[Freeswitch-users] Call a remote extension on specific domain

Sergey Safarov s.safarov at gmail.com
Sun Sep 20 13:26:47 MSD 2015 

On Fri, Sep 18, 2015 at 8:23 PM, Tanguy <phenix at vfemail.net> wrote:

> Hello Sergey
>
> I am agree with you that my dial plan can be risky I used ACL but this can
> be not sufficient. I want to be able to call any internal sip extension,
> but i don't want that this piece dialplan to be usable reach external
> numbers.
>

For extra protection, add into dialplan

<extension name="blockCallToNonExistenDomain">
    <condition regex="any">
        <regex field="${sip_to_host}" expression="^[\d\.]+$"/>
        <regex field="${domain_exists(${sip_to_host})}" expression="^false$"
/>
        <action application="info"/>
        <action application="log"
            data="ERR Unauthorised call with uuid &#34;${uuid}&#34; is
processed in context &#34;${context}&#34;! Source IP: ${network_addr}"/>
        <action application="hangup" data="INCOMING_CALL_BARRED"/>
    </condition>
</extension>

<extension name="checkUserExist">
    <condition field="${user_exists(id ${destination_number}
${sip_to_host})}" expression="^false$">
        <action application="hangup" data="UNALLOCATED_NUMBER"/>
    </condition>
</extension>


> I probably need to protect theses variables ( sip_to_user must be only a
> locally registered sip extension )  or avoid using them ( maybe using
> multiple conditions field for each domain ? )
>
"user_exists" function allow you block call to non existed destination.
On my FS host created personal dialplan for each domain. Most of domain
related checks related located in this dialplans.

>
> I don't fully understand your initial example:
>
> <action application="bridge" data="{sip_invite_to_uri=<sip:${
> destination_number}@mydomain.org>}user/reg_user at mydomain.org"/>
>
It is copied from
http://lists.freeswitch.org/pipermail/freeswitch-users/2015-August/115047.html
message
Is is response I write via my mobile phone and cannot edit correctly.


> What is *reg_user* for freeswitch1?
>
reg_user related to message
http://lists.freeswitch.org/pipermail/freeswitch-users/2015-August/115047.html


> What should i use on freeswitch2 dialplan to recognize the inbound call ?
>
What is I may recommend to block unauthorised calls and fraud control I
write above. Also I can recommend configure
1) fail2ban
2) nibblebill
3) destination_number format checks


>
> Thanks
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150920/cfca7216/attachment.html

Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list