[Freeswitch-users] Authorizing Anonynous Devices

Anthony Minessale anthony.minessale at gmail.com
Wed Oct 29 10:42:45 PDT 2008


oh that's good news!
sorry, i assumed you must have had a reason to do it that way.

just create another profile that uses a another port and a public context
with very little extensions in it and no auth options.

then in that public context you can make extens to transfer the call into
your real dialplan when they are appropriate.

the defaults out of the box have something like this in place already iirc.


On Wed, Oct 29, 2008 at 8:38 AM, Klaus Teller <klaus.teller at gmx.net> wrote:

> Sorry if i gave the impression i'm tried to avoid something. There is
> nothing i'm trying to avoid, i'm just ignorant.
>
> So how can i translate your recommendation into practice? What parameters
> do i need to set/change?
>
> Thanks,
>
> Klaus.
>
> -------- Original-Nachricht --------
> > Datum: Wed, 29 Oct 2008 08:13:58 -0500
> > Von: "Anthony Minessale" <anthony.minessale at gmail.com>
> > An: freeswitch-users at lists.freeswitch.org
> > Betreff: Re: [Freeswitch-users] Authorizing Anonynous Devices
>
> > all this to avoid just making another profile on a different port that
> has
> > inbound calls sandboxed into a special public context?
> > if you add the port to your srv records nobody would even know.
> >
> >
> > On Tue, Oct 28, 2008 at 3:02 PM, Klaus Teller <klaus.teller at gmx.net>
> > wrote:
> >
> > > Hi Folks,
> > >
> > > I need some additional help with this issue. I already had some from
> > Brian
> > > i'm but still not able to move forward.
> > >
> > > I want a non-registered device to be able to call extension 56900 in my
> > > Freeswitch in such a way that i can manage the call using the socket
> > > interface.  I believe the issue i'm having is that of permissions.
> > >
> > > Based on what was suggested sofar, here is what i did.
> > >
> > > 1) Added following extension in dialplan/default.xml
> > >
> > >     <extension name="check_auth" continue="true">
> > >            <condition field="${sip_authorized}" expression="^true$"
> > > break="never">
> > >                   <anti-action application="respond" data="407"/>
> > >            </condition>
> > >   </extension>
> > >
> > > 2) Set auth-calls to false in internal.xml. That is
> > > <param name="auth-calls" value="$${internal_auth_calls}"/>
> > >
> > > was replaced with:
> > >
> > > <param name="auth-calls" value="false"/>
> > >
> > > 3) Changed acl.com.xml by replacing
> > >
> > >  <list name="domains" default="DENY">
> > >      <node type="allow" domain="$${domain}"/>
> > >    </list>
> > >
> > > with
> > >
> > >  <list name="domains" default="allow">
> > >      <node type="allow" domain="$${domain}"/>
> > >    </list>
> > >
> > >
> > > Now here is the result i get after these changes:
> > >
> > > a) Anonymous non-registered device can call registered soft phone  at
> > > extension 1003
> > > b) Anonymous non-registered device cannot call 56900 that needs to be
> > > managed via socket interface (error message 480). Also 9000 cannot be
> > > called.
> > > c) Registered soft phone (extension 1003) cannot call 56900
> > > d) Registered soft phone (ext 1003) can call registered soft phone (ext
> > > 1000).
> > >
> > > If i perform only step 1 and 3 (i.e. auth-calls not set to false), a)
> > > become impossible, b) remains wrong, c) is now possible (i.e. socket
> > > interface being notified about call at 56900), while d) remains. valid.
> > >
> > >
> > > Disabling any of 1) or 3) would result into calls by non-registered
> > device
> > > being rejected.
> > >
> > > Any idea what else can be tried?
> > >
> > > Thanks,
> > > Klaus.
> > >
> > >
> > >
> > > --
> > > Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
> > > Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer
> > >
> > > _______________________________________________
> > > Freeswitch-users mailing list
> > > Freeswitch-users at lists.freeswitch.org
> > > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > > UNSUBSCRIBE:
> http://lists.freeswitch.org/mailman/options/freeswitch-users
> > > http://www.freeswitch.org
> > >
> >
> >
> >
> > --
> > Anthony Minessale II
> >
> > FreeSWITCH http://www.freeswitch.org/
> > ClueCon http://www.cluecon.com/
> >
> > AIM: anthm
> > MSN:anthony_minessale at hotmail.com <MSN%3Aanthony_minessale at hotmail.com><
> MSN%3Aanthony_minessale at hotmail.com<MSN%253Aanthony_minessale at hotmail.com>
> >
> > GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com<PAYPAL%3Aanthony.minessale at gmail.com>
> <PAYPAL%3Aanthony.minessale at gmail.com<PAYPAL%253Aanthony.minessale at gmail.com>
> >
> > IRC: irc.freenode.net #freeswitch
> >
> > FreeSWITCH Developer Conference
> > sip:888 at conference.freeswitch.org <sip%3A888 at conference.freeswitch.org><
> sip%3A888 at conference.freeswitch.org<sip%253A888 at conference.freeswitch.org>
> >
> > iax:guest at conference.freeswitch.org/888
> > googletalk:conf+888 at conference.freeswitch.org<googletalk%3Aconf%2B888 at conference.freeswitch.org>
> <googletalk%3Aconf%2B888 at conference.freeswitch.org<googletalk%253Aconf%252B888 at conference.freeswitch.org>
> >
> > pstn:213-799-1400
>
> --
> GMX Download-Spiele: Preizsturz! Alle Puzzle-Spiele Deluxe über 60%
> billiger.
>
> http://games.entertainment.gmx.net/de/entertainment/games/download/puzzle/index.html
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>



-- 
Anthony Minessale II

FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/

AIM: anthm
MSN:anthony_minessale at hotmail.com <MSN%3Aanthony_minessale at hotmail.com>
GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com<PAYPAL%3Aanthony.minessale at gmail.com>
IRC: irc.freenode.net #freeswitch

FreeSWITCH Developer Conference
sip:888 at conference.freeswitch.org <sip%3A888 at conference.freeswitch.org>
iax:guest at conference.freeswitch.org/888
googletalk:conf+888 at conference.freeswitch.org<googletalk%3Aconf%2B888 at conference.freeswitch.org>
pstn:213-799-1400
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20081029/d8668070/attachment-0002.html 


More information about the FreeSWITCH-users mailing list