[Users] how to make sure the caller is registered before it can dial out to PSTN
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Wed Sep 7 20:14:24 CEST 2005
Hi Rafael,
I would say your script allows call only from subscribed users and not
from registered users - check_from looks into subscriber table, not in
location.
regards,
bogdan
Rafael R. GV wrote:
> Hi
> I am using check_to() and check_from() for this issue, something like:
>
>
> if (method == "REGISTER") {
>
> log(1, "ANALYZING REGISTER REQUEST\n");
> # to use digest authentication
> if (is_user_in("Request-URI", "deactivated")) {
> sl_send_reply("402", "Su cuenta fue
> desactivada");
> break;
> };
>
> if (!www_authorize("mydomain.com.pe
> <http://mydomain.com.pe>", "subscriber")) {
> log(1," ----- Fails to Register
> \n");
> www_challenge("mydomain.com.pe
> <http://mydomain.com.pe>", "0");
> break;
> };
>
> # only signed users are allowed
> if (!check_to()) {
> log(1, "LOG: Hijack!!!--> unsigned
> user registration attempt\n");
> sl_send_reply("403", "hijack
> attempt!!!! Only signed users are allowed");
> break;
> };
> log(1," Registered!!! \n");
> if (!save("location")) {
> sl_reply_error();
> };
> break;
> };
>
>
> # First check the source of the call
> #***********************************
> # If the call comes from the gateways, no authentication is
> required.
> if (src_ip==200.x.x.x || src_ip==200.y.y.y) {
> log(1,"Call from pstn|*, no authentication is
> required. \n");
>
> # If the call comes from B2BUA, no authentication is required.
> # The first leg of the call has already been authenticated.
> } else if (src_ip==200.z.z.z && src_port==5070) {
> log(1,"Call from B2BUA, no authentication is
> required. \n");
> } else {
> # We check user credentials
> if ((method == "INVITE" || method== "CANCEL" ||
> method== "BYE" || method== "ACK") && (!src_ip==200.z.z.z &&
> !src_port==5070)){
> log(1, "ANALYZING INVITE||CANCEL REQUESTs\n");
> if (!proxy_authorize("mydomain.com.pe
> <http://mydomain.com.pe>", "subscriber")) {
> # log(1," ----- Fails to
> ...proxy_authorize \n");
> proxy_challenge("mydomain.com.pe
> <http://mydomain.com.pe>", "0");
> break;
> } else {
> if (method == "INVITE" && !check_from()) {
> sl_send_reply("403", "Only registered
> users are allowed");
> log(1," ----> Only registered users
> are allowed \n");
> break;
> };
> };
>
> ....
>
> slds.-
> Rafael Risco
>
>
> On 9/5/05, *Raymond Chen* <rchen at broadz.com <mailto:rchen at broadz.com>>
> wrote:
>
> Dear all,
>
>
>
> We want to prevent people dial out to PSTN without registering,
> how to check from header again location table?
>
>
>
> Ray
>
>
>
>
> _______________________________________________
> Users mailing list
> Users at openser.org <mailto:Users at openser.org>
> http://openser.org/cgi-bin/mailman/listinfo/users
>
>
>
>
>
> --
>
> rrgv
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Users mailing list
>Users at openser.org
>http://openser.org/cgi-bin/mailman/listinfo/users
>
>
More information about the sr-users
mailing list