Re: [Serusers] Can´t CANCEL PSTN calls when using credentials

28 Mar 2005


      that´s great, below you can see the changes that works perfect using
check_to and check_from... now I am planning to do all this security
issues using radius modules and I found 2 problems:
1.- I have been able to authenticate and register users but when use
radius_is_user_in I don´t known what attribute to use for Request-URI
to verify if it belongs to a group "deactivated" in Register process
or verify if user is in "voicemail" group, same problem checking
"from" or "credentials"
...This is an example in freeradius user file:
6609876@10.0.1.22   Auth-Type := Digest, User-Password == "9876"
2.- There is no "check_to" or "check_from" functions in uri_radius
module... Is there any other way to do this using radius?
regards
Rafael
PS: config:
if (method == "REGISTER") {
                        log(1, "ANALYZING REGISTER REQUEST\n");
                        # to use digest authentication
                        if (is_user_in("Request-URI", "deactivated")) {
                                sl_send_reply("402", "Su cuenta fue
desactivada");
                                break;
                        };
if (!www_authorize("mydomain.com.pe", "subscriber")) {
                                www_challenge("mydomain.com.pe", "0");
                                break;
                        };
# only registered users are allowed 
                        if (!check_to()) {
                                log(1, "LOG: Hijack!!!--> unregistered
user registration attempt\n");
                                sl_send_reply("403", "hijack
attempt!!!! Only registered users are allowed");
                                break;
                        };
                        log(1,"      Registered!!! \n");
                        if (!save("location")) {
                                sl_reply_error();
                        };
                        break;
                };
if (method == "INVITE" || method== "CANCEL" ||
method== "ACK" && src_ip!=GW_IP ) {
                        log(1, "ANALYZING INVITE||CANCEL REQUESTs\n");
                        if (!proxy_authorize("mydomain.com.pe", "subscriber")) {
                                proxy_challenge("mydomain.com.pe", "1");
                                break;
                        } else {
                        if (method == "INVITE" && !check_from()) {
                                sl_send_reply("403", "Only registered
users are allowed");
                                break;
                        };
                        };
/* *********** Dial out to Local and PSTN
logic ********* */
# Forward n digit requests to gateway AS5350 (Celulares)
                        if(uri=~"^sip:9" ){
                                log(1," digit expression match - Celulares\n");
                                if (!is_user_in("from", "mobile")) {
                                        sl_send_reply("403", "No
permission for mobile calls");
                                        break;
                                }; 
                                rewritehostport("GW_IP:5060");
                                route(1);  ## to nathelper...
                                break;    
                        };
    };
Rafael J. Risco G.V.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [Serusers] Can´t CANCEL PSTN calls when using credentials