[OpenSIPS-Users] Accepting calls only form Some IP Address

Vallimamod ABDULLAH vallimamod.abdullah at imtelecom.fr
Fri Aug 30 13:03:08 CEST 2013


Hi,

Have a look at the permissions module doc, especially the check_source_address() function: http://www.opensips.org/html/docs/modules/1.9.x/permissions.html#id293797
You need to add the authorized ips to the address table in the db and use check_source_address() to check if the current source ip address is on that table.
Don't forget to reload the table everytime you make a change (mi command: address_reload)

Best Regards,
Vallimamod
.



On Aug 30, 2013, at 12:39 PM, Danny Dias <ing.diasdanny at gmail.com> wrote:

> sorry, my small script is like this:
> 
> if (check_address("0","192.168.0.35","0","ANY","", "")) {
>                 t_relay();
>         }
>         else {
>                 sl_send_reply("403", "Forbidden");
>         exit;
>         }
> 
> Still receiving the 403
> 
> 
> 
> 2013/8/30 Danny Dias <ing.diasdanny at gmail.com>
> Finally, 
> 
> I did it like this:
> 
> if (!check_address("0","192.168.0.35","0","ANY","", "")) {
>                 t_relay();
>         }
>         else {
>                 sl_send_reply("403", "Forbidden");
>         exit;
>         }
> 
> But now, all the calls from source ip address 192.168.0.35 receive a 403:
> 
> U 192.168.0.35:3832 -> 192.168.1.20:5060
> INVITE sip:1001 at 192.168.1.20 SIP/2.0.
> Via: SIP/2.0/UDP 192.168.1.35:3832;branch=z9hG4bK-d8754z-c4f09d265010a511-1---d8754z-;rport.
> Max-Forwards: 70.
> Contact: <sip:1000 at 192.168.0.35:3832>.
> To: <sip:1001 at 192.168.1.20>.
> From: "1000"<sip:1000 at 192.168.1.20>;tag=6be1ed13.
> Call-ID: ZGZiMjEwMzFjZjRkNDFmMzdhZGJkNTgxYzlmYjE4MTY.
> CSeq: 1 INVITE.
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO.
> Content-Type: application/sdp.
> Supported: replaces.
> User-Agent: Bria 3 release 3.5.3 stamp 70600.
> Content-Length: 208.
> .
> v=0.
> o=- 1377858559536092 1 IN IP4 192.168.0.35.
> s=Bria 3 release 3.5.3 stamp 70600.
> c=IN IP4 192.168.0.35.
> t=0 0.
> m=audio 53766 RTP/AVP 8 0 101.
> a=rtpmap:101 telephone-event/8000.
> a=fmtp:101 0-15.
> a=sendrecv.
> 
> U 192.168.1.20:5060 -> 192.168.0.35:3832
> SIP/2.0 403 Forbidden.
> Via: SIP/2.0/UDP 192.168.0.35:3832;received=192.168.0.35;branch=z9hG4bK-d8754z-c4f09d265010a511-1---d8754z-;rport=3832.
> To: <sip:1001 at 192.168.1.20>;tag=7ff88f74df89822193682e3f23116cc8.59de.
> From: "1000"<sip:1000 at 192.168.1.20>;tag=6be1ed13.
> Call-ID: ZGZiMjEwMzFjZjRkNDFmMzdhZGJkNTgxYzlmYjE4MTY.
> CSeq: 1 INVITE.
> Server: OpenSIPS (1.9.1-notls (i386/linux)).
> Content-Length: 0.
> 
> 
>  
> 
> 
> 2013/8/30 Danny Dias <ing.diasdanny at gmail.com>
> So, 
> 
> It would be something like this (not quite sure...):
> 
> route {
> if (check_address("0","192.168.2.135","0","ANY","", "")) {
> t_relay();
> else if (sl_send_reply("403", "Forbidden"));
> exit;
> }
> .
> .
> 
> In this small script at the very begining of route script, i will only permit calls from ip "192.168.2.135", any other ip, will receive a 403. Am i right?
> 
> Thanks
> 
> 
> 
> 
> 
> 
> 
> 
> 2013/8/30 Víctor Fernández Martínez <vfernandez at barracuda.com>
> Hi Danny,
> 
> You can check the source IP address using $si and send a forbidden response if
> it doesn't match your needs.
> 
> Best regards.
> 
> 
> 
> On Friday 30 August 2013 03:48:25 Danny Días wrote:
> > Hi,
> >
> > I need to configure OpenSIPS to only accept calls from 1 IP address and
> > without any kind of authentication (no password required for clients); i
> > wonder if there's a function in OpenSIPS to accomplish this?
> >
> > Thanks so much
> 
> 
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> 
> 
> 
> -- 
> SIP: danny at voice.danntel.net
> Web: http://www.danntel.net
> 
> 
> 
> -- 
> SIP: danny at voice.danntel.net
> Web: http://www.danntel.net
> 
> 
> 
> -- 
> SIP: danny at voice.danntel.net
> Web: http://www.danntel.net
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20130830/8eb10191/attachment-0001.htm>


More information about the Users mailing list