Bruno Lopes F. Cabral wrote:
But why do you want to force users to register?
perhaps because all calls must be payed, or to prevent non-registered (i.e. blocked) users to place calls to outside...
If users have to proxy_authenticate() when calling, there's no problem with accounting.
Explicitely blocked users can be handled with groups, so you can differ between incoming-blocked and outgoing-blocked, e.a.:
# proxy_authenticate() here, then:
if(method == "INVITE") { if(!check_from()) { # spoofed From-URI, send 403 here break; }
if(is_user_in("credentials", "outblocked")) { # outgoing call attempt of blocked user, deflect to announcement # or send 403 here break; }
if(does_uri_exist() && is_user_in("Request-URI", "inblocked")) { # incoming call to local blocked user, see above break; } }
and use serctl for blocking users: "serctl acl grant <user> outblocked"
So still no need to register.
but it would also prevent outside calls to registered (local) users to be placed, am I right?
Only if the caller can't proxy_authenticate(). If there are for example PSTN gateways which don't authenticate, you've to create some kind of "trusted network", e.a.:
if(method == "INVITE") { if(!(src_ip==gw1.your.domain || src_ip==gw2.your.domain)) { if(!proxy_authenticate(...)) { # untrusted caller failed to authenticate proxy_challenge(...); break; } } else { # trusted sources don't have to authenticate } }
Hope this helps, Andy