[Kamailio-Users] Access List
Daniel-Constantin Mierla
miconda at gmail.com
Wed Sep 24 12:10:33 CEST 2008
Hello,
for auth against database, it was another discussion thread with subject
"Bind Access To Users to their IPs" debating similar issue.
However, here are the steps for a solution:
- add in subscriber table a column named src_ip, a varchar where to
store the ip per subscriber
- set: modparam("auth_db", "load_credentials", "$avp(s:src_ip)=src_ip")
- in the routing blocks:
if (is_method("REGISTER"))
{
# authenticate the REGISTER requests (uncomment to enable auth)
if (!www_authorize("", "subscriber"))
{
www_challenge("", "0");
exit;
}
if (!check_to())
{
sl_send_reply("403","Forbidden auth ID");
exit;
}
# this if was added for IP checking
if($avp(s:src_ip) != $si)
{
sl_send_reply("403","Forbidden IP");
exit;
}
if (!save("location"))
sl_reply_error();
exit;
}
Cheers,
Daniel
On 09/24/08 10:00, Juha Heinanen wrote:
> michel freiha writes:
>
> > Hi All,I need please to configure kamailio in order to force the user to
> > register to my it from a specific IP...It's like creation of an access
> > list...If the customer tries to register from another IP frm the one
> > specified in kamailio he'll be denied
>
> using radius authentication this could be done quite easily by returning
> the allowed ip address of the user as a reply attribute and then by
> checking in the script if source address matches the avp value where the
> attribute value gets assigned to. another possibility in trunk version
> would be to add source ip as an extra attribute to authentication
> request and then letting radius server to do the checking.
>
> if you don't use radius, then check other replies.
>
> -- juha
>
> _______________________________________________
> Users mailing list
> Users at lists.kamailio.org
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>
>
--
Daniel-Constantin Mierla
http://www.asipto.com
More information about the Users
mailing list