[Serusers] Allowing incoming calls from trusted peers
Cameron Beattie
kjcsb at orcon.net.nz
Wed Mar 8 05:42:05 CET 2006
I want to allow peering with specific providers and am not sure of the best
way to do this. At the moment I have the following in ser.cfg:
if (method=="INVITE" && !allow_trusted()) {
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
break;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
break;
};
consume_credentials();
};
SER sends a 407 back to any server trying to send a call to my server.
As I understand it allow_trusted only allows specification of trusted IP
addresses. I'm not clear what it is checking though. Is it the IP address of
the host provided in the URI, or From, or something else?
What if I want to validate based on domain name? What are the risks of the
following approach?
if (method=="INVITE" && !is_from_local()) {
Any help appreciated.
Cameron
More information about the sr-users
mailing list