23 Mar
2005
23 Mar
'05
6:07 p.m.
Isn't it the regular practice to use proxy_challenge and proxy_authorize
for non REGISER methods.
Mohammad
Original Message:
-----------------
From: Marian Dumitru marian.dumitru(a)voice-sistem.ro
Date: Wed, 23 Mar 2005 21:59:27 +0100
To: rrisco(a)millicom.net.pe, serusers(a)iptel.org
Subject: Re: [Serusers] Authenticating INVITE requests method
Hi Rafael,
replace
if (method=="INVITE") {
with
if (method=="INVITE" && src_ip!=xxx.xxx.xxx.xxx) {
where that many xxx-s is the GW's IP.
Best regards,
Marian
Rafael J. Risco G.V. wrote:
Hello
I am doing some security improvements to my configuration because IĀ“ve
realized that everyone can sends calls to PSTN gateways and other
registered users even if the caller fails to register in SER, so now I
instruct SER to check the username and password of the CALLER in every
INVITE request like that:
if (method=="INVITE") {
if (!www_authorize("mydomain", "subscriber")) {
www_challenge("mydomain", "0");
break;
};
};
well it works but not when calls are generated in my gateway Cisco
AS5350 (these GWs dont have register comand) so I need some advice to
"exclude" gateway IP for this authorization process.
thanks
Rafael
--
Voice System
http://www.voice-system.ro
_______________________________________________
Serusers mailing list
Serusers(a)iptel.org
http://mail.iptel.org/mailman/listinfo/serusers
--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .