I won't pretend to read Claudius' mind but I have a theory on thos Xs. :-)
In some scriping languages, comparing emtpy strings doesn't work well.
I'm thinking specifically of DOS batch here but it may extend to the
dialplan.
For example, if you're checking for user input and it should be yes or
no, you might use
if $UserInput == yes then SomeFunction()
else if $UserInput == no then SomeOtherFunction()
Problems arise when the input isn't a nice clean string, such as if
the user presses enter or CTRL-Z. As a result, you surround the input
and the comparison string with a token like X so that the empty string
comparison doesn't cause an ugly failure. IE if the user presses
Enter then (X & {$UserInput} & X) evaluates to XX not to some weird
non-visible and non-empty string.
Short story: if it works using the Xs, you might consider leaving them
since it might prevent some strange erratic behaviour.
Hope this helps,
Dave
On 7/13/06, Andy Jaikissoon <[EMAIL PROTECTED]> wrote:
Ok…explanation makes sense to me!
Andy Jaikissoon
Senior Switch Administrator
450Tel Communications Inc.
Tel: (647) 435-2478 x5001
Tel: (905) 493-0650
[EMAIL PROTECTED]
________________________________
From: Claudius Fortis [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 12, 2006 10:42 PM
To: Andy Jaikissoon; [email protected]
Subject: RE: [on-asterisk] Modified Authentication
Wats up with "x" ? Good question!
I don't even remember why I put them there...it's a script I develop long
time ago.... probably was trying something fancier....
And you can safely remove it....and would not affect your config...
Claudius
From: Andy Jaikissoon [mailto:[EMAIL PROTECTED]
Sent: July-12-06 9:44 AM
To: [email protected]
Subject: RE: [on-asterisk] Modified Authentication
WoW!!!
The amount of responses that I received is simply amazing.
So…to update…I did get the DISA feature to work.
I will investigate the suggestion made below by Claudius as it seems to be
something a little more sturdy for security. I do understand the
implications of this and have used such a system in the past (albeit via a
TDM switch). ANI spoofing is a real problem that I've seen but I'm willing
to take the risk. If this works, then I may be able to create something for
my employers also.
I do have a question about one thing below though:
exten => s,98,GotoIf($["x${CALLERIDNUM}x" =
"xOK_CID97x"]?99)
What's with the "x" before and after the CLID?
Andy Jaikissoon
________________________________
From: Claudius Fortis [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 12, 2006 1:58 AM
To: Andy Jaikissoon; sacha panasuik; Alex Robar
Cc: [email protected]
Subject: RE: [on-asterisk] Modified Authentication
Hello Andy,
I think I agree with everyone here on the fact you should use extreme
caution authenticating using CID only....
Here's a config. I use to do what you're looking for; although numerous
smarter ways of doing it....but this should get you started.....
Copy this script to your extension_custom.conf file/ and if you have
followed Ward Mundy's tutorials properly, u should be able to set this up
using the Digital Receptionnist....(sorry, don't know how it's called in
TrixBox)
Please note your friend's phone number is in red below [4165550123].... and
if you've got more numbers to add, just follow the same pattern...
You call from your friend's place, the GoToIf parameter makes you jump to
exten 100 which announces a "Please wait while I connect your call" message,
then you get a dial tone...Dats it! Just dial out .......
Any other CID will be sent to exten 99, which, after a slight delay hang up
on the caller..and nothing else will happen....
It works for me..... but I don't have it activated and prefers to add-on
some more security feature around it....for the same reason that everyone
here is trying to voice out.... J
[custom-disa]
exten => s,1,SetCIDNum(${CALLERIDNUM:0})
exten => s,2,GotoIf($["x${CALLERIDNUM}x" = "x4165550123x"]?100)
exten => s,98,GotoIf($["x${CALLERIDNUM}x" =
"xOK_CID97x"]?99)
exten => s,99,Goto(999)
exten => s,100,Background(pls-wait-connect-call)
exten => s,101,DISA(no-password|from-internal)
exten => s,102,Goto(999)
exten => s,999,Hangup()
Well, that's my 2 cents! Hope that helps......
Claudius
From: sacha panasuik [mailto:[EMAIL PROTECTED]
Sent: July-11-06 11:09 PM
To: Alex Robar
Cc: [email protected]
Subject: Re: [on-asterisk] Modified Authentication
On 7/11/06, Alex Robar <[EMAIL PROTECTED]> wrote:
Sacha,
You're leaving the PIN blank. It may be trivial to spoof CID, but if a
passcode is set, the caller would still have to know your code before they
gained access.
Alex
Alex,
I couldn't agree more. However, the question was how to create such a
beast without any authentication whatsoever. Most of us wouldn't want such
a thing, but the original poster apparently does.
Quote:
I want to set my box up so that I can call a particular DID to my box, have
my box check my ANI where I'm calling from, validate me as a legit ANI, and
give me back dial tone. Is this possible? I've read a couple of
workarounds on the web that suggest that I would need to put in a password
but I don't want to do that. I just want the system to check my ANI and
validate me based on that. So should I pop over to my friend's house, I can
just pick up their phone, call my PBX, and get back dial tone.
<SNIP>
--
David Donovan
Consultant
Fulcrum Solutions
