[Freeswitch-users] Reject SIP registrations

Kurtis Heimerl kheimerl at cs.berkeley.edu
Tue Jun 28 00:30:02 MSD 2011


It's enabled in the acl.conf.xml file, using CIDR.

What conf files do you consider relevant? acl.conf.xml, internal.xml,
a profile or two, anything else?

On Mon, Jun 27, 2011 at 1:26 PM, David Ponzone <david.ponzone at ipeva.fr> wrote:
> The interesting question is then: why are you able to register without
> password, if this feature is not enabled on the profile...
> Perhaps you should recap your config once more, and put the relevant files
> on PB.
> David Ponzone  Direction Technique
> email: david.ponzone at ipeva.fr
> tel:      01 74 03 18 97
> gsm:   06 66 98 76 34
> Service Client IPeva
> tel:      0811 46 26 26
> www.ipeva.fr  -   www.ipeva-studio.com
> Ce message et toutes les pièces jointes sont confidentiels et établis à
> l'intention exclusive de ses destinataires. Toute utilisation ou diffusion
> non autorisée est interdite. Tout message électronique est susceptible
> d'altération. IPeva décline toute responsabilité au titre de ce message s'il
> a été altéré, déformé ou falsifié. Si vous n'êtes pas destinataire de ce
> message, merci de le détruire immédiatement et d'avertir l'expéditeur.
>
>
>
> Le 27/06/2011 à 20:36, Kurtis Heimerl a écrit :
>
> That would explain why removing them didn't do anything!
>
> Thanks.
>
> On Mon, Jun 27, 2011 at 6:25 AM, Steven Ayre <steveayre at gmail.com> wrote:
>
> Just so you know...
>
>      <param name="accept-blind-reg" value="true"/>
>
>      <param name="accept-blind-auth" value="true"/>
>
> These will have no effect in the user directory. They only apply to SIP
>
> profiles.
>
> -Steve
>
>
>
> On 27 June 2011 02:23, Kurtis Heimerl <kheimerl at cs.berkeley.edu> wrote:
>
> Hello FS Users!
>
> I'm trying to create the following setup. When a user registers, if
>
> they register on a known account (lets say X), they do not need a
>
> password. X's registration is immediately OK'd, and everything is
>
> great. I've gotten that working using the ACL. The IP address of our
>
> SIP clients are added through cidr and the clients do not need to give
>
> passwords.
>
> However, for some reason, if another account that does not exist in
>
> the directory (let's say Y) registers, FS returns with a 200 OK,
>
> instead of rejecting Y. I'm trying to figure out why this is the case,
>
> and how to remedy that fact.
>
> I have the following line in my internal.xml file, which I had assumed
>
> would force this function:
>
>   <!-- Force the user and auth-user to match. -->
>
>   <param name="inbound-reg-force-matching-username" value="true"/>
>
> However, it does not work. In my directory, each individual account as
>
> the following lines:
>
>  <user id="1303">
>
>    <params>
>
>      <param name="accept-blind-reg" value="true"/>
>
>      <param name="accept-blind-auth" value="true"/>
>
>      <param name="vm-password" value="1000"/>
>
>    </params>
>
> Though I've found that removing it (from all users in the directory)
>
> doesn't help.
>
> I'm primarily concerned with the line in internal.xml; it seems
>
> possible that the fact that we do not have an auth-user (because we do
>
> not require auth) means that this won't work. However, I have yet to
>
> test that hypothesis. The ACL has been the most confusing aspect of
>
> this installation, with a lot of undocumented aspects, and I get the
>
> nagging feeling this is another. I could very well be wrong though.
>
> Thanks for any direction.
>
> _______________________________________________
>
> Join us at ClueCon 2011, Aug 9-11, Chicago
>
> http://www.cluecon.com 877-7-4ACLUE
>
> FreeSWITCH-users mailing list
>
> FreeSWITCH-users at lists.freeswitch.org
>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>
> http://www.freeswitch.org
>
>
> _______________________________________________
>
> Join us at ClueCon 2011, Aug 9-11, Chicago
>
> http://www.cluecon.com 877-7-4ACLUE
>
> FreeSWITCH-users mailing list
>
> FreeSWITCH-users at lists.freeswitch.org
>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>
> http://www.freeswitch.org
>
>
>
> _______________________________________________
> Join us at ClueCon 2011, Aug 9-11, Chicago
> http://www.cluecon.com 877-7-4ACLUE
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> _______________________________________________
> Join us at ClueCon 2011, Aug 9-11, Chicago
> http://www.cluecon.com 877-7-4ACLUE
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>



More information about the FreeSWITCH-users mailing list