[SR-Users] Kamailio fronting Freeswitch authentication
Ashwin Jain
ashwinrkjain at gmail.com
Mon Sep 22 15:28:40 CEST 2014
Hi all,
I am using Kamailio to front my freeswitch servers and it is working great.
I am getting some problems with authentication, sometimes users which are
not registered with kamailio are also able to make calls. I have a feeling
that I am doing something really silly with kamailio routing. Following is
the AUTH route that I am using, please let me know I am missing something
very obvious.
route[AUTH] {
#!ifdef WITH_AUTH
#!ifdef WITH_FREESWITCH
if(route(FSINBOUND))
return;
#!endif
#!ifdef WITH_IPAUTH
if((!is_method("REGISTER")) && allow_source_address())
{
# source IP allowed
return;
}
#!endif
if (is_method("REGISTER") || from_uri==myself)
{
# authenticate requests
if (!auth_check("$fd", "subscriber", "1")) {
auth_challenge("$fd", "0");
exit;
}
# user authenticated - remove auth header
if(!is_method("REGISTER|PUBLISH"))
consume_credentials();
}
# if caller is not local subscriber, then check if it calls
# a local destination, otherwise deny, not an open relay here
if (from_uri!=myself && uri!=myself)
{
sl_send_reply("403","Not relaying");
exit;
}
#!endif
return;
}
route[FSINBOUND] {
if($si== $sel(cfg_get.freeswitch.bindip) &&
$sp==$sel(cfg_get.freeswitch.bindport))
return 1;
return -1;
}
I have set "WITH_AUTH" and "WITH_FREESWITCH". Let me know, if any more
details are required.
System configuration:
Ubuntu: 12.04 LTS
Kamailio: 4.1.5 (x86_64/linux)
Freeswitch: 1.4.7 stable release
--
Thanks and Regards,
Ashwin Jain
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140922/19dc8774/attachment.html>
More information about the sr-users
mailing list