阿里云部署Freeswitch参数配置记录
1、修改5060默认端口、domain为公网ip,修改默认密码等常用参数;其中修改local_ip为本地ip,ext_ip为公网ip;
ifconfig 查出来eth0的地址为本地ip,其它则为云服务器厂商给的公网IP;
conf目录下的vars.xml文件
<X-PRE-PROCESS cmd="set" data="local_ip_v4=内网ip"/>
<X-PRE-PROCESS cmd="set" data="external_rtp_ip=公网ip"/>
<X-PRE-PROCESS cmd="set" data="external_sip_ip=公网ip"/>
<X-PRE-PROCESS cmd="set" data="domain=公网ip"/>
<X-PRE-PROCESS cmd="set" data="internal_auth_calls=true"/>
<X-PRE-PROCESS cmd="set" data="internal_sip_port=5860"/>
<X-PRE-PROCESS cmd="set" data="internal_tls_port=5861"/>
<X-PRE-PROCESS cmd="set" data="default_password=1234"/>
sip_profile/internal.xml
<X-PRE-PROCESS cmd="stun-set" data="external_rtp_ip=公网ip"/>
<paramname=”force−register−domain”value=”{domain}”/>
./autoload_configs/switch.conf.xml
<param name="rtp-start-port" value="19000"/>
<param name="rtp-end-port" value="19900"/>
修改5060默认端口为了防止一些简单的网络攻击;
2、SDP协商固定为公网ip;要不就得增加stun服务器;
/* Check if NAT is detected */
if (!zstr(smh->mparams->remote_ip) && switch_core_media_check_nat(smh, smh->mparams->remote_ip)) {
/* Yes, map the port through switch_nat */
switch_nat_add_mapping(engine->local_sdp_port, SWITCH_NAT_UDP, &sdp_port, SWITCH_FALSE);
switch_snprintf(vname, sizeof(vname), "rtp_adv_%s_ip", tstr);
/* Find an IP address to use */
if (!(use_ip = switch_channel_get_variable(session->channel, vname))
&& !zstr(smh->mparams->extrtpip)) {
use_ip = smh->mparams->extrtpip;
}
if (use_ip) {
if (switch_core_media_ext_address_lookup(session, &lookup_rtpip, &sdp_port, use_ip) != SWITCH_STATUS_SUCCESS) {
/* Address lookup was required and fail (external ip was "host:..." or "stun:...") */
return SWITCH_STATUS_FALSE;
} else {
/* Address properly resolved, use it as external ip */
use_ip = lookup_rtpip;
}
} else {
/* No external ip found, use the profile's rtp ip */
use_ip = smh->mparams->rtpip;
}
} else {
//强制sdp为公网IP,use_ip = smh->mparams->rtpip;
use_ip = smh->mparams->extrtpip;
}3、配置acl访问规则;
<list name="domains" default="deny">
<!-- domain= is special it scans the domain from the directory to build the ACL -->
<!-- <node type="allow" domain="$${domain}"/>-->
<node type="allow" domain="$${domain}"/>
</list>
4、公网服务器配置外网访问端口:
TCP/UDP 5860 5861
RTP UDP 49000-49900
5、其它配置:
在fs上开启rport功能 <paramname="NDLB-force-rport" value="true"/> 设置rtp自动调整功能 <paramname="disable-rtp-auto-adjust" value="false"/> 没有rport功能的终端,在 reg.xml (分机配置文件)中加入 <variable name="sip-force-contact" value="NDLB-connectile-dysfunction"/>
6、客户端配置;
注意pjsip客户端需要配置proxy;
参考:https://www.cnblogs.com/kn-zheng/p/17101859.html
-------------------广告线---------------
项目、合作,欢迎勾搭,邮箱:promall@qq.com
本文为呱牛笔记原创文章,转载无需和我联系,但请注明来自呱牛笔记 ,it3q.com
- 上一篇: 读书:纳瓦尔宝典
- 下一篇: Android版本的pjsip使用过程记录
- 最新评论
- 总共0条评论
