Re: [Kamailio-Users] Check if a user is calling from aregistered device and if not, deny the call!
Hello,
On 10/19/08 14:32, Arif-Uz-Zaman wrote:
Hi,
Here is a tricky sample config to check if a user is calling from a registered device and if not, deny the call:
$var(temp) = $ruri; $ruri = $fu; if(!registered("location")) { sl_send_reply("403","Forbidden auth ID"); xlog("<ARIF> Not Found\n"); exit; } $ruri = $var(temp);
in the trunk (so available with upcoming 1.5.0) you can do more strict checks. While you are sure an user is registered, you cannot detect if he is calling from registered device or a different one. You just know it has a valid contact in location database.
Here is an example to check Contact address in INVITE is same as one in location table: http://openser.blogspot.com/2008/10/registrar-enhancements.html
As you get access to all attributes stored for a location record, you can do many other tests, like source IP and port, etc.
Cheers, Daniel
Thanks, ARIF
-----Original Message----- From: users-bounces@lists.kamailio.org [mailto:users-bounces@lists.kamailio.org] On Behalf Of Juha Heinanen Sent: Sunday, October 19, 2008 3:44 PM To: users@lists.kamailio.org Subject: Re: [Kamailio-Users] Check if a user is calling from aregistereddevice and if not, deny the call!
Arif-Uz-Zaman writes:
I've already tested with the following config but no luck. Since the following config check only whether callee is registered or not. Not the caller.
if(!registered("location")) { sl_send_reply("403","Forbidden auth ID"); exit; }
indeed the function should take a pseudo variable that contains aor used for checking.
Is there any other suggestions?
save r-uri, store caller's aor to r-uri and call the above function. then restore r-uri.
-- juha
Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
miconda wrote:
Hello,
On 10/19/08 14:32, Arif-Uz-Zaman wrote:
Hi,
Here is a tricky sample config to check if a user is calling from a registered device and if not, deny the call:
$var(temp) = $ruri; $ruri = $fu; if(!registered("location")) { sl_send_reply("403","Forbidden auth ID"); xlog("<ARIF> Not Found\n"); exit; } $ruri = $var(temp);
in the trunk (so available with upcoming 1.5.0) you can do more strict checks. While you are sure an user is registered, you cannot detect if he is calling from registered device or a different one. You just know it has a valid contact in location database.
Here is an example to check Contact address in INVITE is same as one in location table: http://openser.blogspot.com/2008/10/registrar-enhancements.html
As you get access to all attributes stored for a location record, you can do many other tests, like source IP and port, etc.
Cheers, Daniel
Yes, i've tested trunk and it works for me!
if(!reg_fetch_contacts("location", "$fu", "caller")) { sl_send_reply("403", "Please register first"); exit; }
Thanks, ARIF
On 10/20/08 12:58, arif.zaman wrote:
miconda wrote:
Hello,
On 10/19/08 14:32, Arif-Uz-Zaman wrote:
Hi,
Here is a tricky sample config to check if a user is calling from a registered device and if not, deny the call:
$var(temp) = $ruri; $ruri = $fu; if(!registered("location")) { sl_send_reply("403","Forbidden auth ID"); xlog("<ARIF> Not Found\n"); exit; } $ruri = $var(temp);
in the trunk (so available with upcoming 1.5.0) you can do more strict checks. While you are sure an user is registered, you cannot detect if he is calling from registered device or a different one. You just know it has a valid contact in location database.
Here is an example to check Contact address in INVITE is same as one in location table: http://openser.blogspot.com/2008/10/registrar-enhancements.html
As you get access to all attributes stored for a location record, you can do many other tests, like source IP and port, etc.
Cheers, Daniel
Yes, i've tested trunk and it works for me!
if(!reg_fetch_contacts("location", "$fu", "caller")) { sl_send_reply("403", "Please register first"); exit; }
if you just want to see if that user is registered or not, the alternative you used before is better. registered() returns as soon as it finds a valid contact. reg_fetch_contacts() does more operations to make available attributes associated with registered contacts (e.g., contact address, Q value, received socket, a.s.o): http://www.kamailio.org/docs/modules/devel/registrar.html#id2506813
Cheers, Daniel
-
arif.zaman -
Daniel-Constantin Mierla