[Freeswitch-users] Blocking incoming calls
Alex Lake
alex at digitalmail.com
Wed Mar 13 15:43:29 MSK 2013
Ah! A different IP address. That's handy.
Now I'll go away (OK, Avi? ;-P)
> mod_sofia supports having different sip 'profiles'. Each one can be
> bound to a different IP address or port, and they can have different
> options, like different ACL settings, different codec settings,
> different NAT settings, etc.
>
> On 13 March 2013 12:20, Alex Lake <alex at digitalmail.com
> <mailto:alex at digitalmail.com>> wrote:
>
> When you say "to a different profile" - you're talking about on
> the same box, but a different port?
>> They could still be registering, but to a different profile.
>> Possibly on an internal network.
>>
>> On 13 March 2013 11:43, Alex Lake <alex at digitalmail.com
>> <mailto:alex at digitalmail.com>> wrote:
>>
>> Ah, so presumably the OP doesn't have (for example) SIP
>> handsets registered to his box (presumably that's done on
>> port 5060, too)
>>> Only if you don't know what IP addresses calls are going to
>>> be coming from. In this case, we can probably ask the
>>> provider what their IP addresses are and just explicitly
>>> allow them.
>>>
>>> All fail2ban does is check the log files then set up
>>> relevant firewall blacklist rules, so for the same job you
>>> get slightly more CPU load too.
>>>
>>> On 13 March 2013 10:28, Alex Lake <alex at digitalmail.com
>>> <mailto:alex at digitalmail.com>> wrote:
>>>
>>> Isn't fail2ban the usual solution here?
>>> > Hello. I hope someone can quickly see what I want to
>>> do and steer me in the right direction.
>>> >
>>> > I've looked at the documentation for acl.conf.xml and
>>> the SIP profile config file external.xml. I want to
>>> block incoming calls from all but a single external IP
>>> address and I'm sorry I just can't figure out how to do
>>> it or even if it can be done.
>>> >
>>> > We have a SIP trunk service with our VOIP provider.
>>> That means we have a static IP address which they use
>>> when they forward calls to us. They don't need to
>>> register, we just accept their calls but of course they
>>> have to be to our destination phone number. That all
>>> works and we have been very happy with Freeswitch for I
>>> don't know well over a year.
>>> >
>>> > Recently I became aware that someone is hammering our
>>> system trying to make calls. Our provider will only use
>>> port 5060 so that does mean our system is sitting on the
>>> internet with port 5060 open. Our dial plan works
>>> correctly and I can see in the log these calls are going
>>> nowhere. But they can be every few seconds and I suspect
>>> they might be using a lot of bandwidth just hammering
>>> the system.
>>> >
>>> > We will never receive calls from any other address
>>> than the one our VOIP provider will use to call us. So I
>>> just want to block SIP traffic from all addresses except
>>> theirs. I just want Freeswitch to stay silent when a
>>> call comes in on any other address, so there is no
>>> evidence that it is there to be attacked.
>>> >
>>> > I know I can do this with a firewall but I hope I can
>>> do it in Freeswitch itself. I am confused about the
>>> parameters auth-calls and auth-call and how to apply an
>>> access list that would restrict all calls to just one IP
>>> address. I did read somewhere in the docs that if you
>>> want to block calls you need to use a firewall and maybe
>>> that's the answer and so be it. Still I hope I can do it
>>> with Freeswitch so I can just apply the right ACL and
>>> sort the problem without creating new problems by
>>> introducing a firewall.
>>> >
>>> > Hope you can help.
>>> >
>>> >
>>> > Clive Lansink
>>> > Email: Clive at Lansink.Co.NZ <mailto:Clive at Lansink.Co.NZ>
>>> > Phone: +64 9 520-4242 <tel:%2B64%209%20520-4242>
>>> > Mobile: +64 21 663-999 <tel:%2B64%2021%20663-999>
>>> > Fax: +64 21 789-150 <tel:%2B64%2021%20789-150>
>>> >
>>> >
>>> _________________________________________________________________________
>>> > Professional FreeSWITCH Consulting Services:
>>> > consulting at freeswitch.org
>>> <mailto:consulting at freeswitch.org>
>>> > http://www.freeswitchsolutions.com
>>> >
>>> > FreeSWITCH-powered IP PBX: The CudaTel Communication
>>> Server
>>> >
>>> >
>>> > Official FreeSWITCH Sites
>>> > http://www.freeswitch.org
>>> > http://wiki.freeswitch.org
>>> > http://www.cluecon.com
>>> >
>>> > FreeSWITCH-users mailing list
>>> > FreeSWITCH-users at lists.freeswitch.org
>>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>> >
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> >
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> > http://www.freeswitch.org
>>> >
>>> >
>>> > -----
>>> > No virus found in this message.
>>> > Checked by AVG - www.avg.com <http://www.avg.com>
>>> > Version: 2012.0.2240 / Virus Database: 2641/5668 -
>>> Release Date: 03/12/13
>>> >
>>> >
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>> http://www.freeswitchsolutions.com
>>>
>>>
>>>
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://wiki.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>>
>>>
>>>
>>> --
>>> *Andrew Cassidy BSc (Hons) MBCS SSCA*
>>> Managing Director
>>>
>>>
>>> *T <mailto:info at cassidywebservices.co.uk> *03300 100 960
>>> <tel:03300%20100%20960> *F
>>> <mailto:info at cassidywebservices.co.uk> *03300 100 961
>>> <tel:03300%20100%20961>
>>> *E <mailto:info at cassidywebservices.co.uk>
>>> *andrew at cassidywebservices.co.uk
>>> <mailto:andrew at cassidywebservices.co.uk>
>>> *W <mailto:info at cassidywebservices.co.uk>
>>> *www.cassidywebservices.co.uk
>>> <http://www.cassidywebservices.co.uk>
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>> http://www.freeswitchsolutions.com
>>>
>>>
>>>
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://wiki.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org>
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>>
>>> No virus found in this message.
>>> Checked by AVG - www.avg.com <http://www.avg.com>
>>> Version: 2012.0.2240 / Virus Database: 2641/5668 - Release
>>> Date: 03/12/13
>>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>> http://www.freeswitchsolutions.com
>>
>>
>>
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> <mailto:FreeSWITCH-users at lists.freeswitch.org>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>>
>>
>> --
>> *Andrew Cassidy BSc (Hons) MBCS SSCA*
>> Managing Director
>>
>>
>> *T <mailto:info at cassidywebservices.co.uk> *03300 100 960
>> <tel:03300%20100%20960> *F <mailto:info at cassidywebservices.co.uk>
>> *03300 100 961 <tel:03300%20100%20961>
>> *E <mailto:info at cassidywebservices.co.uk>
>> *andrew at cassidywebservices.co.uk
>> <mailto:andrew at cassidywebservices.co.uk>
>> *W <mailto:info at cassidywebservices.co.uk>
>> *www.cassidywebservices.co.uk <http://www.cassidywebservices.co.uk>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>> http://www.freeswitchsolutions.com
>>
>>
>>
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>> No virus found in this message.
>> Checked by AVG - www.avg.com <http://www.avg.com>
>> Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date:
>> 03/12/13
>>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> <mailto:FreeSWITCH-users at lists.freeswitch.org>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
> --
> *Andrew Cassidy BSc (Hons) MBCS SSCA*
> Managing Director
>
>
> *T <mailto:info at cassidywebservices.co.uk> *03300 100 960 *F
> <mailto:info at cassidywebservices.co.uk> *03300 100 961
> *E <mailto:info at cassidywebservices.co.uk>
> *andrew at cassidywebservices.co.uk <mailto:andrew at cassidywebservices.co.uk>
> *W <mailto:info at cassidywebservices.co.uk>
> *www.cassidywebservices.co.uk <http://www.cassidywebservices.co.uk>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> No virus found in this message.
> Checked by AVG - www.avg.com <http://www.avg.com>
> Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date: 03/12/13
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130313/9a57bd15/attachment-0001.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list