[Freeswitch-users] User processed in wrong context

TTT lists at telium.io
Mon Nov 21 22:54:41 UTC 2022


Idea…

 

Do ACL lists require that ALL rules match before a user is added to an ACL?  (That would explain why users were not added)

 

Also Is “domains” an ACL containing users or IP ranges?

 

 

 

From: FreeSWITCH-users [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of TTT
Sent: Monday, November 21, 2022 5:26 PM
To: 'FreeSWITCH Users Help' <freeswitch-users at lists.freeswitch.org>
Subject: Re: [Freeswitch-users] User processed in wrong context

 

I’m trying to get my brain around this.  So the brian example user has a CIDR value, does that mean user brian does not need to register?  (Automatically authenticated and part of “domains” ACL)

 

Since user 1019 does not have a CIDR value, the CIDR node rule will NOT match.  So,  the user must register (which it does successfully).  Since it is registered, doesn’t that mean it is authenticated and becomes part of the domains ACL?  And should therefor drop into the “default” context?

 

There is something about the acl list/node or acl usage that is still confusing me.  I appreciate the help.

 

From: FreeSWITCH-users [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Brian West
Sent: Monday, November 21, 2022 5:04 PM
To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org <mailto:freeswitch-users at lists.freeswitch.org> >
Subject: Re: [Freeswitch-users] User processed in wrong context

 

because the context without auth is public... you'll need to setup directory entries that include the cidr= attr, see the brian.xml in the samples

 

/b

 

 

On Mon, Nov 21, 2022 at 3:25 PM TTT <lists at telium.io <mailto:lists at telium.io> > wrote:

I should add that in my sip_profiles/internal.xml I see:

 

    <param name="apply-inbound-acl" value="domains"/>

 

According to the docs apply-inbound-acl means:

Allow users to make calls from a particular CIDR without authenticating

 

So I’m confused by the concept.  If my IP range is in the allow range for my “domains” acl, and my sip internal profile says I don’t need authentication for callers on my domain (ip range), why would it send the call to the external context?

 

 

From: FreeSWITCH-users [mailto:freeswitch-users-bounces at lists.freeswitch.org <mailto:freeswitch-users-bounces at lists.freeswitch.org> ] On Behalf Of TTT
Sent: Monday, November 21, 2022 4:11 PM
To: 'FreeSWITCH Users Help' <freeswitch-users at lists.freeswitch.org <mailto:freeswitch-users at lists.freeswitch.org> >
Subject: Re: [Freeswitch-users] User processed in wrong context

 

No, I’ve only modified the acl file as per below.  If I comment out the second to last line (allowing cidr 172.31.254.0/24 <http://172.31.254.0/24>  in my domains) then it processes the call in the internal context.  It still doesn’t reach the IVR but that’ll be the next thing I chase.

 

    <list name="lan" default="allow">

      <node type="deny" cidr="192.168.42.0/24 <http://192.168.42.0/24> "/>

      <node type="allow" cidr="172.31.254.0/24 <http://172.31.254.0/24> "/>

    </list>

 

    <list name="domains" default="deny">

      <node type="allow" domain="$${domain}"/>

      <node type="allow" cidr="172.31.254.0/24 <http://172.31.254.0/24> "/> 

    </list>

 

From: FreeSWITCH-users [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Brian West
Sent: Monday, November 21, 2022 3:04 PM
To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org <mailto:freeswitch-users at lists.freeswitch.org> >
Subject: Re: [Freeswitch-users] User processed in wrong context

 

Did you change anything in the vanilla configs?

 

On Mon, Nov 21, 2022 at 1:51 PM TTT <lists at telium.io <mailto:lists at telium.io> > wrote:

I’m afraid I don’t understand your answer…how did I disable auth on internal?  I’m working from the basic installation (RPM on CentOS8) with vanilla config (RPM for CentOS8)) and all I’ve done is update some addresses.

 

From: FreeSWITCH-users [mailto:freeswitch-users-bounces at lists.freeswitch.org <mailto:freeswitch-users-bounces at lists.freeswitch.org> ] On Behalf Of Brian West
Sent: Monday, November 21, 2022 1:39 PM
To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org <mailto:freeswitch-users at lists.freeswitch.org> >
Subject: Re: [Freeswitch-users] User processed in wrong context

 

You've disabled auth on internal which puts you into public... can you elaborate?

 

On Mon, Nov 21, 2022 at 12:02 PM TTT <lists at telium.io <mailto:lists at telium.io> > wrote:

Based on a old posting I found, I suspect this may be acl related.  I added the cidr below, could that be the cause?  If so, can someone explain how that affects context selection?

 

    <list name="domains" default="deny">

      <node type="allow" domain="$${domain}"/>

      <node type="allow" cidr="172.31.254.0/24 <http://172.31.254.0/24> "/>

    </list>

 

 

 

From: FreeSWITCH-users [mailto:freeswitch-users-bounces at lists.freeswitch.org <mailto:freeswitch-users-bounces at lists.freeswitch.org> ] On Behalf Of TTT
Sent: Sunday, November 20, 2022 6:07 PM
To: 'FreeSWITCH Users Help' <freeswitch-users at lists.freeswitch.org <mailto:freeswitch-users at lists.freeswitch.org> >
Subject: [Freeswitch-users] User processed in wrong context

 

I have installed basic FreeSWITCH with the vanilla config. So far so good. My client app can authenticate fine as user 1019. The list_users command shows the 1019 id as in the "default" context.

I then try to dial 5000 (which should be the IVR demo), but instead the call is processed as an outside_call (true) so I cannot reach the ivr. I see this interesting line on the console:

2022-11-20 17:00:58.066297 98.20% [INFO] mod_dialplan_xml.c:639 Processing testuser<1019>->5000 in context public

Why is user 1019 being processed in the public context? The user's configuration shows it in the default context. So shouldn't it be processed in context 'default' (internal calls), not 'public'?

 

Since my phone client connects to port 5060 (I can’t actually change it) it SHOULD be treated as internal.  Unless, mod_dialplan_xml uses some other criteria to select the context for the user.

_________________________________________________________________________

The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.

Join our online community to chat in real time https://signalwire.community

Professional FreeSWITCH Services
sales at freeswitch.com <mailto:sales at freeswitch.com> 
https://freeswitch.com

Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com

FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org> 
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com




 

-- 

 

Brian West | Co-founder and Developer

Need Commercial support? email sales at freeswitch.com <mailto:sales at freeswitch.com>  

FreeSWITCH Solutions |  <https://maps.google.com/?q=17345+Civic+Drive+%232531+Brookfield,+WI+53045&entry=gmail&source=g> 17345 Civic Drive #2531 Brookfield, WI 53045

Email: brian at freeswitch.com <mailto:brian at freeswitch.com> 

Mobile: 918-424-9378

Website:  <https://www.freeswitch.com/> https://www.FreeSWITCH.com

 <https://www.facebook.com/freeswitch>  <https://twitter.com/freeswitch> 

_________________________________________________________________________

The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.

Join our online community to chat in real time https://signalwire.community

Professional FreeSWITCH Services
sales at freeswitch.com <mailto:sales at freeswitch.com> 
https://freeswitch.com

Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com

FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org> 
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com




 

-- 

 

Brian West | Co-founder and Developer

Need Commercial support? email sales at freeswitch.com <mailto:sales at freeswitch.com>  

FreeSWITCH Solutions |  <https://maps.google.com/?q=17345+Civic+Drive+%232531+Brookfield,+WI+53045&entry=gmail&source=g> 17345 Civic Drive #2531 Brookfield, WI 53045

Email: brian at freeswitch.com <mailto:brian at freeswitch.com> 

Mobile: 918-424-9378

Website:  <https://www.freeswitch.com/> https://www.FreeSWITCH.com

 <https://www.facebook.com/freeswitch>  <https://twitter.com/freeswitch> 

_________________________________________________________________________

The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.

Join our online community to chat in real time https://signalwire.community

Professional FreeSWITCH Services
sales at freeswitch.com <mailto:sales at freeswitch.com> 
https://freeswitch.com

Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com

FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org <mailto:FreeSWITCH-users at lists.freeswitch.org> 
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com




 

-- 

 

Brian West | Co-founder and Developer

Need Commercial support? email sales at freeswitch.com <mailto:sales at freeswitch.com>  

FreeSWITCH Solutions |  <https://maps.google.com/?q=17345+Civic+Drive+%232531+Brookfield,+WI+53045&entry=gmail&source=g> 17345 Civic Drive #2531 Brookfield, WI 53045

Email: brian at freeswitch.com <mailto:brian at freeswitch.com> 

Mobile: 918-424-9378

Website:  <https://www.freeswitch.com/> https://www.FreeSWITCH.com

 <https://www.facebook.com/freeswitch>  <https://twitter.com/freeswitch> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20221121/12f2f177/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 344 bytes
Desc: not available
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20221121/12f2f177/attachment-0001.jpg>


More information about the FreeSWITCH-users mailing list