Hi<br>
I am using check_to() and check_from() for this issue, something like:<br>
<br>
<br>
if (method == "REGISTER") {<br>
<br>
log(1, "ANALYZING REGISTER REQUEST\n");<br>
# to use digest authentication<br>
if (is_user_in("Request-URI", "deactivated")) {<br>
sl_send_reply("402", "Su cuenta fue desactivada");<br>
break;<br>
};<br>
<br>
if (!www_authorize("<a href="http://mydomain.com.pe">mydomain.com.pe</a>", "subscriber")) {<br>
log(1," ----- Fails to Register
\n");<br>
www_challenge("<a href="http://mydomain.com.pe">mydomain.com.pe</a>", "0");<br>
break;<br>
};<br>
<br>
# only signed users are allowed<br>
if (!check_to()) {<br>
log(1, "LOG: Hijack!!!--> unsigned user registration attempt\n");<br>
sl_send_reply("403", "hijack attempt!!!! Only signed users are
allowed");<br>
break;<br>
};<br>
log(1," Registered!!! \n");<br>
if (!save("location")) {<br>
sl_reply_error();<br>
};<br>
break;<br>
};<br>
<br>
<br>
# First check the source of the call<br>
#***********************************<br>
# If the call comes from the gateways, no authentication is required.<br>
if (src_ip==200.x.x.x || src_ip==200.y.y.y) {<br>
log(1,"Call from pstn|*, no authentication is required. \n");<br>
<br>
# If the call comes from B2BUA, no authentication is required.<br>
# The first leg of the call has already been authenticated.<br>
} else if (src_ip==200.z.z.z && src_port==5070) {<br>
log(1,"Call from B2BUA, no authentication is required. \n");<br>
} else {<br>
# We check user credentials<br>
if ((method == "INVITE" || method== "CANCEL" || method== "BYE" ||
method== "ACK") && (!src_ip==200.z.z.z &&
!src_port==5070)){<br>
log(1, "ANALYZING INVITE||CANCEL REQUESTs\n");<br>
if (!proxy_authorize("<a href="http://mydomain.com.pe">mydomain.com.pe</a>", "subscriber")) {<br>
# log(1," ----- Fails to ...proxy_authorize \n");<br>
proxy_challenge("<a href="http://mydomain.com.pe">mydomain.com.pe</a>", "0");<br>
break;<br>
} else {<br>
if (method == "INVITE" && !check_from()) {<br>
sl_send_reply("403", "Only registered users are allowed");<br>
log(1," ----> Only registered users are allowed \n");<br>
break;<br>
};<br>
};<br>
<br>
....<br>
<br>
slds.-<br>
Rafael Risco<br>
<br><br><div><span class="gmail_quote">On 9/5/05, <b class="gmail_sendername">Raymond Chen</b> <<a href="mailto:rchen@broadz.com">rchen@broadz.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<p><font face="Verdana" size="2"><span style="font-size: 10pt; font-family: Verdana;">Dear all,</span></font></p>
<p><font face="Verdana" size="2"><span style="font-size: 10pt; font-family: Verdana;"> </span></font></p>
<p><font face="Verdana" size="2"><span style="font-size: 10pt; font-family: Verdana;">We want to prevent people dial out to PSTN without
registering, how to check from header again location table?</span></font></p>
<p><font face="Verdana" size="2"><span style="font-size: 10pt; font-family: Verdana;"> </span></font></p>
<p><font face="Verdana" size="2"><span style="font-size: 10pt; font-family: Verdana;">Ray</span></font></p>
<p><font face="Verdana" size="2"><span style="font-size: 10pt; font-family: Verdana;"> </span></font></p>
</div>
<br>_______________________________________________<br>Users mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:Users@openser.org">Users@openser.org</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://openser.org/cgi-bin/mailman/listinfo/users" target="_blank">
http://openser.org/cgi-bin/mailman/listinfo/users</a><br><br><br></blockquote></div><br><br clear="all"><br>-- <br><br>rrgv