Authentication by IP address must be done by IP address only, DNS names must not be allowed. Period. By definition.
What you want can be achieved with dns_int_match_ip() function provided by ipops module. But keep in mind it is slow because of DNS lookup.
On Sunday 08 March 2015 13:38:52 canuck15 wrote:
Here is is the relevant section of kamailio.cfg
$var(tempfU) = $fU; #!ifdef WITH_IPAUTH if((!is_method("REGISTER")) && allow_source_address() && $au == "") { # Loading $fU from database using IP
sql_pvquery("elxpbx", "SELECT name FROM sip WHERE host = '$si'AND sippasswd IS NULL", "$var(tempfU)");
# source IP allowed return; }The problem is that when host= somefqdn.com the above will fail since $si will always be an IP address as far as I can tell. More often than not host= is a fqdn and requiring it to always be an IP address is not an option. Converting it to IP before storing it in the DB is also not an option because it needs to be able to work of the IP address changes.
So how can the above be done to accomodate the possibility that host= somefqdn.com or an IP address. Preferably in such a way that it can scale to hundreds/thousands of rows in the database without slowing things down or crashing.
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users