FreeSwitch

From Guardian Project Wiki

Contents 1 Summary 2 Installation 3 Configuration 3.1 Build TLS Certs 3.2 Enabling TLS 3.3 Enabling Proxy Media 3.4 Dialplan entries

Summary

FreeSWITCH is "The World's First Cross-Platform Scalable FREE Multi-Protocol Soft Switch". It is the reference backend application for OSTN. It has a wild amount of features and can do much more than operate according to our spec. Because of that it can be quite intimidating to configure as merely a SIP user directory and passive SRTP proxy.

Installation

• FreeBSD port install and configuration process, copy and paste style
• Chef cookbook to automate a server deployment

The two above resources are attempts to give focus to implementation details on specific platforms. They give little context about why this configuration is important.

Configuration

Bellow are a list of freeswitch configuration steps needed for OSTN implementations. The following steps assume you are in your freeswitch installation root.

Build TLS Certs

please see the freeswitch wiki for a detailed look at TLS configuration.

bin/gentls_cert

Enabling TLS

The bottom of your conf/vars.xml should look something like(note internal_ssl_dir is now set to true):

 <!--
      SIP and TLS settings. http://wiki.freeswitch.org/wiki/Tls
  -->
  <X-PRE-PROCESS cmd="set" data="sip_tls_version=tlsv1"/>

  <!-- Internal SIP Profile -->
  <X-PRE-PROCESS cmd="set" data="internal_auth_calls=true"/>
  <X-PRE-PROCESS cmd="set" data="internal_sip_port=5060"/>
  <X-PRE-PROCESS cmd="set" data="internal_tls_port=5061"/>
  <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=true"/>
  <X-PRE-PROCESS cmd="set" data="internal_ssl_dir=$${base_dir}/conf/ssl"/>

  <!-- External SIP Profile -->
  <X-PRE-PROCESS cmd="set" data="external_auth_calls=false"/>
  <X-PRE-PROCESS cmd="set" data="external_sip_port=5080"/>
  <X-PRE-PROCESS cmd="set" data="external_tls_port=5081"/>
  <X-PRE-PROCESS cmd="set" data="external_ssl_enable=false"/>
  <X-PRE-PROCESS cmd="set" data="external_ssl_dir=$${base_dir}/conf/ssl"/>
</include>

Enabling Proxy Media

the freeswitch wiki has detailed information about proxy media.

find and edit the following line in conf/sip_profiles/internal.xml

<param name="inbound-proxy-media" value="true"/>

Dialplan entries

the following is an example that can be added conf/dialplan/default.xml. It enables 5 digit numbers to be called, and enables proxy media.

    <extension name="Local_Extension">
      <condition field="destination_number" expression="^(\d{5})$">
        <action application="set" data="dialed_extension=$1"/>
        <action application="export" data="dialed_extension=$1"/>
        <!-- bind_meta_app can have these args <key> [a|b|ab] [a|b|o|s] <app> -->
        <action application="bind_meta_app" data="1 b s execute_extension::dx XML features"/>
        <action application="bind_meta_app" data="2 b s record_session::$${recordings_dir}/${caller_id_number}.${strftime(%Y-%m-%d-%H-%M-%S)}.wav"/>
        <action application="bind_meta_app" data="3 b s execute_extension::cf XML features"/>
        <action application="set" data="ringback=${us-ring}"/>
        <action application="set" data="transfer_ringback=$${hold_music}"/>
        <action application="set" data="call_timeout=30"/>
        <!-- <action application="set" data="sip_exclude_contact=${network_addr}"/> -->
        <action application="set" data="hangup_after_bridge=true"/>
        <!--<action application="set" data="continue_on_fail=NORMAL_TEMPORARY_FAILURE,USER_BUSY,NO_ANSWER,TIMEOUT,NO_ROUTE_DESTINATION"/> -->
        <action application="set" data="continue_on_fail=true"/>
        <action application="hash" data="insert/${domain_name}-call_return/${dialed_extension}/${caller_id_number}"/>
        <action application="hash" data="insert/${domain_name}-last_dial_ext/${dialed_extension}/${uuid}"/>
        <action application="set" data="called_party_callgroup=${user_data(${dialed_extension}@${domain_name} var callgroup)}"/>
        <!--<action application="export" data="nolocal:sip_secure_media=${user_data(${dialed_extension}@${domain_name} var sip_secure_media)}"/>-->
        <action application="hash" data="insert/${domain_name}-last_dial/${called_party_callgroup}/${uuid}"/>
        <action application="set" data="proxy_media=true"/>
        <action application="bridge" data="user/${dialed_extension}@${domain_name}"/>
        <action application="answer"/>
        <action application="sleep" data="1000"/>
        <action application="voicemail" data="default ${domain_name} ${dialed_extension}"/>
      </condition>
    </extension>