[OpenSIPS-Users] Block user from registration

Duane Larson duane.larson at gmail.com
Wed Dec 31 19:30:39 CET 2014


My logic saves the user that is registering into the location table without
challenging them for a password or checking that the user or domain is
local to the OpenSIPs instance.  If you are looking for something more you
might want to provide more detail.

This would allow fake accounts to register if they are from a friendly IP.

On Wednesday, December 31, 2014, Satish Patel <satish.txt at gmail.com> wrote:

> How it will help if i want to allow only IP auth for specific user but not
> registration auth? How your logic deal with User level?
>
>
> On Wed, Dec 31, 2014 at 12:22 PM, Duane Larson <duane.larson at gmail.com
> <javascript:_e(%7B%7D,'cvml','duane.larson at gmail.com');>> wrote:
>
>> Would you not just do something like this?
>>
>> If(FriendlyIP && is_method("REGISTER"))
>> {
>>                 if (t_newtran()) {
>>                         save("location");
>>                 }
>>
>>                 exit;
>> }
>>
>> On Wed, Dec 31, 2014 at 10:22 AM, Satish Patel <satish.txt at gmail.com
>> <javascript:_e(%7B%7D,'cvml','satish.txt at gmail.com');>> wrote:
>>
>>> Hi,
>>>
>>> We have many users using both registration method and IP auth method to
>>> send calls but i wants if they use IP Auth method then we can disable
>>> registration method ( just prevention from hacking attack).
>>>
>>> I believe registration is only required for incoming calls to find user
>>> location, right? How do i tell opensips don't accept user registration
>>> method even opensips challenge for proxy auth. any suggestion?
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org
>>> <javascript:_e(%7B%7D,'cvml','Users at lists.opensips.org');>
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> <javascript:_e(%7B%7D,'cvml','Users at lists.opensips.org');>
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20141231/9b04073f/attachment.htm>


More information about the Users mailing list