Hello to all Is is possible to implement IP authentication in Kamailio? Does Kamailio has a manual to do that? Thanks regards Joao Pereira
On Thursday 11 March 2010, Joao Gomes Pereira wrote:
Is is possible to implement IP authentication in Kamailio? Does Kamailio has a manual to do that?
Hi Joao,
you refer to allowing certain peers to bypass your authentification logic in the script and setting up calls? Sure, this is possible. Just add some logic that checks for a certain IP address and then route the call as you like.
something like:
if (src_ip!=1.2.3.4/24) { # do routing.. } else { # do normal authentification }
you could also use PVs to do this, i think the right one is $si.
Cheers,
Henning
2010/3/11 Henning Westerholt henning.westerholt@1und1.de:
I recommend using the permissions module ("address" table). Very powerful and efficient for such scenarios.
Regards.
2010/3/11 Henning Westerholt henning.westerholt@1und1.de:
I use it in production. It's great as it loads the IP's or networks into memory (reloadable via MI command) :) It also returns a $rc code according to the "grp" column of the mathing row in the "address" table so you can identify the client id.
Regards.
Thanks for the help And would be possible to have the IPs in the Database, so I don't need to change Kamailio configuration every time I want to add a new IP? What would be the correct table? Thanks Regards Joao Pereira
Em 11-03-2010 18:05, Iñaki Baz Castillo escreveu:
2010/3/12 Joao Gomes Pereira gomespereira@startel.pt:
Please, check the documentation of the "permissions" module.
Don't forget that IP spoofing is very easy with UDP and a single faked INVITE can trigger calls to expensive numbers.
Also, if you do authentication based on source IP you should also use the src IP for billing identification (not From URI)
regards klaus
Am 11.03.2010 17:41, schrieb Joao Gomes Pereira:
-
Henning Westerholt -
Iñaki Baz Castillo -
Joao Gomes Pereira -
Klaus Darilion -
Uriel Rozenbaum