[Freeswitch-users] Blocking incoming calls

Alex Lake alex at digitalmail.com
Wed Mar 13 14:43:59 MSK 2013


Ah, so presumably the OP doesn't have (for example) SIP handsets 
registered to his box (presumably that's done on port 5060, too)
> Only if you don't know what IP addresses calls are going to be coming 
> from. In this case, we can probably ask the provider what their IP 
> addresses are and just explicitly allow them.
>
> All fail2ban does is check the log files then set up relevant firewall 
> blacklist rules, so for the same job you get slightly more CPU load too.
>
> On 13 March 2013 10:28, Alex Lake <alex at digitalmail.com 
> <mailto:alex at digitalmail.com>> wrote:
>
>     Isn't fail2ban the usual solution here?
>     > Hello. I hope someone can quickly see what I want to do and
>     steer me in the right direction.
>     >
>     > I've looked at the documentation for acl.conf.xml and the SIP
>     profile config file external.xml. I want to block incoming calls
>     from all but a single external IP address and I'm sorry I just
>     can't figure out how to do it or even if it can be done.
>     >
>     > We have a SIP trunk service with our VOIP provider. That means
>     we have a static IP address which they use when they forward calls
>     to us. They don't need to register, we just accept their calls but
>     of course they have to be to our destination phone number. That
>     all works and we have been very happy with Freeswitch for I don't
>     know well over a year.
>     >
>     > Recently I became aware that someone is hammering our system
>     trying to make calls. Our provider will only use port 5060 so that
>     does mean our system is sitting on the internet with port 5060
>     open. Our dial plan works correctly and I can see in the log these
>     calls are going nowhere. But they can be every few seconds and I
>     suspect they might be using a lot of bandwidth just hammering the
>     system.
>     >
>     > We will never receive calls from any other address than the one
>     our VOIP provider will use to call us. So I just want to block SIP
>     traffic from all addresses except theirs. I just want Freeswitch
>     to stay silent when a call comes in on any other address, so there
>     is no evidence that it is there to be attacked.
>     >
>     > I know I can do this with a firewall but I hope I can do it in
>     Freeswitch itself. I am confused about the parameters auth-calls
>     and auth-call and how to apply an access list that would restrict
>     all calls to just one IP address. I did read somewhere in the docs
>     that if you want to block calls you need to use a firewall and
>     maybe that's the answer and so be it. Still I hope I can do it
>     with Freeswitch so I can just apply the right ACL and sort the
>     problem without creating new problems by introducing a firewall.
>     >
>     > Hope you can help.
>     >
>     >
>     > Clive Lansink
>     > Email: Clive at Lansink.Co.NZ <mailto:Clive at Lansink.Co.NZ>
>     > Phone: +64 9 520-4242 <tel:%2B64%209%20520-4242>
>     > Mobile: +64 21 663-999 <tel:%2B64%2021%20663-999>
>     > Fax: +64 21 789-150 <tel:%2B64%2021%20789-150>
>     >
>     >
>     _________________________________________________________________________
>     > Professional FreeSWITCH Consulting Services:
>     > consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>     > http://www.freeswitchsolutions.com
>     >
>     > 
>     > 
>     >
>     > Official FreeSWITCH Sites
>     > http://www.freeswitch.org
>     > http://wiki.freeswitch.org
>     > http://www.cluecon.com
>     >
>     > FreeSWITCH-users mailing list
>     > FreeSWITCH-users at lists.freeswitch.org
>     <mailto:FreeSWITCH-users at lists.freeswitch.org>
>     > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>     >
>     UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>     > http://www.freeswitch.org
>     >
>     >
>     > -----
>     > No virus found in this message.
>     > Checked by AVG - www.avg.com <http://www.avg.com>
>     > Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date:
>     03/12/13
>     >
>     >
>
>
>     _________________________________________________________________________
>     Professional FreeSWITCH Consulting Services:
>     consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>     http://www.freeswitchsolutions.com
>
>     
>     
>
>     Official FreeSWITCH Sites
>     http://www.freeswitch.org
>     http://wiki.freeswitch.org
>     http://www.cluecon.com
>
>     FreeSWITCH-users mailing list
>     FreeSWITCH-users at lists.freeswitch.org
>     <mailto:FreeSWITCH-users at lists.freeswitch.org>
>     http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>     UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>     http://www.freeswitch.org
>
>
>
>
> -- 
> *Andrew Cassidy BSc (Hons) MBCS SSCA*
> Managing Director
>
>
> *T <mailto:info at cassidywebservices.co.uk> *03300 100 960 *F 
> <mailto:info at cassidywebservices.co.uk> *03300 100 961
> *E <mailto:info at cassidywebservices.co.uk> 
> *andrew at cassidywebservices.co.uk <mailto:andrew at cassidywebservices.co.uk>
> *W <mailto:info at cassidywebservices.co.uk> 
> *www.cassidywebservices.co.uk <http://www.cassidywebservices.co.uk>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> No virus found in this message.
> Checked by AVG - www.avg.com <http://www.avg.com>
> Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date: 03/12/13
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130313/03588554/attachment-0001.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list