Scot, the function "is_from_local" uses the From URI and as such, will not work if the originator mangles the from uri (as in the case of your example below).
A more secure way to do this that may suit your needs is to use the permissions module and actually check the source IP of the request: http://www.opensips.org/html/docs/modules/1.8.x/permissions.html#id293503 Look at the "check_source_address" and or "get_source_group". Either of these can compare the source IP of the originator to a known list. From there, you can perform script logic based on where the request came from. Hope that helps! -Brett On Mon, Jul 23, 2012 at 11:38 AM, Schneur Rosenberg < [email protected]> wrote: > I'm using opensips as a registrar server and as a loadbalancer, all > phones are registered to opensips and all incoming and outgoing calls > go to Asterisk boxes via load balancing, therefore I have 3 kinds of > calls going to opensips, > 1) outgoing calls coming from one of the phones Registered to opensips, > 2) incoming calls (we allow all incoming calls no matter from where > they come, I call them unauthenticated DID) > 3) Calls ringing to a phone registered to opensips, the Asterisk boxes > will send the calls to the phone either after getting a call from a > DID, or when a internal user wants to call another internal user > > The way I differentiate between the calls is I do a if > (!(method=="REGISTER") && is_from_local()) this will check credentials > and send call to asterisk to process outgoing call, then I do a else > if ((method=="INVITE")) which will check if the call is going to a > local phone by doing if (!lookup("location", "m")) if that fails that > it assumes its a incoming did call, and it will send it to asterisk > with a prefix so asterisk knows its a unauthenticated incoming call, > bellow I pasted a skeleton of the code I'm using. > > Everything worked fine, until I connected a PBX to my opensips, then > the from came in with the address of the PBX and the is_from_local() > test was not true, so it did not work, I had the same problem when > sending a call from a SPA3000 and blocking caller id, in that case it > also obscured the from address, as follows "From: Anonymous > <sip:anonymous@localhost>;tag=ea3ee097cd947aeeo0." , the only > reference of the user or domain was in the RPID field and calls did > not go through. > > Is there anyway to check if a source IP is registered to our system > and only then it should send a 407? this way if I have a BPX > registered it will then ask for credentials, all others it will assume > that either a call to the local phone or unauthenticated DID, I > understand that I wont be able to send calls to the system only if > registration was done before, but I have no problem with that, I > could do it with avp_db_query() on the subscriber table, but I want to > know if there is a better way. > > If there is there a better solution then the above solution please let me > know > > if (!(method=="REGISTER") && is_from_local()) > { > #check credentials > } > else if ((method=="INVITE")) #unathenticated did or call > going to phone registered to opensips > { > > if (!lookup("location", "m")) #calling local phone > { > #send to phone registered to opensips > } > else > { > #incoming did send call to asterisk to process > } > } > else > { > #outgoing calls route continues here > } > ................................... > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
