FreeSWITCH is an open-source project. It took over the VoIP/SIP user-agent from Nokia Research used in Maemo/MeeGo: Sofia-SIP. Besides the agents in Nokia Series 40 and Nokia Symbian/S60, the third implementation within Nokia, not in a row but in parallel. Go figure! The company SignalWire provides the infrastructure to contribute. Its business model seems to be in-person training. That would explain why that company considers everything, even non-functional features like software usability, software security, and documentation, as best-effort. I regularly end up in the source code, even just to find all possible options for daily parameters. Several graphical frontends exist … if you find one which is not just visualization but an abstraction (and therefore something which makes FreeSWITCH more usable), drop me an E-mail!
Although FreeSWITCH is a Back-to-Back User Agent (B2BUA), the example below shows just one back = side, the external registration at a provider.
| $PREFIX/freeswitch/conf/sip_profiles/external-ipv6/ | <include> <gateway name="host"> <param name="username" value="user" /> <param name="password" value="password" /> <param name="register-transport" value="tls" /> </gateway> </include> |
| $PREFIX/freeswitch/conf/sip_profiles/external-ipv6.xml | <param name="tls-cert-dir" value="/etc/ssl/certs/" /> <param name="tls-verify-policy" value="subjects_out" /> <param name="tls-verify-depth" value="100" /> <param name="tls-ciphers" value="DEFAULT@SECLEVEL=2"/> |
| $PREFIX/freeswitch/conf/vars.xml | <X-PRE-PROCESS cmd="set" data="external_ssl_enable=true" /> |
| $PREFIX/freeswitch/conf/dialplan/ | <extension name="my_registration"> <condition field="destination_number" expression="^(…)$"> <action application="export" data="nolocal:rtp_secure_media=optional:AES_CM_128_HMAC_SHA1_80" /> <action application="bridge" data="sofia/gateway/host/$1" /> </condition> </extension> which is RTP/SAVP + RTP/AVP. Alternatively, you specify that rtp_secure_media setting within the file vars.xml. In the example above, you have to replace host (two times), password, and user. Furthermore, the expression in the dialplan is a Regular Expression, and you have to enter something within the brackets, like a phone number, range of numbers, or allow SIP-URIs. |
| DNS-NAPTR: | missing |
| Named Curves: | just P-256, no P-384, or X448; questions its AES-256 sRTP support Mitigation: reverse commit 58d205d and then e83a2e5 because since OpenSSL 1.1 chooses the curve automatically |
| IPv4/IPv6: | not Dual Stack capable automatically Mitigation: select the IP version explicitly |
| OsRTP: | treated as a software bug, proposed NDLB-allow-crypto-in-avp does not work either [1, 2, 3, 4, 5, 6] as FreeSWITCH still gives: a=crypto in RTP/AVP, refer to rfc3711 or m=audio 0 RTP/AVP 19 |
| DiffServ: | missing |
| Responsible Disclosure: | untested |
| Firmware Update: | Automation for latest Debian missing Newsletter, although there is a mailing list |