23 Mar
2005
23 Mar
'05
9:51 p.m.
Hello
I am doing some security improvements to my configuration because I´ve
realized that everyone can sends calls to PSTN gateways and other
registered users even if the caller fails to register in SER, so now I
instruct SER to check the username and password of the CALLER in every
INVITE request like that:
if (method=="INVITE") {
if (!www_authorize("mydomain", "subscriber")) {
www_challenge("mydomain", "0");
break;
};
};
well it works but not when calls are generated in my gateway Cisco
AS5350 (these GWs dont have register comand) so I need some advice to
"exclude" gateway IP for this authorization process.
thanks
Rafael
--
rrgv
23 Mar
23 Mar
9:59 p.m.
Hi Rafael,
replace
if (method=="INVITE") {
with
if (method=="INVITE" && src_ip!=xxx.xxx.xxx.xxx) {
where that many xxx-s is the GW's IP.
Best regards,
Marian
Rafael J. Risco G.V. wrote:
Hello
I am doing some security improvements to my configuration because I´ve
realized that everyone can sends calls to PSTN gateways and other
registered users even if the caller fails to register in SER, so now I
instruct SER to check the username and password of the CALLER in every
INVITE request like that:
if (method=="INVITE") {
if (!www_authorize("mydomain", "subscriber")) {
www_challenge("mydomain", "0");
break;
};
};
well it works but not when calls are generated in my gateway Cisco
AS5350 (these GWs dont have register comand) so I need some advice to
"exclude" gateway IP for this authorization process.
thanks
Rafael
--
Voice System
http://www.voice-system.ro
7193
days inactive
7193
days old
1 comments
2 participants
participants (2)
-
Marian Dumitru -
Rafael J. Risco G.V.