Hi, Have a look at the permissions module doc, especially the check_source_address() function: http://www.opensips.org/html/docs/modules/1.9.x/permissions.html#id293797 You need to add the authorized ips to the address table in the db and use check_source_address() to check if the current source ip address is on that table. Don't forget to reload the table everytime you make a change (mi command: address_reload)
Best Regards, Vallimamod . On Aug 30, 2013, at 12:39 PM, Danny Dias <[email protected]> wrote: > sorry, my small script is like this: > > if (check_address("0","192.168.0.35","0","ANY","", "")) { > t_relay(); > } > else { > sl_send_reply("403", "Forbidden"); > exit; > } > > Still receiving the 403 > > > > 2013/8/30 Danny Dias <[email protected]> > Finally, > > I did it like this: > > if (!check_address("0","192.168.0.35","0","ANY","", "")) { > t_relay(); > } > else { > sl_send_reply("403", "Forbidden"); > exit; > } > > But now, all the calls from source ip address 192.168.0.35 receive a 403: > > U 192.168.0.35:3832 -> 192.168.1.20:5060 > INVITE sip:[email protected] SIP/2.0. > Via: SIP/2.0/UDP > 192.168.1.35:3832;branch=z9hG4bK-d8754z-c4f09d265010a511-1---d8754z-;rport. > Max-Forwards: 70. > Contact: <sip:[email protected]:3832>. > To: <sip:[email protected]>. > From: "1000"<sip:[email protected]>;tag=6be1ed13. > Call-ID: ZGZiMjEwMzFjZjRkNDFmMzdhZGJkNTgxYzlmYjE4MTY. > CSeq: 1 INVITE. > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, > INFO. > Content-Type: application/sdp. > Supported: replaces. > User-Agent: Bria 3 release 3.5.3 stamp 70600. > Content-Length: 208. > . > v=0. > o=- 1377858559536092 1 IN IP4 192.168.0.35. > s=Bria 3 release 3.5.3 stamp 70600. > c=IN IP4 192.168.0.35. > t=0 0. > m=audio 53766 RTP/AVP 8 0 101. > a=rtpmap:101 telephone-event/8000. > a=fmtp:101 0-15. > a=sendrecv. > > U 192.168.1.20:5060 -> 192.168.0.35:3832 > SIP/2.0 403 Forbidden. > Via: SIP/2.0/UDP > 192.168.0.35:3832;received=192.168.0.35;branch=z9hG4bK-d8754z-c4f09d265010a511-1---d8754z-;rport=3832. > To: <sip:[email protected]>;tag=7ff88f74df89822193682e3f23116cc8.59de. > From: "1000"<sip:[email protected]>;tag=6be1ed13. > Call-ID: ZGZiMjEwMzFjZjRkNDFmMzdhZGJkNTgxYzlmYjE4MTY. > CSeq: 1 INVITE. > Server: OpenSIPS (1.9.1-notls (i386/linux)). > Content-Length: 0. > > > > > > 2013/8/30 Danny Dias <[email protected]> > So, > > It would be something like this (not quite sure...): > > route { > if (check_address("0","192.168.2.135","0","ANY","", "")) { > t_relay(); > else if (sl_send_reply("403", "Forbidden")); > exit; > } > . > . > > In this small script at the very begining of route script, i will only permit > calls from ip "192.168.2.135", any other ip, will receive a 403. Am i right? > > Thanks > > > > > > > > > 2013/8/30 Víctor Fernández Martínez <[email protected]> > Hi Danny, > > You can check the source IP address using $si and send a forbidden response if > it doesn't match your needs. > > Best regards. > > > > On Friday 30 August 2013 03:48:25 Danny Días wrote: > > Hi, > > > > I need to configure OpenSIPS to only accept calls from 1 IP address and > > without any kind of authentication (no password required for clients); i > > wonder if there's a function in OpenSIPS to accomplish this? > > > > Thanks so much > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > > -- > SIP: [email protected] > Web: http://www.danntel.net > > > > -- > SIP: [email protected] > Web: http://www.danntel.net > > > > -- > SIP: [email protected] > Web: http://www.danntel.net > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
