<div dir="ltr">Why do we have such a long thread on this???<br><div><br></div><div>If you KNOW what IPs are contacting you, then firewall it.</div><div><br></div><div>If not or you don&#39;t want to do that, don&#39;t be surprised if calls hit FS. But if you route properly, then it&#39;s to a different context or whatever so there&#39;s NO harm done.</div>

<div>If you don&#39;t even want CDRs on that then disable the CDR when calls come in:</div><div><pre style="padding:1em;border:1px dashed rgb(47,111,171);background-color:rgb(249,249,249);line-height:1.1em">&lt;action application=&quot;set&quot; data=&quot;process_cdr=false&quot;/&gt;</pre>

<div><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small"><br></span></div><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small">I don&#39;t think there&#39;s anything else to add...</span></div>

<div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small"><br></span></div><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small">-Avi<br></span></div>

</div>
<br><br><div class="gmail_quote">On Wed, Mar 13, 2013 at 2:07 PM, Andrew Cassidy <span dir="ltr">&lt;<a href="mailto:andrew@cassidywebservices.co.uk" target="_blank">andrew@cassidywebservices.co.uk</a>&gt;</span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">They could still be registering, but to a different profile. Possibly on an internal network.<div class="HOEnZb"><div class="h5">

<br><br><div class="gmail_quote">On 13 March 2013 11:43, Alex Lake <span dir="ltr">&lt;<a href="mailto:alex@digitalmail.com" target="_blank">alex@digitalmail.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <div>Ah, so presumably the OP doesn&#39;t have
      (for example) SIP handsets registered to his box (presumably
      that&#39;s done on port 5060, too)<br>
    </div><div><div>
    <blockquote type="cite">Only if you don&#39;t know what IP addresses calls are
      going to be coming from. In this case, we can probably ask the
      provider what their IP addresses are and just explicitly allow
      them.
      <div><br>
      </div>
      <div>All fail2ban does is check the log files then set up relevant
        firewall blacklist rules, so for the same job you get slightly
        more CPU load too.<br>
        <br>
        <div class="gmail_quote">On 13 March 2013 10:28, Alex Lake <span dir="ltr">&lt;<a href="mailto:alex@digitalmail.com" target="_blank">alex@digitalmail.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            Isn&#39;t fail2ban the usual solution here?<br>
            <div>
              <div>&gt; Hello. I hope someone can quickly see
                what I want to do and steer me in the right direction.<br>
                &gt;<br>
                &gt; I&#39;ve looked at the documentation for acl.conf.xml
                and the SIP profile config file external.xml. I want to
                block incoming calls from all but a single external IP
                address and I&#39;m sorry I just can&#39;t figure out how to do
                it or even if it can be done.<br>
                &gt;<br>
                &gt; We have a SIP trunk service with our VOIP provider.
                That means we have a static IP address which they use
                when they forward calls to us. They don&#39;t need to
                register, we just accept their calls but of course they
                have to be to our destination phone number. That all
                works and we have been very happy with Freeswitch for I
                don&#39;t know well over a year.<br>
                &gt;<br>
                &gt; Recently I became aware that someone is hammering
                our system trying to make calls. Our provider will only
                use port 5060 so that does mean our system is sitting on
                the internet with port 5060 open. Our dial plan works
                correctly and I can see in the log these calls are going
                nowhere. But they can be every few seconds and I suspect
                they might be using a lot of bandwidth just hammering
                the system.<br>
                &gt;<br>
                &gt; We will never receive calls from any other address
                than the one our VOIP provider will use to call us. So I
                just want to block SIP traffic from all addresses except
                theirs. I just want Freeswitch to stay silent when a
                call comes in on any other address, so there is no
                evidence that it is there to be attacked.<br>
                &gt;<br>
                &gt; I know I can do this with a firewall but I hope I
                can do it in Freeswitch itself. I am confused about the
                parameters auth-calls and auth-call and how to apply an
                access list that would restrict all calls to just one IP
                address. I did read somewhere in the docs that if you
                want to block calls you need to use a firewall and maybe
                that&#39;s the answer and so be it. Still I hope I can do it
                with Freeswitch so I can just apply the right ACL and
                sort the problem without creating new problems by
                introducing a firewall.<br>
                &gt;<br>
                &gt; Hope you can help.<br>
                &gt;<br>
                &gt;<br>
                &gt; Clive Lansink<br>
                &gt; Email: <a href="mailto:Clive@Lansink.Co.NZ" target="_blank">Clive@Lansink.Co.NZ</a><br>
                &gt; Phone: <a href="tel:%2B64%209%20520-4242" value="+6495204242" target="_blank">+64
                  9 520-4242</a><br>
                &gt; Mobile: <a href="tel:%2B64%2021%20663-999" value="+6421663999" target="_blank">+64
                  21 663-999</a><br>
                &gt; Fax: <a href="tel:%2B64%2021%20789-150" value="+6421789150" target="_blank">+64
                  21 789-150</a><br>
                &gt;<br>
                &gt;
_________________________________________________________________________<br>
                &gt; Professional FreeSWITCH Consulting Services:<br>
                &gt; <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
                &gt; <a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
                &gt;<br>
                &gt; FreeSWITCH-powered IP PBX: The CudaTel
                Communication Server<br>
                &gt; <a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
                &gt;<br>
                &gt; Official FreeSWITCH Sites<br>
                &gt; <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
                &gt; <a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
                &gt; <a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
                &gt;<br>
                &gt; FreeSWITCH-users mailing list<br>
                &gt; <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
                &gt; <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
                &gt; UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
                &gt; <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
                &gt;<br>
                &gt;<br>
              </div>
            </div>
            &gt; -----<br>
            &gt; No virus found in this message.<br>
            &gt; Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a><br>
            &gt; Version: 2012.0.2240 / Virus Database: 2641/5668 -
            Release Date: 03/12/13<br>
            <div>
              <div>&gt;<br>
                &gt;<br>
                <br>
                <br>
_________________________________________________________________________<br>
                Professional FreeSWITCH Consulting Services:<br>
                <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
                <a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
                <br>
                FreeSWITCH-powered IP PBX: The CudaTel Communication
                Server<br>
                <a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
                <br>
                Official FreeSWITCH Sites<br>
                <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
                <a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
                <a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
                <br>
                FreeSWITCH-users mailing list<br>
                <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
                <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
                UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
                <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
        <br clear="all">
        <div><br>
        </div>
        -- <br>
        <b>Andrew Cassidy BSc (Hons) MBCS SSCA</b>
        <div>Managing Director
          <div>
            <div><img><br>
            </div>
            <div>
              <br>
              <div><b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">T</a> </b><a href="tel:03300%20100%20960" value="+443300100960" target="_blank">03300 100 960</a> 
                <b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">F</a> </b><a href="tel:03300%20100%20961" value="+443300100961" target="_blank">03300 100 961</a></div>



              <div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">E</a> </b><a href="mailto:andrew@cassidywebservices.co.uk" target="_blank">andrew@cassidywebservices.co.uk</a></div>



              <div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">W</a> </b><a href="http://www.cassidywebservices.co.uk" target="_blank">www.cassidywebservices.co.uk</a></div>



            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>

FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>

Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>

FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
      <br>
      <fieldset></fieldset>
      <br>
      <p color="#000000" align="left">No virus
        found in this message.<br>
        Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a><br>
        Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date:
        03/12/13</p>
    </blockquote>
    <br>
  </div></div></div>

<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><b>Andrew Cassidy BSc (Hons) MBCS SSCA</b><div>Managing Director<div><div><img><br></div><div><br><div>
<b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">T</a> </b>03300 100 960 
<b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">F</a> </b>03300 100 961</div>


<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">E</a> </b><a href="mailto:andrew@cassidywebservices.co.uk" target="_blank">andrew@cassidywebservices.co.uk</a></div>


<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">W</a> </b><a href="http://www.cassidywebservices.co.uk" target="_blank">www.cassidywebservices.co.uk</a></div>


</div></div></div>
</div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div></div>