This moves some basic settings into vars.xml so you don't have to touch the sip profiles to enable tls or change the ports.

git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@9914 d0543943-73ff-0310-b7d9-9358b9ac24b2

conf/sip_profiles/external.xml

@@ -18,7 +18,7 @@
     <param name="debug" value="0"/>
     <param name="sip-trace" value="no"/>
     <param name="rfc2833-pt" value="101"/>
-    <param name="sip-port" value="5080"/>
+    <param name="sip-port" value="$${external_sip_port}"/>
     <param name="dialplan" value="XML"/>
     <param name="context" value="public"/>
     <param name="dtmf-duration" value="100"/>
@@ -60,8 +60,8 @@
     <param name="tls" value="$${external_ssl_enable}"/>
     <!-- additional bind parameters for TLS -->
     <param name="tls-bind-params" value="transport=tls"/>
-    <!-- Port to listen on for TLS requests. (5061 will be used if unspecified) -->
-    <param name="tls-sip-port" value="5081"/>
+    <!-- Port to listen on for TLS requests. (5081 will be used if unspecified) -->
+    <param name="tls-sip-port" value="$${external_tls_port}"/>
     <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
     <param name="tls-cert-dir" value="$${external_ssl_dir}"/>
     <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->

conf/sip_profiles/internal-ipv6.xml

@@ -11,7 +11,7 @@
     <param name="context" value="public"/>
     <param name="rfc2833-pt" value="101"/>
     <!-- port to bind to for sip traffic -->
-    <param name="sip-port" value="5060"/>
+    <param name="sip-port" value="$${internal_sip_port}"/>
     <param name="dialplan" value="XML"/>
     <param name="dtmf-duration" value="100"/>
     <param name="codec-prefs" value="$${global_codec_prefs}"/>
@@ -44,15 +44,15 @@
     <!--<param name="unregister-on-options-fail" value="true"/>-->
 
     <!-- TLS: disabled by default, set to "true" to enable -->
-    <param name="tls" value="false"/>
+    <param name="tls" value="$${internal_ssl_enable}"/>
     <!-- additional bind parameters for TLS -->
     <param name="tls-bind-params" value="transport=tls"/>
     <!-- Port to listen on for TLS requests. (5061 will be used if unspecified) -->
-    <param name="tls-sip-port" value="5061"/>
+    <param name="tls-sip-port" value="$${internal_tls_port}"/>
     <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
-    <param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/>
+    <param name="tls-cert-dir" value="$${internal_ssl_dir}"/>
     <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
-    <param name="tls-version" value="tlsv1"/>
+    <param name="tls-version" value="$${sip_tls_version}"/>
     
     <!--If you don't want to pass through timestampes from 1 RTP call to another (on a per call basis with rtp_rewrite_timestamps chanvar)-->
     <!--<param name="rtp-rewrite-timestamps" value="true"/>-->
@@ -88,7 +88,7 @@
     <!--<param name="NDLB-broken-auth-hash" value="true"/>-->
     <!-- add a ;received="<ip>:<port>" to the contact when replying to register for nat handling -->
     <!--<param name="NDLB-received-in-nat-reg-contact" value="true"/>-->
-    <param name="auth-calls" value="true"/>
+    <param name="auth-calls" value="$${internal_auth_calls}"/>
     <!-- on authed calls, authenticate *all* the packets not just invite -->
     <param name="auth-all-packets" value="false"/>
     <!-- <param name="ext-rtp-ip" value="$${external_rtp_ip}"/> -->
@@ -114,13 +114,13 @@
     <!--<param name="stun-auto-disable" value="true"/>-->
 
     <!-- TLS: disabled by default, set to "true" to enable -->
-    <param name="tls" value="$${internal_ip6_ssl_enable}"/>
+    <param name="tls" value="$${internal_ssl_enable}"/>
     <!-- additional bind parameters for TLS -->
     <param name="tls-bind-params" value="transport=tls"/>
     <!-- Port to listen on for TLS requests. (5061 will be used if unspecified) -->
-    <param name="tls-sip-port" value="5061"/>
+    <param name="tls-sip-port" value="$${internal_tls_port}"/>
     <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
-    <param name="tls-cert-dir" value="$${internal_ip6_ssl_dir}"/>
+    <param name="tls-cert-dir" value="$${internal_ssl_dir}"/>
     <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
     <param name="tls-version" value="$${sip_tls_version}"/>
 

conf/sip_profiles/internal.xml

@@ -41,7 +41,7 @@
     <param name="context" value="public"/>
     <param name="rfc2833-pt" value="101"/>
     <!-- port to bind to for sip traffic -->
-    <param name="sip-port" value="5060"/>
+    <param name="sip-port" value="$${internal_sip_port}"/>
     <param name="dialplan" value="XML"/>
     <param name="dtmf-duration" value="100"/>
     <param name="codec-prefs" value="$${global_codec_prefs}"/>
@@ -88,7 +88,7 @@
     <!-- additional bind parameters for TLS -->
     <param name="tls-bind-params" value="transport=tls"/>
     <!-- Port to listen on for TLS requests. (5061 will be used if unspecified) -->
-    <param name="tls-sip-port" value="5061"/>
+    <param name="tls-sip-port" value="$${internal_tls_port}"/>
     <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
     <param name="tls-cert-dir" value="$${internal_ssl_dir}"/>
     <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
@@ -128,7 +128,7 @@
     <!--<param name="NDLB-broken-auth-hash" value="true"/>-->
     <!-- add a ;received="<ip>:<port>" to the contact when replying to register for nat handling -->
     <!--<param name="NDLB-received-in-nat-reg-contact" value="true"/>-->
-    <param name="auth-calls" value="true"/>
+    <param name="auth-calls" value="$${internal_auth_calls}"/>
     <!-- on authed calls, authenticate *all* the packets not just invite -->
     <param name="auth-all-packets" value="false"/>
     <!-- <param name="ext-rtp-ip" value="$${external_rtp_ip}"/> -->

conf/vars.xml

@@ -130,15 +130,20 @@
   <X-PRE-PROCESS cmd="set" data="default_provider_contact=5000"/>
 
   <!--
-      TLS default settings
+      SIP and TLS settings.
   -->
   <X-PRE-PROCESS cmd="set" data="sip_tls_version=tlsv1"/>
+
   <!-- Internal SIP Profile -->
+  <X-PRE-PROCESS cmd="set" data="internal_auth_calls=true"/>
+  <X-PRE-PROCESS cmd="set" data="internal_sip_port=5060"/>
+  <X-PRE-PROCESS cmd="set" data="internal_tls_port=5061"/>
   <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=false"/>
   <X-PRE-PROCESS cmd="set" data="internal_ssl_dir=$${base_dir}/conf/ssl"/>
-  <!-- Internal IPv6 SIP Profile -->
-  <X-PRE-PROCESS cmd="set" data="internal_ip6_ssl_enable=false"/>
-  <X-PRE-PROCESS cmd="set" data="internal_ip6_ssl_dir=$${base_dir}/conf/ssl"/>
+
   <!-- External SIP Profile -->
+  <X-PRE-PROCESS cmd="set" data="external_auth_calls=false"/>
+  <X-PRE-PROCESS cmd="set" data="external_sip_port=5080"/>
+  <X-PRE-PROCESS cmd="set" data="external_tls_port=5081"/>
   <X-PRE-PROCESS cmd="set" data="external_ssl_enable=false"/>
   <X-PRE-PROCESS cmd="set" data="external_ssl_dir=$${base_dir}/conf/ssl"/>