[OpenSIPS-Users] PBX sending calls to Opensips

Schneur Rosenberg rosenberg11219 at gmail.com
Wed Jul 25 15:41:16 CEST 2012 

check_source_address won't work for me, my clients are behind Dynamic
ip's, there is no way for me to know in advance their ip address

On Mon, Jul 23, 2012 at 8:55 PM, Brett Nemeroff <brett at nemeroff.com> wrote:
> Scot,
> the function "is_from_local" uses the From URI and as such, will not work if
> the originator mangles the from uri (as in the case of your example below).
>
> A more secure way to do this that may suit your needs is to use the
> permissions module and actually check the source IP of the request:
>
> http://www.opensips.org/html/docs/modules/1.8.x/permissions.html#id293503
>
> Look at the "check_source_address" and or "get_source_group". Either of
> these can compare the source IP of the originator to a known list. From
> there, you can perform script logic based on where the request came from.
>
> Hope that helps!
> -Brett
>
>
> On Mon, Jul 23, 2012 at 11:38 AM, Schneur Rosenberg
> <rosenberg11219 at gmail.com> wrote:
>>
>> I'm using opensips as a registrar server and as a loadbalancer, all
>> phones are registered to opensips and all incoming and outgoing calls
>> go to Asterisk boxes via load balancing, therefore I have 3 kinds of
>> calls going to opensips,
>> 1) outgoing calls coming from one of the phones Registered to opensips,
>> 2) incoming calls (we allow all incoming calls no matter from where
>> they come, I call them unauthenticated DID)
>> 3) Calls ringing to a phone registered to opensips, the Asterisk boxes
>> will send the calls to the phone either after getting a call from a
>> DID, or when a internal user wants to call another internal user
>>
>> The way I differentiate between the calls is  I do a      if
>> (!(method=="REGISTER") && is_from_local()) this will check credentials
>> and send call to asterisk to process outgoing call, then I do a  else
>> if ((method=="INVITE"))  which will check if the call is going to a
>> local phone by doing  if (!lookup("location", "m")) if that fails that
>> it assumes its a incoming did call, and it will send it to asterisk
>> with a prefix so asterisk knows its a unauthenticated incoming call,
>> bellow I pasted a skeleton of the code I'm using.
>>
>> Everything worked fine, until I connected a PBX to my opensips, then
>> the from came in with the address of the PBX and the  is_from_local()
>> test was not true, so it did not work, I had the same problem when
>> sending a call from a SPA3000 and blocking caller id, in that case it
>> also obscured the from address, as follows "From: Anonymous
>> <sip:anonymous at localhost>;tag=ea3ee097cd947aeeo0." , the only
>> reference of the user or domain was in the RPID field  and calls did
>> not go through.
>>
>> Is there anyway to check if a source IP is registered to our system
>> and only then it should send a 407? this way if I have a BPX
>> registered it will then ask for credentials, all others it will assume
>> that either a call to the local phone or unauthenticated DID, I
>> understand that I wont be able to send calls to the system only if
>> registration was done before, but I have no problem with that,  I
>> could do it with avp_db_query() on the subscriber table, but I want to
>> know if there is a better way.
>>
>> If there is there a better solution then the above solution please let me
>> know
>>
>>         if (!(method=="REGISTER") && is_from_local())
>>         {
>>                #check credentials
>>         }
>>          else if ((method=="INVITE"))   #unathenticated did or call
>> going to phone registered to opensips
>>         {
>>
>>                 if (!lookup("location", "m"))   #calling local phone
>>                 {
>>                          #send to phone registered to opensips
>>                 }
>>                 else
>>                 {
>>                          #incoming did send call to asterisk to process
>>                 }
>>         }
>>         else
>>         {
>>                #outgoing calls route continues here
>>         }
>> ...................................
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>

More information about the Users mailing list