7 Sep
2005
7 Sep
'05
9:14 p.m.
Hi Rafael,
I would say your script allows call only from subscribed users and not
from registered users - check_from looks into subscriber table, not in
location.
regards,
bogdan
Rafael R. GV wrote:
Hi
I am using check_to() and check_from() for this issue, something like:
if (method == "REGISTER") {
log(1, "ANALYZING REGISTER REQUEST\n");
# to use digest authentication
if (is_user_in("Request-URI", "deactivated"))
{
sl_send_reply("402", "Su cuenta fue
desactivada");
break;
};
if (!www_authorize("mydomain.com.pe
<http://mydomain.com.pe>", "subscriber")) {
log(1," ----- Fails to Register
\n");
www_challenge("mydomain.com.pe
<http://mydomain.com.pe>", "0");
break;
};
# only signed users are allowed
if (!check_to()) {
log(1, "LOG: Hijack!!!--> unsigned
user registration attempt\n");
sl_send_reply("403", "hijack
attempt!!!! Only signed users are allowed");
break;
};
log(1," Registered!!! \n");
if (!save("location")) {
sl_reply_error();
};
break;
};
# First check the source of the call
#***********************************
# If the call comes from the gateways, no authentication is
required.
if (src_ip==200.x.x.x || src_ip==200.y.y.y) {
log(1,"Call from pstn|*, no authentication is
required. \n");
# If the call comes from B2BUA, no authentication is required.
# The first leg of the call has already been authenticated.
} else if (src_ip==200.z.z.z && src_port==5070) {
log(1,"Call from B2BUA, no authentication is
required. \n");
} else {
# We check user credentials
if ((method == "INVITE" || method== "CANCEL" ||
method== "BYE" || method== "ACK") && (!src_ip==200.z.z.z
&&
!src_port==5070)){
log(1, "ANALYZING INVITE||CANCEL REQUESTs\n");
if (!proxy_authorize("mydomain.com.pe
<http://mydomain.com.pe>", "subscriber")) {
# log(1," ----- Fails to
...proxy_authorize \n");
proxy_challenge("mydomain.com.pe
<http://mydomain.com.pe>", "0");
break;
} else {
if (method == "INVITE" && !check_from()) {
sl_send_reply("403", "Only registered
users are allowed");
log(1," ----> Only registered users
are allowed \n");
break;
};
};
....
slds.-
Rafael Risco
On 9/5/05, *Raymond Chen* <rchen(a)broadz.com <mailto:rchen@broadz.com>>
wrote:
Dear all,
We want to prevent people dial out to PSTN without registering,
how to check from header again location table?
Ray
_______________________________________________
Users mailing list
Users(a)openser.org <mailto:Users@openser.org>
http://openser.org/cgi-bin/mailman/listinfo/users
--
rrgv
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users