[Freeswitch-users] Blocking incoming calls

Alex Lake alex at digitalmail.com
Wed Mar 13 15:20:47 MSK 2013 

When you say "to a different profile" - you're talking about on the same 
box, but a different port?
> They could still be registering, but to a different profile. Possibly 
> on an internal network.
>
> On 13 March 2013 11:43, Alex Lake <alex at digitalmail.com 
> <mailto:alex at digitalmail.com>> wrote:
>
>     Ah, so presumably the OP doesn't have (for example) SIP handsets
>     registered to his box (presumably that's done on port 5060, too)
>>     Only if you don't know what IP addresses calls are going to be
>>     coming from. In this case, we can probably ask the provider what
>>     their IP addresses are and just explicitly allow them.
>>
>>     All fail2ban does is check the log files then set up relevant
>>     firewall blacklist rules, so for the same job you get slightly
>>     more CPU load too.
>>
>>     On 13 March 2013 10:28, Alex Lake <alex at digitalmail.com
>>     <mailto:alex at digitalmail.com>> wrote:
>>
>>         Isn't fail2ban the usual solution here?
>>         > Hello. I hope someone can quickly see what I want to do and
>>         steer me in the right direction.
>>         >
>>         > I've looked at the documentation for acl.conf.xml and the
>>         SIP profile config file external.xml. I want to block
>>         incoming calls from all but a single external IP address and
>>         I'm sorry I just can't figure out how to do it or even if it
>>         can be done.
>>         >
>>         > We have a SIP trunk service with our VOIP provider. That
>>         means we have a static IP address which they use when they
>>         forward calls to us. They don't need to register, we just
>>         accept their calls but of course they have to be to our
>>         destination phone number. That all works and we have been
>>         very happy with Freeswitch for I don't know well over a year.
>>         >
>>         > Recently I became aware that someone is hammering our
>>         system trying to make calls. Our provider will only use port
>>         5060 so that does mean our system is sitting on the internet
>>         with port 5060 open. Our dial plan works correctly and I can
>>         see in the log these calls are going nowhere. But they can be
>>         every few seconds and I suspect they might be using a lot of
>>         bandwidth just hammering the system.
>>         >
>>         > We will never receive calls from any other address than the
>>         one our VOIP provider will use to call us. So I just want to
>>         block SIP traffic from all addresses except theirs. I just
>>         want Freeswitch to stay silent when a call comes in on any
>>         other address, so there is no evidence that it is there to be
>>         attacked.
>>         >
>>         > I know I can do this with a firewall but I hope I can do it
>>         in Freeswitch itself. I am confused about the parameters
>>         auth-calls and auth-call and how to apply an access list that
>>         would restrict all calls to just one IP address. I did read
>>         somewhere in the docs that if you want to block calls you
>>         need to use a firewall and maybe that's the answer and so be
>>         it. Still I hope I can do it with Freeswitch so I can just
>>         apply the right ACL and sort the problem without creating new
>>         problems by introducing a firewall.
>>         >
>>         > Hope you can help.
>>         >
>>         >
>>         > Clive Lansink
>>         > Email: Clive at Lansink.Co.NZ <mailto:Clive at Lansink.Co.NZ>
>>         > Phone: +64 9 520-4242 <tel:%2B64%209%20520-4242>
>>         > Mobile: +64 21 663-999 <tel:%2B64%2021%20663-999>
>>         > Fax: +64 21 789-150 <tel:%2B64%2021%20789-150>
>>         >
>>         >
>>         _________________________________________________________________________
>>         > Professional FreeSWITCH Consulting Services:
>>         > consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>         > http://www.freeswitchsolutions.com
>>         >
>>         > 
>>         > 
>>         >
>>         > Official FreeSWITCH Sites
>>         > http://www.freeswitch.org
>>         > http://wiki.freeswitch.org
>>         > http://www.cluecon.com
>>         >
>>         > FreeSWITCH-users mailing list
>>         > FreeSWITCH-users at lists.freeswitch.org
>>         <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>         > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>         >
>>         UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>         > http://www.freeswitch.org
>>         >
>>         >
>>         > -----
>>         > No virus found in this message.
>>         > Checked by AVG - www.avg.com <http://www.avg.com>
>>         > Version: 2012.0.2240 / Virus Database: 2641/5668 - Release
>>         Date: 03/12/13
>>         >
>>         >
>>
>>
>>         _________________________________________________________________________
>>         Professional FreeSWITCH Consulting Services:
>>         consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>         http://www.freeswitchsolutions.com
>>
>>         
>>         
>>
>>         Official FreeSWITCH Sites
>>         http://www.freeswitch.org
>>         http://wiki.freeswitch.org
>>         http://www.cluecon.com
>>
>>         FreeSWITCH-users mailing list
>>         FreeSWITCH-users at lists.freeswitch.org
>>         <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>         http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>         UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>         http://www.freeswitch.org
>>
>>
>>
>>
>>     -- 
>>     *Andrew Cassidy BSc (Hons) MBCS SSCA*
>>     Managing Director
>>
>>
>>     *T <mailto:info at cassidywebservices.co.uk> *03300 100 960
>>     <tel:03300%20100%20960> *F <mailto:info at cassidywebservices.co.uk>
>>     *03300 100 961 <tel:03300%20100%20961>
>>     *E <mailto:info at cassidywebservices.co.uk>
>>     *andrew at cassidywebservices.co.uk
>>     <mailto:andrew at cassidywebservices.co.uk>
>>     *W <mailto:info at cassidywebservices.co.uk>
>>     *www.cassidywebservices.co.uk <http://www.cassidywebservices.co.uk>
>>
>>
>>     _________________________________________________________________________
>>     Professional FreeSWITCH Consulting Services:
>>     consulting at freeswitch.org  <mailto:consulting at freeswitch.org>
>>     http://www.freeswitchsolutions.com
>>
>>     
>>     
>>
>>     Official FreeSWITCH Sites
>>     http://www.freeswitch.org
>>     http://wiki.freeswitch.org
>>     http://www.cluecon.com
>>
>>     FreeSWITCH-users mailing list
>>     FreeSWITCH-users at lists.freeswitch.org  <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>     http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>     UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>     http://www.freeswitch.org
>>
>>
>>     No virus found in this message.
>>     Checked by AVG - www.avg.com <http://www.avg.com>
>>     Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date:
>>     03/12/13
>>
>
>
>     _________________________________________________________________________
>     Professional FreeSWITCH Consulting Services:
>     consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>     http://www.freeswitchsolutions.com
>
>     
>     
>
>     Official FreeSWITCH Sites
>     http://www.freeswitch.org
>     http://wiki.freeswitch.org
>     http://www.cluecon.com
>
>     FreeSWITCH-users mailing list
>     FreeSWITCH-users at lists.freeswitch.org
>     <mailto:FreeSWITCH-users at lists.freeswitch.org>
>     http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>     UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>     http://www.freeswitch.org
>
>
>
>
> -- 
> *Andrew Cassidy BSc (Hons) MBCS SSCA*
> Managing Director
>
>
> *T <mailto:info at cassidywebservices.co.uk> *03300 100 960 *F 
> <mailto:info at cassidywebservices.co.uk> *03300 100 961
> *E <mailto:info at cassidywebservices.co.uk> 
> *andrew at cassidywebservices.co.uk <mailto:andrew at cassidywebservices.co.uk>
> *W <mailto:info at cassidywebservices.co.uk> 
> *www.cassidywebservices.co.uk <http://www.cassidywebservices.co.uk>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> No virus found in this message.
> Checked by AVG - www.avg.com <http://www.avg.com>
> Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date: 03/12/13
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130313/332a411d/attachment-0001.html

Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list