<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div><span>i have to limit the count of registerations because that feature is </span><span style="font-size: 12pt; "> </span><span style="font-size: 12pt; ">exactly</span><span style="font-size: 12pt; "> what my manager want !:(</span></div><div><span style="font-size: 12pt; ">so i must to implement it correctly ...</span><br></div><div><br></div><div><br></div> <div style="font-size: 12pt; font-family: 'times new roman', 'new york', times, serif; "> <div style="font-size: 12pt; font-family: 'times new roman', 'new york', times, serif; "> <div dir="ltr"> <font size="2" face="Arial"> <hr size="1"> <b><span style="font-weight:bold;">From:</span></b> Peter Olsson <peter.olsson@visionutveckling.se><br> <b><span style="font-weight: bold;">To:</span></b> FreeSWITCH Users Help
<freeswitch-users@lists.freeswitch.org> <br> <b><span style="font-weight: bold;">Sent:</span></b> Tuesday, July 3, 2012 9:58 AM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [Freeswitch-users] how to solve the error Rejected by acl "domains". Falling back to Digest auth?<br> </font> </div> <br>Yes, I know. That code does exactly what you want. It's the feature itself that is more questionable...<br><br>Personally I don't believe this will ever work, since there are so many possibilities for timing issues for the registration. As MC said earlier on this discussion, you need to rethink if this is something you really want.<br><br>When it comes to security this will not, in any way, increase the security for you. If you're unlucky it might do the opposite, leaving the phone registered to the "theif", and leave the "real" user blocked from registering.<br><br>Keep your accounts secure, and this shouldn't be
needed.<br><br>/Peter<br><br>________________________________<br>Från: <a ymailto="mailto:freeswitch-users-bounces@lists.freeswitch.org" href="mailto:freeswitch-users-bounces@lists.freeswitch.org">freeswitch-users-bounces@lists.freeswitch.org</a> [<a ymailto="mailto:freeswitch-users-bounces@lists.freeswitch.org" href="mailto:freeswitch-users-bounces@lists.freeswitch.org">freeswitch-users-bounces@lists.freeswitch.org</a>] för Samira Mh [<a ymailto="mailto:saami_mh@ymail.com" href="mailto:saami_mh@ymail.com">saami_mh@ymail.com</a>]<br>Skickat: den 3 juli 2012 05:48<br>Till: FreeSWITCH Users Help<br>Ämne: Re: [Freeswitch-users] how to solve the error Rejected by acl "domains". Falling back to Digest auth?<br><br>hi Peter,<br><br>this feature(max-registrations-per-extension) is embeded in the sofia_reg.c as follow :<br><br>............<br>if (max_registrations_perext > 0 && (sip && sip->sip_contact &&
(sip->sip_contact->m_expires == NULL || atol(sip->sip_contact->m_expires) > 0))) {<br> /* if expires is null still process */<br> /* expires == 0 means the phone is going to unregiser, so don't count against max */<br> uint32_t count = 0;<br><br> call_id = sip->sip_call_id->i_id;<br> switch_assert(call_id);<br><br> sql = switch_mprintf("select count(sip_user) from sip_registrations where sip_user='%q' AND call_id <> '%q'", username, call_id);<br> switch_assert(sql != NULL);<br>
sofia_glue_execute_sql_callback(profile, NULL, sql, sofia_reg_regcount_callback, &count);<br> free(sql);<br><br> if (count + 1> max_registrations_perext) {<br> ret = AUTH_FORBIDDEN;<br> if (sofia_test_pflag(profile, PFLAG_LOG_AUTH_FAIL)) {<br> switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_WARNING,<br> "SIP auth failure (REGISTER) due to
reaching max allowed registrations. Count: %d\n", count);<br> }<br> goto end;<br> }<br> }<br><br>.............<br><br>________________________________<br>From: Peter Olsson <<a ymailto="mailto:peter.olsson@visionutveckling.se" href="mailto:peter.olsson@visionutveckling.se">peter.olsson@visionutveckling.se</a>><br>To: FreeSWITCH Users Help <<a ymailto="mailto:freeswitch-users@lists.freeswitch.org" href="mailto:freeswitch-users@lists.freeswitch.org">freeswitch-users@lists.freeswitch.org</a>><br>Sent: Monday, July 2, 2012 9:35 PM<br>Subject: Re: [Freeswitch-users] how to solve the error Rejected by acl "domains". Falling back to Digest auth?<br><br>It seems the phone tries to register, even
though it is already registered according to FS.<br><br>So if you really want to use this method, I think you must do further debugging on the phone...<br><br>As mentioned before on this list, I don't think this is a good approach, and since noone had even heard about this variable before, I'm guessing it's not widely used. However, in this particular example, FS is just doing exactly what it has been told to do, only to allow a registration if it doesn't exist already.<br><br>/Peter<br><br>2 jul 2012 kl. 18:53 skrev "Samira Mh" <<a ymailto="mailto:saami_mh@ymail.com" href="mailto:saami_mh@ymail.com">saami_mh@ymail.com</a><mailto:<a ymailto="mailto:saami_mh@ymail.com" href="mailto:saami_mh@ymail.com">saami_mh@ymail.com</a>><mailto:<a ymailto="mailto:saami_mh@ymail.com" href="mailto:saami_mh@ymail.com">saami_mh@ymail.com</a><mailto:<a ymailto="mailto:saami_mh@ymail.com"
href="mailto:saami_mh@ymail.com">saami_mh@ymail.com</a>>>>:<br><br>hi guys,<br>please let me know paste myconfigurations as follow:<br>1-<br>vim /usr/local/freeswitch/conf/directory/default/v_212263612400.xml<br><include><br> <user id="212263612400"><br> <params><br> <param name="password" value="samira"/><br> <param name="vm-password" value="user-choose"/><br> <param name="vm-enabled" value="true"/><br> <param name="max-registrations-per-extension" value="1"/><br><br> </params><br> <variables><br> <variable name="toll_allow" value=""/><br> <variable name="accountcode" value=""/><br> <variable name="user_context" value="default"/><br> <variable
name="directory-visible" value="true"/><br> <variable name="directory-exten-visible" value="true"/><br> <variable name="limit_max" value="5"/><br> <variable name="sip-force-contact" value="NDLB-connectile-dysfunction"/><br> <variable name="nibble_account" value="20014334"/><br> </variables><br> </user><br></include><br><br>2-vim /usr/local/freeswitch/conf/autoload_configs/acl.conf.xml<br><configuration name="acl.conf" description="Network Lists"><br><network-lists><br><br> <list name="domains" default="deny"><br> <node type="allow" domain="$${domain}"/><br> </list><br><br> </network-lists><br></configuration><br><br>*max-registrations-per-extension =1<br>when issue the following command the
user is registered so another user with the extension '2122636124' couldn't register simultaneously :<br>sofia status profile internal reg<br><br>Now what is problem?<br>every time i want to dial some extensions that is configured in my dialplan the following erroe occure:<br>2012-07-02 21:02:12.050074 [WARNING] sofia_reg.c:1471 SIP auth challenge (REGISTER) on sofia profile 'internal_private' for [212263612400@192.168.10.70<mailto:212263612400@192.168.10.70>] from ip 192.168.18.120<br>2012-07-02 21:02:14.710049 [DEBUG] sofia.c:7904 IP 192.168.18.120 Rejected by acl "domains". Falling back to Digest auth.<br>2012-07-02 21:02:14.710049 [WARNING] sofia_reg.c:1471 SIP auth challenge (INVITE) on sofia profile 'internal_private' for [00989191949637@192.168.10.70<mailto:00989191949637@192.168.10.70>] from ip 192.168.18.120<br>2012-07-02 21:02:14.710049 [DEBUG] sofia.c:7904 IP 192.168.18.120 Rejected by acl "domains". Falling back to Digest
auth.<br>2012-07-02 21:02:14.710049 [WARNING] sofia_reg.c:2607 SIP auth failure (REGISTER) due to reaching max allowed registrations. Count: 1<br>2012-07-02 21:02:14.710049 [WARNING] sofia_reg.c:1416 SIP auth failure (INVITE) on sofia profile 'internal_private' for [00989191949637@192.168.10.70<mailto:00989191949637@192.168.10.70>] from ip 192.168.18.120<br><br>so if i remove the line <param name="max-registrations-per-extension" value="1"/> from /usr/local/freeswitch/conf/directory/default/v_212263612400.xml or from within /usr/local/freeswitch/conf/sip_profiles/internal.xml(it is posible to defined either<br>internal.xml or /usr/local/freeswitch/conf/directory/default/v_212263612400.xml) the problem solved --with the same settings on vim /usr/local/freeswitch/conf/autoload_configs/acl.conf.xml-- but simultaneously registeration per extension couldn't worked properly ,,,<br><br>plz help,<br>what is
problem on my settings?<br><br><br><br>_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a ymailto="mailto:consulting@freeswitch.org" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><mailto:<a ymailto="mailto:consulting@freeswitch.org" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>><mailto:<a ymailto="mailto:consulting@freeswitch.org" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><mailto:<a ymailto="mailto:consulting@freeswitch.org" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>>><br><a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br><br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br><a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><<a href="http://www.cudatel.com/"
target="_blank">http://www.cudatel.com/</a>><br><br>Official FreeSWITCH Sites<br><a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org/</a>><br><a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org/</a>><br><a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com/</a>><br><br>Join Us At ClueCon - Aug 7-9, 2012<br><br>FreeSWITCH-users mailing list<br><a ymailto="mailto:FreeSWITCH-users@lists.freeswitch.org" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><mailto:<a ymailto="mailto:FreeSWITCH-users@lists.freeswitch.org"
href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>><mailto:<a ymailto="mailto:FreeSWITCH-users@lists.freeswitch.org" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><mailto:<a ymailto="mailto:FreeSWITCH-users@lists.freeswitch.org" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>>><br><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br><a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><<a href="http://www.freeswitch.org/"
target="_blank">http://www.freeswitch.org/</a>><br><br><br>!DSPAM:4ff1cecc32766478410542!<br><br>_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a ymailto="mailto:consulting@freeswitch.org" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><mailto:<a ymailto="mailto:consulting@freeswitch.org" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>><br><a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><<a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com/</a>><br><br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br><a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><<a href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com/</a>><br><br>Official FreeSWITCH Sites<br><a
href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org/</a>><br><a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><<a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org/</a>><br><a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><<a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com/</a>><br><br>Join Us At ClueCon - Aug 7-9, 2012<br><br>FreeSWITCH-users mailing list<br><a ymailto="mailto:FreeSWITCH-users@lists.freeswitch.org" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><mailto:<a ymailto="mailto:FreeSWITCH-users@lists.freeswitch.org" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>><br><a
href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br><a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><<a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org/</a>><br><br><br>!DSPAM:4ff26ae632762054019490!<br><br>_________________________________________________________________________<br>Professional FreeSWITCH Consulting Services:<br><a ymailto="mailto:consulting@freeswitch.org" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br><a href="http://www.freeswitchsolutions.com/" target="_blank">http://www.freeswitchsolutions.com</a><br><br>FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br><a
href="http://www.cudatel.com/" target="_blank">http://www.cudatel.com</a><br><br>Official FreeSWITCH Sites<br><a href="http://www.freeswitch.org/" target="_blank">http://www.freeswitch.org</a><br><a href="http://wiki.freeswitch.org/" target="_blank">http://wiki.freeswitch.org</a><br><a href="http://www.cluecon.com/" target="_blank">http://www.cluecon.com</a><br><br>Join Us At ClueCon - Aug 7-9, 2012<br><br>FreeSWITCH-users mailing list<br><a ymailto="mailto:FreeSWITCH-users@lists.freeswitch.org" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br><a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br><a href="http://www.freeswitch.org/"
target="_blank">http://www.freeswitch.org</a><br><br><br> </div> </div> </div></body></html>