configs: Move sample config files into a subdirectory of configs

This moves all samples configs from configs/ to configs/samples. This allows
for additional sets of sample configuration files to be added in the future.

Review: https://reviewboard.asterisk.org/r/3804/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@418870 65c4cc65-6c06-0410-ace0-fbb531ad65f3

1 files changed, 749 insertions, 0 deletions

diff --git a/configs/samples/pjsip.conf.sample b/configs/samples/pjsip.conf.sample
new file mode 100644
index 000000000..3aa05a96b
--- /dev/null
+++ b/configs/samples/pjsip.conf.sample
@@ -0,0 +1,749 @@
+; PJSIP Configuration Samples and Quick Reference
+;
+; This file has several very basic configuration examples, to serve as a quick
+; reference to jog your memory when you need to write up a new configuration.
+; It is not intended to teach PJSIP configuration or serve as an exhaustive
+; reference of options and potential scenarios.
+;
+; This file has two main sections.
+; First, manually written examples to serve as a handy reference.
+; Second, a list of all possible PJSIP config options by section. This is
+; pulled from the XML config help. It only shows the synopsis for every item.
+; If you want to see more detail please check the documentation sources
+; mentioned at the top of this file.
+
+; Documentation
+;
+; The official documentation is at http://wiki.asterisk.org
+; You can read the XML configuration help via Asterisk command line with
+; "config show help res_pjsip", then you can drill down through the various
+; sections and their options.
+;
+
+;========!!!!!!!!!!!!!!!!!!!  SECURITY NOTICE  !!!!!!!!!!!!!!!!!!!!===========
+;
+; At a minimum please read the file "README-SERIOUSLY.bestpractices.txt",
+; located in the Asterisk source directory before starting Asterisk.
+; Otherwise you risk allowing the security of the Asterisk system to be
+; compromised. Beyond that please visit and read the security information on
+; the wiki at: https://wiki.asterisk.org/wiki/x/EwFB
+;
+; A few basics to pay attention to:
+;
+; Anonymous Calls
+;
+; By default anonymous inbound calls via PJSIP are not allowed. If you want to
+; route anonymous calls you'll need to define an endpoint named "anonymous".
+; res_pjsip_endpoint_identifier_anonymous.so handles that functionality so it
+; must be loaded. It is not recommended to accept anonymous calls.
+;
+; Access Control Lists
+;
+; See the example ACL configuration in this file. Read the configuration help
+; for the section and all of its options. Look over the samples in acl.conf
+; and documentation at https://wiki.asterisk.org/wiki/x/uA80AQ
+; If possible, restrict access to only networks and addresses you trust.
+;
+; Dialplan Contexts
+;
+; When defining configuration (such as an endpoint) that links into
+; dialplan configuration, be aware of what that dialplan does. It's easy to
+; accidentally provide access to internal or outbound dialing extensions which
+; could cost you severely. The "context=" line in endpoint configuration
+; determines which dialplan context inbound calls will enter into.
+;
+;=============================================================================
+
+; Overview of Configuration Section Types Used in the Examples
+;
+; * Transport "transport"
+;   * Configures res_pjsip transport layer interaction.
+; * Endpoint "endpoint"
+;   * Configures core SIP functionality related to SIP endpoints.
+; * Authentication "auth"
+;   * Stores inbound or outbound authentication credentials for use by trunks,
+;     endpoints, registrations.
+; * Address of Record "aor"
+;   * Stores contact information for use by endpoints.
+; * Endpoint Identification "identify"
+;   * Maps a host directly to an endpoint
+; * Access Control List "acl"
+;   * Defines a permission list or references one stored in acl.conf
+; * Registration "registration"
+;   * Contains information about an outbound SIP registration
+
+; The following sections show example configurations for various scenarios.
+; Most require a couple or more configuration types configured in concert.
+
+;=============================================================================
+
+; Naming of Configuration Sections
+;
+; Configuration section names are denoted with enclosing brackets,
+; e.g. [6001]
+; In most cases, you can name a section whatever makes sense to you. For example
+; you might name a transport [transport-udp-nat] to help you remember how that
+; section is being used. However, in some cases, ("endpoint" and "aor" types)
+; the section name has a relationship to its function.
+;
+; Depending on the modules loaded, Asterisk can match SIP requests to an
+; endpoint or aor in a few ways:
+;
+; 1) Match a section name for endpoint type sections to the username in the
+;    "From" header of inbound SIP requests.
+; 2) Match a section name for aor type sections to the username in the "To"
+;    header of inbound SIP REGISTER requests.
+; 3) With an identify type section configured, match an inbound SIP request of
+;    any type to an endpoint or aor based on the IP source address of the
+;    request.
+;
+; Note that sections can have the same name as long as their "type" options are
+; set to different values. In most cases it makes sense to have associated
+; configuration sections use the same name, as you'll see in the examples within
+; this file.
+
+;===============EXAMPLE TRANSPORTS============================================
+;
+; A few examples for potential transport options.
+;
+; For the NAT transport example, be aware that the options starting with
+; the prefix "external_" will only apply to communication with addresses
+; outside the range set with "local_net=".
+;
+; IPv6: For endpoints using IPv6, remember to set "rtp_ipv6=yes" so that the RTP
+; engine will also be able to bind to an IPv6 address.
+;
+; You can have more than one of any type of transport, as long as it doesn't
+; use the same resources (bind address, port, etc) as the others.
+
+; Basic UDP transport
+;
+;[transport-udp]
+;type=transport
+;protocol=udp    ;udp,tcp,tls,ws,wss
+;bind=0.0.0.0
+
+; UDP transport behind NAT
+;
+;[transport-udp-nat]
+;type=transport
+;protocol=udp
+;bind=0.0.0.0
+;local_net=192.0.2.0/24
+;external_media_address=203.0.113.1
+;external_signaling_address=203.0.113.1
+
+; Basic IPv6 UDP transport
+;
+;[transport-udp-ipv6]
+;type=transport
+;protocol=udp
+;bind=::
+
+; Example IPv4 TLS transport
+;
+;[transport-tls]
+;type=transport
+;protocol=tls
+;bind=0.0.0.0
+;cert_file=/path/mycert.crt
+;priv_key_file=/path/mykey.key
+;cipher=ALL
+;method=tlsv1
+
+
+;===============OUTBOUND REGISTRATION WITH OUTBOUND AUTHENTICATION============
+;
+; This is a simple registration that works with some SIP trunking providers.
+; You'll need to set up the auth example "mytrunk_auth" below to enable outbound
+; authentication. Note that we "outbound_auth=" use for outbound authentication
+; instead of "auth=", which is for inbound authentication.
+;
+; If you are registering to a server from behind NAT, be sure you assign a transport
+; that is appropriately configured with NAT related settings. See the NAT transport example.
+;
+; "contact_user=" sets the SIP contact header's user portion of the SIP URI
+; this will affect the extension reached in dialplan when the far end calls you at this
+; registration. The default is 's'.
+
+;[mytrunk]
+;type=registration
+;transport=transport-udp
+;outbound_auth=mytrunk_auth
+;server_uri=sip:sip.example.com
+;client_uri=sip:1234567890@sip.example.com
+;contact_user=1234567890
+;retry_interval=60
+;forbidden_retry_interval=600
+;expiration=3600
+
+;[mytrunk_auth]
+;type=auth
+;auth_type=userpass
+;password=1234567890
+;username=1234567890
+;realm=sip.example.com
+
+;===============ENDPOINT CONFIGURED AS A TRUNK, OUTBOUND AUTHENTICATION=======
+;
+; This is one way to configure an endpoint as a trunk. It is set up with
+; "outbound_auth=" to enable authentication when dialing out through this
+; endpoint. There is no inbound authentication set up since a provider will
+; not normally authenticate when calling you.
+;
+; The identify configuration enables IP address matching against this endpoint.
+; For calls from a trunking provider, the From user may be different every time,
+; so we want to match against IP address instead of From user.
+;
+; If you want the provider of your trunk to know where to send your calls
+; you'll need to use an outbound registration as in the example above this
+; section.
+;
+; NAT
+;
+; At a basic level configure the endpoint with a transport that is set up
+; with the appropriate NAT settings. There may be some additional settings you
+; need here based on your NAT/Firewall scenario. Look to the CLI config help
+; "config show help res_pjsip endpoint" or on the wiki for other NAT related
+; options and configuration. We've included a few below.
+;
+; AOR
+;
+; Endpoints use one or more AOR sections to store their contact details.
+; You can define multiple contact addresses in SIP URI format in multiple
+; "contact=" entries.
+;
+
+;[mytrunk]
+;type=endpoint
+;transport=transport-udp
+;context=from-external
+;disallow=all
+;allow=ulaw
+;outbound_auth=mytrunk_auth
+;aors=mytrunk
+;                   ;A few NAT relevant options that may come in handy.
+;force_rport=yes    ;It's a good idea to read the configuration help for each
+;direct_media=no    ;of these options.
+;ice_support=yes
+
+;[mytrunk]
+;type=aor
+;contact=sip:198.51.100.1:5060
+;contact=sip:198.51.100.2:5060
+
+;[mytrunk]
+;type=identify
+;endpoint=mytrunk
+;match=198.51.100.1
+;match=198.51.100.2
+
+
+;=============ENDPOINT CONFIGURED AS A TRUNK, INBOUND AUTH AND REGISTRATION===
+;
+; Here we are allowing a remote device to register to Asterisk and requiring
+; that they authenticate for registration and calls.
+; You'll note that this configuration is essentially the same as configuring
+; an endpoint for use with a SIP phone.
+
+
+;[7000]
+;type=endpoint
+;context=from-external
+;disallow=all
+;allow=ulaw
+;transport=transport-udp
+;auth=7000
+;aors=7000
+
+;[7000]
+;type=auth
+;auth_type=userpass
+;password=7000
+;username=7000
+
+;[7000]
+;type=aor
+;max_contacts=1
+
+
+;===============ENDPOINT CONFIGURED FOR USE WITH A SIP PHONE==================
+;
+; This example includes the endpoint, auth and aor configurations. It
+; requires inbound authentication and allows registration, as well as references
+; a transport that you'll need to uncomment from the previous examples.
+;
+; Uncomment one of the transport lines to choose which transport you want. If
+; not specified then the default transport chosen is the first defined transport
+; in the configuration file.
+;
+; Modify the "max_contacts=" line to change how many unique registrations to allow.
+;
+; Use the "contact=" line instead of max_contacts= if you want to statically
+; define the location of the device.
+;
+; If using the TLS enabled transport, you may want the "media_encryption=sdes"
+; option to additionally enable SRTP, though they are not mutually inclusive.
+;
+; Use the "rtp_ipv6=yes" option if you want to utilize RTP over an ipv6 transport.
+;
+; If this endpoint were remote, and it was using a transport configured for NAT
+; then you likely want to use "direct_media=no" to prevent audio issues.
+
+
+;[6001]
+;type=endpoint
+;transport=transport-udp
+;context=from-internal
+;disallow=all
+;allow=ulaw
+;allow=gsm
+;auth=6001
+;aors=6001
+;
+; A few more transports to pick from, and some related options below them.
+;
+;transport=transport-tls
+;media_encryption=sdes
+;transport=transport-udp-ipv6
+;rtp_ipv6=yes
+;transport=transport-udp-nat
+;direct_media=no
+;
+; MWI related options
+
+;aggregate_mwi=yes
+;mailboxes=6001@default,7001@default
+;mwi_from_user=6001
+;
+; Extension and Device state options
+;
+;device_state_busy_at=1
+;allow_subscribe=yes
+;sub_min_expiry=30
+
+;[6001]
+;type=auth
+;auth_type=userpass
+;password=6001
+;username=6001
+
+;[6001]
+;type=aor
+;max_contacts=1
+;contact=sip:6001@192.0.2.1:5060
+
+;===============ENDPOINT BEHIND NAT OR FIREWALL===============================
+;
+; This example assumes your transport is configured with a public IP and the
+; endpoint itself is behind NAT and maybe a firewall, rather than having
+; Asterisk behind NAT. For the sake of simplicity, we'll assume a typical
+; VOIP phone. The most important settings to configure are:
+;
+;  * direct_media, to ensure Asterisk stays in the media path
+;  * rtp_symmetric and force_rport options to help the far-end NAT/firewall
+;
+; Depending on the settings of your remote SIP device or NAT/firewall device
+; you may have to experiment with a combination of these settings.
+;
+; If both Asterisk and the remote phones are a behind NAT/firewall then you'll
+; have to make sure to use a transport with appropriate settings (as in the
+; transport-udp-nat example).
+;
+;[6002]
+;type=endpoint
+;transport=transport-udp
+;context=from-internal
+;disallow=all
+;allow=ulaw
+;auth=6002
+;aors=6002
+;direct_media=no
+;rtp_symmetric=yes
+;force_rport=yes
+;ice_support=yes   ;This is specific to clients that support NAT traversal
+                   ;for media via ICE,STUN,TURN. See the wiki at:
+                   ;https://wiki.asterisk.org/wiki/x/D4FHAQ
+                   ;for a deeper explanation of this topic.
+
+;[6002]
+;type=auth
+;auth_type=userpass
+;password=6002
+;username=6002
+
+;[6002]
+;type=aor
+;max_contacts=2
+
+
+;============EXAMPLE ACL CONFIGURATION==========================================
+;
+; The ACL or Access Control List section defines a set of permissions to permit
+; or deny access to various address or addresses. Alternatively it references an
+; ACL configuration already set in acl.conf.
+;
+; The ACL configuration is independent of individual endpoint configuration and
+; operates on all inbound SIP communication using res_pjsip.
+
+; Reference an ACL defined in acl.conf.
+;
+;[acl]
+;type=acl
+;acl=example_named_acl1
+
+; Reference a contactacl specifically.
+;
+;[acl]
+;type=acl
+;contact_acl=example_contact_acl1
+
+; Define your own ACL here in pjsip.conf and
+; permit or deny by IP address or range.
+;
+;[acl]
+;type=acl
+;deny=0.0.0.0/0.0.0.0
+;permit=209.16.236.0/24
+;deny=209.16.236.1
+
+; Restrict based on Contact Headers rather than IP.
+; Define options multiple times for various addresses or use a comma-delimited string.
+;
+;[acl]
+;type=acl
+;contact_deny=0.0.0.0/0.0.0.0
+;contact_permit=209.16.236.0/24
+;contact_permit=209.16.236.1
+;contact_permit=209.16.236.2,209.16.236.3
+
+; Restrict based on Contact Headers rather than IP and use
+; advanced syntax. Note the bang symbol used for "NOT", so we can deny
+; 209.16.236.12/32 within the permit= statement.
+;
+;[acl]
+;type=acl
+;contact_deny=0.0.0.0/0.0.0.0
+;contact_permit=209.16.236.0
+;permit=209.16.236.0/24, !209.16.236.12/32
+
+
+
+; MODULE PROVIDING BELOW SECTION(S): res_pjsip
+;==========================ENDPOINT SECTION OPTIONS=========================
+;[endpoint]
+;  SYNOPSIS: Endpoint
+;100rel=yes     ; Allow support for RFC3262 provisional ACK tags (default:
+                ; "yes")
+;aggregate_mwi=yes      ;  (default: "yes")
+;allow= ; Media Codec s to allow (default: "")
+;aors=  ; AoR s to be used with the endpoint (default: "")
+;auth=  ; Authentication Object s associated with the endpoint (default: "")
+;callerid=      ; CallerID information for the endpoint (default: "")
+;callerid_privacy=      ; Default privacy level (default: "")
+;callerid_tag=  ; Internal id_tag for the endpoint (default: "")
+;context=default        ; Dialplan context for inbound sessions (default:
+                        ; "default")
+;direct_media_glare_mitigation=none     ; Mitigation of direct media re INVITE
+                                        ; glare (default: "none")
+;direct_media_method=invite     ; Direct Media method type (default: "invite")
+;connected_line_method=invite   ; Connected line method type (default:
+                                ; "invite")
+;direct_media=yes       ; Determines whether media may flow directly between
+                        ; endpoints (default: "yes")
+;disable_direct_media_on_nat=no ; Disable direct media session refreshes when
+                                ; NAT obstructs the media session (default:
+                                ; "no")
+;disallow=      ; Media Codec s to disallow (default: "")
+;dtmf_mode=rfc4733      ; DTMF mode (default: "rfc4733")
+;media_address=         ; IP address used in SDP for media handling (default: "")
+;force_rport=yes        ; Force use of return port (default: "yes")
+;ice_support=no ; Enable the ICE mechanism to help traverse NAT (default: "no")
+;identify_by=username   ; Way s for Endpoint to be identified (default:
+                        ; "username")
+;redirect_method=user   ; How redirects received from an endpoint are handled
+                        ; (default: "user")
+;mailboxes=     ; Mailbox es to be associated with (default: "")
+;moh_suggest=default    ; Default Music On Hold class (default: "default")
+;outbound_auth= ; Authentication object used for outbound requests (default:
+                ; "")
+;outbound_proxy=        ; Proxy through which to send requests a full SIP URI
+                        ; must be provided (default: "")
+;rewrite_contact=no     ; Allow Contact header to be rewritten with the source
+                        ; IP address port (default: "no")
+;rtp_ipv6=no    ; Allow use of IPv6 for RTP traffic (default: "no")
+;rtp_symmetric=no       ; Enforce that RTP must be symmetric (default: "no")
+;send_diversion=yes     ; Send the Diversion header conveying the diversion
+                        ; information to the called user agent (default: "yes")
+;send_pai=no    ; Send the P Asserted Identity header (default: "no")
+;send_rpid=no   ; Send the Remote Party ID header (default: "no")
+;timers_min_se=90       ; Minimum session timers expiration period (default:
+                        ; "90")
+;timers=yes     ; Session timers for SIP packets (default: "yes")
+;timers_sess_expires=1800       ; Maximum session timer expiration period
+                                ; (default: "1800")
+;transport=     ; Desired transport configuration (default: "")
+;trust_id_inbound=no    ; Accept identification information received from this
+                        ; endpoint (default: "no")
+;trust_id_outbound=no   ; Send private identification details to the endpoint
+                        ; (default: "no")
+;type=  ; Must be of type endpoint (default: "")
+;use_ptime=no   ; Use Endpoint s requested packetisation interval (default:
+                ; "no")
+;use_avpf=no    ; Determines whether res_pjsip will use and enforce usage of
+                ; AVPF for this endpoint (default: "no")
+;media_encryption=no    ; Determines whether res_pjsip will use and enforce
+                        ; usage of media encryption for this endpoint (default:
+                        ; "no")
+;inband_progress=no     ; Determines whether chan_pjsip will indicate ringing
+                        ; using inband progress (default: "no")
+;call_group=    ; The numeric pickup groups for a channel (default: "")
+;pickup_group=  ; The numeric pickup groups that a channel can pickup (default:
+                ; "")
+;named_call_group=      ; The named pickup groups for a channel (default: "")
+;named_pickup_group=    ; The named pickup groups that a channel can pickup
+                        ; (default: "")
+;device_state_busy_at=0 ; The number of in use channels which will cause busy
+                        ; to be returned as device state (default: "0")
+;t38_udptl=no   ; Whether T 38 UDPTL support is enabled or not (default: "no")
+;t38_udptl_ec=none      ; T 38 UDPTL error correction method (default: "none")
+;t38_udptl_maxdatagram=0        ; T 38 UDPTL maximum datagram size (default:
+                                ; "0")
+;fax_detect=no  ; Whether CNG tone detection is enabled (default: "no")
+;t38_udptl_nat=no       ; Whether NAT support is enabled on UDPTL sessions
+                        ; (default: "no")
+;t38_udptl_ipv6=no      ; Whether IPv6 is used for UDPTL Sessions (default:
+                        ; "no")
+;tone_zone=     ; Set which country s indications to use for channels created
+                ; for this endpoint (default: "")
+;language=      ; Set the default language to use for channels created for this
+                ; endpoint (default: "")
+;one_touch_recording=no ; Determines whether one touch recording is allowed for
+                        ; this endpoint (default: "no")
+;record_on_feature=automixmon   ; The feature to enact when one touch recording
+                                ; is turned on (default: "automixmon")
+;record_off_feature=automixmon  ; The feature to enact when one touch recording
+                                ; is turned off (default: "automixmon")
+;rtp_engine=asterisk    ; Name of the RTP engine to use for channels created
+                        ; for this endpoint (default: "asterisk")
+;allow_transfer=yes     ; Determines whether SIP REFER transfers are allowed
+                        ; for this endpoint (default: "yes")
+;sdp_owner=-    ; String placed as the username portion of an SDP origin o line
+                ; (default: "-")
+;sdp_session=Asterisk   ; String used for the SDP session s line (default:
+                        ; "Asterisk")
+;tos_audio=0    ; DSCP TOS bits for audio streams (default: "0")
+;tos_video=0    ; DSCP TOS bits for video streams (default: "0")
+;cos_audio=0    ; Priority for audio streams (default: "0")
+;cos_video=0    ; Priority for video streams (default: "0")
+;allow_subscribe=yes    ; Determines if endpoint is allowed to initiate
+                        ; subscriptions with Asterisk (default: "yes")
+;sub_min_expiry=0       ; The minimum allowed expiry time for subscriptions
+                        ; initiated by the endpoint (default: "0")
+;from_user=     ; Username to use in From header for requests to this endpoint
+                ; (default: "")
+;mwi_from_user= ; Username to use in From header for unsolicited MWI NOTIFYs to
+                ; this endpoint (default: "")
+;from_domain=   ; Domain to user in From header for requests to this endpoint
+                ; (default: "")
+;dtls_verify=   ; Verify that the provided peer certificate is valid (default:
+                ; "")
+;dtls_rekey=    ; Interval at which to renegotiate the TLS session and rekey
+                ; the SRTP session (default: "")
+;dtls_cert_file=        ; Path to certificate file to present to peer (default:
+                        ; "")
+;dtls_private_key=      ; Path to private key for certificate file (default:
+                        ; "")
+;dtls_cipher=   ; Cipher to use for DTLS negotiation (default: "")
+;dtls_ca_file=  ; Path to certificate authority certificate (default: "")
+;dtls_ca_path=  ; Path to a directory containing certificate authority
+                ; certificates (default: "")
+;dtls_setup=    ; Whether we are willing to accept connections connect to the
+                ; other party or both (default: "")
+;srtp_tag_32=no ; Determines whether 32 byte tags should be used instead of 80
+                ; byte tags (default: "no")
+;set_var=       ; Variable set on a channel involving the endpoint. For multiple
+		; channel variables specify multiple 'set_var'(s)
+
+;==========================AUTH SECTION OPTIONS=========================
+;[auth]
+;  SYNOPSIS: Authentication type
+;auth_type=userpass     ; Authentication type (default: "userpass")
+;nonce_lifetime=32      ; Lifetime of a nonce associated with this
+                        ; authentication config (default: "32")
+;md5_cred=      ; MD5 Hash used for authentication (default: "")
+;password=      ; PlainText password used for authentication (default: "")
+;realm= ; SIP realm for endpoint (default: "")
+;type=  ; Must be auth (default: "")
+;username=      ; Username to use for account (default: "")
+
+
+;==========================DOMAIN_ALIAS SECTION OPTIONS=========================
+;[domain_alias]
+;  SYNOPSIS: Domain Alias
+;type=  ; Must be of type domain_alias (default: "")
+;domain=        ; Domain to be aliased (default: "")
+
+
+;==========================TRANSPORT SECTION OPTIONS=========================
+;[transport]
+;  SYNOPSIS: SIP Transport
+;async_operations=1     ; Number of simultaneous Asynchronous Operations
+                        ; (default: "1")
+;bind=  ; IP Address and optional port to bind to for this transport (default:
+        ; "")
+;ca_list_file=  ; File containing a list of certificates to read TLS ONLY
+                ; (default: "")
+;cert_file=     ; Certificate file for endpoint TLS ONLY (default: "")
+;cipher=        ; Preferred Cryptography Cipher TLS ONLY (default: "")
+;domain=        ; Domain the transport comes from (default: "")
+;external_media_address=        ; External IP address to use in RTP handling
+                                ; (default: "")
+;external_signaling_address=    ; External address for SIP signalling (default:
+                                ; "")
+;external_signaling_port=0      ; External port for SIP signalling (default:
+                                ; "0")
+;method=        ; Method of SSL transport TLS ONLY (default: "")
+;local_net=     ; Network to consider local used for NAT purposes (default: "")
+;password=      ; Password required for transport (default: "")
+;priv_key_file= ; Private key file TLS ONLY (default: "")
+;protocol=udp   ; Protocol to use for SIP traffic (default: "udp")
+;require_client_cert=   ; Require client certificate TLS ONLY (default: "")
+;type=  ; Must be of type transport (default: "")
+;verify_client= ; Require verification of client certificate TLS ONLY (default:
+                ; "")
+;verify_server= ; Require verification of server certificate TLS ONLY (default:
+                ; "")
+;tos=0  ; Enable TOS for the signalling sent over this transport (default: "0")
+;cos=0  ; Enable COS for the signalling sent over this transport (default: "0")
+;websocket_write_timeout=100    ; Default write timeout to set on websocket
+                                ; transports. This value may need to be adjusted
+                                ; for connections where Asterisk must write a
+                                ; substantial amount of data and the receiving
+                                ; clients are slow to process the received
+                                ; information. Value is in milliseconds; default
+                                ; is 100 ms.
+
+;==========================CONTACT SECTION OPTIONS=========================
+;[contact]
+;  SYNOPSIS: A way of creating an aliased name to a SIP URI
+;type=  ; Must be of type contact (default: "")
+;uri=   ; SIP URI to contact peer (default: "")
+;expiration_time=       ; Time to keep alive a contact (default: "")
+;qualify_frequency=0    ; Interval at which to qualify a contact (default: "0")
+;outbound_proxy=        ; Outbound proxy used when sending OPTIONS request
+                        ; (default: "")
+
+
+;==========================AOR SECTION OPTIONS=========================
+;[aor]
+;  SYNOPSIS: The configuration for a location of an endpoint
+;contact=       ; Permanent contacts assigned to AoR (default: "")
+;default_expiration=3600        ; Default expiration time in seconds for
+                                ; contacts that are dynamically bound to an AoR
+                                ; (default: "3600")
+;mailboxes=     ; Mailbox es to be associated with (default: "")
+;maximum_expiration=7200        ; Maximum time to keep an AoR (default: "7200")
+;max_contacts=0 ; Maximum number of contacts that can bind to an AoR (default:
+                ; "0")
+;minimum_expiration=60  ; Minimum keep alive time for an AoR (default: "60")
+;remove_existing=no     ; Determines whether new contacts replace existing ones
+                        ; (default: "no")
+;type=  ; Must be of type aor (default: "")
+;qualify_frequency=0    ; Interval at which to qualify an AoR (default: "0")
+;authenticate_qualify=no        ; Authenticates a qualify request if needed
+                                ; (default: "no")
+;outbound_proxy=        ; Outbound proxy used when sending OPTIONS request
+                        ; (default: "")
+
+
+;==========================SYSTEM SECTION OPTIONS=========================
+;[system]
+;  SYNOPSIS: Options that apply to the SIP stack as well as other system-wide settings
+;timer_t1=500   ; Set transaction timer T1 value milliseconds (default: "500")
+;timer_b=32000  ; Set transaction timer B value milliseconds (default: "32000")
+;compact_headers=no     ; Use the short forms of common SIP header names
+                        ; (default: "no")
+;threadpool_initial_size=0      ; Initial number of threads in the res_pjsip
+                                ; threadpool (default: "0")
+;threadpool_auto_increment=5    ; The amount by which the number of threads is
+                                ; incremented when necessary (default: "5")
+;threadpool_idle_timeout=60     ; Number of seconds before an idle thread
+                                ; should be disposed of (default: "60")
+;threadpool_max_size=0  ; Maximum number of threads in the res_pjsip threadpool
+                        ; A value of 0 indicates no maximum (default: "0")
+;type=  ; Must be of type system (default: "")
+
+;==========================GLOBAL SECTION OPTIONS=========================
+;[global]
+;  SYNOPSIS: Options that apply globally to all SIP communications
+;max_forwards=70        ; Value used in Max Forwards header for SIP requests
+                        ; (default: "70")
+;type=  ; Must be of type global (default: "")
+;user_agent=Asterisk PBX SVN-branch-12-r404375  ; Value used in User Agent
+                                                ; header for SIP requests and
+                                                ; Server header for SIP
+                                                ; responses (default: "Asterisk
+                                                ; PBX SVN-branch-12-r404375")
+;default_outbound_endpoint=default_outbound_endpoint    ; Endpoint to use when
+                                                        ; sending an outbound
+                                                        ; request to a URI
+                                                        ; without a specified
+                                                        ; endpoint (default: "d
+                                                        ; efault_outbound_endpo
+                                                        ; int")
+;debug=no ; Enable/Disable SIP debug logging.  Valid options include yes|no
+          ; or a host address (default: "no")
+
+
+; MODULE PROVIDING BELOW SECTION(S): res_pjsip_acl
+;==========================ACL SECTION OPTIONS=========================
+;[acl]
+;  SYNOPSIS: Access Control List
+;acl=   ; List of IP ACL section names in acl conf (default: "")
+;contact_acl=   ; List of Contact ACL section names in acl conf (default: "")
+;contact_deny=  ; List of Contact header addresses to deny (default: "")
+;contact_permit=        ; List of Contact header addresses to permit (default:
+                        ; "")
+;deny=  ; List of IP addresses to deny access from (default: "")
+;permit=        ; List of IP addresses to permit access from (default: "")
+;type=  ; Must be of type acl (default: "")
+
+
+
+
+; MODULE PROVIDING BELOW SECTION(S): res_pjsip_outbound_registration
+;==========================REGISTRATION SECTION OPTIONS=========================
+;[registration]
+;  SYNOPSIS: The configuration for outbound registration
+;auth_rejection_permanent=yes   ; Determines whether failed authentication
+                                ; challenges are treated as permanent failures
+                                ; (default: "yes")
+;client_uri=    ; Client SIP URI used when attemping outbound registration
+                ; (default: "")
+;contact_user=  ; Contact User to use in request (default: "")
+;expiration=3600        ; Expiration time for registrations in seconds
+                        ; (default: "3600")
+;max_retries=10 ; Maximum number of registration attempts (default: "10")
+;outbound_auth= ; Authentication object to be used for outbound registrations
+                ; (default: "")
+;outbound_proxy=        ; Outbound Proxy used to send registrations (default:
+                        ; "")
+;retry_interval=60      ; Interval in seconds between retries if outbound
+                        ; registration is unsuccessful (default: "60")
+;forbidden_retry_interval=0     ; Interval used when receiving a 403 Forbidden
+                                ; response (default: "0")
+;server_uri=    ; SIP URI of the server to register against (default: "")
+;transport=     ; Transport used for outbound authentication (default: "")
+;type=  ; Must be of type registration (default: "")
+
+
+
+
+; MODULE PROVIDING BELOW SECTION(S): res_pjsip_endpoint_identifier_ip
+;==========================IDENTIFY SECTION OPTIONS=========================
+;[identify]
+;  SYNOPSIS: Identifies endpoints via source IP address
+;endpoint=      ; Name of Endpoint (default: "")
+;match= ; IP addresses or networks to match against (default: "")
+;type=  ; Must be of type identify (default: "")