[OpenSER-Users] Multidomain support

Klaus Darilion klaus.mailinglists at pernau.at
Mon Jul 23 17:50:58 CEST 2007



Iñaki Baz Castillo wrote:
> Hi, I want to mantain independent domains in OpenSer. In my case I've a 
> OpenSer with a single DNS A record and various CNAME (I still don't want to 
> play with SRV and so). 
> 
> so:
> 
>   DNS A = openser.domain.org
>   CNAME = sip1.domain.org
>   CNAME = sip2.domain.org
> 
> 
> And I want users of sip1.domain.org and sip2.domain.org, as independent 
> groups.
> 
> I just want to avoid SIP interdomain messages, so 200 at sip1.domain.org CAN'T 
> invite 300 at sip2.domain.org even if he does authentication.
> 
> I've loaded "domain" module and use "is_uri_host_local()" 
> and "is_from_local()" functions, but for now I only used one domain.
> 
> My question is very general: for implement (or avoid) interdomain 
> comunication, do I need to use the "domainpolicy" [1] module? 

no
 > I've read its
> doc and know it's based in 3 drafts [2][3][4], but all of them seems to be 
> based in the complex NAPTR record and so. Is it the way?

if you only want to prevent calls from sip1 to sip2 just compare the 
from domain with the domain in the ruri

if ( $rd != $fd) {
   sl_send_reply("403","forbidden");
   exit;
}
> 
> I think I could just compare the FROM domain with the TO domain in order to 
> avoid interdomain communication, but of course I'd like in the future the 
> possiblity of allowing some domains to contact some other domains. Is 
> then "domainpolicy" the solution I should learn?

no. it would be easier to just put all the allowed domains into a table:

A     |    B
---------------
sip1  |  sip2
sip1  |  sip3
sip5  |  sip6


the code would be somehow like this (from the logic . I do not know the 
exact syntax by heart):

if ( $rd != $fd) {
   # lookup table with raw_query from avp_ops module:
   ... SELECT count(*) from table WHERE ($rd=A and $fd=B) OR ($rd=B and 
$fd=A);

   if count == 0 {
     sl_send_reply("403","forbidden");
     exit;
   }
}


regards
klaus




More information about the Users mailing list