[Freeswitch-users] Authorizing Anonynous Devices

Klaus Teller klaus.teller at gmx.net
Wed Oct 29 06:38:40 PDT 2008


Sorry if i gave the impression i'm tried to avoid something. There is nothing i'm trying to avoid, i'm just ignorant.

So how can i translate your recommendation into practice? What parameters do i need to set/change?

Thanks,

Klaus.

-------- Original-Nachricht --------
> Datum: Wed, 29 Oct 2008 08:13:58 -0500
> Von: "Anthony Minessale" <anthony.minessale at gmail.com>
> An: freeswitch-users at lists.freeswitch.org
> Betreff: Re: [Freeswitch-users] Authorizing Anonynous Devices

> all this to avoid just making another profile on a different port that has
> inbound calls sandboxed into a special public context?
> if you add the port to your srv records nobody would even know.
> 
> 
> On Tue, Oct 28, 2008 at 3:02 PM, Klaus Teller <klaus.teller at gmx.net>
> wrote:
> 
> > Hi Folks,
> >
> > I need some additional help with this issue. I already had some from
> Brian
> > i'm but still not able to move forward.
> >
> > I want a non-registered device to be able to call extension 56900 in my
> > Freeswitch in such a way that i can manage the call using the socket
> > interface.  I believe the issue i'm having is that of permissions.
> >
> > Based on what was suggested sofar, here is what i did.
> >
> > 1) Added following extension in dialplan/default.xml
> >
> >     <extension name="check_auth" continue="true">
> >            <condition field="${sip_authorized}" expression="^true$"
> > break="never">
> >                   <anti-action application="respond" data="407"/>
> >            </condition>
> >   </extension>
> >
> > 2) Set auth-calls to false in internal.xml. That is
> > <param name="auth-calls" value="$${internal_auth_calls}"/>
> >
> > was replaced with:
> >
> > <param name="auth-calls" value="false"/>
> >
> > 3) Changed acl.com.xml by replacing
> >
> >  <list name="domains" default="DENY">
> >      <node type="allow" domain="$${domain}"/>
> >    </list>
> >
> > with
> >
> >  <list name="domains" default="allow">
> >      <node type="allow" domain="$${domain}"/>
> >    </list>
> >
> >
> > Now here is the result i get after these changes:
> >
> > a) Anonymous non-registered device can call registered soft phone  at
> > extension 1003
> > b) Anonymous non-registered device cannot call 56900 that needs to be
> > managed via socket interface (error message 480). Also 9000 cannot be
> > called.
> > c) Registered soft phone (extension 1003) cannot call 56900
> > d) Registered soft phone (ext 1003) can call registered soft phone (ext
> > 1000).
> >
> > If i perform only step 1 and 3 (i.e. auth-calls not set to false), a)
> > become impossible, b) remains wrong, c) is now possible (i.e. socket
> > interface being notified about call at 56900), while d) remains. valid.
> >
> >
> > Disabling any of 1) or 3) would result into calls by non-registered
> device
> > being rejected.
> >
> > Any idea what else can be tried?
> >
> > Thanks,
> > Klaus.
> >
> >
> >
> > --
> > Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
> > Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
> >
> > _______________________________________________
> > Freeswitch-users mailing list
> > Freeswitch-users at lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
> >
> 
> 
> 
> -- 
> Anthony Minessale II
> 
> FreeSWITCH http://www.freeswitch.org/
> ClueCon http://www.cluecon.com/
> 
> AIM: anthm
> MSN:anthony_minessale at hotmail.com <MSN%3Aanthony_minessale at hotmail.com>
> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com<PAYPAL%3Aanthony.minessale at gmail.com>
> IRC: irc.freenode.net #freeswitch
> 
> FreeSWITCH Developer Conference
> sip:888 at conference.freeswitch.org <sip%3A888 at conference.freeswitch.org>
> iax:guest at conference.freeswitch.org/888
> googletalk:conf+888 at conference.freeswitch.org<googletalk%3Aconf%2B888 at conference.freeswitch.org>
> pstn:213-799-1400

-- 
GMX Download-Spiele: Preizsturz! Alle Puzzle-Spiele Deluxe über 60% billiger.
http://games.entertainment.gmx.net/de/entertainment/games/download/puzzle/index.html




More information about the FreeSWITCH-users mailing list