Scot,<br>the function "is_from_local" uses the From URI and as such, will not work if the originator mangles the from uri (as in the case of your example below).<br><br>A more secure way to do this that may suit your needs is to use the permissions module and actually check the source IP of the request:<br>
<br><a href="http://www.opensips.org/html/docs/modules/1.8.x/permissions.html#id293503">http://www.opensips.org/html/docs/modules/1.8.x/permissions.html#id293503</a><br><br>Look at the "check_source_address" and or "get_source_group". Either of these can compare the source IP of the originator to a known list. From there, you can perform script logic based on where the request came from.<br>
<br>Hope that helps!<br>-Brett<br><br><br><div class="gmail_quote">On Mon, Jul 23, 2012 at 11:38 AM, Schneur Rosenberg <span dir="ltr"><<a href="mailto:rosenberg11219@gmail.com" target="_blank">rosenberg11219@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I'm using opensips as a registrar server and as a loadbalancer, all<br>
phones are registered to opensips and all incoming and outgoing calls<br>
go to Asterisk boxes via load balancing, therefore I have 3 kinds of<br>
calls going to opensips,<br>
1) outgoing calls coming from one of the phones Registered to opensips,<br>
2) incoming calls (we allow all incoming calls no matter from where<br>
they come, I call them unauthenticated DID)<br>
3) Calls ringing to a phone registered to opensips, the Asterisk boxes<br>
will send the calls to the phone either after getting a call from a<br>
DID, or when a internal user wants to call another internal user<br>
<br>
The way I differentiate between the calls is I do a if<br>
(!(method=="REGISTER") && is_from_local()) this will check credentials<br>
and send call to asterisk to process outgoing call, then I do a else<br>
if ((method=="INVITE")) which will check if the call is going to a<br>
local phone by doing if (!lookup("location", "m")) if that fails that<br>
it assumes its a incoming did call, and it will send it to asterisk<br>
with a prefix so asterisk knows its a unauthenticated incoming call,<br>
bellow I pasted a skeleton of the code I'm using.<br>
<br>
Everything worked fine, until I connected a PBX to my opensips, then<br>
the from came in with the address of the PBX and the is_from_local()<br>
test was not true, so it did not work, I had the same problem when<br>
sending a call from a SPA3000 and blocking caller id, in that case it<br>
also obscured the from address, as follows "From: Anonymous<br>
<sip:anonymous@localhost>;tag=ea3ee097cd947aeeo0." , the only<br>
reference of the user or domain was in the RPID field and calls did<br>
not go through.<br>
<br>
Is there anyway to check if a source IP is registered to our system<br>
and only then it should send a 407? this way if I have a BPX<br>
registered it will then ask for credentials, all others it will assume<br>
that either a call to the local phone or unauthenticated DID, I<br>
understand that I wont be able to send calls to the system only if<br>
registration was done before, but I have no problem with that, I<br>
could do it with avp_db_query() on the subscriber table, but I want to<br>
know if there is a better way.<br>
<br>
If there is there a better solution then the above solution please let me know<br>
<br>
if (!(method=="REGISTER") && is_from_local())<br>
{<br>
#check credentials<br>
}<br>
else if ((method=="INVITE")) #unathenticated did or call<br>
going to phone registered to opensips<br>
{<br>
<br>
if (!lookup("location", "m")) #calling local phone<br>
{<br>
#send to phone registered to opensips<br>
}<br>
else<br>
{<br>
#incoming did send call to asterisk to process<br>
}<br>
}<br>
else<br>
{<br>
#outgoing calls route continues here<br>
}<br>
...................................<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</blockquote></div><br>