概述

freeswitch 是一款好用的開(kāi)源軟交換平臺(tái)。

隨著voip客戶的發(fā)展和運(yùn)營(yíng)商網(wǎng)絡(luò)的升級(jí)換代梳凛，SBC在對(duì)接測(cè)試中的應(yīng)用場(chǎng)景越來(lái)越多轻绞。

freeswitch通過(guò)簡(jiǎn)單的安裝配置即可滿足大部分SBC的功能需求。

我們需要有一個(gè)穩(wěn)定版本的fs-sbc的安裝過(guò)程和配置指南。

在這里記錄一下新安裝的fs作為sbc的基本配置郭卫。

環(huán)境

centos：CentOS? release 7.0 (Final)或以上版本

freeswitch：v1.10.7

GCC：4.8.5

fs1.10.7安裝

freeswitch-1.10.7基礎(chǔ)平臺(tái)的編譯安裝見(jiàn)文檔“freeswitch1.10.7 on CENTOS7編譯安裝“。

配置方案

FS-SBC的初始配置方案背稼。

刪除多余配置

conf/chatplan/default.xml

conf/dialplan/*

conf/directory/*

conf/ivr_menus/*

conf/jingle_profiles/*

conf/mrcp_profiles/*

conf/sip_profile, external-ipv6 external-ipv6.xml internal-ipv6.xml internal.xml

conf/skinny_profiles/*

conf配置

vars.xml

<X-PRE-PROCESS cmd="set" data="default_password=dq.1.2.3.4.warn"/>

<X-PRE-PROCESS cmd="set" data="global_codec_prefs=PCMA,PCMU"/>

<X-PRE-PROCESS cmd="set" data="outbound_codec_prefs=PCMA,PCMU"/>

<X-PRE-PROCESS cmd="set" data="console_loglevel=debug"/>

autoload_configs/acl.conf.xml

<list name="list_out" default="deny">

? <node type="allow" cidr="1.2.3.4/32"/>

</list>

<list name="list_in" default="deny">

? <node type="allow" cidr="1.2.3.4/32"/>

</list>

autoload_configs/log.conf.xml

<param name="rollover" value="104857600"/>

<!-- <param name="maximum-rotate" value="32"/> -->

autoload_configs/modules.conf.xml

<!-- <load module="mod_verto"/> -->

<!-- <load module="mod_conference"/> -->

<load module="mod_translate"/>

autoload_configs/sofia.conf.xml

autoload_configs/switch.conf.xml

<param name="min-idle-cpu" value="20"/>

<param name="max-sessions" value="60000"/>

<param name="sessions-per-second" value="1000"/>

<param name="loglevel" value="debug"/>

<param name="rtp-start-port" value="20000"/>

<param name="rtp-end-port" value="60000"/>

autoload_configs/translate.conf.xml

<profile name="GB-CALLER-IN">

? ? <rule regex="^(12345678)$" replace="$1"/>

</profile>

<profile name="GB-CALLER-OUT">

? ? <rule regex="^\+86([2-9]\d+)$" replace="0$1"/>

? ? <rule regex="^\+86(10\d+)$" replace="0$1"/>

? ? <rule regex="^\+86(1\d+)$" replace="$1"/>

</profile>

<profile name="GB-DEST-IN">

? ? <rule regex="^(1\d+)$" replace="+86$1"/>

? ? <rule regex="^0(\d+)$" replace="+86$1"/>

</profile>

<profile name="GB-DEST-OUT">

? ? <rule regex="^\+86010(12345678)$" replace="$1"/>

</profile>

dialplan/sbc-dp.xml

<include>

<X-PRE-PROCESS cmd="set" data="callout_answer_timeout=60"/>

<X-PRE-PROCESS cmd="set" data="sip_contact_user=SBC001"/>

<context name="out2in">

<extension name="sbc-out2in" continue="true">

<condition field="${acl(${network_addr} list_out)}" expression="true"/>

<condition field="destination_number" expression="^(\d+)$">

<action application="set" data="effective_caller_id_name=_undef_" />

<action application="set" data="effective_caller_id_number=${translate(${caller_id_number} GB-CALLER-IN)}" />

<action application="set" data="destination_number=${translate(${destination_number} GB-DEST-IN)}" />

<action application="set" data="inherit_codec=true"/>

<action application="set" data="sip_copy_custom_headers=false"/>

<action application="set" data="ringback=${cn-ring}"/>

<action application="export" data="nolocal:sip_h_Allow=INVITE,ACK,BYE,CANCEL,REGISTER,INFO,PRACK,SUBSCRIBE,NOTIFY,UPDATE,MESSAGE,REFER"/>

<action application="unset" data="X-FS-Support"/>

<action application="bridge" data="{${as_record_param},sip_h_CSeq=1 INVITE,

sip_contact_user=${effective_caller_id_number},sip_invite_contact_params=user=phone,sip_cid_type=none,

sip_invite_to_params=user=phone,sip_invite_from_params=transport=udp;user=phone,sip_invite_from_uri=${effective_caller_id_number}@1.2.3.4:5066,

sip_invite_params=user=phone,sip_invite_call_id=${sip_call_id}

}sofia/external5066/sip:${destination_number}@1.2.3.4:5060"/>

</condition>

</extension>

</context>

<context name="in2out">

<extension name="sbc-in2out" continue="true">

<condition field="${acl(${network_addr} list_in)}" expression="true"/>

<condition field="destination_number" expression="^\+(\d+)$">

<action application="set" data="effective_caller_id_name=${translate(${caller_id_name} GB-CALLER-OUT)}" />

<action application="set" data="effective_caller_id_number=${translate(${caller_id_number} GB-CALLER-OUT)}" />

<action application="set" data="destination_number=${translate(${destination_number} GB-DEST-OUT)}" />

<action application="set" data="inherit_codec=true"/>

<action application="set" data="sip_copy_custom_headers=false"/>

<action application="bridge" data="{${as_record_param},

sip_invite_params=user=phone,sip_invite_call_id=${sip_call_id}

}sofia/external3060/sip:${destination_number}@1.2.3.4:5080"/>

</condition>

</extension>

</context>

</include>

sip_profiles/external3060.xml

<profile name="external3060">

<param name="user-agent-string" value="sbc001"/>

<param name="username" value="sbc001"/>

<param name="pass-callee-id" value="false"/>

<param name="session-timeout" value="10800"/>

<param name="sip-port" value="3060"/>

<param name="context" value="out2in"/>

<param name="enable-100rel" value="true"/>

<param name="rtp-ip" value="$${local_ip_v4}"/>

<param name="sip-ip" value="$${local_ip_v4}"/>

<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>

<param name="ext-sip-ip" value="$${external_sip_ip}"/>

sip_profiles/external5066.xml

<profile name="external5066">

<param name="user-agent-string" value="sbc001"/>

<param name="username" value="sbc001"/>

<param name="pass-callee-id" value="false"/>

<param name="session-timeout" value="10800"/>

<param name="sip-port" value="5066"/>

<param name="context" value="in2out"/>

<param name="enable-100rel" value="true"/>

<param name="rtp-ip" value="$${local_ip_v4}"/>

<param name="sip-ip" value="$${local_ip_v4}"/>

<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>

<param name="ext-sip-ip" value="$${external_sip_ip}"/>

bin腳本

bin目錄下需要一些簡(jiǎn)單的維護(hù)腳本贰军。

clear_log.sh

clear_wav.sh

monitorfs.sh

防火墻

防火墻配置結(jié)果如下。

ports: 22/tcp 20000-60000/udp

rule family="ipv4" source address="1.2.3.4/32" port port="3060" protocol="udp" accept

rule family="ipv4" source address="1.2.3.4/32" port port="5066" protocol="udp" accept

系統(tǒng)配置

系統(tǒng)資源限制

vi /etc/security/limits.conf

* soft core unlimited

* hard core unlimited

* soft data unlimited

* hard data unlimited

* soft fsize unlimited

* hard fsize unlimited

* soft sigpending unlimited

* hard sigpending unlimited

* soft nofile 65536

* hard nofile 65536

* soft msgqueue unlimited

* hard msgqueue unlimited

* soft nproc 65536

* hard nproc 65536

* soft locks unlimited

* hard locks unlimited

* soft memlock unlimited

* hard memlock unlimited

修改賬戶啟動(dòng)執(zhí)行腳本蟹肘。

vi ./bash_profile

ulimit -c unlimited

ulimit -d unlimited

ulimit -f unlimited

ulimit -i unlimited

ulimit -n 65536

ulimit -q unlimited

ulimit -u 65536

ulimit -x unlimited

ulimit -l unlimited

系統(tǒng)端口范圍

查看linux系統(tǒng)端口范圍

sysctl -a | grep ipv4.ip_local_port_range

修改sysctl.conf

vi /etc/sysctl.conf

net.ipv4.ip_local_port_range = 20000? ? 60999

使sysctl配置立即生效：

sysctl -p

非本機(jī)IP綁定

vi /etc/sysctl.conf

net.ipv4.ip_nonlocal_bind=1

定時(shí)任務(wù)

sudo crontab -e

00 4 * * * sh /usr/local/freeswitch/bin/clear_log.sh 15

30 4 * * * /usr/sbin/ntpdate cn.pool.ntp.org; /sbin/hwclock -w

0 5 * * * /usr/local/freeswitch/bin/fs_cli -x "fsctl sync_clock_when_idle"

總結(jié)

freeswitch的基礎(chǔ)功能基本可以滿足SBC的功能需求词疼，通過(guò)簡(jiǎn)單配置即可使用。

sbc作為公私網(wǎng)的信令和媒體通道帘腹，安全性一定是最重要的考慮項(xiàng)贰盗。

空空如常

求真得真