Show last authors
1 // Documentation based on repostory git version commit 2.2.0-alpha-15-g8951f16a //
2
3 =Global=
4
5 Some global settings of the flexisip proxy.
6 {{{--}}}{{{--}}}
7
8 Configuration options:
9 |=(% style="text-align: center; border: 1px solid #999" %)Name|=(% style="text-align: center; border: 1px solid #999" %)Description|=(% style="text-align: center; border: 1px solid #999" %)Default Value|=(% style="text-align: center; border: 1px solid #999" %)Type
10 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)default-servers|(% style="text-align: left; border: 1px solid #999" %)(((Servers started by default when no ~-~-server option is specified on command line~. Possible values are ~'proxy~'~, ~'presence~'~, ~'conference~'~, ~'regevent~' separated by whitespaces~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##proxy##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)StringList
11 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)auto-respawn|(% style="text-align: left; border: 1px solid #999" %)(((Automatically respawn flexisip in case of abnormal termination ~(crashes~)~. This has an effect if Flexisip has been launched with ~'~-~-daemon~' option only)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##true##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
12 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)plugins-dir|(% style="text-align: left; border: 1px solid #999" %)(((Path to the directory where plugins can be found~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##~/opt~/belledonne~-communications~/lib~/flexisip~/plugins##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
13 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)plugins|(% style="text-align: left; border: 1px solid #999" %)(((Plugins to load~. Look at ~<prefix~>~/lib~/flexisip~/plugins to know the list of installed plugin~. The name of a plugin can be derivated from the according library name by striping out the extension part and the leading ~'lib~' prefix~.
14 E~.g~. putting ~'jweauth~' in this setting will make libjweauth~.so library to be load on runtime~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ####|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)StringList
15 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)dump-corefiles|(% style="text-align: left; border: 1px solid #999" %)(((Generate a corefile when crashing~. Note that by default linux will generate coredumps in ~'~/~' which is not so convenient~. The following shell command can be added to ~/etc~/rc~.local in order to write core dumps a in specific directory~, for example ~/home~/cores~:
16 echo ~"~/home~/cores~/core~.~%e~.~%t~.~%p~" ~>~/proc~/sys~/kernel~/core~_pattern)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
17 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)enable-snmp|(% style="text-align: left; border: 1px solid #999" %)(((Enable SNMP~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
18 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)log-directory|(% style="text-align: left; border: 1px solid #999" %)(((Directory where to create log files~. Create logs are named as ~'flexisip~-~<server~_type~>~.log~'~. If If several server types have been specified by ~'~-~-server~' option or ~'global~/default~-servers~' parameter~, then ~<server~_type~> is expanded by a concatenation of all the server types joined with ~'~+~' character~.
19 WARNING~: Flexisip has no embedded log rotation system but provides a configuration file for logrotate~. Please ensure that logrotate is installed and running on your system if you want to have Flexisip~'s logs rotated~. Log rotation can be customized by editing ~/etc~/logrotate~.d~/flexisip~-logrotate~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##~/var~/opt~/belledonne~-communications~/log~/flexisip##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
20 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)log-filename|(% style="text-align: left; border: 1px solid #999" %)(((Name of the log file~. Any occurences of ~'~{server~}~' will be replaced by the server type which has been given by ~'~-~-server~' option or ~'default~-servers~' parameter~. If several server types have been given~, then ~'~{server~}~' will be replaced by the concatenation of these separated by ~'~+~' character ~(e~.g~. ~'proxy~+presence~'~))))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##flexisip~-~{server~}~.log##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
21 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)log-level|(% style="text-align: left; border: 1px solid #999" %)(((Log file verbosity~. Possible values are debug~, message~, warning and error)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##error##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
22 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)syslog-level|(% style="text-align: left; border: 1px solid #999" %)(((Syslog verbosity~. Possible values are debug~, message~, warning and error)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##error##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
23 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)user-errors-logs|(% style="text-align: left; border: 1px solid #999" %)(((Log ~(on a different log domain~) user errors like authentication~, registration~, routing~, etc~.~.~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
24 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)contextual-log-filter|(% style="text-align: left; border: 1px solid #999" %)(((A boolean expression applied to current SIP message being processed~. When matched~, logs are output provided that there level is greater than the value defined in contextual~-log~-level~. The definition of the SIP boolean expression is the same as for entry filters of modules~, which is documented here~: https~:~/~/wiki~.linphone~.org~/xwiki~/wiki~/public~/view~/Flexisip~/Configuration~/Filter~%20syntax~/)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ####|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
25 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)contextual-log-level|(% style="text-align: left; border: 1px solid #999" %)(((Verbosity of contextual logs to output when the condition defined in ~'contextual~-log~-filter~' is met~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##debug##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
26 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)transports|(% style="text-align: left; border: 1px solid #999" %)(((List of white space separated SIP URIs where the proxy must listen~.
27 Wildcard ~(~*~) can be used to mean ~'all local ip addresses~'~. If ~'transport~' parameter is unspecified~, it will listen to both udp and tcp~. A local address to bind onto can be indicated in the ~'maddr~' parameter~, while the domain part of the uris are used as public domain or ip address~.
28 The ~'sips~' transport definitions accept two optional parameters~:
29 ~- ~'tls~-certificates~-dir~' taking for value a path~, with the same meaning as the ~'tls~-certificates~-dir~' property of this section and overriding it for this given transport~.
30 ~- ~'tls~-verify~-incoming~' taking for value ~'0~' or ~'1~'~, to indicate whether clients connecting are required to present a valid client certificate~. Default value is 0~.
31 ~- ~'tls~-allow~-missing~-client~-certificate~' taking for value ~'0~' or ~'1~'~, to allow connections from clients which have no certificate even if ~`tls~-verify~-incoming~` has been enabled~. That~'s useful if you wish to have Flexisip to ask for a client certificate~, but without failing if the client cannot provide one~.
32 ~- ~'tls~-verify~-outgoing~' taking for value ~'0~' or ~'1~'~, whether flexisip should check the peer certificate when it make an outgoing TLS connection to another server~. Default value is 1~.
33 ~- ~'require~-peer~-certificate~' ~(deprecated~) same as tls~-verify~-incoming
34
35 It is HIGHLY RECOMMENDED to specify a canonical name for ~'sips~' transport~, so that the proxy can advertise this information in Record~-Route headers~, which allows TLS cname check to be performed by clients~.
36 Specifying a sip uri with transport~=tls is not allowed~: the ~'sips~' scheme must be used instead~. As requested by SIP RFC~, IPv6 address must be enclosed within brakets~.
37 Here are some examples to understand~:
38 ~- listen on all local interfaces for udp and tcp~, on standard port~:
39 transports~=sip~:~*
40 ~- listen on all local interfaces for udp~,tcp and tls~, on standard ports~:
41 transports~=sip~:~* sips~:~*
42 ~- listen only a specific IPv6 interface~, on standard ports~, with udp~, tcp and tls
43 transports~=sip~:~[2a01~:e34~:edc3~:4d0~:7dac~:4a4f~:22b6~:2083~] sips~:~[2a01~:e34~:edc3~:4d0~:7dac~:4a4f~:22b6~:2083~]
44 ~- listen on tls localhost with 2 different ports and SSL certificates~:
45 transports~=sips~:localhost~:5061~;tls~-certificates~-dir~=path~_a sips~:localhost~:5062~;tls~-certificates~-dir~=path~_b
46 ~- listen on tls localhost with 2 peer certificate requirements~:
47 transports~=sips~:localhost~:5061~;tls~-verify~-incoming~=0 sips~:localhost~:5062~;tls~-verify~-incoming~=1
48 ~- listen on 192~.168~.0~.29~:6060 with tls~, but public hostname is ~'sip~.linphone~.org~' used in SIP messages~. Bind address won~'t appear in messages~:
49 transports~=sips~:sip~.linphone~.org~:6060~;maddr~=192~.168~.0~.29)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##sip~:~*##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)StringList
50 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)aliases|(% style="text-align: left; border: 1px solid #999" %)(((List of white space separated host names pointing to this machine~. This is to prevent loops while routing SIP messages~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##localhost##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)StringList
51 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)idle-timeout|(% style="text-align: left; border: 1px solid #999" %)(((Time interval in seconds after which inactive connections are closed~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##3600##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Integer
52 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)keepalive-interval|(% style="text-align: left; border: 1px solid #999" %)(((Time interval in seconds for sending ~"~\r~\n~\r~\n~" keepalives packets on inbound and outbound connections~. A value of zero stands for no keepalive~. The main purpose of sending keepalives is to keep connection alive accross NATs~, but it also helps in detecting silently broken connections which can reduce the number socket descriptors used by flexisip~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##1800##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Integer
53 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)proxy-to-proxy-keepalive-interval|(% style="text-align: left; border: 1px solid #999" %)(((Time interval in seconds for sending ~"~\r~\n~\r~\n~" keepalives packets specifically for proxy to proxy connections~. Indeed~, while it is undesirable to send frequent keepalives to mobile clients because it drains their battery~, sending frequent keepalives has proven to be helpful to keep connections up between proxy nodes in a very popular US virtualized datacenter~. A value of zero stands for no keepalive~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##0##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Integer
54 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)transaction-timeout|(% style="text-align: left; border: 1px solid #999" %)(((SIP transaction timeout in milliseconds~. It is T1~*64 ~(32000 ms~) by default~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##32000##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Integer
55 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)udp-mtu|(% style="text-align: left; border: 1px solid #999" %)(((The UDP MTU~. Flexisip will fallback to TCP when sending a message whose size exceeds the UDP MTU~. Please read http~:~/~/sofia~-sip~.sourceforge~.net~/refdocs~/nta~/nta~_~_tag~_8h~.html~#a6f51c1ff713ed4b285e95235c4cc999a for more details~. If sending large packets over UDP is not a problem~, then set a big value such as 65535~. Unlike the recommandation of the RFC~, the default value of UDP MTU is 1460 in Flexisip ~(instead of 1300~)~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##1460##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Integer
56 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)rtp-bind-address|(% style="text-align: left; border: 1px solid #999" %)(((You can specify the bind address for all RTP streams ~(MediaRelay and Transcoder~)~. This parameter is only useful for some specific networks~, keeping the default value is recommended~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##0~.0~.0~.0 ~:~:0##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)StringList
57 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)tls-certificates-dir|(% style="text-align: left; border: 1px solid #999" %)(((Path to the directory where TLS server certificate and private key can be found~, concatenated inside an ~'agent~.pem~' file~. Any chain certificates must be put into a file named ~'cafile~.pem~'~. The setup of agent~.pem~, and eventually cafile~.pem is required for TLS transport to work~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##~/etc~/flexisip~/tls~/##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
58 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)tls-ciphers|(% style="text-align: left; border: 1px solid #999" %)(((Ciphers string to pass to OpenSSL in order to limit the cipher suites to use while establishing TLS sessions~. Please take a look to ciphers~(1~) UNIX manual to get the list of keywords supported by your current version of OpenSSL~. You might visit https~:~/~/www~.openssl~.org~/docs~/manmaster~/man1~/ciphers~.html too~. The default value set by Flexisip should provide a high level of security while keeping an acceptable level of interoperability with currenttly deployed clients on the market~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##HIGH~:~!SSLv2~:~!SSLv3~:~!TLSv1~:~!EXP~:~!ADH~:~!RC4~:~!3DES~:~!aNULL~:~!eNULL##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
59 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)require-peer-certificate|(% style="text-align: left; border: 1px solid #999" %)(((Ask for client certificate on TLS session establishing~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##false##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)Boolean
60 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)unique-id|(% style="text-align: left; border: 1px solid #999" %)(((Unique ID used to identify that instance of Flexisip~. It must be a randomly generated 16~-sized hexadecimal number~. If empty~, it will be randomly generated on each start of Flexisip~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ####|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
61 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)version-number|(% style="text-align: left; border: 1px solid #999" %)(((Flexisip version~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ##2~.2~.0~-alpha~-15~-g8951f16a##|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)String
62 |=(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)runtime-error|(% style="text-align: left; border: 1px solid #999" %)(((Retrieve current runtime error state~.)))|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %) ####|(% style="text-align: center; vertical-align: middle; border: 1px solid #999" %)RuntimeError