I have enabled mysql authentication of REGISTER messagess, but i need that only INVITE mesagges from devices properly registered in SER can go through, and that INVITE mesagges from devices NOT registered are dropped.
How can i do this? do you have a sample script?
Thanx a lot!
search the mailing list for "prevent INVITE without REGISTERing" You may have to update the following config, do not define AVP track for example ($f.uid instead of $fu.uid). http://lists.iptel.org/pipermail/serusers/2006-July/029559.html
Miklos
On 02/23/2007 02:38 PM, Octavarium wrote:
I have enabled mysql authentication of REGISTER messagess, but i need that only INVITE mesagges from devices properly registered in SER can go through, and that INVITE mesagges from devices NOT registered are dropped.
How can i do this? do you have a sample script?
Thanx a lot!
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
You can use if (registered("location")) {...} it checks location, just does not rewrite request uri (so you don't need to save it's old content.
You should set the $tu.uid with the correct value of the caller anyway.
Michal
On Fri, 2007-02-23 at 16:01 +0100, Miklos Tirpak wrote:
search the mailing list for "prevent INVITE without REGISTERing" You may have to update the following config, do not define AVP track for example ($f.uid instead of $fu.uid). http://lists.iptel.org/pipermail/serusers/2006-July/029559.html
Miklos
On 02/23/2007 02:38 PM, Octavarium wrote:
I have enabled mysql authentication of REGISTER messagess, but i need that only INVITE mesagges from devices properly registered in SER can go through, and that INVITE mesagges from devices NOT registered are dropped.
How can i do this? do you have a sample script?
Thanx a lot!
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
On 02/23/2007 05:24 PM, Michal Matyska wrote:
You can use if (registered("location")) {...} it checks location, just does not rewrite request uri (so you don't need to save it's old content.
You should set the $tu.uid with the correct value of the caller anyway.
the disadvantage is that you do not verify the source IP address in this case, so if the INVITE is not authenticated there is a huge security hole. But I guess the INVITE can be authenticated for the UAC which supported authentication for the REGISTER. The advantage is that multiple bindings can be supported.
Miklos
Michal
On Fri, 2007-02-23 at 16:01 +0100, Miklos Tirpak wrote:
search the mailing list for "prevent INVITE without REGISTERing" You may have to update the following config, do not define AVP track for example ($f.uid instead of $fu.uid). http://lists.iptel.org/pipermail/serusers/2006-July/029559.html
Miklos
On 02/23/2007 02:38 PM, Octavarium wrote:
I have enabled mysql authentication of REGISTER messagess, but i need that only INVITE mesagges from devices properly registered in SER can go through, and that INVITE mesagges from devices NOT registered are dropped.
How can i do this? do you have a sample script?
Thanx a lot!
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Michal Matyska -
Miklos Tirpak -
Octavarium