<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Great, thank you Antony. I confirm it
works either way now....it was a super quick one.<br>
<br>
On a similar topic, do I have to set this in the domain params?<br>
<param name="allow-empty-password" value="false"/><br>
<br>
This is to keep things failproof, given I only set CIDR and no
password for my users.<br>
<br>
<br>
On 14-05-06 03:07 PM, Anthony Minessale wrote:<br>
</div>
<blockquote
cite="mid:CAKbxfG8eW3Y_2t7Do3hP9c_rkkNSgpJc1na4EZoG-Z2d4VyXcw@mail.gmail.com"
type="cite">
<div dir="ltr">Patch added to make it work either way but
previously you don't need:
<div><br>
</div>
<div><domain></div>
<div> <users></div>
<div> <user>...</user></div>
<div>
<div> <user>...</user></div>
</div>
<div> </users></div>
<div></domain></div>
<div><br>
</div>
<div>Just:</div>
<div><br>
</div>
<div>
<div><domain></div>
<div> <user>...</user></div>
<div> <user>...</user></div>
<div>
</domain><br>
</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Tue, May 6, 2014 at 1:47 PM, Victor
Chukalovskiy <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:victor.chukalovskiy@gmail.com"
target="_blank">victor.chukalovskiy@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Ok, done: <a moz-do-not-send="true"
href="https://jira.freeswitch.org/browse/FS-6506"
target="_blank">https://jira.freeswitch.org/browse/FS-6506</a><br>
<br>
Also, added comment to the WiKi until this is fixed:<br>
<a moz-do-not-send="true"
href="https://wiki.freeswitch.org/wiki/XML_User_Directory_Guide#Groups"
target="_blank">https://wiki.freeswitch.org/wiki/XML_User_Directory_Guide#Groups</a>
<div>
<div class="h5"><br>
<br>
On 14-05-06 12:32 PM, Steven Ayre wrote:<br>
</div>
</div>
</div>
<div>
<div class="h5">
<blockquote type="cite">
<div dir="ltr">I'd go with a Jira. Either it's an
oversight, or there's a reason for it that can be
tracked in Jira and then the wiki updated
referencing the ticket.</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote"> On 5 May 2014 21:38,
Victor Chukalovskiy <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:victor.chukalovskiy@gmail.com"
target="_blank">victor.chukalovskiy@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Alright, thank you! Domains ACL works
BUT requires "users" to be in "groups". If
"users" are directly in the "domain"
section, ACL remains empty.<br>
<br>
This is contradictory to the WiKi saying
that: "Using groups is optional -- you can
put your users straight into the domain
section if you desire". Should I file Jira
or should I edit WiKi instead? :)<br>
<br>
With regards to directory, I intend to
keep it minimalistic:<br>
<br>
<user id="foo" cidr="<a
moz-do-not-send="true"
href="http://1.2.3.4/32" target="_blank">1.2.3.4/32</a>"><br>
<variables><br>
<variable name="accountcode"
value="customer_1"/><br>
</variables><br>
</user><br>
<br>
Will someone from a different CIDR be able
to place calls as user "foo" bypassing any
authentication? Note that I don't set any
password in params.<br>
If so, how to secure this on the SIP
profile level and keep user entries as
concise as possible?<br>
<br>
Thanks again!<span><font color="#888888"><br>
-Victor</font></span>
<div>
<div><br>
<br>
On 14-05-05 12:24 PM, Steven Ayre
wrote:<br>
</div>
</div>
</div>
<div>
<div>
<blockquote type="cite">
<div dir="ltr">You need this:
<div> <param
name="apply-inbound-acl"
value="domains"/><br>
</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On 5 May
2014 17:13, Victor Chukalovskiy <span
dir="ltr"><<a
moz-do-not-send="true"
href="mailto:victor.chukalovskiy@gmail.com"
target="_blank">victor.chukalovskiy@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">Hello,<br>
<br>
Coming from wholesale
background, my FS's run without
any registrations.<br>
So far everything was ACL-based
using "apply-inbound-acl" and I
did not<br>
use any directory entries.<br>
<br>
The only problem with this is
that once I have all IPs
together in one<br>
big ALC, I can't identify which
customer the call came from.
E.g. need<br>
to set
my_channel_variable=customer1 if
a call came from particular IPs<br>
and
my_channel_variable=customer2 if
a call came from other IPs.<br>
<br>
So I'm trying to move ACL logic
into directory by means of
defining a<br>
user with cidr attribute. So
far, no matter what I do FS
challenges<br>
INVITE with "407" even-though
the INVITE comes from the IP
that is<br>
included in CIDR attribute for a
user. I suppose for whatever
reason<br>
switch does not match INVITEs
against CIDR's in the directory.
Please<br>
help me with that. WiKi is
written from a somewhat
different logic /<br>
perspective, so it's hard to
apply.<br>
<br>
My SIP profile is:<br>
<br>
<profile name="test"><br>
<gateways><br>
</gateways><br>
<domains><br>
</domains><br>
<settings><br>
<param
name="parse-invite-tel-params"
value="true"/><br>
<param
name="user-agent-string"
value="test"/><br>
<param name="debug"
value="0"/><br>
<param name="sip-trace"
value="no"/><br>
<param
name="log-auth-failures"
value="true"/><br>
<param name="rfc2833-pt"
value="101"/><br>
<param name="sip-port"
value="5060"/><br>
<param name="dialplan"
value="XML"/><br>
<param name="context"
value="test"/><br>
<param name="country"
value="e164"/><br>
<param
name="dtmf-duration"
value="2000"/><br>
<param
name="inbound-codec-prefs"
value="$${default_codec_prefs}"/><br>
<param
name="outbound-codec-prefs"
value="$${default_codec_prefs}"/><br>
<param
name="caller-id-type"
value="none"/><br>
<param
name="rtp-timer-name"
value="soft"/><br>
<param name="rtp-ip"
value="192.168.1.2"/><br>
<param name="sip-ip"
value="192.168.1.2"/><br>
<param
name="manage-presence"
value="false"/><br>
<param
name="manage-shared-appearance"
value="false"/><br>
<param
name="inbound-codec-negotiation"
value="greedy"/><br>
<param
name="disable-transcoding"
value="true"/><br>
<param
name="manual-redirect"
value="false"/><br>
<param
name="disable-transfer"
value="true"/><br>
<param
name="disable-register"
value="false"/><br>
<param name="auth-calls"
value="true"/><br>
<param
name="rtp-timeout-sec"
value="300"/><br>
<param
name="rtp-hold-timeout-sec"
value="1800"/><br>
<param
name="pass-callee-id"
value="false"/><br>
</settings><br>
</profile><br>
<br>
<br>
Thanks!<br>
-Victor<br>
<br>
<br>
<br>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH
Consulting Services:<br>
<a moz-do-not-send="true"
href="mailto:consulting@freeswitch.org"
target="_blank">consulting@freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://www.freeswitchsolutions.com"
target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The
CudaTel Communication Server<br>
<a moz-do-not-send="true"
href="http://www.cudatel.com"
target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a moz-do-not-send="true"
href="http://www.freeswitch.org"
target="_blank">http://www.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://wiki.freeswitch.org"
target="_blank">http://wiki.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://www.cluecon.com"
target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:FreeSWITCH-users@lists.freeswitch.org"
target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a
moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/options/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a moz-do-not-send="true"
href="http://www.freeswitch.org"
target="_blank">http://www.freeswitch.org</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a moz-do-not-send="true" href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a moz-do-not-send="true" href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a moz-do-not-send="true" href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a moz-do-not-send="true" href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a moz-do-not-send="true" href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a moz-do-not-send="true" href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a moz-do-not-send="true" href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a moz-do-not-send="true" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a moz-do-not-send="true" href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a moz-do-not-send="true" href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a moz-do-not-send="true"
href="mailto:consulting@freeswitch.org"
target="_blank">consulting@freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://www.freeswitchsolutions.com"
target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel
Communication Server<br>
<a moz-do-not-send="true"
href="http://www.cudatel.com"
target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a moz-do-not-send="true"
href="http://www.freeswitch.org"
target="_blank">http://www.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://wiki.freeswitch.org"
target="_blank">http://wiki.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://www.cluecon.com"
target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:FreeSWITCH-users@lists.freeswitch.org"
target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/options/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a moz-do-not-send="true"
href="http://www.freeswitch.org"
target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a moz-do-not-send="true" href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a>
<a moz-do-not-send="true" href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a moz-do-not-send="true" href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a moz-do-not-send="true" href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
<a moz-do-not-send="true" href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a>
<a moz-do-not-send="true" href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a moz-do-not-send="true" href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a>
<a moz-do-not-send="true" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a moz-do-not-send="true" href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a moz-do-not-send="true" href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a>
</pre>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a moz-do-not-send="true"
href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>
<a moz-do-not-send="true" href="http://www.cudatel.com"
target="_blank">http://www.cudatel.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a moz-do-not-send="true" href="http://www.freeswitch.org"
target="_blank">http://www.freeswitch.org</a><br>
<a moz-do-not-send="true" href="http://wiki.freeswitch.org"
target="_blank">http://wiki.freeswitch.org</a><br>
<a moz-do-not-send="true" href="http://www.cluecon.com"
target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a moz-do-not-send="true"
href="http://lists.freeswitch.org/mailman/options/freeswitch-users"
target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a moz-do-not-send="true" href="http://www.freeswitch.org"
target="_blank">http://www.freeswitch.org</a><br>
<br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div dir="ltr">Anthony Minessale II ♬ @anthmfs ♬
@FreeSWITCH ♬
<div><br>
<div>☞ <a moz-do-not-send="true"
href="http://freeswitch.org/" target="_blank">http://freeswitch.org/</a>
☞ <a moz-do-not-send="true" href="http://cluecon.com/"
target="_blank">http://cluecon.com/</a> ☞ <a
moz-do-not-send="true"
href="http://twitter.com/FreeSWITCH" target="_blank">http://twitter.com/FreeSWITCH</a></div>
<div>
<div>☞ <a moz-do-not-send="true"
href="http://irc.freenode.net" target="_blank">irc.freenode.net</a>
#freeswitch ☞ <u><a moz-do-not-send="true"
href="http://freeswitch.org/g+" target="_blank">http://freeswitch.org/g+</a></u><br>
<br>
</div>
<div>ClueCon Weekly Development Call <br>
</div>
<div>☎ <a moz-do-not-send="true"
href="mailto:sip%3A888@conference.freeswitch.org"
target="_blank">sip:888@conference.freeswitch.org</a>
☎ +19193869900 </div>
<div><br>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a class="moz-txt-link-abbreviated" href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitchsolutions.com">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a class="moz-txt-link-freetext" href="http://www.cudatel.com">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://wiki.freeswitch.org">http://wiki.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://www.cluecon.com">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
<br>
</body>
</html>