Re: [Users] how to make sure the caller is registered before it can dial out to PSTN

7 Sep 2005

      Hi Rafael,
I would say your script allows call only from subscribed users and not 
from registered users - check_from looks into subscriber table, not in 
location.
regards,
bogdan
Rafael R. GV wrote:
...
Hi
I am using check_to() and check_from() for this issue, something like:
            if (method == "REGISTER") {

                    log(1, "ANALYZING REGISTER REQUEST\n");
                    # to use digest authentication
                    if (is_user_in("Request-URI", "deactivated")) {
                            sl_send_reply("402", "Su cuenta fue 

desactivada");
                                break;
                        };
                    if (!www_authorize("mydomain.com.pe 

http://mydomain.com.pe", "subscriber")) {
                                log(1,"       ----- Fails to Register 
\n");
                                www_challenge("mydomain.com.pe 
http://mydomain.com.pe", "0");
                                break;
                        };
                    # only signed users are allowed
                    if (!check_to()) {
                            log(1, "LOG: Hijack!!!--> unsigned 

user registration attempt\n");
                                sl_send_reply("403", "hijack 
attempt!!!! Only signed users are allowed");
                                break;
                        };
                        log(1,"      Registered!!! \n");
                        if (!save("location")) {
                                sl_reply_error();
                        };
                        break;
                };
    # First check the source of the call
    #***********************************
    # If the call comes from the gateways, no authentication is 

required.
        if (src_ip==200.x.x.x || src_ip==200.y.y.y) {
                log(1,"Call from pstn|*, no authentication is 
required. \n");
    # If the call comes from B2BUA, no authentication is required.
    # The first leg of the call has already been authenticated.
    } else if (src_ip==200.z.z.z && src_port==5070) {
            log(1,"Call from B2BUA, no authentication is 

required.  \n");
        } else {
                # We check user credentials
                if ((method == "INVITE" || method== "CANCEL" || 
method== "BYE" || method== "ACK") && (!src_ip==200.z.z.z && 
!src_port==5070)){
                        log(1, "ANALYZING INVITE||CANCEL REQUESTs\n");
                        if (!proxy_authorize("mydomain.com.pe 
http://mydomain.com.pe", "subscriber")) {
                                # log(1,"   ----- Fails to 
...proxy_authorize \n");
                                proxy_challenge("mydomain.com.pe 
http://mydomain.com.pe", "0");
                                break;
                        } else {
                        if (method == "INVITE" && !check_from()) {
                                sl_send_reply("403", "Only registered 
users are allowed");
                                log(1," ----> Only registered users 
are allowed \n");
                                break;
                        };
                        };
....
slds.-
Rafael Risco
On 9/5/05, *Raymond Chen* <rchen@broadz.com mailto:rchen@broadz.com> 
wrote:
Dear all,

We want to prevent people dial out to PSTN without registering, 
how to check from header again location table?

Ray

_______________________________________________
Users mailing list
Users@openser.org <mailto:Users@openser.org>
http://openser.org/cgi-bin/mailman/listinfo/users

--
rrgv

Users mailing list
Users@openser.org
http://openser.org/cgi-bin/mailman/listinfo/users

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [Users] how to make sure the caller is registered before it can dial out to PSTN