Page MenuHomePhabricator
Files F7159400

No OneTemporary
Actions

View Options

diff --git a/config.ini.sample b/config.ini.sample
index 538cf73..696e2b7 100644
--- a/config.ini.sample
+++ b/config.ini.sample
@@ -1,240 +1,243 @@
[Relay]
; A list of dispatchers to connect to, separated by spaces. The format is
; "host[:port] [host[:port] ...]". If a port is not specified the default port
; of 25060 will be used. "host" can be one of the following:
; - A domain name that has a SRV record for a SIP proxy, i.e. at
; "_sip._udp.<domain>". If the DNS lookup for this succeeds the relay
; will connect to the IP address of the SIP proxy on the port specified in
; this configuration.
; - A hostname. The lookup for this will be performed if the SRV lookup
; fails.
; - An IP address. The relay will connect directly to this address.
; Both the SRV and hostname lookups will be periodically refreshed (see
; "dns_check_interval" below).
;
;dispatchers = example.com 1.2.3.4:12345
; Specify extra checks to be performed on the dispatcher TLS credentials before
; considering the connection with the dispatcher successful. The passport is
; specified as a list of attribute/value pairs in the form:
; AN:value[, AN:value...]
; where the attribute name (AN) is one of the available attribute names from
; the X509 certificate subject: O, OU, CN, C, L, ST, EMAIL. The value is a
; string that has to match with the corresponding attribute value from the
; dispatcher certificate. A wildcard (*) can be used in the value at the
; beginning or the end of the string to indicate that the corresponding
; attribute from the dispatcher certificate must end with respectively to
; start with the given string (excluding the wildcard).
; For example using this passport:
; passport = O:AG Projects, CN:*dispatcher
; means that a connection with a dispatcher will only be accepted if the
; dispatcher certificate subject has organization set to "AG Projects" and
; the common name ends with "dispatcher". To specify that no additional
; identity checks need to be performed, use the keyword None. If passport
; is None, then only the certificate signature is verified against the
; certificate authority in tls/ca.pem (signature is always verified even
; when passport is None).
;
; Default value is None.
;
;passport = None
; The host IP address used for relaying streams. The default for this value
; is to use the IP address of the interface that has the default route. This
; is the most appropriate choice for almost any situation. Unless you need to
; use a very specific interface, which is not the default one, there is no need
; to set this option. Leave this option commented to use the default value.
;relay_ip = <default host IP>
; The IP address of the relay can be replaced with the IP address of the
; interface coreponding to the sourceIP and destinationIP of the call.
; if set to False the relay_ip will be used instead
;auto_detect_interfaces = False
; The host IP address to return when a session is allocated in the relay. This
; could be of use in case the relay is behind NAT but it has a 1 to 1 mapping
; with a public IP address, like Amazon EC2, for example.
; If set, auto_detect_interfaces setting will be ignored.
;advertised_ip =
; The port range to use for relaying media streams in the form start:end with
; start and end being even numbers in the [1024, 65536] range and start < end
-; The default range is 50000:60000. You should allocate 4 times the number of
+; The default range is 40000:60000. You should allocate 4 times the number of
; streams you plan for the relay to handle simultaneously. The default range
-; having 10000 ports, is able to handle up to 2500 streams.
+; having 20000 ports, is able to handle up to 5000 streams.
;
-;port_range = 50000:60000
+; IMPORTANT NOTE: under heavy CPS attempts, the available ports may be
+; exhaused before the calls setup
+;
+;port_range = 40000:60000
; Logging level (one of CRITICAL, ERROR, WARNING, INFO or DEBUG)
;log_level = INFO
; The amount of time to wait for a stream in a new SDP offer to start sending
; data before the relay decides that it has timed out. The default value is 90
; seconds. This only applies to the initial setup stage, before the first
; packet for a stream is received (from both ends). After the stream is started
; and the conntrack rule is in place, the idle timeout (how long before the
; conntrack rule expires when no traffic is received) is controlled by a kernel
; setting that defaults to 180 seconds and can be adjusted in:
; /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream
;
;stream_timeout = 90
; Amount of time a call can be on hold before it is declared expired by the
; relay. The default value is 7200 seconds (2 hours).
;
;on_hold_timeout = 7200
; How often to check in DNS if the SRV and A records for the dispatcher have
; changed. Interval is in seconds and the default value is 60 seconds.
;
;dns_check_interval = 60
; If the relay cannot connect to a dispatcher is should retry after this
; amount of seconds. The default value is 10 seconds.
;
;reconnect_delay = 10
; How often to sample the aggregate amount of data processed by the relay, in
; order to compute an average of the relayed traffic over that period. The
; value is expressed in seconds and the default value is 15 seconds.
; Use 0 to disable it in case you have to many streams processed by the relay
; and it warns you in syslog that gathering this information takes too long.
;
;traffic_sampling_period = 15
; Specify a list of network ranges (in CIDR notation) for which media is relayed
; even if no packet was received from the endpoint and the IP address is private.
;routable_private_ranges = 192.168.1.0/24
[Dispatcher]
; Local socket on which to communicate with OpenSIPS. The OpenSIPS mediaproxy
; module should be configured to connect to this socket. If a relative path,
; the runtime directory will be prepended. Default value is dispatcher.sock.
;
;socket_path = dispatcher.sock
; Listen address for incoming connections from the relays. The format is
; "ip[:port]". If the ip is "0.0.0.0" or the keyword "any", the dispatcher
; will listen on all interfaces of this host. If the port is not specified,
; the dispatcher will listen on the default port of 25060.
;
;listen = 0.0.0.0
; Listen address for incoming management interface connections. Clients can
; connect to this and issue commands to query the status of the relays and
; their sessions. The format is "ip[:port]". If the ip is "0.0.0.0" or the
; keyword "any", the dispatcher will listen on all interfaces of this host.
; If the port is not specified, the dispatcher will listen on the default
; port of 25061.
;
;listen_management = 0.0.0.0
; Whether or not to use TLS on the management interface. Note that the same
; TLS credentials are used for both the relay and the management interface
; connections.
;
; Default value is yes.
;
;management_use_tls = yes
; Specify extra checks to be performed on the relay TLS credentials before
; considering the connection with the relay successful. The passport is
; specified as a list of attribute/value pairs in the form:
; AN:value[, AN:value...]
; where the attribute name (AN) is one of the available attribute names from
; the X509 certificate subject: O, OU, CN, C, L, ST, EMAIL. The value is a
; string that has to match with the corresponding attribute value from the
; relay certificate. A wildcard (*) can be used in the value at the beginning
; or the end of the string to indicate that the corresponding attribute from
; the relay certificate must end with respectively to start with the given
; string (excluding the wildcard).
; For example using this passport:
; passport = O:AG Projects, CN:relay*
; means that a connection with a relay will only be accepted if the relay
; certificate subject has organization set to "AG Projects" and the common
; name starts with "relay". To specify that no additional identity checks
; need to be performed, use the keyword None. If passport is None, then only
; the certificate signature is verified against the certificate authority in
; tls/ca.pem (signature is always verified even when passport is None).
;
; Default value is None.
;
;passport = None
; This option is similar to passport above, but applies to the management
; interface connections instead of relay connections. It specifies extra
; checks to be performed on the TLS credentials supplied by an entity that
; connects to the management interface. Please consult passport above for
; a detailed description of the possible values for this option.
;
; If management_use_tls is false, this option is ignored.
;
; Default value is None.
;
;management_passport = None
; Logging level (one of CRITICAL, ERROR, WARNING, INFO or DEBUG)
;log_level = INFO
; Timeout value in second for individual relays. When a command is sent from
; the dispatcher to a relay it will wait this amount of seconds for a reply.
; The default is 5 seconds.
;
;relay_timeout = 5
; A comma separated list of accounting backends that will be used to save
; accounting data with the session information once a session has finished.
; Currently 2 backends are available: "radius" and "database". If enabled
; they can be configured below in their respective sections. The default
; is to use no accounting backend.
;
;accounting =
[TLS]
; Path to the certificates. If relative, it will be looked up in both the
; application directory (for a standalone installation) and /etc/mediaproxy,
; the former taking precedence if found.
;
;certs_path = tls
; How often (in seconds) to verify the peer certificate for expiration and
; revocation. Default value is 300 seconds (5 minutes)
;
;verify_interval = 300
[Database]
; This section needs to be configured if database accounting is enabled
; Database URI in the form: scheme://user:password@host/database
;dburi = mysql://mediaproxy:CHANGEME@localhost/mediaproxy
; Name for the table.
;sessions_table = media_sessions
; Column names. Columns are strings except for info which is a BLOB
;
;callid_column = call_id
;fromtag_column = from_tag
;totag_column = to_tag
;info_column = info
[Radius]
; This section needs to be configured if radius accounting is enabled
; OpenSIPS RADIUS configuration file. All RADIUS configuration parameters
; will be read from this file, including dictionary files.
;
;config_file = /etc/opensips/radius/client.conf
; Additional dictionary file with MediaProxy specific attributes.
;additional_dictionary = radius/dictionary
[OpenSIPS]
; Configure interaction between the media dispatcher and OpenSIPS
; Path to OpenSIPS's UNIX filesystem socket from the mi_datagram module.
;socket_path = /run/opensips/socket
diff --git a/mediaproxy/configuration/__init__.py b/mediaproxy/configuration/__init__.py
index 60a3ba6..03b38fc 100644
--- a/mediaproxy/configuration/__init__.py
+++ b/mediaproxy/configuration/__init__.py
@@ -1,91 +1,91 @@
from application import log
from application.configuration import ConfigSection, ConfigSetting
from application.configuration.datatypes import IPAddress, LogLevel, NetworkRangeList
from application.system import host
from mediaproxy import configuration_file
from mediaproxy.configuration.datatypes import AccountingModuleList, DispatcherIPAddress, DispatcherAddressList, DispatcherManagementAddress, PortRange, PositiveInteger, SIPThorDomain, X509NameValidator
class DispatcherConfig(ConfigSection):
__cfgfile__ = configuration_file
__section__ = 'Dispatcher'
socket_path = 'dispatcher.sock'
listen = ConfigSetting(type=DispatcherIPAddress, value=DispatcherIPAddress('any'))
listen_management = ConfigSetting(type=DispatcherManagementAddress, value=DispatcherManagementAddress('any'))
relay_timeout = 5 # How much to wait for an answer from a relay
relay_recover_interval = 60 # How much to wait for an unresponsive relay to recover, before disconnecting it
cleanup_dead_relays_after = 43200 # 12 hours
cleanup_expired_sessions_after = 86400 # 24 hours
management_use_tls = True
accounting = ConfigSetting(type=AccountingModuleList, value=[])
passport = ConfigSetting(type=X509NameValidator, value=None)
management_passport = ConfigSetting(type=X509NameValidator, value=None)
log_level = ConfigSetting(type=LogLevel, value=log.level.INFO)
class RelayConfig(ConfigSection):
__cfgfile__ = configuration_file
__section__ = 'Relay'
relay_ip = ConfigSetting(type=IPAddress, value=host.default_ip)
advertised_ip = ConfigSetting(type=IPAddress, value=None)
auto_detect_interfaces = False
stream_timeout = 90
on_hold_timeout = 7200
traffic_sampling_period = 15
userspace_transmit_every = 1
dispatchers = ConfigSetting(type=DispatcherAddressList, value=[])
- port_range = PortRange('50000:60000')
+ port_range = PortRange('40000:60000')
dns_check_interval = PositiveInteger(60)
keepalive_interval = PositiveInteger(10)
reconnect_delay = PositiveInteger(10)
passport = ConfigSetting(type=X509NameValidator, value=None)
routable_private_ranges = ConfigSetting(type=NetworkRangeList, value=[])
log_level = ConfigSetting(type=LogLevel, value=log.level.INFO)
class OpenSIPSConfig(ConfigSection):
__cfgfile__ = configuration_file
__section__ = 'OpenSIPS'
socket_path = '/run/opensips/socket'
location_table = 'location'
class RadiusConfig(ConfigSection):
__cfgfile__ = configuration_file
__section__ = 'Radius'
config_file = '/etc/opensips/radius/client.conf'
additional_dictionary = 'radius/dictionary'
class DatabaseConfig(ConfigSection):
__cfgfile__ = configuration_file
__section__ = 'Database'
dburi = ''
sessions_table = 'media_sessions'
callid_column = 'call_id'
fromtag_column = 'from_tag'
totag_column = 'to_tag'
info_column = 'info'
class TLSConfig(ConfigSection):
__cfgfile__ = configuration_file
__section__ = 'TLS'
certs_path = 'tls'
verify_interval = 300
class ThorNetworkConfig(ConfigSection):
__cfgfile__ = configuration_file
__section__ = 'ThorNetwork'
domain = ConfigSetting(type=SIPThorDomain, value=None)
node_ip = host.default_ip

File Metadata

Mime Type
text/x-diff
Expires
Sat, Nov 23, 5:23 AM (1 d, 8 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3398270
Default Alt Text
(14 KB)

Event Timeline