contextual logs to output when the condition defined
# in 'contextual-log-filter' is met.
# Default: debug
#contextual-log-level=debug

# List of white space separated SIP URIs where the proxy must listen.
# Wildcard (*) can be used to mean 'all local ip addresses'. If
# 'transport' parameter is unspecified, it will listen to both udp
# and tcp. A local address to bind onto can be indicated in the
# 'maddr' parameter, while the domain part of the uris are used
# as public domain or ip address.
# The 'sips' transport definitions accept two optional parameters:
#  - 'tls-certificates-dir' taking for value a path, with the same
#    meaning as the 'tls-certificates-dir' property of this section
#    and overriding it for this given transport.
#  - 'tls-verify-incoming' taking for value '0' or '1', to indicate
#    whether clients connecting are required to present a valid client
#    certificate. Default value is 0.
#  - 'tls-allow-missing-client-certificate' taking for value '0'
#    or '1', to allow connections from clients which have no certificate
#    even if `tls-verify-incoming` has been enabled. That's useful
#    if you wish to have Flexisip to ask for a client certificate,
#    but without failing if the client cannot provide one.
#  - 'tls-verify-outgoing' taking for value '0' or '1', whether
#    flexisip should check the peer certificate when it make an outgoing
#    TLS connection to another server. Default value is 1.
#  - 'require-peer-certificate' (deprecated) same as tls-verify-incoming
# 
# It is HIGHLY RECOMMENDED to specify a canonical name for 'sips'
# transport, so that the proxy can advertise this information in
# Record-Route headers, which allows TLS cname check to be performed
# by clients.
# Specifying a sip uri with transport=tls is not allowed: the 'sips'
# scheme must be used instead. As requested by SIP RFC, IPv6 address
# must be enclosed within brakets.
# Here are some examples to understand:
#  - listen on all local interfaces for udp and tcp, on standard
#    port:
# 	transports=sip:*
#  - listen on all local interfaces for udp,tcp and tls, on standard
#    ports:
# 	transports=sip:* sips:*
#  - listen only a specific IPv6 interface, on standard ports, with
#    udp, tcp and tls
# 	transports=sip:[2a01:e34:edc3:4d0:7dac:4a4f:22b6:2083] sips:[2a01:e34:edc3:4d0:7dac:4a4f:22b6:2083]
#  - listen on tls localhost with 2 different ports and SSL certificates:
# 	transports=sips:localhost:5061;tls-certificates-dir=path_a sips:localhost:5062;tls-certificates-dir=path_b
#  - listen on tls localhost with 2 peer certificate requirements:
# 	transports=sips:localhost:5061;tls-verify-incoming=0 sips:localhost:5062;tls-verify-incoming=1
#  - listen on 192.168.0.29:6060 with tls, but public hostname is
#    'sip.linphone.org' used in SIP messages. Bind address won't appear
#    in messages:
# 	transports=sips:sip.linphone.org:6060;maddr=192.168.0.29
# Default: sip:*

transports=sip:域名:2010

# List of white space separated host names pointing to this machine.
# This is to prevent loops while routing SIP messages.
# Default: localhost
aliases=域名 localhost

# Time interval in seconds after which inactive connections are
# closed.
# Default: 3600
idle-timeout=3600

# Time interval in seconds for sending "\r\n\r\n" keepalives packets
# on inbound and outbound connections. A value of zero stands for
# no keepalive. The main purpose of sending keepalives is to keep
# connection alive accross NATs, but it also helps in detecting
# silently broken connections which can reduce the number socket
# descriptors used by flexisip.
# Default: 1800
keepalive-interval=1800

# Time interval in seconds for sending "\r\n\r\n" keepalives packets
# specifically for proxy to proxy connections. Indeed, while it
# is undesirable to send frequent keepalives to mobile clients because
# it drains their battery, sending frequent keepalives has proven
# to be helpful to keep connections up between proxy nodes in a
# very popular US virtualized datacenter. A value of zero stands
# for no keepalive.
# Default: 0
proxy-to-proxy-keepalive-interval=0

# SIP transaction timeout in milliseconds. It is T1*64 (32000 ms)
# by default.
# Default: 32000
transaction-timeout=32000

# The UDP MTU. Flexisip will fallback to TCP when sending a message
# whose size exceeds the UDP MTU. Please read http://sofia-sip.sourceforge.net/refdocs/nta/nta__tag_8h.html#a6f51c1ff713ed4b285e95235c4cc999a
# for more details. If sending large packets over UDP is not a problem,
# then set a big value such as 65535. Unlike the recommandation
# of the RFC, the default value of UDP MTU is 1460 in Flexisip (instead
# of 1300).
# Default: 1460
udp-mtu=1460

# Path to the directory where TLS server certificate and private
# key can be found, concatenated inside an 'agent.pem' file. Any
# chain certificates must be put into a file named 'cafile.pem'.
# The setup of agent.pem, and eventually cafile.pem is required
# for TLS transport to work.
# Default: /etc/flexisip/tls/
#tls-certificates-dir=/etc/flexisip/tls/

# Ciphers string to pass to OpenSSL in order to limit the cipher
# suites to use while establishing TLS sessions. Please take a look
# to ciphers(1) UNIX manual to get the list of keywords supported
# by your current version of OpenSSL. You might visit https://www.openssl.org/docs/manmaster/man1/ciphers.html
# too. The default value set by Flexisip should provide a high level
# of security while keeping an acceptable level of interoperability
# with currenttly deployed clients on the market.
# Default: HIGH:!SSLv2:!SSLv3:!TLSv1:!EXP:!ADH:!RC4:!3DES:!aNULL:!eNULL
#tls-ciphers=HIGH:!SSLv2:!SSLv3:!TLSv1:!EXP:!ADH:!RC4:!3DES:!aNULL:!eNULL

# Ask for client certificate on TLS session establishing.
# Default: false
#require-peer-certificate=false

# Unique ID used to identify that instance of Flexisip. It must
# be a randomly generated 16-sized hexadecimal number. If empty,
# it will be randomly generated on each start of Flexisip.
# Default: 
#unique-id=






##
## This section contains some parameters useful when the current
## proxy is part of a network of proxies (cluster) which serve the
## same domain.
##
[cluster]

# Enable cluster mode. If 'false', the parameters of [cluster] section
# won't have any effect.
# Default: false
#enabled=false

# Domain name that enables external SIP agents to access to the
# cluster. Such domain is often associated to DNS SRV records for
# each proxy of the cluster, so that DNS resolution returns the
# address of a specific proxy randomly.
# Flexisip uses that domain when it needs to insert a 'Path' or
# 'Record-route' header addressing the cluster instead of itself.
# Default: 
#cluster-domain=

# List of IP addresses of all the proxies present in the cluster.
# SIP messages coming from these addresses won't be challenged by
# the authentication module and won't have any rate limit applied
# by the DoS protection module.
# Default: 
#nodes=

# Transport to use for communication with the other proxies of the
# cluster. This is useful only when no transport declared in 'global/transport'
# parameter can be used to reach the other proxies e.g. when inter-proxy
# communications are to be made through a private network.
# Ex: sip:10.0.0.8:5059;transport=tcp
# Default: 
#internal-transport=






##
## Should the server be registered on a local domain, to be accessible
## via multicast DNS.
##
[mdns-register]

# Set to 'true' to enable multicast DNS register
# Default: false
#enabled=false

# Priority of this instance, lower value means more preferred.
# 'n': priority of n (example 10)
# 'n-m': random priority between n and m (example 10-50)
# Default: 0
#mdns-priority=0

# A relative weight for Flexisips with the same priority, higher
# value means more preferred.
# For example, if two Flexisips are registered on the same local
# domain with one at 20 and the other at 80, then 20% of Flexisip
# traffic will be redirected to the first Flexisip and 80% to the
# other one.
# The sum of all the weights of Flexisips on the same local domain
# must be 100.
# Default: 100
#mdns-weight=100

# Time To Live of any mDNS query that will ask for this Flexisip
# instance
# Default: 3600
#mdns-ttl=3600






##
## Event logs contain per domain and user information about processed
## registrations, calls and messages.
## See: https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Event%20logs%20and%20queries/
## for architecture and queries.
##
[event-logs]

# Enable event logs.
# Default: false
#enabled=true

# Define logger for storing logs. It supports "filesystem" and "database".
# Default: filesystem
logger=database

# Directory where event logs are written as a filesystem (case when
# filesystem output is choosed).
# Default: /var/log/flexisip
filesystem-directory=/var/log/flexisip

# Choose the type of backend that Soci will use for the connection.
# Depending on your Soci package and the modules you installed,
# the supported databases are:`mysql`, `sqlite3` and `postgresql`
# Default: mysql
database-backend=mysql

# The configuration parameters of the backend.
# The basic format is "key=value key2=value2". For a mysql backend,
# this is a valid config: "db=mydb user=user password='pass' host=myhost.com".
# Please refer to the Soci documentation of your backend, for instance:
# http://soci.sourceforge.net/doc/master/backends/#supported-backends-and-features
# Default: db='mydb' user='myuser' password='mypass' host='myhost.com'

database-connection-string=db='flexisip_accounts' user='myadmin' password='Kangtai123' host='114.55.75.238'


# Amount of queries that will be allowed to be queued before bailing
# password requests.
# This value should be chosen accordingly with 'database-nb-threads-max',
# so that you have a coherent behavior.
# This limit is here mainly as a safeguard against out-of-control
# growth of the queue in the event of a flood or big delays in the
# database backend.
# Default: 100
#database-max-queue-size=100

# Maximum number of threads for writing in database.
# If you get a `database is locked` error with sqlite3, you must
# set this variable to 1.
# Default: 10
#database-nb-threads-max=10






##
## STUN server parameters.
##
[stun-server]

# Enable or disable stun server.
# Default: true
enabled=false

# Local ip address where to bind the socket.
# Default: 0.0.0.0
bind-address=0.0.0.0

# STUN server port number.
# Default: 3478
port=3478






##
## Flexisip presence server parameters.
##
[presence-server]

# Enable presence server
# Default: true
enabled=true

# List of white space separated SIP URIs where the presence server
# must listen. Must not be tls.
# Default: sip:127.0.0.1:5065;transport=tcp
transports=sip:127.0.0.1:2008

# Default expires of PUBLISH request in second.
# Default: 600
expires=600

# Max number of presentity sent in a single NOTIFY by default.
# Default: 200
notify-limit=200

# Enable long-term presence notifies
# Default: false
long-term-enabled=false

# Soci connection string for the resource list database.
# Default: 
#rls-database-connection=

# SQL request to obtain the list of the users corresponding to an
# resource list subscription.
# Named parameters are:
#  * ':from' : the URI of the sender of the SUBSCRIBE. (mandatory)
#  * ':to' : the URI of the users list which the sender want to
#    subscribe to. (mandatory)
#    
# Default: 
#rls-database-request=

# Max number of threads.
# Default: 50
#rls-database-max-thread=50

# Max legnth of threads queue.
# Default: 50
#rls-database-max-thread-queue-size=50






##
## Flexisip conference server parameters. The flexisip conference
## server is a user-agent that handles session-based chat (yes, text
## only at this time). It requires a mysql database in order to persisently
## store chatroom state (participants and their devices). It will
## use the Registrar backend (see section module::Registrar) to discover
## devices (or client instances) of each participant.
##
[conference-server]

# Enable conference server
# Default: true
enabled=true

# URI where the conference server must listen. Only one URI can
# be specified.
# Default: sip:127.0.0.1:6064;transport=tcp
transport=sip:127.0.0.1:2009

# List of SIP uris used by clients to create a conference. This
# implicitely defines the list of SIP domains managed by the conference
# server. For example:
# conference-factory-uris=sip:conference-factory@sip.linphone.org
# sip:conference-factory@sip.linhome.org
# Default: 
conference-factory-uris=sip:conference-factory@域名

# The Flexisip proxy URI to which the conference server should sent
# all its outgoing SIP requests.
# Default: sip:127.0.0.1:5060;transport=tcp
outbound-proxy=sip:127.0.0.1:2010

# Domains managed by the local SIP service, ie domains for which
# user registration information can be found directly from the local
# registrar database (redis database). For external domains (not
# in this list), a 'reg' SUBSCRIBE (RFC3680) will be emitted.It
# is not necessary to list here domains that appear in the 'conference-factory-uris'
# property. They are assumed to be local domains already.
# Ex: local-domains=sip.linphone.org conf.linphone.org linhome.org
# Default: 
local-domains=域名

# Choose the type of backend that linphone will use for the connection.
# Depending on your Soci package and the modules you installed,
# the supported databases are: `mysql`, `sqlite3`
# Default: mysql
database-backend=mysql

# The configuration parameters of the backend.
# The basic format is "key=value key2=value2". For a mysql backend,
# this is a valid config: "db=mydb user=user password='pass' host=myhost.com".
# Please refer to the Soci documentation of your backend, for instance:
# http://soci.sourceforge.net/doc/3.2/backends/mysql.htmlhttp://soci.sourceforge.net/doc/3.2/backends/sqlite3.html
# Default: db='mydb' user='myuser' password='mypass' host='myhost.com'

database-connection-string=db='flexisip_conference' user='myadmin' password='Kangtai123' host='114.55.75.238'

# Whether the conference server shall check device capabilities
# before inviting them to a session.
# The capability check is currently limited to Linphone client that
# put a +org.linphone.specs contact parameter in order to indicate
# whether they support group chat and secured group chat.
# Default: true
check-capabilities=true

# Whether one-to-one chat room creation is allowed or not.
# Default: true
enable-one-to-one-chat-room=true






##
## Flexisip RegEvent server parameters.The regevent server is in
## charge of responding to SIP SUBSCRIBEs for the 'reg' event as
## defined by RFC3680 - A Session Initiation Protocol (SIP) Event
## Package for Registrations - https://tools.ietf.org/html/rfc3680.To
## generate the outgoing NOTIFY, it will rely upon the registrar
## database, as setup in module::Registrar section.
##
[regevent-server]

# SIP uri on which the RegEvent server is listening on.
# Default: sip:127.0.0.1:6065;transport=tcp
transport=sip:127.0.0.1:2007






##
## This module bans user when they are sending too much packets within
## a given timeframe. To see the list of currently banned IPs/ports,
## use iptables -L. 
##
[module::DoSProtection]

# Indicate whether the module is activated.
# Default: true
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=

# Number of milliseconds to consider to compute the packet rate
# Default: 3000
time-period=3000

# Maximum packet rate in packets/seconds,  averaged over [time-period]
# millisecond(s) to consider it as a DoS attack.
# Default: 20
packet-rate-limit=20

# Number of minutes to ban the ip/port using iptables
# Default: 2
ban-time=1

# Name of the chain flexisip will create to store the banned IPs
# Default: FLEXISIP
iptables-chain=FLEXISIP

# List of IP addresses or hostnames for which no DoS protection
# is made. This is typically for trusted servers from which we can
# receive high traffic. Please note that nodes from the local flexisip
# cluster (see [cluster] section) are automatically added to the
# white list, as well as 127.0.0.1 and ::1.
# Example:
# white-list=sip.example.org sip.linphone.org 15.128.128.93
# Default: 
#white-list=






##
## The SanitChecker module checks that required fields of a SIP message
## are present to avoid unecessary checking while processing message
## further.
## If the message doesn't meet these sanity check criterias, then
## it is stopped and bad request response is sent.
##
[module::SanityChecker]

# Indicate whether the module is activated.
# Default: true
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=






##
## The GarbageIn module collects incoming garbage and prevent any
## further processing.
##
[module::GarbageIn]

# Indicate whether the module is activated.
# Default: false
#enabled=false

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: false
#filter=false






##
## The NatHelper module executes small tasks to make SIP work smoothly
## despite firewalls. It corrects the Contact headers that contain
## obviously inconsistent addresses, and adds a Record-Route to ensure
## subsequent requests are routed also by the proxy, through the
## same UDP or TCP channel used for the initial request.
##
[module::NatHelper]

# Indicate whether the module is activated.
# Default: true
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=

# Internal URI parameter added to response contact by first proxy
# and cleaned by last one.
# Default: verified
contact-verified-param=verified

# Fix record-routes, to workaround proxies behind firewalls but
# not aware of it.
# Default: false
fix-record-routes=false

# Policy to recognize nat'd record-route and fix them. There are
# two modes: 'safe' and 'always'
# Default: safe
fix-record-routes-policy=safe






##
## The authentication module challenges and authenticates SIP requests
## using two possible methods:
##  * if the request is received via a TLS transport and 'require-peer-certificate'
##    is set in transport definition in [Global] section for this transport,
##    then the From header of the request is matched with the CN claimed
##    by the client certificate. The CN must contain sip:user@domain
##    or alternate name with URI=sip:user@domain corresponding to the
##    URI in the from header for the request to be accepted. Optionnaly,
##    the property tls-client-certificate-required-subject may contain
##    a regular expression for additional checks to execute on certificate
##    subjects.
##  * if no TLS client based authentication can be performed, or
##    has failed, then a SIP digest authentication is performed. The
##    password verification is made by querying a database or a password
##    file on disk.
##
[module::Authentication]

# Indicate whether the module is activated.
# Default: false
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=

# List of whitespace separated domains to challenge. Others are
# automatically denied. The wildcard domain '*' is accepted, which
# means that requests are challenged whatever the originating domain
# is. This is convenient for a proxy serving multiple SIP domains.
# 
# Default: localhost
auth-domains=域名 localhost

# List of digest algorithms to use for password hashing. Think this
# setting as filter applied after fetching the credentials of a
# user from the user database. For example, if a user has its password
# hashed by MD5 and SHA-256 but 'available-algorithms' only has
# MD5, then only a MD5-based challenged will be submited to the
# UAC.
# Furthermore, should a user have several hashed passwords and these
# are present in the list, then a challenge header will be put in
# the 401 response for each fetched password in the order given
# by the list.
# Supported algorithems are MD5 and SHA-256.
# Default: MD5
available-algorithms=MD5

# Disable the QOP authentication method. Default is to use it, use
# this flag to disable it if needed.
# Default: false
disable-qop-auth=false

# Don't reply 403 when authentication fails. Instead, generate a
# new 401 (or 407) response containing a new challenge.
# Default: false
no-403=false

# Expiration time before generating a new nonce.
# Unit: second
# Default: 3600
nonce-expires=3600

# The realm to use for digest authentication. It will used whatever
# the domain of the From-URI.
# If the value starts with 'regex:', then this parameter will have
# the same effect than 'realm-regex', using all the remaining string
# as regular expression.
# WARNING: this parameter is exclusive with 'realm-regex'
# 
# Examples:
# 	realm=sip.example.org
# 	realm=regex:sip:.*@sip\.(.*)\.com
# 
# Default: 
realm=

# Extraction regex applied on the URI of the 'from' header (or P-Prefered-Identity
# header if present) in order to extract the realm. The realm is
# found out by getting the first slice of the URI that matches the
# regular expression. If it has one or more capturing parentheses,
# the content of the first one is used as realm.
# If no regex is specified, then the realm will be the domain part
# of the URI.
# 
# For instance, given auth-domains=sip.example.com, you might use
# 'sip:.*@sip\.(.*)\.com' in order to use 'example' as realm.
# 
# WARNING: this parameter is exclusive with 'realm'
# Default: 
realm-regex=

# List of whitespace-separated IP addresses which will be judged
# as trustful. Messages coming from these addresses won't be challenged.
# Default: 
trusted-hosts=127.0.0.1

# If set to true, the module will simply reject with "403 forbidden"
# any request coming from clients which have presented a bad TLS
# certificate (regardless of reason: improper signature, unmatched
# subjects). Otherwise, the module will fallback to a digest authentication.
# This policy applies only for transports configured which have
# 'required-peer-certificate=1' parameter; indeed no certificate
# is requested to the client otherwise. 
# Default: false
reject-wrong-client-certificates=false

# An optional regular expression used to accept or deny a request
# basing on subject fields of the client certificate. The request
# is allowed if one of the subjects matches the regular expression.
# The list of subjects to check is built by extracting the following
# fields, in order:
# 	subjectAltNames.DNS, subjectAltNames.URI, subjectAltNames.IP
# and CN
# Default: 
#tls-client-certificate-required-subject=

# Accept requests which the client certificate enables to trust
# the domaine of its Request-URI.
# Default: false
#trust-domain-certificates=false

# When receiving a proxy authenticate challenge, generate a new
# challenge for this proxy.
# Default: false
#new-auth-on-407=false

# Database backend implementation for digest authentication [soci,file].
# Default: file
db-implementation=soci

# Duration of the validity of the credentials added to the cache
# in seconds.
# Default: 1800
#cache-expire=1800

# Path of the file in which user credentials are stored.
# The file must start with 'version:1' as the first line, and then
# contains lines in the form of:
# user@domain clrtxt:clear-text-password md5:md5-password sha256:sha256-password
# ;
# For example: 
# bellesip@sip.linphone.org clrtxt:secret ;
# bellesip@sip.linphone.org md5:97ffb1c6af18e5687bf26cdf35e45d30
# ;
# bellesip@sip.linphone.org clrtxt:secret md5:97ffb1c6af18e5687bf26cdf35e45d30
# sha256:d7580069de562f5c7fd932cc986472669122da91a0f72f30ef1b20ad6e4f61a3
# ;
# Default: 
#file-path=

# Choose the type of backend that Soci will use for the connection.
# Depending on your Soci package and the modules you installed,
# this could be 'mysql', 'oracle', 'postgresql' or something else.
# Default: mysql
soci-backend=mysql

# The configuration parameters of the Soci backend.
# The basic format is "key=value key2=value2". For a mysql backend,
# this is a valid config: "db=mydb user=user password='pass' host=myhost.com".
# Please refer to the Soci documentation of your backend, for intance:
# http://soci.sourceforge.net/doc/release/4.0/backends/mysql/
# Default: db=mydb user=myuser password='mypass' host=myhost.com

soci-connection-string=db='flexisip_accounts' user='用户名' password='密码' host='ip'

# Soci SQL request used to obtain the password of a given user.
# Each keywords starting with ':' character will be replaced by
# strings extracted from the SIP request to authenticate.
# 
# Only these keywords are supported: - ':id'     : the user found
# in the from header (mandatory)
#  - ':domain' : the authorization realm
#  - ':authid' : the authorization username
# 
# The request MUST returns a two-columns table, which columns are
# defined as follow:
#  - 1st column: hashed password of the user or plain password if
#    the associated algorithm is CLRTXT.
#  - 2nd column: the algorithm used to hash the associated password.
#    Supported values: 'CLRTXT', 'MD5', 'SHA-256'
# 
# Examples:
#  - the password and algorithm are both available in the database
# 	select password, algorithm from accounts where login = :id and
# domain = :domain
# 
#  - all the passwords from the database are MD5
# 	select password, 'MD5' from accounts where login = :id and domain
# = :domain
# Default: select password, 'MD5' from accounts where login = :id and domain = :domain
soci-password-request=select password, 'MD5' from accounts where username = :id and domain = :domain;

# WARNING: This parameter is used by the presence server only.
# Soci SQL request used to obtain the username associated with a
# phone alias.
# The string MUST contains the ':phone' keyword which will be replaced
# by the phone number to look for.
# The result of the request is a 1x1 table containing the name of
# the user associated with the phone number.
# 
# Example: select login from accounts where phone = :phone 
# Default: 
soci-user-with-phone-request=select login from accounts where phone = :phone

# WARNING: This parameter is used by the presence server only.
# Same as 'soci-user-with-phone-request' but allows to fetch several
# users by a unique SQL request.
# The string MUST contains the ':phones' keyword which will be replaced
# by the list of phone numbers to look for. Each element of the
# list is seperated by a comma character and is protected by simple
# quotes (e.g. '0336xxxxxxxx','0337yyyyyyyy','034zzzzzzzzz').
# If you use phone number linked accounts you'll need to select
# login, domain, phone in your request for flexisip to work.
# Example: select login, domain, phone from accounts where phone
# in (:phones)
# Default: 
soci-users-with-phones-request=select login, domain, phone from accounts where phone in (:phones)

# Amount of queries that will be allowed to be queued before bailing
# password requests.
# This value should be chosen accordingly with 'soci-poolsize',
# so that you have a coherent behavior.
# This limit is here mainly as a safeguard against out-of-control
# growth of the queue in the event of a flood or big delays in the
# database backend.
# Default: 1000
soci-max-queue-size=1000

# Size of the pool of connections that Soci will use. A thread is
# opened for each DB query, and this pool will allow each thread
# to get a connection.
# The threads are blocked until a connection is released back to
# the pool, so increasing the pool size will allow more connections
# to occur simultaneously.
# On the other hand, you should not keep too many open connections
# to your DB at the same time.
# Default: 100
soci-poolsize=100






##
## This module redirect sip requests with a 302 move temporarily.
##
[module::Redirect]

# Indicate whether the module is activated.
# Default: false
#enabled=false

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
#filter=

# A contact where to redirect requests. ex: <sip:127.0.0.1:5065>;expires=100
# Default: 
#contact=






##
## This module is in charge of routing 'reg' event SUBSCRIBE requests
## to the flexisip-regevent server.
##
[module::RegEvent]

# Indicate whether the module is activated.
# Default: false
enabled=false

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
#filter=

# A sip uri where to send all the reg-event related requests.
# Default: sip:127.0.0.1:6065;transport=tcp
regevent-server=sip:127.0.0.1:2007






##
## This module transfers SIP presence messages, like subscribe/notify/publish
## to a presence server.
##
[module::Presence]

# Indicate whether the module is activated.
# Default: false
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: is_request && (request.method-name == 'PUBLISH' || request.method-name == 'NOTIFY' || request.method-name == 'SUBSCRIBE')
filter=is_request && (request.method-name == 'PUBLISH' || request.method-name == 'NOTIFY' || request.method-name == 'SUBSCRIBE')

# A SIP URI where to send all presence related requests.
# Default: sip:127.0.0.1:5065;transport=tcp
presence-server=sip:127.0.0.1:2008

# If true, only manage list subscription.
# Default: false
only-list-subscription=false

# When getting the list of users with phones, if this setting is
# enabled, it will limit the results to the ones that have the same
# domain.
# Default: false
check-domain-in-presence-results=false






##
## The ModuleRegistrar module handles REGISTERs for domains it is
## in charge of, and store the address of record in order to allow
## routing requests destinated to the client who registered. REGISTERs
## for other domains are simply ignored and given to the next module.
##
[module::Registrar]

# Indicate whether the module is activated.
# Default: true
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=

# List of whitespace separated domain names which the registar is
# in charge of. It can eventually be the '*' (wildcard) in order
# to match any domain name.
# Default: localhost
reg-domains=域名

# Register users based on response obtained from a back-end server.
# This mode is for using flexisip as a front-end server to hold
# client connections but registeracceptance is deferred to backend
# server to which the REGISTER is routed.
# Default: false
reg-on-response=false

# Maximum number of registered contacts per address of record.
# Default: 12
max-contacts-by-aor=12

# List of contact URI parameters that can be used to identify a
# user's device. The contact parameters are searched in the order
# of the list, the first matching parameter is used and the others
# ignored.
# Default: +sip.instance pn-tok line
unique-id-parameters=+sip.instance pn-tok line

# When supported by the client, assign a pub-gruu address to the
# client, returned in the response. 
# Default: true
enable-gruu=true

# Maximum expire time for a REGISTER, in seconds.
# Default: 86400
max-expires=86400

# Minimum expire time for a REGISTER, in seconds.
# Default: 60
min-expires=60

# Set a value that will override expire times given by the REGISTER
# requests. A null or negative value disables that feature. If it
# is enabled, max-expires and min-expires will not have any effect.
# Default: -1
force-expires=-1

# File containing the static records to add to database on startup.
# Format: one 'sip_uri contact_header' by line. Example:
# <sip:contact@domain> <sip:127.0.0.1:5460>,<sip:192.168.0.1:5160>
# Default: 
static-records-file=

# Timeout in seconds after which the static records file is re-read
# and the contacts updated.
# Default: 600
static-records-timeout=600

# Implementation used for storing the contact URIs of each address
# of record. Two backends are available:
#  - redis : contacts are stored in a Redis database, which allows
#    persistent and shared storage accross multiple Flexisip instances.
#  - internal : contacts are stored in RAM. Of course, if flexisip
#    is restarted, all the contact URIs are lost until clients update
#    their registration.
# The redis backend is recommended, the internal being more adapted
# to very small deployments.
# Default: internal
db-implementation=redis

# Hostname or address of the Redis server. 
# Default: localhost
redis-server-domain=localhost

# Port of the Redis server.
# Default: 6379
redis-server-port=6379

# Authentication password for Redis. Empty to disable.
# Default: 
redis-auth-password=123456

# Timeout in milliseconds of the Redis connection.
# Default: 1500
redis-server-timeout=1500

# When Redis is configured in master-slave, Flexisip will periodically
# ask which Redis instances are the slaves and the master. This
# is the period with which it will query the server. It will then
# determine whether is is connected to the master, and if not, let
# go of the connection and migrate to the master.
# Note: This requires that all Redis instances have the same password.
# Otherwise the authentication will fail.
# Default: 60
redis-slave-check-period=60

# Sequence of proxies (space-separated) where requests will be redirected
# through (RFC3608)
# Default: 
service-route=

# Name of the custom Contact header parameter which is to indicate
# the expire time for chat message delivery.
# Default: message-expires
message-expires-param-name=message-expires

# If not zero, the expire time put in the 200 OK response won't
# be the one required by the user agent, but will be slightly modified
# by substracting a random value. The value given by this parameter
# is the maximum percentage of the initial expire that can be substracted.
# If zero, no randomization is applied.
# Default: 0
register-expire-randomizer-max=0






##
## The purpose of the StatisticsCollector module is to collect call
## statistics (RFC 6035) and store them on the server.
##
[module::StatisticsCollector]

# Indicate whether the module is activated.
# Default: false
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: is_request && request.method-name == 'PUBLISH'
filter=is_request && request.method-name == 'PUBLISH'

# SIP URI of the statistics collector. Note that application/vq-rtcpxr
# messages for this address will be deleted by this module and thus
# not be delivered.
# Default: 
collector-address=sip:域名:2010






##
## The Router module routes requests for domains it manages.
## The routing algorithm is as follows: 
##  - first skip route headers that directly point to this proxy.
##  - if a route header is found that doesn't point to this proxy,
##    then the request is not processed by the Router module, and will
##    be handled by the Forward module at the end of the processing
##    chain.
##  - examine the request-uri: if it is part of the domains managed
##    by this proxy (according to Registrar module 'reg-domains' definition,
##    then attempt to resolve the request-uri from the Registrar database.
##  - the results from the registrar database, in the form of contact
##    headers, are sorted by priority (q parameter), if any.
##  - for each set of contact with equal priorities, the request
##    is forked, and sent to their corresponding sip URI. After a timeout
##    defined by property 'call-fork-current-branches-timeout', a next
##    set of contact header is determined.
##  - responses are received from all attempted branches, and sent
##    back to the request originator, according to the procedure of
##    RFC3261 16.7 Response processing.
## The router module offers different variations of the routing logic,
## depending on whether it is an INVITE, a MESSAGE, or another type
## of request. The processing of MESSAGE request essentially differs
## from others because it allows to keep the MESSAGE for a later
## delivery, in which case the incoming transaction will be terminated
## with a 202 Accepted response.
##
[module::Router]

# Indicate whether the module is activated.
# Default: true
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=

# Store and retrieve contacts without using the domain.
# Default: false
use-global-domain=false

# Fork invites to late registers.
# Default: false
fork-late=false

# All the forked have to decline in order to decline the caller
# invite.
# Default: false
fork-no-global-decline=false

# Treat 603 Declined answers as urgent. Only relevant if fork-no-global-decline
# is set to true.
# Default: false
treat-decline-as-urgent=false

# During a fork procedure, treat all failure response as urgent.
# Default: false
treat-all-as-urgent=false

# Maximum time for a call fork to try to reach a callee, in seconds.
# Default: 90
call-fork-timeout=20

# Maximum time before delivering urgent responses during a call
# fork, in seconds. The typical fork process requires to wait the
# best response from all branches before transmitting it to the
# client. However some error responses are retryable immediately
# (like 415 unsupported media, 401, 407) thus it is painful for
# the client to need to wait the end of the transaction time (32
# seconds) for these error codes.
# Default: 5
call-fork-urgent-timeout=5

# Maximum time in seconds before trying the next set of lower priority
# contacts.
# Default: 10
call-fork-current-branches-timeout=10

# Optional timer to detect lack of push response, in seconds.
# Default: 0
call-push-response-timeout=0

# Fork MESSAGE requests to client registering lately. 
# Default: true
message-fork-late=true

# Maximum duration for delivering a MESSAGE request. This property
# applies only if message-fork-late if set to true, otherwise the
# duration can't exceed the normal transaction duration.
# Default: 604800
message-delivery-timeout=60

# Maximum duration for accepting a MESSAGE request if no response
# is received from any recipients. This property is meaningful when
# message-fork-late is set to true.
# Default: 5
message-accept-timeout=15

# Default route to apply when the recipient is unreachable or when
# when all attempted destination have failed.It is given as a SIP
# URI, for example: sip:example.org;transport=tcp (without surrounding
# brakets)
# Default: 
fallback-route=

# During a call forking, allow several INVITEs going to the same
# next hop to be grouped into a single one. A proprietary custom
# header 'X-target-uris' is added to the INVITE to indicate the
# final targets of the INVITE.
# Default: false
allow-target-factorization=false

# Whether the proxy is allowed to generate and send provisional
# responses during a call forking process. A typical example for
# this is the '110 Push sent' emitted by the proxy when at least
# one push notification has been sent to a target UA while routing
# an INVITE. Some old versions of Linphone (below linphone-sdk 4.2)
# suffer from an issue when receiving such kind of provisional responses
# that don't come from a remote client. This setting is mainly intended
# to temporarily workaround this situation.
# Default: true
permit-self-generated-provisional-response=true

# Whether or not to resolve next hop in route header against registrar
# database. This is an extension to RFC3261, and should not be used
# unless in some specific deployment cases. A next hope in route
# header is otherwise resolved through standard DNS procedure by
# the Forward module.
# Default: false
resolve-routes=true

# Whether or not to fallback to the parent domain if there is no
# fallback route set and the recipient is unreachable. For example,
# if routing to sip:bob@a.b.com returns no result, route the request
# to b.com. This is also a non-standard behavior.
# Default: false
parent-domain-fallback=false






##
## This module performs push notifications to mobile phone notification
## systems: apple, android, windows, as well as a generic http get/post
## to a custom server to which actual sending of the notification
## is delegated. The push notification is sent when an INVITE or
## MESSAGE request is not answered by the destination of the request
## within a certain period of time, configurable hereunder by 'timeout'
## parameter. The PushNotification has an implicit dependency on
## the Router module, which is in charge of creating the incoming
## and outgoing transactions and the context associated with the
## request forking process. No push notification can hence be sent
## if the Router module isn't activated. The time-to-live of the
## push notification depends on event for which the push notification
## is generated.  - if it is for a call (INVITE), it will be set
## equal 'call-fork-timeout' property of the Router module, which
## corresponds to the maximum time for a call attempt.
##  - if it is for an IM (MESSAGE or INVITE for a text session),
##    then it will be set equal to the 'message-time-to-live' property.
##
[module::PushNotification]

# Indicate whether the module is activated.
# Default: false
#enabled=false

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=from.uri.domain contains '域名'

# Number of seconds to wait before sending a push notification to
# device. A value lesser or equal to zero will make the push notification
# to be sent immediately, which is recommended since most of the
# time devices can't have a permanent connection with the Flexisip
# server.
# Default: 0
#timeout=0

# Time to live for the push notifications related to IM messages,
# in seconds. The default value '0' is interpreted as using the
# same value as for message-delivery-timeout of Router module.
# Default: 0
#message-time-to-live=0

# Maximum number of notifications queued for each push notification
# service
# Default: 100
#max-queue-size=100

# Number of push notification request retransmissions sent to a
# client for a same event (call or message). Retransmissions cease
# when a response is received from the client. Setting a value of
# zero disables retransmissions.
# Default: 0
#retransmission-count=0

# Retransmission interval in seconds for push notification requests,
# when a retransmission-count has been specified above.
# Default: 5
#retransmission-interval=5

# If true, the following key in the payload of the push request
# will be set:
#  * 'from-uri': the SIP URI of the caller or the message sender.
#  * 'display-name': the display name of the caller or the message
#    sender.
#  * 'loc-args': the display name if not empty or the SIP URI instead.
# 
# If false, the keys will be set but as empty.
# Default: false
#display-from-uri=false

# Enable push notification for apple devices
# Default: true
#apple=true

# Path to directory where to find Apple Push Notification service
# certificates. They should bear the appid of the application, suffixed
# by the release mode and .pem extension. For example: org.linphone.dev.pem
# org.linphone.prod.pem com.somephone.dev.pem etc... The files should
# be .pem format, and made of certificate followed by private key.
# This is also the path to the directory where to find Voice Over
# IP certificates (certicates to use PushKit). They should bear
# the appid of the application, suffixed by the release mode and
# .pem extension, and made of certificate followed by private key.
# For example: org.linphone.voip.dev.pem org.linphone.voip.prod.pem
# com.somephone.voip.dev.pem etc...
# Default: /etc/flexisip/apn
#apple-certificate-dir=/etc/flexisip/apn

# Set the badge value to 0 for Apple push
# Default: false
#no-badge=false

# Enable push notification for Android devices (new method for Android)
# Default: true
#firebase=true

# List of couples projectId:ApiKey for each Android project that
# supports push notifications (new method for Android)
# Default: 
#firebase-projects-api-keys=

# Enable push notification for Windows Phone 8 devices
# Default: true
#windowsphone=true

# Unique identifier for your Windows Store app.
# For example: ms-app://s-1-15-2-2345030743-3098444494-743537440-5853975885-5950300305-5348553438-505324794
# Default: 
#windowsphone-package-sid=

# Client secret. For example: Jrp1UoVt4C6CYpVVJHUPdcXLB1pEdRoB
# Default: 
#windowsphone-application-secret=

# Instead of having Flexisip sending the push notification directly
# to the Google/Apple/Microsoft push servers, send an http request
# to a server with all required information encoded in the URL,
# to which the actual sending of the push notification is delegated.
# The following arguments can be substitued in the http request
# uri, with the following values:
#  - $type      : apple, google, wp, firebase
#  - $token     : device token
#  - $api-key   : the api key to use (google and firebase only)
#  - $app-id    : application ID
#  - $from-name : the display name in the from header
#  - $from-uri  : the sip uri of the from header
#  - $from-tag  : the tag of the from header 
#  - $to-uri    : the sip uri of the to header
#  - $call-id   : the call-id of the INVITE or MESSAGE request
#  - $event     : call, message
#  - $sound     : the sound file to play with the notification
#  - $msgid     : the message id to put in the notification
#  - $uid       : 
#  
# The content of the text message is put in the body of the http
# request as text/plain, if any.
# Example: http://292.168.0.2/$type/$event?from-uri=$from-uri&tag=$from-tag&callid=$callid&to=$to-uri
# Default: 
#external-push-uri=

# Method for reaching external-push-uri, typically GET or POST
# Default: GET
#external-push-method=GET






##
## The MediaRelay module masquerades SDP message so that all RTP
## and RTCP streams go through the proxy. When the client has set
## ICE candidates in the SDP offer, then the MediaRelay module will
## automatically add ICE relay candidates. The RTP and RTCP streams
## are then routed so that each client receives the stream of the
## other. MediaRelay makes sure that RTP is ALWAYS established, even
## with uncooperative firewalls.
##
[module::MediaRelay]

# Indicate whether the module is activated.
# Default: true
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=

# The name of the SDP attribute to set by the first proxy to forbid
# subsequent proxies to provide relay. Use 'disable' to disable.
# Default: nortpproxy
nortpproxy=nortpproxy

# The minimal value of SDP port range
# Default: 1024
sdp-port-range-min=10000

# The maximal value of SDP port range
# Default: 65535
sdp-port-range-max=10500

# Sends a ACK and BYE to 200Ok for INVITEs not belonging to any
# established call. This is to solve the race condition that happens
# when two callees answer the same call at the same time. According
# to RFC3261, the caller is expected to send an ACK followed by
# a BYE to the loser callee. This is not the case in RFC2543, where
# the proxy was supposed to do this. When set to true, the MediaRelay
# module will implement the RFC2543 behavior. Note that it may sound
# inappropriate to bundle this property with the media relay feature.
# However the MediaRelay module is the only one in Flexisip that
# has the visibility of SIP dialogs, which is necessary to implement
# this feature.
# Default: false
bye-orphan-dialogs=false

# Maximum concurrent calls processed by the media-relay. Calls arriving
# when the limit is exceed will be rejected. A value of 0 means
# no limit.
# Default: 0
max-calls=0

# When true, the 'c=' line and port number are set to the relay
# ip/port even if ICE candidates are present in the request, while
# the standard behavior is to leave the c= line and port number
# as they are in the original offer sent by the client. This variation
# allows callees that do not support ICE at all to benefit from
# the media relay service.
# Default: true
force-relay-for-non-ice-targets=true

# Prevent media-relay ports to loop between them, which can cause
# 100% cpu on the media relay thread. You need to set this property
# to false if you are running test calls from clients running on
# the same IP address as the flexisip server
# Default: true
prevent-loops=true

# In case multiples '183 Early media' responses are received for
# a call, only the first one will have RTP streams forwarded back
# to caller. This feature prevents the caller to receive 'mixed'
# streams, but it breaks scenarios where multiple servers play early
# media announcement in sequence.
# Default: true
early-media-relay-single=true

# Maximum number of relayed early media streams per call. This is
# useful to limit the cpu usage due to early media relaying on embedded
# systems. A value of 0 stands for unlimited.
# Default: 0
max-early-media-per-call=0

# Period of time in seconds, after which a relayed call without
# any activity is considered as no longer running. Activity counts
# RTP/RTCP packets exchanged through the relay and SIP messages.
# Default: 3600
inactivity-period=3600

# Force the media relay to use the public address of Flexisip to
# relay calls. It not enabled, Flexisip will deduce a suitable IP
# address by basing on data from SIP messages, which could fail
# in tricky situations e.g. when Flexisip is behind a TCP proxy.
# Default: false
force-public-ip-for-sdp-masquerading=false






##
## The purpose of the Transcoder module is to transparently transcode
## from one audio codec to another to make the communication possible
## between clients that do not share the same set of supported codecs.
## Concretely, it adds all missing codecs into the INVITEs it receives,
## and adds codecs matching the original INVITE into the 200Ok. Rtp
## ports and addresses are masqueraded so that the streams can be
## processed by the proxy. The transcoding job is done in the background
## by the Mediastreamer2 library, as consequence the set of supported
## codecs is exactly the the same as the codec set supported by Mediastreamer2,
## including the possible plugins you may installed to extend Mediastreamer2.
## 
## WARNING: this module can conflict with the MediaRelay module as
## they are both changing the SDP. Make sure to configure them with
## different to-domains or from-domains filter if you want to enable
## both of them.
##
[module::Transcoder]

# Indicate whether the module is activated.
# Default: false
enabled=false

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=from.uri.domain contains '域名'

# Nominal size of RTP jitter buffer, in milliseconds. A value of
# 0 means no jitter buffer (packet processing).
# Default: 0
#jb-nom-size=0

# Whitespace separated list of user-agent strings for which audio
# rate control is performed.
# Default: 
#rc-user-agents=

# Whitespace seprated list of audio codecs, in order of preference.
# The 'telephone-event' codec is necessary for inband DTMF processing.
# Default: speex/8000 amr/8000 iLBC/8000 gsm/8000 pcmu/8000 pcma/8000 telephone-event/8000
#audio-codecs=speex/8000 amr/8000 iLBC/8000 gsm/8000 pcmu/8000 pcma/8000 telephone-event/8000

# Remove the bandwidth limitations from SDP offers and answers
# Default: false
#remove-bw-limits=false

# If true, retransmissions of INVITEs will be blocked. The purpose
# of this option is to limit bandwidth usage and server load on
# reliable networks.
# Default: false
#block-retransmissions=false






##
## This module executes the basic routing task of SIP requests and
## pass them to the transport layer. It must always be enabled.
##
[module::Forward]

# Indicate whether the module is activated.
# Default: true
enabled=true

# A request/response enters module if the boolean filter evaluates
# to true. Ex: from.uri.domain contains 'sip.linphone.org', from.uri.domain
# in 'a.org b.org c.org', (to.uri.domain in 'a.org b.org c.org')
# && (user-agent == 'Linphone v2'). You can consult the full filter
# documentation here : https://wiki.linphone.org/xwiki/wiki/public/view/Flexisip/Configuration/Filter%20syntax/
# Default: 
filter=

# A route header value where to send all requests not already resolved
# by the Router module (ie for which contact information has been
# found from the registrar database). This is the typical way to
# setup a Flexisip proxy server acting as a front-end for backend
# SIP server.Pay attention that is not just a SIP URI, but a route.
# As a result, when the URI has parameters, brakets must enclose
# the URI, otherwise the parameters will be parsed as route parameters.
# For example:
# route=<sip:192.168.0.10;transport=tcp>
# Default: 
route=

# Add a path header of this proxy
# Default: true
add-path=true

# Rewrite request-uri's host and port according to above route
# Default: false
rewrite-req-uri=false

# For SIP URIs, in asbsence of transport parameter, assume the given
# transport is to be used. Possible values are udp, tcp or tls.
# Default: udp
default-transport=udp

# List of URL and contact params to remove
# Default: pn-tok pn-type app-id pn-msg-str pn-call-str pn-call-snd pn-msg-snd pn-timeout pn-silent pn-provider pn-prid pn-param
params-to-remove=pn-tok pn-type app-id pn-msg-str pn-call-str pn-call-snd pn-msg-snd pn-timeout pn-silent pn-provider pn-prid pn-param






##
## Inter domain connections is a set of feature allowing to dynamically
## connect several Flexisip servers together in order to manage SIP
## routing at local and global scope. Let's suppose you have two
## SIP network a.example.net and b.example.net run privately and
## independently (no one from a.example.net needs to call someone
## at b.example.net). However, when people from a and b are outside
## of their network, they register to a worldwide available Flexisip
## instance running on 'global.example.net'. It is then possible
## to:
##  * have calls made within a.example.net routed locally and sent
##    to global.example.net in order to reach users inside and outside
##    of a's network. Example: 1@a.example.net calls 2@a.example.net.
##    If 2 is registered on a.example.net then the call is routed locally.
##    On the contrary if 2 is absent and registered, the call is then
##    sent to global.example.net and then routed by the global proxy.
##  * when global.example.net receives a call from a user not within
##    its native network (ex: 1@a.example.net calls 2@a.example.net),
##    it can route this call to the proxy that is responsible for managing
##    the local domain (a.example.net).
## 
## This system is dynamic: the physical IP address of a and b network
## can change (dynamic ip address allocation)
## .This scenario is achieved with two key features:
##  * a.example.net sends a REGISTER to global.example.net to indicate
##    that it is the responsible for the entire domain a.example.net.
##    The global.example.net authenticates this REGISTER thanks to TLS
##    client certificate presented by a.example.net.
##  * global.example.net is configured to accept this domain registration
##    and route all calls it receives directly and estinated to a.example.net
##    domain through the connection established by a.example.net during
##    the domain registration.
##
[inter-domain-connections]

# Whether Flexisip shall accept registrations for entire domains
# Default: false
#accept-domain-registrations=false

# Whether Flexisip shall assume that there is a unique server per
# registered domain, which allows to clean old registrations and
# simplifies the routing logic.
# Default: false
#assume-unique-domains=false

# Path to a text file describing the domain registrations to make.
# This file must contains lines like:
#  <local domain name> <SIP URI of proxy/registrar where to send
# the domain REGISTER> [password]>
#  where:
#  <local domain name> is a domain name managed locally by this
# proxy
#  <SIP URI of proxy/registrar> is the SIP URI where the domain
# registration will be sent. The special uri parameter 'tls-certificates-dir'
# is understood in order to specify a TLS client certificate to
# present to the remote proxy.
#  [password] is the password to use if the remote proxy/registrar
# requests a digest authentication. It is optional.
#  If the file is absent or empty, no registrations are done.An
# example of such line is:
# belledonne.linphone.org <sips:sip.linphone.org;tls-certificates-dir=/etc/flexisip/client-cert>
# gghhiioozz
# Default: /etc/flexisip/domain-registrations.conf
#domain-registrations=/etc/flexisip/domain-registrations.conf

# When submitting a domain registration to a server over TLS, verify
# the certificate presented by the server. Disabling this option
# is only for test, because it is a security flaw
# Default: true
#verify-server-certs=true

# Interval in seconds for sending \r\n\r\n keepalives throug the
# outgoing domain registration connection.A value of zero disables
# keepalives.
# Default: 30
#keepalive-interval=30

# Whether Flexisip shall only send a domain registration when a
# device is registered
# Default: false
#reg-when-needed=false

# Route received REGISTER request to the server in charge of the
# domain, according to accepted domain registrations. This option
# is intended to be used with 'reg-on-response' mode of Registrar
# module, and 'accept-domain-registrations' enabled too.The 'reg-on-response'
# mode typically allows Flexisip to forward an incoming REGISTER
# to an upstream server, and record the client's contact address
# upon receiving the 200 Ok response from the upstream server. When
# 'relay-reg-to-domains' is enabled, the routing to the upstream
# server is performed according to the domain registrations received
# previously by flexisip, instead of usual DNS-based procedures.
# Default: false
#relay-reg-to-domains=false

结束

上一篇留下的坑基本都填好了，剩下的还有问题欢迎交流。