<div><font face="verdana,sans-serif">Hello, </font></div>
<div><font face="verdana,sans-serif"></font> </div>
<div><font face="verdana,sans-serif">Finally i did some changes on my script, and seems to work just fine:</font></div>
<div><font face="verdana,sans-serif"></font> </div>
<div><font face="verdana,sans-serif"> ### ACCESS CONTROL ###<br> ### ONLY PERMIT CALLS FROM GW AND LOCAL CALLS ###</font></div>
<div> if (!(method=="REGISTER")) /*multidomain version*/ </div>
<div> if (!check_source_address("0")) { <br> if (is_from_local()) { </div>
<div> if (!proxy_authorize("", "subscriber")) {<br> proxy_challenge("","0");<br> exit;<br> }<br>
if (!db_check_from()) {<br> sl_send_reply("403","Forbidden auth ID");<br> exit;<br> }<br> consume_credentials();</div>
<div> } else {</div>
<div> xlog("L_WARN", "_WARN_ unknown user trying to access $(Ri):$(Rp) from IP $si | =>403\n");<br> sl_send_reply("403","Your IP Not Allowed");<br>
exit;<br> }<br> }<br><br>With this script, i just process calls from local domains and also from IPs from the address table (IPs from GWs...)</div>
<div> </div>
<div> </div>
<div> </div>
<div class="gmail_quote">2011/2/24 Toyima Dias <span dir="ltr"><<a href="mailto:toyimads@gmail.com">toyimads@gmail.com</a>></span><br>
<blockquote style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex" class="gmail_quote">
<div><font face="verdana,sans-serif">Hello,</font></div>
<div><font face="verdana,sans-serif"> <br>I have an Asterisk as a GW, i don't want to ask for authentication to incoming calls (coming from the Asterisk), so i did the following:<br> <br>Previously i added the IP of the Asterisk to the table "domain" so the function is_from_local could check the from domain in the domain table and get into the if bucle<br>
<br>Now my doubt is why do i have to use check_source_addres after checking the is_from_local? does it make any sense? Also, adding the IP of the GW to the domain table will produce the mentioned ack bug here <a href="http://lists.opensips.org/pipermail/users/2011-February/016883.html" target="_blank">http://lists.opensips.org/pipermail/users/2011-February/016883.html</a> (when UAC from Proxy calls to the GW)...Am i doing sometrhing wrong?<br>
</font></div>
<div><font face="verdana,sans-serif">if (!(method=="REGISTER") && is_from_local()) /*multidomain version*/<br> {<br> if(!check_source_address("0")){<br> if (!proxy_authorize("", "subscriber")) {<br>
proxy_challenge("", "0");<br> exit;<br> }<br> if (!db_check_from()) {<br> sl_send_reply("403","Forbidden auth ID");<br>
exit;<br> }<br> ##<br> consume_credentials();<br> ## # caller authenticated<br> }<br> }</font></div>
<p><font face="verdana,sans-serif">.<br>.<br>.<br>.<br>.<br> <br> if (!is_uri_host_local())<br> {<br> if(is_from_local()) {<br> route(1);<br> } else {<br> sl_send_reply("403","Not Here");<br>
}<br> }</font></p>
<div><font face="verdana,sans-serif">By the way, i'm opening a new thread beacuse answering to the mentioned gets a reject because of size of the message :S</font></div>
<div><font face="verdana,sans-serif"></font> </div>
<div><font face="verdana,sans-serif">Any help would be appreciated!<br> <br>Best Regards<br></font></div></blockquote></div><br>