Schneur,<div><br></div><div>You can examine the src_ip first to see if the call if from your pbx or not. Then you can also examine to request-uri to distinguish the call between a pstn call or a sip client - assuming your sip clients have a different sip address/pattern than pstn numbers. Things like this:</div>
<div><br></div><div><div>if ( src_ip == pbx1_ip || src_ip == pbx2_ip ){<span class="Apple-tab-span" style="white-space:pre"> </span></div><div><span class="Apple-tab-span" style="white-space:pre"> </span># From PBXs</div>
<div>}</div><div><br></div><div>if ($rU=~"^\+?[0-9]{3,18}") {<span class="Apple-tab-span" style="white-space:pre"> </span></div><div><span class="Apple-tab-span" style="white-space:pre"> </span># request-uri is for a PSTN number, send the message to whatever<span class="Apple-tab-span" style="white-space:pre"> </span></div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>route(1)</div><div>}</div><div><br></div><div>Basically you need to find a difference between the call attributes and examine that, it can be the src_ip, ruri pattern, etc.</div>
<div><br></div><div>Regards,</div><div>Ali Pey</div><br><div class="gmail_quote">On Wed, Jul 25, 2012 at 9:41 AM, Schneur Rosenberg <span dir="ltr"><<a href="mailto:rosenberg11219@gmail.com" target="_blank">rosenberg11219@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">check_source_address won't work for me, my clients are behind Dynamic<br>
ip's, there is no way for me to know in advance their ip address<br>
<div class="HOEnZb"><div class="h5"><br>
On Mon, Jul 23, 2012 at 8:55 PM, Brett Nemeroff <<a href="mailto:brett@nemeroff.com">brett@nemeroff.com</a>> wrote:<br>
> Scot,<br>
> the function "is_from_local" uses the From URI and as such, will not work if<br>
> the originator mangles the from uri (as in the case of your example below).<br>
><br>
> A more secure way to do this that may suit your needs is to use the<br>
> permissions module and actually check the source IP of the request:<br>
><br>
> <a href="http://www.opensips.org/html/docs/modules/1.8.x/permissions.html#id293503" target="_blank">http://www.opensips.org/html/docs/modules/1.8.x/permissions.html#id293503</a><br>
><br>
> Look at the "check_source_address" and or "get_source_group". Either of<br>
> these can compare the source IP of the originator to a known list. From<br>
> there, you can perform script logic based on where the request came from.<br>
><br>
> Hope that helps!<br>
> -Brett<br>
><br>
><br>
> On Mon, Jul 23, 2012 at 11:38 AM, Schneur Rosenberg<br>
> <<a href="mailto:rosenberg11219@gmail.com">rosenberg11219@gmail.com</a>> wrote:<br>
>><br>
>> I'm using opensips as a registrar server and as a loadbalancer, all<br>
>> phones are registered to opensips and all incoming and outgoing calls<br>
>> go to Asterisk boxes via load balancing, therefore I have 3 kinds of<br>
>> calls going to opensips,<br>
>> 1) outgoing calls coming from one of the phones Registered to opensips,<br>
>> 2) incoming calls (we allow all incoming calls no matter from where<br>
>> they come, I call them unauthenticated DID)<br>
>> 3) Calls ringing to a phone registered to opensips, the Asterisk boxes<br>
>> will send the calls to the phone either after getting a call from a<br>
>> DID, or when a internal user wants to call another internal user<br>
>><br>
>> The way I differentiate between the calls is I do a if<br>
>> (!(method=="REGISTER") && is_from_local()) this will check credentials<br>
>> and send call to asterisk to process outgoing call, then I do a else<br>
>> if ((method=="INVITE")) which will check if the call is going to a<br>
>> local phone by doing if (!lookup("location", "m")) if that fails that<br>
>> it assumes its a incoming did call, and it will send it to asterisk<br>
>> with a prefix so asterisk knows its a unauthenticated incoming call,<br>
>> bellow I pasted a skeleton of the code I'm using.<br>
>><br>
>> Everything worked fine, until I connected a PBX to my opensips, then<br>
>> the from came in with the address of the PBX and the is_from_local()<br>
>> test was not true, so it did not work, I had the same problem when<br>
>> sending a call from a SPA3000 and blocking caller id, in that case it<br>
>> also obscured the from address, as follows "From: Anonymous<br>
>> <sip:anonymous@localhost>;tag=ea3ee097cd947aeeo0." , the only<br>
>> reference of the user or domain was in the RPID field and calls did<br>
>> not go through.<br>
>><br>
>> Is there anyway to check if a source IP is registered to our system<br>
>> and only then it should send a 407? this way if I have a BPX<br>
>> registered it will then ask for credentials, all others it will assume<br>
>> that either a call to the local phone or unauthenticated DID, I<br>
>> understand that I wont be able to send calls to the system only if<br>
>> registration was done before, but I have no problem with that, I<br>
>> could do it with avp_db_query() on the subscriber table, but I want to<br>
>> know if there is a better way.<br>
>><br>
>> If there is there a better solution then the above solution please let me<br>
>> know<br>
>><br>
>> if (!(method=="REGISTER") && is_from_local())<br>
>> {<br>
>> #check credentials<br>
>> }<br>
>> else if ((method=="INVITE")) #unathenticated did or call<br>
>> going to phone registered to opensips<br>
>> {<br>
>><br>
>> if (!lookup("location", "m")) #calling local phone<br>
>> {<br>
>> #send to phone registered to opensips<br>
>> }<br>
>> else<br>
>> {<br>
>> #incoming did send call to asterisk to process<br>
>> }<br>
>> }<br>
>> else<br>
>> {<br>
>> #outgoing calls route continues here<br>
>> }<br>
>> ...................................<br>
>><br>
>> _______________________________________________<br>
>> Users mailing list<br>
>> <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
>> <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
><br>
><br>
><br>
> _______________________________________________<br>
> Users mailing list<br>
> <a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
> <a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
><br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</div></div></blockquote></div><br></div>