Re: [asterisk-users] action at registering or de-registering
On Wed, Nov 24, 2010 at 4:24 PM, Hans Witvliet wrote: > On Wed, 2010-11-24 at 15:47 -0600, Sherwood McGowan wrote: >> On Wed, Nov 24, 2010 at 3:08 PM, Hans Witvliet wrote: >> > On Wed, 2010-11-24 at 08:29 -0500, Ryan Bullock wrote: >> >> On Asterisk 1.8 when a SIP peer resgisters or unregisters it generates >> >> a PeerStatus event. I don't know if this is in 1.4/1.6 as well, but >> >> should be easy enough to test. >> >> >> >> Here is an example of what I see on the manager interface during a >> >> register/unregister: >> >> >> >> Event: PeerStatus >> >> Privilege: system,all >> >> ChannelType: SIP >> >> Peer: SIP/twinkle >> >> PeerStatus: Registered >> >> Address: 192.168.56.1:5068 >> >> >> >> Event: PeerStatus >> >> Privilege: system,all >> >> ChannelType: SIP >> >> Peer: SIP/twinkle >> >> PeerStatus: Unregistered >> >> >> >> I think that should work for whatever you need to do. >> >> >> > >> > I'm doing a fresh install, so 1.8 is what i'm going to use. >> > >> > What i want to check, is whether to person who is doing a register, is >> > realy the person at the other end of a VPN-tunnel. >> > With openvpn i'm absolutely sure which person is at a certain >> > vpn-ip-addres. I must check if the registering is faked or not. >> > >> > As ong as linphone (or for that matter any other softphone) does not >> > have a possibility for using the libraries from opensc, there is no >> > other way... >> > >> > So next couple of weeks i'll start exploring AMI, >> > >> > Thanks! >> > > >> > >> >> Well, if that's all you need (restricting registrations for a SIP >> endpoint to a specific IP address), try one of the following >> methods... >> >> Method 1: >> In the endpoint definition, set the host to the vpn ip address, rather >> than setting it to dynamic. This disallows registrations. Then, use >> qualify=yes so Asterisk "knows" when the endpoint is available >> (responding to OPTIONS requests). >> >> Method 2: >> Use the permit,deny, and mask settings to define what ip address >> and/or network the endpoint should be at, thereby locking out use from >> another address. >> (http://www.voip-info.org/wiki/view/Asterisk+sip+permit-deny-mask) >> >> Either of those should resolve your needs > > > No, don't think so, (unless mistaken) > Everybody got a dynamic address from openvpn, something in 10.225.0.0/16 > You never know what you wil get, so it got to be dynamic. > > Anybody within that range is a valid user (otherwise he could not set up > the vpn-tunnel). But any rogue co-worker should not be able to register > as another co-worker, so method-2 won't do either. > > sip/tls might have been a solution, but private keys are locked on a > card, and can ony be reached with the pkcs11-libs from opensc. > > Hans > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > Ah, I see, sorry I misunderstood what you needed. Good luck -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] action at registering or de-registering
On Wed, 2010-11-24 at 15:47 -0600, Sherwood McGowan wrote: > On Wed, Nov 24, 2010 at 3:08 PM, Hans Witvliet wrote: > > On Wed, 2010-11-24 at 08:29 -0500, Ryan Bullock wrote: > >> On Asterisk 1.8 when a SIP peer resgisters or unregisters it generates > >> a PeerStatus event. I don't know if this is in 1.4/1.6 as well, but > >> should be easy enough to test. > >> > >> Here is an example of what I see on the manager interface during a > >> register/unregister: > >> > >> Event: PeerStatus > >> Privilege: system,all > >> ChannelType: SIP > >> Peer: SIP/twinkle > >> PeerStatus: Registered > >> Address: 192.168.56.1:5068 > >> > >> Event: PeerStatus > >> Privilege: system,all > >> ChannelType: SIP > >> Peer: SIP/twinkle > >> PeerStatus: Unregistered > >> > >> I think that should work for whatever you need to do. > >> > > > > I'm doing a fresh install, so 1.8 is what i'm going to use. > > > > What i want to check, is whether to person who is doing a register, is > > realy the person at the other end of a VPN-tunnel. > > With openvpn i'm absolutely sure which person is at a certain > > vpn-ip-addres. I must check if the registering is faked or not. > > > > As ong as linphone (or for that matter any other softphone) does not > > have a possibility for using the libraries from opensc, there is no > > other way... > > > > So next couple of weeks i'll start exploring AMI, > > > > Thanks! > > > > > > Well, if that's all you need (restricting registrations for a SIP > endpoint to a specific IP address), try one of the following > methods... > > Method 1: > In the endpoint definition, set the host to the vpn ip address, rather > than setting it to dynamic. This disallows registrations. Then, use > qualify=yes so Asterisk "knows" when the endpoint is available > (responding to OPTIONS requests). > > Method 2: > Use the permit,deny, and mask settings to define what ip address > and/or network the endpoint should be at, thereby locking out use from > another address. > (http://www.voip-info.org/wiki/view/Asterisk+sip+permit-deny-mask) > > Either of those should resolve your needs No, don't think so, (unless mistaken) Everybody got a dynamic address from openvpn, something in 10.225.0.0/16 You never know what you wil get, so it got to be dynamic. Anybody within that range is a valid user (otherwise he could not set up the vpn-tunnel). But any rogue co-worker should not be able to register as another co-worker, so method-2 won't do either. sip/tls might have been a solution, but private keys are locked on a card, and can ony be reached with the pkcs11-libs from opensc. Hans -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] action at registering or de-registering
On Wed, Nov 24, 2010 at 3:08 PM, Hans Witvliet wrote: > On Wed, 2010-11-24 at 08:29 -0500, Ryan Bullock wrote: >> On Asterisk 1.8 when a SIP peer resgisters or unregisters it generates >> a PeerStatus event. I don't know if this is in 1.4/1.6 as well, but >> should be easy enough to test. >> >> Here is an example of what I see on the manager interface during a >> register/unregister: >> >> Event: PeerStatus >> Privilege: system,all >> ChannelType: SIP >> Peer: SIP/twinkle >> PeerStatus: Registered >> Address: 192.168.56.1:5068 >> >> Event: PeerStatus >> Privilege: system,all >> ChannelType: SIP >> Peer: SIP/twinkle >> PeerStatus: Unregistered >> >> I think that should work for whatever you need to do. >> > > I'm doing a fresh install, so 1.8 is what i'm going to use. > > What i want to check, is whether to person who is doing a register, is > realy the person at the other end of a VPN-tunnel. > With openvpn i'm absolutely sure which person is at a certain > vpn-ip-addres. I must check if the registering is faked or not. > > As ong as linphone (or for that matter any other softphone) does not > have a possibility for using the libraries from opensc, there is no > other way... > > So next couple of weeks i'll start exploring AMI, > > Thanks! > > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > Well, if that's all you need (restricting registrations for a SIP endpoint to a specific IP address), try one of the following methods... Method 1: In the endpoint definition, set the host to the vpn ip address, rather than setting it to dynamic. This disallows registrations. Then, use qualify=yes so Asterisk "knows" when the endpoint is available (responding to OPTIONS requests). Method 2: Use the permit,deny, and mask settings to define what ip address and/or network the endpoint should be at, thereby locking out use from another address. (http://www.voip-info.org/wiki/view/Asterisk+sip+permit-deny-mask) Either of those should resolve your needs -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] action at registering or de-registering
On Wed, 2010-11-24 at 08:29 -0500, Ryan Bullock wrote: > On Asterisk 1.8 when a SIP peer resgisters or unregisters it generates > a PeerStatus event. I don't know if this is in 1.4/1.6 as well, but > should be easy enough to test. > > Here is an example of what I see on the manager interface during a > register/unregister: > > Event: PeerStatus > Privilege: system,all > ChannelType: SIP > Peer: SIP/twinkle > PeerStatus: Registered > Address: 192.168.56.1:5068 > > Event: PeerStatus > Privilege: system,all > ChannelType: SIP > Peer: SIP/twinkle > PeerStatus: Unregistered > > I think that should work for whatever you need to do. > I'm doing a fresh install, so 1.8 is what i'm going to use. What i want to check, is whether to person who is doing a register, is realy the person at the other end of a VPN-tunnel. With openvpn i'm absolutely sure which person is at a certain vpn-ip-addres. I must check if the registering is faked or not. As ong as linphone (or for that matter any other softphone) does not have a possibility for using the libraries from opensc, there is no other way... So next couple of weeks i'll start exploring AMI, Thanks! -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] action at registering or de-registering
On Asterisk 1.8 when a SIP peer resgisters or unregisters it generates a PeerStatus event. I don't know if this is in 1.4/1.6 as well, but should be easy enough to test. Here is an example of what I see on the manager interface during a register/unregister: Event: PeerStatus Privilege: system,all ChannelType: SIP Peer: SIP/twinkle PeerStatus: Registered Address: 192.168.56.1:5068 Event: PeerStatus Privilege: system,all ChannelType: SIP Peer: SIP/twinkle PeerStatus: Unregistered I think that should work for whatever you need to do. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] action at registering or de-registering
On Wed, Nov 24, 2010 at 1:20 AM, Hans Witvliet wrote: > Hi all, > > Perhaps someone has dealt with it before. > > I want to activate a bunch of my own scripts after someone has registred > om my asterisk, or when his cient has de-registerded. > > have been skimming through AGI and AMI, and seen a lot of nice features, > but not the (de-)registering events. > > Kind regards, Hans > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > I don't think this is currently possible, but I could be wrong. If it turns out that this is not possible, maybe you should suggest it as a feature, I could see where it could be useful -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
