A.1. config.yml overview

Config.yml is the main configuration YAML file used by Sipwise NGCP. After every changes it need to run the command ngcpcfg apply my commit message to apply changes (followed by ngcpcfg push in the PRO version to apply changes to sp2). The following is a brief description of the main variables contained into /etc/ngcp-config/config.yml file.

A.1.1. asterisk

The following is the asterisk section:

asterisk:
  log:
    facility: local6
  rtp:
    maxport: 20000
    minport: 10000
  sip:
    bindport: 5070
    dtmfmode: rfc2833
  voicemail:
    enable: 'no'
    fromstring: 'Voicemail server'
    greeting:
      busy_custom_greeting: '/home/user/file_no_extension'
      busy_overwrite_default: 'no'
      busy_overwrite_subscriber: 'no'
      unavail_custom_greeting: '/home/user/file_no_extension'
      unavail_overwrite_default: 'no'
      unavail_overwrite_subscriber: 'no'
    mailbody: 'You have received a new message from ${VM_CALLERID} in voicebox ${VM_MAILBOX} on ${VM_DATE}.'
    mailsubject: '[Voicebox] New message ${VM_MSGNUM} in voicebox ${VM_MAILBOX}'
    max_msg_length: 180
    maxgreet: 60
    maxmsg: 30
    maxsilence: 0
    min_msg_length: 3
    normalize_match: '^00|\+([1-9][0-9]+)$'
    normalize_replace: '$1'
    serveremail: voicebox@sip.sipwise.com

log.facility: rsyslog facility for asterisk log, defined in /etc/asterisk/logger.conf.
rtp.maxport: RTP maximum port used by asterisk.
rtp.minport: RTP minimun port used by asterisk.
sip.bindport: SIP asterisk internal bindport.
voicemail.greetings.*: set the audio file path for voicemail custom unavailable/busy greetings
voicemail.mailbody: Mail body for incoming voicemail.
voicemail.mailsubject: Mail subject for incoming voicemail.
voicemail.max_msg_length: Sets the maximum length of a voicemail message, in seconds.
voicemail.maxgreet: Sets the maximum length of voicemail greetings, in seconds.
voicemail.maxmsg: Sets the maximum number of messages that may be kept in any voicemail folder.
voicemail.min_msg_length: Sets the minimun length of a voicemail message, in seconds.
voicemail.maxsilence: Maxsilence defines how long Asterisk will wait for a contiguous period of silence before terminating an incoming call to voice mail. The default value is 0, which means the silence detector is disabled and the wait time is infinite.
voicemail.serveremail: Provides the email address from which voicemail notifications should be sent.
voicemail.normalize_match: Regular expression to match the From number for calls to voicebox.
voicemail.normalize_replace: Replacement string to return, in order to match an existing voicebox.

A.1.2. autoprov

The following is the autoprovisioning section:

autoprov:
  hardphone:
    skip_vendor_redirect: 'no'
  server:
    bootstrap_port: 1445
    ca_certfile: '/etc/ngcp-config/ssl/client-auth-ca.crt'
    host: localhost
    port: 1444
    server_certfile: '/etc/ngcp-config/ssl/myserver.crt'
    server_keyfile: '/etc/ngcp-config/ssl/myserver.key'
    ssl_enabled: 'yes'
  softphone:
    config_lockdown: 0
    webauth: 0

autoprov.skip_vendor_redirect: Skip phone vendor redirection to the vendor provisioning web site.

A.1.3. backuptools

The following is the backup tools section:

backuptools:
  cdrexport_backup:
    enable: 'no'
  etc_backup:
    enable: 'no'
  mail:
    address: noc@company.org
    error_subject: '[ngcp-backup] Problems detected during daily backup'
    log_subject: '[ngcp-backup] Daily backup report'
    send_errors: 'no'
    send_log: 'no'
  mysql_backup:
    enable: 'no'
    exclude_dbs: 'syslog sipstats information_schema'
  rotate_days: 7
  storage_dir: '/var/backup/ngcp_backup'
  temp_backup_dir: '/tmp/ngcp_backup'

backuptools.cdrexport_backup.enable: Enable backup of cdrexport (.csv) directory.
backuptools.etc_backup.enable: Enable backup of /etc/* directory.
backuptools.mail.address: Destination email address for backup emails.
backuptools.mail.error_subject: Subject for error emails.
backuptools.mail.log_subjetc: Subject for daily backup report.
backuptools.mail.send_error: Send daily backup error report.
backuptools.mail.send_log: Send daily backup log report.
backuptools.mysql_backup.enable: Enable daily mysql backup.
backuptools.mysql_backup.exclude_dbs: exclude mysql databases from backup.
backuptools.rotate_days: Number of backups to keep stored.
backuptools.storage_dir: Storage directory of backups.
backuptools.temp_backup_dir: Temporary storage directory of backups.

A.1.4. cdrexport

The following is the cdr export section:

cdrexport:
  daily_folder: 'yes'
  export_failed: 'no'
  export_incoming: 'no'
  exportpath: '/home/jail/home/cdrexport'
  full_names: 'yes'
  monthly_folder: 'yes'

cdrexport.daily_folder:: Set yes if you want to create a daily folder for CDRs under the configured path.
cdrexport.export_failed: Export CDR for failed calls.
cdrexport.export_incoming: Export CDR for incoming calls.
cdrexport.exportpath: The path to store CDRs in .csv format.
cdrexport.full_names: Use full namen for CDRs instead of short ones.
cdrexport.monthly_folder: Set yes if you want to create a monthly folder (ex. 201301 for January 2013) for CDRs under configured path.

A.1.5. checktools

The following is the check tools section:

checktools:
  collcheck:
    cpuidle: 0.1
    dfused: 0.9
    eximmaxqueue: 15
    loadlong: 2
    loadmedium: 2
    loadshort: 3
    maxage: 600
    memused: 0.7
    siptimeout: 15
    swapfree: 0.5
  asr_nsr_statistics: 1
  exim_check_enable: 0
  force: 0
  kamailio_check_dialog_active_enable: 1
  kamailio_check_dialog_early_enable: 1
  kamailio_check_dialog_incoming_enable: 1
  kamailio_check_dialog_local_enable: 1
  kamailio_check_dialog_outgoing_enable: 1
  kamailio_check_dialog_relay_enable: 1
  kamailio_check_usrloc_regdevices_enable: 1
  kamailio_check_usrloc_regusers_enable: 1
  mpt_check_enable: 1
  mysql_check_enable: 1
  mysql_check_replication: 1
  oss_check_provisioned_subscribers_enable: 1
  sip_check_enable: 1
  sipstats_check_num_packets: 1
  sipstats_check_num_packets_perday: 1
  sipstats_check_partition_size: 1
  snmpd:
    communities:
      public:
        - localhost

checktools.collcheck.cpuidle: Sets the minimum value for CPU usage (0.1 means 10%).
checktools.collcheck.dfused: Sets the maximun value for DISK usage (0.9 means 90%).
checktools.collcheck.loadlong/loadlong/loadshort: Max values for load (long, short, medium term).
checktools.collcheck.maxage: Max age in seconds.
checktools.collcheck.memused: Sets the maximun value for MEM usage (0.7 means 70%).
checktools.collcheck.siptimeout: Max timeout for sip options.
checktools.collcheck.swapfree: Sets the minimun value for SWAP free (0.5 means 50%).
checktools.exim_check_enable: Exim queue check plugin for collectd.
checktools.asr_nsr_statistics: enable/Disable ASR/NSR statistics.
checktools.force: Perform checks even if not active in /etc/motd.
checktools.kamailio_check_dialog_*/kamailio_check_usrloc_*: Enable/Disable SNMP collective check pluglin for Kamailio.
checktools.mpt_check_enable: MPT raid SNMP check plugin.
checktools.mysql_check_enable: MySQL SNMP check plugin.
checktools.mysql_check_replication: MySQL replication check.
checktools.oss_check_provisioned_subscribers_enable: OSS provisioned subscribers count plugin.
checktools.sip_check_enable/sipstats_check_*: Enable/Disable SIP check plugins.
checktools.snmpd.communities: Sets the snmp community and sources (separated by comma , - ex. source: 127.0.0.1, 10.10.10.2, 10.10.10.3).

A.1.6. cleanuptools

The following is the cleanup tools section:

cleanuptools:
  acc_cleanup_days: 90
  archive_targetdir: '/var/backups/cdr'
  binlog_days: 15
  cdr_archive_months: 2
  cdr_backup_months: 2
  cdr_backup_retro: 3
  compress: gzip
  sql_batch: 10000
  trash_cleanup_days: 30

cleanuptools.acc_cleanup_days: Clean up ACC entry older then 90 days.
cleanuptools.binlog_days: Expire MySQL binlogs after 15 days.
cleanuptools.cdr_archive_months: How many months worth of records to keep in the table and not move into the monthly archive tables.
cleanuptools.cdr_backup_months: How many months worth of records to keep in the table and not move into the monthly backup tables.
cleanuptools.cdr_backup_retro: How many months to process for backups, going backwards in time. Using the example above, with this value set to "3", the months October, September and August would be backed up, while any older records would be left untouched.
cleanuptools.sql_batch: How many records to process within a single statement.
cleanuptools.trash_cleanup_days: Clean up acc_trash and acc_backup entry after 30 days.

A.1.7. database

The following is the database section:

database:
  bufferpoolsize: 24768M

database.bufferpoolsize: Innodb_buffer_pool_size value in /etc/mysql/my.cnf

A.1.8. faxserver

The following is the fax server section:

faxserver:
  default_owner: 4312345
  failfax_recv_email: root@localhost
  failfax_send_email: failfax@ngcp.sipwise.local
  fax_gateways:
    - sip:127.0.0.1:5070
  hylafax:
    jobretry: 1
    start: 'yes'
  iaxmodem:
    start: 'yes'
  type: software
  mail_from: 'Sipwise NGCP FaxServer <voipfax@ngcp.sipwise.local>'
  webfax_user: ngcpwebfax

faxserver.failfax_recv_email: A recipient of a failed "fax receive".
faxserver.failfax_send_email: A recipient of a failed "fax send".
faxserver.fax_gateways: Set here the correct Patton gateway ip address and port (Available only with the hardware fax solution). Otherwise leave as it is.
faxserver.hylafax.jobretry: How many times the hylafax faxserver should retry to send fax.
faxserver.hylafax.start: Enable hylafax at startup.
faxserver.iaxmodem.start: Enable iaxmodem at startup.
faxserver.type: Type of faxserver solution. Accepted values are software or hardware (with Patton Gateway).
faxserver.mail_from: Sets the e-mail From Header for incoming fax.
faxserver.webfax_user: User used when sending fax from CSC web interface.

A.1.9. general

The following is the general section:

general:
  adminmail: adjust@example.org
  companyname: sipwise
  lang: en

general.adminmail: Email address used by monit to send notifications to.
general.lang: Sets sounds language (e.g: de for German)

A.1.10. heartbeat

The following is the heartbeat section:

heartbeat:
  hb_watchdog:
    action_max: 5
    enable: 'yes'
    interval: 10
    transition_max: 10
  pingnodes:
    - 10.60.1.1
    - 192.168.3.4

heartbeat.hb_watchdog.enable: Enable heartbeat watchdog in order to prevent and fix split brain scenario.
heartbeat.hb_watchdog.action_max: Max errors before taking any action.
heartbeat.hb_watchdog.interval: Interval in secs for the check.
heartbeat.hb_watchdog.transition_max: Max checks in transition state.
heartbeat.pingnodes: List of pingnodes for heartbeat. Minimun 2 entries, otherwise by default NGCP will set the default gateway and DNS servers as pingnodes.

A.1.11. intercept

The following is the legal intercept section:

intercept:
  captagent:
    port: 18090
    schema: http
  enabled: 'no'

intercept.captagent.enable: Enable captagent for Lawful Interception (addiotional NGCP module).

A.1.12. kamailio

The following is the kamailio section:

kamailio:
  lb:
    debug: 'no'
    extra_sockets: ~
    max_forwards: 70
    nattest_exception_ips:
      - 1.2.3.4
      - 5.6.7.8
    pkg_mem: 16
    port: 5060
    security:
      dos_ban_enable: 'yes'
      dos_ban_time: 300
      dos_reqs_density_per_unit: 50
      dos_sampling_time_unit: 5
      dos_whitelisted_ips: ~
      dos_whitelisted_subnets: ~
      failed_auth_attempts: 3
      failed_auth_ban_enable: 'yes'
      failed_auth_ban_time: 3600
    shm_mem: 2012
    start: 'yes'
    strict_routing_safe: 'no'
    tcp_children: 8
    tcp_max_connections: 2048
    tls:
      enable: 'no'
      port: 5061
      sslcertfile: '/etc/kamailio/kamailio-selfsigned.pem'
      sslcertkeyfile: '/etc/kamailio/kamailio-selfsigned.key'
    udp_children: 8
    use_dns_cache: 'on'
  proxy:
    allow_info_method: 'no'
    allow_peer_relay: 'no'
    allow_refer_method: 'no'
    authenticate_bye: 'no'
    cf_depth_limit: 10
    children: 8
    debug: 'no'
    default_expires: 3600
    enum_suffix: e164.arpa.
    filter_100rel_from_supported: 'yes'
    fritzbox:
      enable: 'no'
      prefixes:
        - 112
        - 110
        - 118[0-9]{2}
    foreign_domain_via_peer: 'no'
    ignore_auth_realm: 'no'
    keep_original_to: 'no'
    max_expires: 43200
    max_gw_lcr: 128
    max_registrations_per_subscriber: 5
    min_expires: 60
    nathelper_dbro: 'no'
    natping_interval: 30
    natping_processes: 7
    nonce_expire: 300
    pbx:
      hunt_display_indicator: '[h]'
    perform_peer_lcr: 0
    pkg_mem: 16
    port: 5062
    presence:
      enable: 'yes'
    proxy_lookup: 'no'
    set_ruri_to_peer_auth_realm: 'no'
    shm_mem: 2012
    start: 'yes'
    tcp_children: 4
    use_enum: 'no'
    usrloc_dbmode: 1

kamailio.lb.debug: Enable intensive debug level.
kamailio.lb.extra_sockets: Add here extra sockets for Load Balancer.
kamailio.lb.max_forwards: Set the value for the Max Forwards SIP header for outgoing messages.
kamailio.lb.nattest_exception_ips: List of IPs that don’t need the NAT test.
kamailio.lb.shm_mem: Shared memory used by Kamailio Load Balancer. The default value is auto generated by the system, depending on your system architecture.
kamailio.lb.pkg_mem: PKG memory used by Kamailio Load Balancer. The default value is auto generated by the system, depending on your system architecture.
kamailio.lb.security.dos_ban_enable: Enable/Disable DoS Ban.
kamailio.lb.security.dos_ban_time: Sets the ban time.
kamailio.lb.security.dos_reqs_density_per_unit:: Sets the requests density per unit (if we receive more then * lb.dos_reqs_density_per_unit within dos_sampling_time_unit the user will be banned).
kamailio.lb.security.dos_sampling_time_unit: Sets the DoS unit time.
kamailio.lb.security.dos_whitelisted_ips: Write here the whitelisted IPs.
kamailio.lb.security.failed_auth_attempts: Sets how many authentication attempts allowed before ban.
kamailio.lb.security.failed_auth_ban_enable: Enable/Disable authentication ban.
kamailio.lb.security.failed_auth_ban_time: Sets how long a user/IP has be banned.
kamailio.lb.strict_routing_safe: Enable strict routing handle feature.
kamailio.lb.tls.enable: Enable TLS socket.
kamailio.lb.tls.port: Set TLS listening port.
kamailio.lb.tls.sslcertificate: Path for the SSL certificate.
kamailio.lb.tls.sslcertkeyfile: Path for the SSL key file.
kamailio.proxy.allow_info_method: Allow INFO method.
kamailio.proxy.allow_peer_relay: Allow peer relay. Call coming from a peer that doesn’t matcha a local subscriber will try to go out again, matching the peering rules.
kamailio.proxy.allow_refer_method: Allow REFER method. Enable it with caution.
kamailio.proxy.authenticate_bye: Enable BYE authentication.
kamailio.proxy.cf_depth_limit: CF loop detector. How many CF loops are allowed before drop the call.
kamailio.proxy.debug: Enable intensive debug level.
kamailio.proxy.default_expires: Default expires value in seconds for REGISTER messages.
kamailio.proxy.foreign_domain_via_peer: Enable calls to foreign domains via peers.
kamailio.proxy.shm_mem: Shared memory used by Kamailio Proxy. The default value is auto generated by the system, depending on your system architecture.
kamailio.proxy.pkg_mem: PKG memory used by Kamailio Proxy. The default value is auto generated by the system, depending on your system architecture.
kamailio.proxy.enum_suffix: Sets ENUM suffix - don’t forget . (dot).
kamailio.proxy.filter_100rel_from_supported: Enable filtering of 100rel from Supported header, to disable PRACK.
kamailio.proxy.fritzbox.enable: Enable detection for Fritzbox special numbers. Ex. Fritzbox add the AC prefix to emergency numbers.
kamailio.proxy.fritzbox.prefixes: Specifies special prefixes to detect in order to remove the AC prefix added by Fritzbox.
kamailio.proxy.ignore_auth_realm: Ignore SIP authentication realm.
kamailio.proxy.keep_original_to: Not used now.
kamailio.proxy.max_expires: Sets the maximum expires in seconds for registration.
kamailio.proxy.max_gw_lcr: Defines the maximum number of gateways in lcr_gw table
kamailio.proxy.max_registrations_per_subscriber: Sets the maximum registration per subscribers.
kamailio.proxy.min_expires: Sets the minimum expires in seconds for registration.
kamailio.proxy.natping_interval: Sets the NAT ping interval in seconds.
kamailio.proxy.nathelper_dbro: Defaul is "no". This will be "yes" on CARRIER in order to activate the use of a read-only connection using LOCAL_URL
kamailio.proxy.nonce_expire: Nonce expire time in seconds.
kamailio.proxy.perform_peer_lcr: Enable/Disable Least Cost Routing based on peering fees.
kamailio.proxy.port: SIP listening port.
kamailio.proxy.presence.enable: Enable/disable presence feature
kamailio.proxy.set_ruri_to_peer_auth_realm: Set R-URI using peer auth realm
kamailio.proxy.use_enum: Enable/Disable ENUM feature.

A.1.13. mediator

The following is the mediator section:

mediator:
  interval: 10

mediator.interval: Running interval of mediator.

A.1.14. nginx

The following is the nginx section:

nginx:
  status_port: 8081
  xcap_port: 1080

nginx.status_port: Status port used by nginx server
nginx.xcap_port: XCAP port used by nginx server

A.1.15. ntp

The following is the ntp server section:

ntp:
  servers:
    - 0.debian.pool.ntp.org
    - 1.debian.pool.ntp.org
    - 2.debian.pool.ntp.org
    - 3.debian.pool.ntp.org

ntp.servers: Define your NTP server list.

A.1.16. ossbss

The following is the ossbss section:

ossbss:
  apache:
    port: 2443
    proxyluport: 1080
    restapi:
      sslcertfile: '/etc/ngcp-panel/api_ssl/api_ca.crt'
      sslcertkeyfile: '/etc/ngcp-panel/api_ssl/api_ca.key'
    serveradmin: support@sipwise.com
    servername: "\"myserver\""
    ssl_enable: 'yes'
    sslcertfile: '/etc/ngcp-config/ssl/myserver.crt'
    sslcertkeyfile: '/etc/ngcp-config/ssl/myserver.key'
  frontend: 'no'
  htpasswd:
    -
      pass: '{SHA}w4zj3mxbmynIQ1jsUEjSkN2z2pk='
      user: ngcpsoap
  logging:
    apache:
      acc:
        facility: daemon
        identity: oss
        level: info
      err:
        facility: local7
        level: info
    ossbss:
      facility: local0
      identity: provisioning
      level: DEBUG
    web:
      facility: local0
      level: DEBUG
  provisioning:
    allow_ip_as_domain: 1
    allow_numeric_usernames: 0
    auto_allow_cli: 1
    carrier:
      account_distribution_function: roundrobin
      prov_distribution_function: roundrobin
    credit_warnings:
      -
        domain: example.com
        recipients:
          - nobody@example.com
        threshold: 1000
    faxpw_min_char: 0
    log_passwords: 0
    no_logline_truncate: 0
    pw_min_char: 6
    routing:
      ac_regex: '[1-9]\d{0,4}'
      cc_regex: '[1-9]\d{0,3}'
      sn_regex: '[1-9]\d+'
    tmpdir: '/tmp'

ossbss.frontend: Enable disable SOAP interface. Set value to fcgi to enable old SOAP interface.
ossbss.htpasswd: Sets the username and SHA hashed password for SOAP access. You can generate the password using the following command: htpasswd -nbs myuser mypassword.
ossbss.provisioning.allow_ip_as_domain: Allow or not allow IP address as SIP domain (0 is not allowed).
ossbss.provisioning.allow_numeric_usernames: Allow or not allow numeric SIP username (0 is not allowed).
ossbss.provisioning.faxpw_min_char: Minimum number of characters for fax passwords.
ossbss.provisioning.pw_min_char: Minimum number of characters for sip passwords.
ossbss.provisioning.log_password: Enable logging of passwords.
ossbss.provisioning.routing: Regexp for allowed AC (Area Code), CC (Country Code) and SN (Subscriber Number).

A.1.17. pbx (only with additional cloud PBX module installed)

The following is the PBX section:

pbx:
  bindport: 5085
  enable: 'no'
  highport: 55000
  lowport: 50001
  media_processor_threads: 10
  session_processor_threads: 10
  xmlrpcport: 8095

pbx.enable: Enable Cloud PBX module.

A.1.18. prosody

The following is the prosody section:

prosody:
  ctrl_port: 5582
  log_level: info

prosody.ctrl_port: XMPP server control port.
prosody.log_level: Prosody loglevel.

A.1.19. pushd

The following is the pushd section:

pushd:
  apns:
    certificate: ''
    enable: 'no'
    endpoint: gateway.sandbox.push.apple.com
    feedback_endpoint: feedback.sandbox.push.apple.com
    feedback_interval: 3600
    key: ''
    socket_timeout: 0
  enable: 'no'
  gcm:
    enable: 'no'
    key: ''
  port: 45060
  processes: 4
  ssl: 'yes'
  unique_device_ids: 'no'

pushd.enable: Enable/Disable Push Notification feature.
pushd.apns.certificate: Specify the Apple certificate for push notification.
pushd.apns.enable: Enable/Disable Apple push notification.
pushd.apns.key: Specify the Apple key for push notification.
pushd.gcm.enable: Enable/Disable Google push notification.
pushd.gcm.key: Specify the Google key for push notification.

A.1.20. qos

The following is the QOS section:

qos:
  tos_rtp: 184
  tos_sip: 184

qos.tos_rtp: TOS value for RTP traffic.
qos.tos_sip: TOS value for SIP traffic.

A.1.21. rate-o-mat

The following is the rate-o-mat section:

rateomat:
  enable: 'yes'
  loopinterval: 10
  splitpeakparts: 0

rateomat.enable: Enable/Disable Rate-o-mat
rateomat.loopinterval: How long we shall sleep before looking for unrated CDRs again.
rateomat.splitpeakparts: Whether we should split CDRs on peaktime borders.

A.1.22. redis

The following is the redis section:

redis:
  database_amount: 16
  port: 6379
  syslog_ident: redis

redis.database_amout: Set the number of databases in redis. The default database is DB 0.
redis.port: Accept connections on the specified port, default is 6379
redis.syslog_ident: Specify the syslog identity.

A.1.23. reminder

The following is the reminder section:

reminder:
  retries: 2
  retry_time: 60
  sip_fromdomain: voicebox.sipwise.local
  sip_fromuser: reminder
  wait_time: 30
  weekdays: '2, 3, 4, 5, 6, 7'

reminder.retries: How many times the reminder feature have to try to call you.
reminder.retry_time: Seconds between retries.
reminder.wait_time: Seconds to wait for an answer.

A.1.24. rsyslog

The following is the rsyslog section:

rsyslog:
  elasticsearch:
    action:
      resumeretrycount: '-1'
    bulkmode: 'on'
    dynSearchIndex: 'on'
    enable: 'yes'
    queue:
      dequeuebatchsize: 300
      size: 5000
      type: linkedlist
  external_address:
  external_log: 0
  external_loglevel: warning
  external_port: 514
  external_proto: udp
  ngcp_logs_preserve_days: 93

rsyslog.elasticsearch.enable: Enable/Disable Elasticsearch web interface
rsyslog.external_address: Set the remote rsyslog server.
rsyslog.ngcp_logs_preserve_days: Specify how many days to preserve old rotated log files in /var/log/ngcp/old path.

A.1.25. rtpproxy

The following is the rtp proxy section:

rtpproxy:
  allow_userspace_only: 'yes'
  maxport: 40000
  minport: 30000
  rtp_timeout: 21600
  rtp_timeout_onhold: 3600

rtpproxy.allow_userspace_only: Enable/Disable the user space failover for rtpengine (yes means enable). By default rtpengine works in kernel space.
rtpproxy.maxport: Maximum port used by rtpengine for RTP traffic.
rtpproxy.minport: Minimum port used by rtpengine for RTP traffic.
rtpproxy.rtp_timeout: Maximum limit in seconds for a call (6h).
rtpproxy.rtp_timeout_onhold: Maximum limit in seconds for an onhold (1h).

A.1.26. security

The following is the security section:

security:
  firewall:
    blacklist_networks_4: ~
    blacklist_networks_6: ~
    enable: 'yes'
    sipwise_support_access: 'no'
    whitelist_networks_4: ~
    whitelist_networks_6: ~

security.firewall.enable: Enable/Disable security configuration for IPv6 and IPv6 (sysctl_ipv6.conf, sysctl_ipv4.conf).

A.1.27. sems

The following is the SEMS section:

sems:
  bindport: 5080
  conference:
    enable: 'yes'
    max_participants: 10
  debug: 'no'
  highport: 50000
  lowport: 40001
  media_processor_threads: 10
  prepaid:
    enable: 'yes'
  sbc:
    calltimer_enable: 'yes'
    calltimer_max: 3600
    outbound_timeout: 6000
    sdp_filter:
      codecs: PCMA,PCMU,telephone-event
      enable: 'yes'
      mode: whitelist
    session_timer:
      enable: 'yes'
      max_timer: 7200
      min_timer: 90
      session_expires: 300
  session_processor_threads: 10
  vsc:
    block_override_code: 80
    cfb_code: 90
    cfna_code: 93
    cft_code: 92
    cfu_code: 72
    clir_code: 31
    directed_pickup_code: 99
    enable: 'yes'
    park_code: 97
    reminder_code: 55
    speedial_code: 50
    unpark_code: 98
    voicemail_number: 2000
  xmlrpcport: 8090

sems.conference.enable: Enable/Disable conference feature.
sems.conference.max_participants: Sets the number of concurrent participant.
sems.highport: Maximum ports used by sems for RTP traffic.
sems.debug: Enable/Disable debug mode.
sems.lowport: Minimum ports used by sems for RTP traffic.
sems.prepaid.enable: Enable/Disable prepaid feature.
sems.sbc.calltimer_max: Sets the maximum call duration for inter-domain calls.
sems.sbc.outbound_timeout:: Sets the maximum call duration for outboud calls.
sems.sbc.session_timer.enable: Enable/Disable session timers (deprecated, use the web interface configuration).
sems.vsc.*: Define here the VSC codes.

A.1.28. sshd

The following is the sshd section:

sshd:
  listen_addresses:
    - 0.0.0.0

sshd: specify interface where SSHD should run on. By default sshd listens on all IPs found in network.yml with type ssh_ext. Unfortunately sshd can be limited to IPs only and not to interfaces. The current option makes it possible to specify allowed IPs (or all IPs with 0.0.0.0).

A.1.29. voisniff

The following is the voice sniffer section:

voisniff:
  admin_panel: 'no'
  daemon:
    bpf: 'port 5060 or 5062 or ip6 proto 44 or ip[6:2] & 0x1fff != 0'
    external_interfaces: 'eth0 eth1'
    filter:
      exclude:
        -
          active: 0
          case_insensitive: 1
          pattern: '\ncseq: *\d+ +(register|notify|options)'
      include: []
    internal_interfaces: lo
    mysql_dump_threads: 4
    start: 'no'
    threads_per_interface: 10
  partitions:
    increment: 700000
    keep: 10

voisniff.admin_panel: Enable/Disable SIP STATS on Admin interface. Default is no.
voisniff.deamon.external_interfaces: Define binding interfaces.
voisniff.deamon.start: Change to yes if you want voisniff start at boot. Default is no.

A.1.30. www_admin

The following is the WEB Admin interface (www_admin) section:

www_admin:
  ac_dial_prefix: 0
  apache:
    autoprov_port: 1444
  billing_features: 1
  callingcard_features: 0
  callthru_features: 0
  cc_dial_prefix: 00
  conference_features: 1
  contactmail: adjust@example.org
  dashboard:
    enabled: 1
  default_admin_settings:
    call_data: 0
    is_active: 1
    is_master: 0
    read_only: 0
    show_passwords: 1
  domain:
    preference_features: 1
    rewrite_features: 1
    vsc_features: 0
  fastcgi_workers: 2
  fax_features: 1
  fees_csv:
    element_order:
      - source
      - destination
      - direction
      - zone
      - zone_detail
      - onpeak_init_rate
      - onpeak_init_interval
      - onpeak_follow_rate
      - onpeak_follow_interval
      - offpeak_init_rate
      - offpeak_init_interval
      - offpeak_follow_rate
      - offpeak_follow_interval
      - use_free_time
  http_admin:
    autoprov_port: 1444
    port: 1443
    serveradmin: support@sipwise.com
    servername: "\"myserver\""
    ssl_enable: 'yes'
    sslcertfile: '/etc/ngcp-config/ssl/myserver.crt'
    sslcertkeyfile: '/etc/ngcp-config/ssl/myserver.key'
  http_csc:
    autoprov_bootstrap_port: 1445
    autoprov_port: 1444
    port: 443
    serveradmin: support@sipwise.com
    servername: "\"myserver\""
    ssl_enable: 'yes'
    sslcertfile: '/etc/ngcp-config/ssl/myserver.crt'
    sslcertkeyfile: '/etc/ngcp-config/ssl/myserver.key'
  logging:
    apache:
      acc:
        facility: daemon
        identity: oss
        level: info
      err:
        facility: local7
        level: info
  peer:
    preference_features: 1
  peering_features: 1
  security:
    password_allow_recovery: 0
    password_max_length: 40
    password_min_length: 6
    password_musthave_digit: 0
    password_musthave_lowercase: 1
    password_musthave_specialchar: 0
    password_musthave_uppercase: 0
    password_sip_autogenerate: 0
    password_sip_expose_subadmin: 1
    password_web_autogenerate: 0
    password_web_expose_subadmin: 1
  speed_dial_vsc_presets:
    vsc:
      - '*0'
      - '*1'
      - '*2'
      - '*3'
      - '*4'
      - '*5'
      - '*6'
      - '*7'
      - '*8'
      - '*9'
  subscriber:
    auto_allow_cli: 0
    extension_features: 0
  voicemail_features: 1

www_admin.http_admin.*: Define the Administration interface and certificates.
www_admin.http_csc.*: Define the Customers interface and certificates.
www_admin.contactmail: Email to show in the GUI’s Error page.