Hi
I am using check_to() and check_from() for this issue, something like:


                if (method == "REGISTER") {

                        log(1, "ANALYZING REGISTER REQUEST\n");
                        # to use digest authentication
                        if (is_user_in("Request-URI", "deactivated")) {
                                sl_send_reply("402", "Su cuenta fue desactivada");
                                break;
                        };

                        if (!www_authorize("mydomain.com.pe", "subscriber")) {
                                log(1,"       ----- Fails to Register \n");
                                www_challenge("mydomain.com.pe", "0");
                                break;
                        };

                        # only signed users are allowed
                        if (!check_to()) {
                                log(1, "LOG: Hijack!!!--> unsigned user registration attempt\n");
                                sl_send_reply("403", "hijack attempt!!!! Only signed users are allowed");
                                break;
                        };
                        log(1,"      Registered!!! \n");
                        if (!save("location")) {
                                sl_reply_error();
                        };
                        break;
                };


        # First check the source of the call
        #***********************************
        # If the call comes from the gateways, no authentication is required.
        if (src_ip==200.x.x.x || src_ip==200.y.y.y) {
                log(1,"Call from pstn|*, no authentication is required. \n");

        # If the call comes from B2BUA, no authentication is required.
        # The first leg of the call has already been authenticated.
        } else if (src_ip==200.z.z.z && src_port==5070) {
                log(1,"Call from B2BUA, no authentication is required.  \n");
        } else {
                # We check user credentials
                if ((method == "INVITE" || method== "CANCEL" || method== "BYE" || method== "ACK") && (!src_ip==200.z.z.z && !src_port==5070)){
                        log(1, "ANALYZING INVITE||CANCEL REQUESTs\n");
                        if (!proxy_authorize("mydomain.com.pe", "subscriber")) {
                                # log(1,"   ----- Fails to ...proxy_authorize \n");
                                proxy_challenge("mydomain.com.pe", "0");
                                break;
                        } else {
                        if (method == "INVITE" && !check_from()) {
                                sl_send_reply("403", "Only registered users are allowed");
                                log(1," ----> Only registered users are allowed \n");
                                break;
                        };
                        };

....

slds.-
Rafael Risco


On 9/5/05, Raymond Chen <rchen@broadz.com> wrote:

Dear all,

 

We want to prevent people dial out to PSTN without registering,  how to check from header again location table?

 

Ray

 


_______________________________________________
Users mailing list
Users@openser.org
http://openser.org/cgi-bin/mailman/listinfo/users





--

rrgv