30 Aug
2006
30 Aug
'06
4:35 p.m.
greetings,
I have digest and basic auth setup. I am trying to figure
out how to setup IP auth. I have
read a lot of documentation but I can't seem to find anything to help me
understand how to accomplish
this. Can someone point me in a direction to some information on how to set
this up?
Brian
30 Aug
30 Aug
5:16 p.m.
Why you don't use just the source IP address of the request. For
example:
# INVITE - Authorization Section
if (src_ip=="AAA.BBB.CCC.DDD") {
xlog("L_INFO", "INVITE - Message received from authorized IP
$si\n");
} else {
if (!proxy_authorize("yourdomain.com","subscriber")) {
proxy_challenge("yourdomain.com","0");
exit;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
exit;
};
consume_credentials();
};
-----Mensaje original-----
De: users-bounces(a)openser.org [mailto:users-bounces@openser.org] En
nombre de Brian Fertig
Enviado el: 30 de Agosto de 2006 03:35 p.m.
Para: users(a)openser.org
Asunto: [Users] IP authentication
greetings,
I have digest and basic auth setup. I am trying to
figure out how to setup IP auth. I have
read a lot of documentation but I can't seem to find anything to help me
understand how to accomplish
this. Can someone point me in a direction to some information on how to
set this up?
Brian
5:47 p.m.
Brian Fertig wrote:
greetings,
I have digest and basic auth setup… I am trying to
figure out how to setup IP auth. I have
read a lot of documentation but I can’t seem to find anything to help me
understand how to accomplish
this. Can someone point me in a direction to some information on how to
set this up?
Brian
Fertig,
Check this out:
http://openser.org/docs/modules/1.1.x/permissions.html
Specifically allow_trusted()
Just add some:
"if (!allow_trusted())" type stuff and you can add IPs all day long.
Much better than lines and lines of code to match IPs one by one!
--
Kristian Kielhofner
31 Aug
31 Aug
1:36 a.m.
Kristian Kielhofner writes:
http://openser.org/docs/modules/1.1.x/permissions.html
Specifically allow_trusted()
Just add some:
"if (!allow_trusted())" type stuff and you can add IPs all day long.
Much better than lines and lines of code to match IPs one by one!
this reminds me that i have been thinking to add to permissions module a
new function
allow_address(ip [,port])
where ip and port can be any AVPs. it will check if match is found in a
new address table. perhaps it should also have an index parameter
allowing multiple address sets.
any comments?
-- juha
8:22 a.m.
New subject: [Devel] Re: [Users] IP authentication
Juha Heinanen wrote:
Kristian Kielhofner writes:
Maybe we can have a pseudo variable in onsend_route which contains the
IP address to which the message will be sent. Then we could use this
function to allow received messages and to allow sending messages.
regards
klaus
http://openser.org/docs/modules/1.1.x/permissions.html
Specifically allow_trusted()
Just add some:
"if (!allow_trusted())" type stuff and you can add IPs all day long.
Much better than lines and lines of code to match IPs one by one!
this reminds me that i have been thinking to add to permissions module a
new function
allow_address(ip [,port])
where ip and port can be any AVPs. it will check if match is found in a
new address table. perhaps it should also have an index parameter
allowing multiple address sets.
any comments? 
1 Sep
1 Sep
4:18 a.m.
New subject: [Devel] Re: [Users] IP authentication
Klaus Darilion wrote:
Juha Heinanen wrote:
sounds good to me.
Kristian Kielhofner writes:
http://openser.org/docs/modules/1.1.x/permissions.html
> Specifically allow_trusted()
> Just add some:
> "if (!allow_trusted())" type stuff and you can add IPs all day
long. > Much better than lines and lines of code to match IPs one by
one!
this reminds me that i have been thinking to add to permissions module a
new function
allow_address(ip [,port])
where ip and port can be any AVPs. it will check if match is found in a
new address table. perhaps it should also have an index parameter
allowing multiple address sets.
any comments?
Maybe we can have a pseudo variable in onsend_route which contains the
IP address to which the message will be sent. Then we could use this
function to allow received messages and to allow sending messages.
there is no "onsend_route" in openser
regards,
bogdan
6743
days inactive
6745
days old
5 comments
6 participants
participants (6)
-
Bogdan-Andrei Iancu -
Brian Fertig -
Dioris Moreno -
Juha Heinanen -
Klaus Darilion -
Kristian Kielhofner