[OpenSIPS-Users] Block user from registration

Satish Patel satish.txt at gmail.com
Fri Jan 2 16:09:38 CET 2015


Lets say i have user "A"  using IP base authentication to send call outside
using Opensips Proxy. ( Same user has option to Username/Password to
register and send calls).

We have developed web GUI to give control control to "customer" so they can
enable/disable their registration base method ( Reason we give that control
to user because if user has dedicated Public IP then he can disable
"Registration" base method so hacker can't exploit their users accounts.

So my Original question is, How or what i should use or configure in
Opensips so i can switch on/off user base registration?  ( We only allowing
to send calls outside, no inbound calls allowed)

Hope it helps you to understand my scenario, Let me know if i am wrong
anywhere in above scenario.

On Wed, Dec 31, 2014 at 1:30 PM, Duane Larson <duane.larson at gmail.com>
wrote:

> My logic saves the user that is registering into the location table
> without challenging them for a password or checking that the user or domain
> is local to the OpenSIPs instance.  If you are looking for something more
> you might want to provide more detail.
>
> This would allow fake accounts to register if they are from a friendly IP.
>
>
> On Wednesday, December 31, 2014, Satish Patel <satish.txt at gmail.com>
> wrote:
>
>> How it will help if i want to allow only IP auth for specific user but
>> not registration auth? How your logic deal with User level?
>>
>>
>> On Wed, Dec 31, 2014 at 12:22 PM, Duane Larson <duane.larson at gmail.com>
>> wrote:
>>
>>> Would you not just do something like this?
>>>
>>> If(FriendlyIP && is_method("REGISTER"))
>>> {
>>>                 if (t_newtran()) {
>>>                         save("location");
>>>                 }
>>>
>>>                 exit;
>>> }
>>>
>>> On Wed, Dec 31, 2014 at 10:22 AM, Satish Patel <satish.txt at gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> We have many users using both registration method and IP auth method to
>>>> send calls but i wants if they use IP Auth method then we can disable
>>>> registration method ( just prevention from hacking attack).
>>>>
>>>> I believe registration is only required for incoming calls to find user
>>>> location, right? How do i tell opensips don't accept user registration
>>>> method even opensips challenge for proxy auth. any suggestion?
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.opensips.org
>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150102/6c7f7ff9/attachment.htm>


More information about the Users mailing list