[Freeswitch-users] Blocking incoming calls

Andrew Cassidy andrew at cassidywebservices.co.uk
Wed Mar 13 15:07:07 MSK 2013


They could still be registering, but to a different profile. Possibly on an
internal network.

On 13 March 2013 11:43, Alex Lake <alex at digitalmail.com> wrote:

>  Ah, so presumably the OP doesn't have (for example) SIP handsets
> registered to his box (presumably that's done on port 5060, too)
>
> Only if you don't know what IP addresses calls are going to be coming
> from. In this case, we can probably ask the provider what their IP
> addresses are and just explicitly allow them.
>
>  All fail2ban does is check the log files then set up relevant firewall
> blacklist rules, so for the same job you get slightly more CPU load too.
>
> On 13 March 2013 10:28, Alex Lake <alex at digitalmail.com> wrote:
>
>> Isn't fail2ban the usual solution here?
>>  > Hello. I hope someone can quickly see what I want to do and steer me
>> in the right direction.
>> >
>> > I've looked at the documentation for acl.conf.xml and the SIP profile
>> config file external.xml. I want to block incoming calls from all but a
>> single external IP address and I'm sorry I just can't figure out how to do
>> it or even if it can be done.
>> >
>> > We have a SIP trunk service with our VOIP provider. That means we have
>> a static IP address which they use when they forward calls to us. They
>> don't need to register, we just accept their calls but of course they have
>> to be to our destination phone number. That all works and we have been very
>> happy with Freeswitch for I don't know well over a year.
>> >
>> > Recently I became aware that someone is hammering our system trying to
>> make calls. Our provider will only use port 5060 so that does mean our
>> system is sitting on the internet with port 5060 open. Our dial plan works
>> correctly and I can see in the log these calls are going nowhere. But they
>> can be every few seconds and I suspect they might be using a lot of
>> bandwidth just hammering the system.
>> >
>> > We will never receive calls from any other address than the one our
>> VOIP provider will use to call us. So I just want to block SIP traffic from
>> all addresses except theirs. I just want Freeswitch to stay silent when a
>> call comes in on any other address, so there is no evidence that it is
>> there to be attacked.
>> >
>> > I know I can do this with a firewall but I hope I can do it in
>> Freeswitch itself. I am confused about the parameters auth-calls and
>> auth-call and how to apply an access list that would restrict all calls to
>> just one IP address. I did read somewhere in the docs that if you want to
>> block calls you need to use a firewall and maybe that's the answer and so
>> be it. Still I hope I can do it with Freeswitch so I can just apply the
>> right ACL and sort the problem without creating new problems by introducing
>> a firewall.
>> >
>> > Hope you can help.
>> >
>> >
>> > Clive Lansink
>> > Email: Clive at Lansink.Co.NZ
>> > Phone: +64 9 520-4242 <%2B64%209%20520-4242>
>> > Mobile: +64 21 663-999 <%2B64%2021%20663-999>
>> > Fax: +64 21 789-150 <%2B64%2021%20789-150>
>> >
>> >
>> _________________________________________________________________________
>> > Professional FreeSWITCH Consulting Services:
>> > consulting at freeswitch.org
>> > http://www.freeswitchsolutions.com
>> >
>> > 
>> > 
>> >
>> > Official FreeSWITCH Sites
>> > http://www.freeswitch.org
>> > http://wiki.freeswitch.org
>> > http://www.cluecon.com
>> >
>> > FreeSWITCH-users mailing list
>> > FreeSWITCH-users at lists.freeswitch.org
>> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> > UNSUBSCRIBE:
>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>> > http://www.freeswitch.org
>> >
>> >
>>  > -----
>> > No virus found in this message.
>> > Checked by AVG - www.avg.com
>> > Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date:
>> 03/12/13
>>  >
>> >
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
>  --
> *Andrew Cassidy BSc (Hons) MBCS SSCA*
> Managing Director
>
>
> *T <info at cassidywebservices.co.uk> *03300 100 960  *F<info at cassidywebservices.co.uk>
>  *03300 100 961
> *E <info at cassidywebservices.co.uk> *andrew at cassidywebservices.co.uk
> *W <info at cassidywebservices.co.uk> *www.cassidywebservices.co.uk
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:consulting at freeswitch.orghttp://www.freeswitchsolutions.com
>
> FreeSWITCH-powered IP PBX: The CudaTel Communication Server
>
> Official FreeSWITCH Siteshttp://www.freeswitch.orghttp://wiki.freeswitch.orghttp://www.cluecon.com
>
> FreeSWITCH-users mailing listFreeSWITCH-users at lists.freeswitch.orghttp://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-usershttp://www.freeswitch.org
>
>
>
> No virus found in this message.
> Checked by AVG - www.avg.com
> Version: 2012.0.2240 / Virus Database: 2641/5668 - Release Date: 03/12/13
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>


-- 
*Andrew Cassidy BSc (Hons) MBCS SSCA*
Managing Director


*T <info at cassidywebservices.co.uk> *03300 100 960
*F<info at cassidywebservices.co.uk>
 *03300 100 961
*E <info at cassidywebservices.co.uk> *andrew at cassidywebservices.co.uk
*W <info at cassidywebservices.co.uk> *www.cassidywebservices.co.uk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130313/b2ccb446/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list