<div dir="ltr">Why do we have such a long thread on this???<br><div><br></div><div>If you KNOW what IPs are contacting you, then firewall it.</div><div><br></div><div>If not or you don't want to do that, don't be surprised if calls hit FS. But if you route properly, then it's to a different context or whatever so there's NO harm done.</div>
<div>If you don't even want CDRs on that then disable the CDR when calls come in:</div><div><pre style="padding:1em;border:1px dashed rgb(47,111,171);background-color:rgb(249,249,249);line-height:1.1em"><action application="set" data="process_cdr=false"/></pre>
<div><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small"><br></span></div><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small">I don't think there's anything else to add...</span></div>
<div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small"><br></span></div><div dir="ltr"><span style="font-family:Verdana,Arial,Helvetica,sans-serif;font-size:small">-Avi<br></span></div>
</div>
<br><br><div class="gmail_quote">On Wed, Mar 13, 2013 at 2:07 PM, Andrew Cassidy <span dir="ltr"><<a href="mailto:andrew@cassidywebservices.co.uk" target="_blank">andrew@cassidywebservices.co.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">They could still be registering, but to a different profile. Possibly on an internal network.<div class="HOEnZb"><div class="h5">
<br><br><div class="gmail_quote">On 13 March 2013 11:43, Alex Lake <span dir="ltr"><<a href="mailto:alex@digitalmail.com" target="_blank">alex@digitalmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>Ah, so presumably the OP doesn't have
(for example) SIP handsets registered to his box (presumably
that's done on port 5060, too)<br>
</div><div><div>
<blockquote type="cite">Only if you don't know what IP addresses calls are
going to be coming from. In this case, we can probably ask the
provider what their IP addresses are and just explicitly allow
them.
<div><br>
</div>
<div>All fail2ban does is check the log files then set up relevant
firewall blacklist rules, so for the same job you get slightly
more CPU load too.<br>
<br>
<div class="gmail_quote">On 13 March 2013 10:28, Alex Lake <span dir="ltr"><<a href="mailto:alex@digitalmail.com" target="_blank">alex@digitalmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Isn't fail2ban the usual solution here?<br>
<div>
<div>> Hello. I hope someone can quickly see
what I want to do and steer me in the right direction.<br>
><br>
> I've looked at the documentation for acl.conf.xml
and the SIP profile config file external.xml. I want to
block incoming calls from all but a single external IP
address and I'm sorry I just can't figure out how to do
it or even if it can be done.<br>
><br>
> We have a SIP trunk service with our VOIP provider.
That means we have a static IP address which they use
when they forward calls to us. They don't need to
register, we just accept their calls but of course they
have to be to our destination phone number. That all
works and we have been very happy with Freeswitch for I
don't know well over a year.<br>
><br>
> Recently I became aware that someone is hammering
our system trying to make calls. Our provider will only
use port 5060 so that does mean our system is sitting on
the internet with port 5060 open. Our dial plan works
correctly and I can see in the log these calls are going
nowhere. But they can be every few seconds and I suspect
they might be using a lot of bandwidth just hammering
the system.<br>
><br>
> We will never receive calls from any other address
than the one our VOIP provider will use to call us. So I
just want to block SIP traffic from all addresses except
theirs. I just want Freeswitch to stay silent when a
call comes in on any other address, so there is no
evidence that it is there to be attacked.<br>
><br>
> I know I can do this with a firewall but I hope I
can do it in Freeswitch itself. I am confused about the
parameters auth-calls and auth-call and how to apply an
access list that would restrict all calls to just one IP
address. I did read somewhere in the docs that if you
want to block calls you need to use a firewall and maybe
that's the answer and so be it. Still I hope I can do it
with Freeswitch so I can just apply the right ACL and
sort the problem without creating new problems by
introducing a firewall.<br>
><br>
> Hope you can help.<br>
><br>
><br>
> Clive Lansink<br>
> Email: <a href="mailto:Clive@Lansink.Co.NZ" target="_blank">Clive@Lansink.Co.NZ</a><br>
> Phone: <a href="tel:%2B64%209%20520-4242" value="+6495204242" target="_blank">+64
9 520-4242</a><br>
> Mobile: <a href="tel:%2B64%2021%20663-999" value="+6421663999" target="_blank">+64
21 663-999</a><br>
> Fax: <a href="tel:%2B64%2021%20789-150" value="+6421789150" target="_blank">+64
21 789-150</a><br>
><br>
>
_________________________________________________________________________<br>
> Professional FreeSWITCH Consulting Services:<br>
> <a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
> <a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
><br>
> FreeSWITCH-powered IP PBX: The CudaTel
Communication Server<br>
> <a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
><br>
> Official FreeSWITCH Sites<br>
> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
> <a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
> <a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
><br>
> FreeSWITCH-users mailing list<br>
> <a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
> <a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
> UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
> <a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
><br>
><br>
</div>
</div>
> -----<br>
> No virus found in this message.<br>
> Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a><br>
> Version: 2012.0.2240 / Virus Database: 2641/5668 -
Release Date: 03/12/13<br>
<div>
<div>><br>
><br>
<br>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication
Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<b>Andrew Cassidy BSc (Hons) MBCS SSCA</b>
<div>Managing Director
<div>
<div><img><br>
</div>
<div>
<br>
<div><b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">T</a> </b><a href="tel:03300%20100%20960" value="+443300100960" target="_blank">03300 100 960</a>
<b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">F</a> </b><a href="tel:03300%20100%20961" value="+443300100961" target="_blank">03300 100 961</a></div>
<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">E</a> </b><a href="mailto:andrew@cassidywebservices.co.uk" target="_blank">andrew@cassidywebservices.co.uk</a></div>
<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">W</a> </b><a href="http://www.cassidywebservices.co.uk" target="_blank">www.cassidywebservices.co.uk</a></div>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
<br>
<fieldset></fieldset>
<br>
<p color="#000000" align="left">No virus
found in this message.<br>
Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a><br>
Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date:
03/12/13</p>
</blockquote>
<br>
</div></div></div>
<br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><b>Andrew Cassidy BSc (Hons) MBCS SSCA</b><div>Managing Director<div><div><img><br></div><div><br><div>
<b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">T</a> </b>03300 100 960
<b style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">F</a> </b>03300 100 961</div>
<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">E</a> </b><a href="mailto:andrew@cassidywebservices.co.uk" target="_blank">andrew@cassidywebservices.co.uk</a></div>
<div><b style="text-decoration:none;font-family:sans-serif"><a href="mailto:info@cassidywebservices.co.uk" style="color:rgb(51,135,171);text-decoration:none;font-family:sans-serif" target="_blank">W</a> </b><a href="http://www.cassidywebservices.co.uk" target="_blank">www.cassidywebservices.co.uk</a></div>
</div></div></div>
</div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<br></blockquote></div><br></div></div>