[OpenSIPS-Users] PBX sending calls to Opensips
Brett Nemeroff
brett at nemeroff.com
Mon Jul 23 19:55:04 CEST 2012
Scot,
the function "is_from_local" uses the From URI and as such, will not work
if the originator mangles the from uri (as in the case of your example
below).
A more secure way to do this that may suit your needs is to use the
permissions module and actually check the source IP of the request:
http://www.opensips.org/html/docs/modules/1.8.x/permissions.html#id293503
Look at the "check_source_address" and or "get_source_group". Either of
these can compare the source IP of the originator to a known list. From
there, you can perform script logic based on where the request came from.
Hope that helps!
-Brett
On Mon, Jul 23, 2012 at 11:38 AM, Schneur Rosenberg <
rosenberg11219 at gmail.com> wrote:
> I'm using opensips as a registrar server and as a loadbalancer, all
> phones are registered to opensips and all incoming and outgoing calls
> go to Asterisk boxes via load balancing, therefore I have 3 kinds of
> calls going to opensips,
> 1) outgoing calls coming from one of the phones Registered to opensips,
> 2) incoming calls (we allow all incoming calls no matter from where
> they come, I call them unauthenticated DID)
> 3) Calls ringing to a phone registered to opensips, the Asterisk boxes
> will send the calls to the phone either after getting a call from a
> DID, or when a internal user wants to call another internal user
>
> The way I differentiate between the calls is I do a if
> (!(method=="REGISTER") && is_from_local()) this will check credentials
> and send call to asterisk to process outgoing call, then I do a else
> if ((method=="INVITE")) which will check if the call is going to a
> local phone by doing if (!lookup("location", "m")) if that fails that
> it assumes its a incoming did call, and it will send it to asterisk
> with a prefix so asterisk knows its a unauthenticated incoming call,
> bellow I pasted a skeleton of the code I'm using.
>
> Everything worked fine, until I connected a PBX to my opensips, then
> the from came in with the address of the PBX and the is_from_local()
> test was not true, so it did not work, I had the same problem when
> sending a call from a SPA3000 and blocking caller id, in that case it
> also obscured the from address, as follows "From: Anonymous
> <sip:anonymous at localhost>;tag=ea3ee097cd947aeeo0." , the only
> reference of the user or domain was in the RPID field and calls did
> not go through.
>
> Is there anyway to check if a source IP is registered to our system
> and only then it should send a 407? this way if I have a BPX
> registered it will then ask for credentials, all others it will assume
> that either a call to the local phone or unauthenticated DID, I
> understand that I wont be able to send calls to the system only if
> registration was done before, but I have no problem with that, I
> could do it with avp_db_query() on the subscriber table, but I want to
> know if there is a better way.
>
> If there is there a better solution then the above solution please let me
> know
>
> if (!(method=="REGISTER") && is_from_local())
> {
> #check credentials
> }
> else if ((method=="INVITE")) #unathenticated did or call
> going to phone registered to opensips
> {
>
> if (!lookup("location", "m")) #calling local phone
> {
> #send to phone registered to opensips
> }
> else
> {
> #incoming did send call to asterisk to process
> }
> }
> else
> {
> #outgoing calls route continues here
> }
> ...................................
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20120723/7df2454f/attachment-0001.htm>
More information about the Users
mailing list