[Serusers] blocking CID continuing using radius authentication
Rosario Pingaro
rpingar at nesec.it
Wed Oct 4 21:04:49 CEST 2006
Sorry the ser.cfg part that fails when I block cid on my ata is the following:
if (!allow_trusted()) {
if (!radius_proxy_authorize("")) {
proxy_challenge("", "0");
break;
} else if (!check_from()) {
sl_send_reply("403","Setta From=ID");
break;
};
};
So it is not just a matter of credentials.....
please note that the ata has the "sip-Remot-party-ID" enabled.
Any idea on supporting the block of the cid in my design?
Regards
Rosario
----- Original Message -----
From: Rosario Pingaro
To: serusers at lists.iptel.org
Sent: Wednesday, October 04, 2006 9:57 AM
Subject: [Serusers] blocking CID continuing using radius authentication
I would like to use the ATAs features to block the CID for anonymous calls.
At the same time I wouldn't like to break my accounting done by Radius Authentication.
This is the ser.cfg about radius auth for international calls:
if (!radius_is_user_in("From","int")) {
sl_send_reply("403","Internazionali non abilitate");
break;
I use to authenticate the "From" field so if I disable the CID on the ata I will receive an anonymous from field.
What do I have to authenticate to mantain a working accounting? Do I have to authenticate against "Credentials"?
What is the difference between Credentials and from headers?
Regards
Rosario
------------------------------------------------------------------------------
_______________________________________________
Serusers mailing list
Serusers at lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20061004/8ece5385/attachment.htm>
More information about the sr-users
mailing list