<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#ffffff">
Sorry, there is a mistake in what I wrote:<br>
<br>
I did:<br>
osipsconsole<br>
<pre wrap="">address add 0 192.168.1.19 255.255.255.<big><big><big><b>255</b></big></big></big> UDP 5060 (not 255.255.255.0)
</pre>
and opensips makes the call pass the same, from 192.168.1.20.....<br>
<br>
I had a look into the db entries: there is something like
address=192.168.1.19 mask = 32 ....<br>
<br>
Any advice? <br>
Asterisk tricks? <br>
Or an opensips problem?<br>
If you want, I can give you ssh accesses....<br>
<br>
Roberto<br>
<br>
<br>
Il martedì 13/04/10 12.08, Bogdan-Andrei Iancu ha scritto:
<blockquote cite="mid:4BC442A5.8020607@voice-system.ro" type="cite">
<pre wrap="">Hello Roberto,
I think the problem is with the network mask you used when adding the IP :
IP : 192.168.1.19
Mask: 255.255.255.0
This rule will allow 192.168.1.xxx block of IPs - this is why the second
asterisk works too ;)
Try using the 255.255.255.255 mask (of course remove the existing entry)
Regards,
Bogdan
Roberto Ovani wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I'm using opensips 1.6.1, on Ubuntu 9.10 server (192.168.1.12)
I configured an asterisk box (192.168.1.19) to for PSTN.
I'm trying to restrict access, to prevent false authentication from
unauthorized users except the gateway I set up.
from the terminal, i wrote :
/osipsconsole
address add 0 192.168.1.19 255.255.255.0 UDP 5060
/to add the gateway data into the db
So, i want ONLY that asterisk box to send calls to opensips bypassing
authentication (this is what I found on the book by Gonçalves, about
opensips 1.6, nd it says I can do it).
But if itry with another asterisk box, on another Ip address e.g.
192.168.1.20 , opensips makes the call pass, even if I didn't put this
entry in my Db.... I want to restrict access to UN-authenticated calls
ONLY to 192.168.1.19
this is a piece of code I found on the book and I used to restric the
access only to 192.168.1.19:
if (!(method=="REGISTER") && is_from_local())
{
if (!check_source_address("0"))
{
if (!proxy_authorize("", "subscriber"))
{
proxy_challenge("", "0");
exit;
}
}
else if (!db_check_from())
{
sl_send_reply("403","Forbidden
auth ID");
exit;
}
}
Is it right?
What do you think I have to check ?
Could you please help me ? I can't solve this problem....but i need it !
Thanks in advance
Best regards
Roberto
------------------------------------------------------------------------
_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<pre wrap="">
</pre>
</blockquote>
<br>
</body>
</html>