Hi all,
I'm still working on without success for the moment.
I don't have an idea on the means to use AVP/DB etc. with this purpose.
Someone can help me ?
Regards
Le lundi 24 novembre 2008 à 12:20 +0100, Atle Samuelsen a écrit :
if(search("Asterisk")){
sl_reply("403","Go away ugly asterisk");
break;
}else if(search("my_other_ua_i_dont_like"){
sl_reply("403","I do not like you either");
break;
}
On Mon, Nov 24, 2008 at 12:16 PM, inge <inge(a)legos.fr> wrote:
> Someone else has an idea ? I think about how to implement this kind of
> filtering with functions included in SER 0.9.6, but I still in trouble.
>
> Thanks.
>
> Le jeudi 13 novembre 2008 à 16:44 +0100, inge a écrit :
>> Hi Alexandre,
>>
>> Great workaround !!
>>
>> Maybe I can use it with Redhat if the module is compiled with x86
>> architecture ?
>>
>> What about the "flag" field in table description ?
>>
>> Regards,
>>
>> A. LEMOINE
>>
>> Le mercredi 12 novembre 2008 à 20:59 +0300, Alexandre Snarskii a écrit :
>> > On Wed, Nov 12, 2008 at 12:59:35PM +0100, inge wrote:
>> > > Hi all,
>> > >
>> > > I look for a workaround to use a white list in addition of
>> > > authentification proces, based on User-Agent (ie. for example : deny
>> > > "Asterisk IPBX" permit "Cisco IPhone...")
>> >
>> > There is (unofficial) check_ua module added as a patch in FreeBSD port,
>> > which works exactly as 'additional UA check'.
>> >
>> > Setup is not too complicated: you must create and populate some table
>> > in your database. In my example, DB is postgresql, exact create/populate
>> > commands is the next:
>> >
>> > CREATE TABLE check_ua (
>> > rexx VARCHAR(256) NOT NULL UNIQUE,
>> > flag INTEGER NOT NULL DEFAULT(0)
>> > );
>> > -- main goal is to disallow user-agents with invalid symbols:
>> > INSERT INTO check_ua VALUES('^[0-9A-Za-z/.() _-]{1,64}$',1);
>> > -- in your case it should be something like
>> > INSERT INTO check_ua VALUES('^Cisco IP Phone.*',1);
>> >
>> > Then, add to global configuration:
>> >
>> > loadmodule "/usr/local/lib/ser/modules/check_ua.so"
>> > modparam("check_ua", "db_url",
"postgres://<username>:<password>@<host>/<db>")
>> > modparam("check_ua", "db_table", "check_ua")
>> >
>> > and somewhere in route section:
>> >
>> > if(!check_ua()) {
>> > xlog("L_ERR","Invalid UA DENIED: %fu, %is,
%ua\n");
>> > sl_send_reply("403", "Forbidden (Invalid
UA)");
>> > break;
>> > };
>> >
>> > Voila. Until your Asterisk users will not find correct User-Agent
>> > they must use in their sip.conf - it will work... :) In my case -
>> > protection against bad symbols - it works even with asterisk... :)
>> >
>> > PS: not sure is that module can be found somewhere outside FreeBSD port,
>> > at least my google skills is not enough to ...
>> > However, both authors (Valentin Nechayev and Maxim Sobolev) read this
list.
>> >
>>
>> _______________________________________________
>> Serusers mailing list
>> Serusers(a)lists.iptel.org
>>
http://lists.iptel.org/mailman/listinfo/serusers
>
> _______________________________________________
> Serusers mailing list
> Serusers(a)lists.iptel.org
>
http://lists.iptel.org/mailman/listinfo/serusers
>