[asterisk-users] Block outbound calls based on IP address
CB
kjcsb at xnet.co.nz
Mon Aug 6 13:40:54 CDT 2012
We are looking to further secure our Asterisk installation by inspecting the
IP address that a SIP INVITE comes from and performing some logic to
determine whether the call should proceed. The purpose of this is to prevent
calls to certain expensive destinations if the SIP message is coming from a
foreign IP that we don't expect.
I can see that it's possible to use the SIP_HEADER function however that may
not contain the public IP address. For example here is an invite from the
external IP address 58.28.1.1 but that information is not contained in the
SIP header:
U 58.28.1.1:5060 -> 203.89.1.1:5060
INVITE sip:1000 at domain.com SIP/2.0..Via: SIP/2.0/UDP
192.168.1.103:5060;branch=z9hG4bK-d8754z-fc116e03a80ef774-1---d8754z-;rport.
.Max-Forwards: 70
..Contact: <sip:0003330822222261336 at 192.168.1.103:5060>..To:
<sip:1000 at domain.com>..From: <sip:0003330822222261336 at domain.com>;tag=7
dcb1e4d..Call-ID: NDMyZmRhY2Q4ZjNhMjAxMDJhOTA3OTU0MzMyNTkzNjI...CSeq: 1
INVITE..Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE,
SUBSCRIBE, INF
O..Content-Type: application/sdp..Supported: replaces..User-Agent: X-Lite
release 5.0.0 stamp 67284..Content-Length: 217....v=0..o=- 12988751314362048
1 IN IP4
192.168.1.103..s=CounterPath X-Lite 5.0.0..c=IN IP4
192.168.1.103..b=AS:1638..t=0 0..m=audio 5062 RTP/AVP 0 8 3
101..a=rtpmap:101 telephone-event/8000..a=fmtp:1
01 0-15..a=sendrecv..
Is it possible to determine the public IP address from the dialplan?
Any advice appreciated.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 9126 bytes
Desc: not available
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20120807/c9dab7b2/attachment.bin>
More information about the asterisk-users
mailing list