greetings,
I have digest and basic auth setup. I am trying to figure out how to setup IP auth. I have
read a lot of documentation but I can't seem to find anything to help me understand how to accomplish
this. Can someone point me in a direction to some information on how to set this up?
Brian
Why you don't use just the source IP address of the request. For example:
# INVITE - Authorization Section if (src_ip=="AAA.BBB.CCC.DDD") { xlog("L_INFO", "INVITE - Message received from authorized IP $si\n"); } else { if (!proxy_authorize("yourdomain.com","subscriber")) { proxy_challenge("yourdomain.com","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; }; consume_credentials(); };
-----Mensaje original----- De: users-bounces@openser.org [mailto:users-bounces@openser.org] En nombre de Brian Fertig Enviado el: 30 de Agosto de 2006 03:35 p.m. Para: users@openser.org Asunto: [Users] IP authentication
greetings,
I have digest and basic auth setup. I am trying to figure out how to setup IP auth. I have read a lot of documentation but I can't seem to find anything to help me understand how to accomplish this. Can someone point me in a direction to some information on how to set this up?
Brian
Brian Fertig wrote:
greetings,
I have digest and basic auth setup… I am trying tofigure out how to setup IP auth. I have
read a lot of documentation but I can’t seem to find anything to help me understand how to accomplish
this. Can someone point me in a direction to some information on how to set this up?
Brian
Fertig,
Check this out:
http://openser.org/docs/modules/1.1.x/permissions.html
Specifically allow_trusted()
Just add some:
"if (!allow_trusted())" type stuff and you can add IPs all day long. Much better than lines and lines of code to match IPs one by one!
Kristian Kielhofner writes:
http://openser.org/docs/modules/1.1.x/permissions.html
Specifically allow_trusted()Just add some:
"if (!allow_trusted())" type stuff and you can add IPs all day long. Much better than lines and lines of code to match IPs one by one!
this reminds me that i have been thinking to add to permissions module a new function
allow_address(ip [,port])
where ip and port can be any AVPs. it will check if match is found in a new address table. perhaps it should also have an index parameter allowing multiple address sets.
any comments?
-- juha
Juha Heinanen wrote:
Kristian Kielhofner writes:
http://openser.org/docs/modules/1.1.x/permissions.html
Specifically allow_trusted()Just add some:
"if (!allow_trusted())" type stuff and you can add IPs all day long. Much better than lines and lines of code to match IPs one by one!
this reminds me that i have been thinking to add to permissions module a new function
allow_address(ip [,port])
where ip and port can be any AVPs. it will check if match is found in a new address table. perhaps it should also have an index parameter allowing multiple address sets.
any comments?
Maybe we can have a pseudo variable in onsend_route which contains the IP address to which the message will be sent. Then we could use this function to allow received messages and to allow sending messages.
regards klaus
Klaus Darilion wrote:
Juha Heinanen wrote:
Kristian Kielhofner writes:
http://openser.org/docs/modules/1.1.x/permissions.html
Specifically allow_trusted()Just add some: "if (!allow_trusted())" type stuff and you can add IPs all day
long. > Much better than lines and lines of code to match IPs one by one!
this reminds me that i have been thinking to add to permissions module a new function
allow_address(ip [,port])
where ip and port can be any AVPs. it will check if match is found in a new address table. perhaps it should also have an index parameter allowing multiple address sets.
any comments?
sounds good to me.
Maybe we can have a pseudo variable in onsend_route which contains the IP address to which the message will be sent. Then we could use this function to allow received messages and to allow sending messages.
there is no "onsend_route" in openser
regards, bogdan
-
Bogdan-Andrei Iancu -
Brian Fertig -
Dioris Moreno -
Juha Heinanen -
Klaus Darilion -
Kristian Kielhofner