[asterisk-users] Is this doable?

Sun Feb 5 17:50:10 CST 2012

>> and multitasking - the latter
>> *may* be solved by going with AGI (not sure yet as Asterisk is still
>> completely new to me).
>
> I don't really follow you.
What I meant was that it may be necessary (at a later stage, once I get 
enough level of knowledge to be confident of doing something a bit more 
complex) to ask Asterisk to "multitask" - for example: I listed in one 
of my previous posts, that once the "essential" part (i.e. connectivity 
& security) is set up properly, my idea is to set up the proper logic 
for treating different call groups.

One particular example of this, as I already pointed out in that earlier 
post, is I'd like to ask "anonymous" callers (i.e. callers without any 
caller IDs or callers placed in that group by myself/admin/other) to be 
asked by Asterisk what is the reason for their call before routing the 
call, then some sort of moh to be played while Asterisk - at the same 
time - rings a nominated number and plays what the callers just said 
(which should be recorded temporarily, obviously) and I would have 4 
options - accept the call, in which case Asterisk transfers the caller 
to me, reject it with a "not available" message, reject it but allow the 
caller to leave a message, or reject the call returning a message to the 
caller that the number is blacklisted.

This flow, I am almost certain, would require multitasking on the part 
of Asterisk - that is what I meant with my previous post.

>> Nope! My eth0 interface is not facing the public Internet directly - it
>> takes its IP address from my ISP's DHCP (which is private!) even though
>> it can forward/pass traffic through the public internet via that
>> interface, that is the problem.
> In this case, "your" router is the one that your ISP provided or is 
> using, which performs NAT for your hosts.  If it is Linux with 
> ip_nat_sip, I believe that it'll "fix" packets without requiring you 
> to configure your Asterisk host.
I am not sure that is the case though - especially when I will be using 
"non-standard" sip port (5061 & 5065) - in my current configuration I 
use a STUN option on my existing client, but the connection is routed 
directly - no intermediaries at all, so don't know what Asterisk is 
going to do in such case, hence my concern.

>> That was my initial intention as I was hoping Linux will map each
>> request/response using the appropriate interface (i.e. on which
>> interface it comes from), I realise binding on 0.0.0.0. is not ideal
>> from a security point of view (I'd rather issue separate udpbind
>> statements for the interfaces I want to use), but for now it have to do
>> if there isn't an alternative.
>
> Linux *can* do that, but it requires a bit of configuration for route 
> selection.
All the routes are already configured - I have no problem with that bit 
(I use checkpoint as well as another - customised - module, which takes 
care of accounting & implements additional tracking). My only worry is 
from a security point of view - 0.0.0.0 binding is for all interfaces, 
which is not something I want, but can live with - for now.

I am a bit baffled though - Asterisk has existed for quite a while now 
and I am not sure why this wasn't implemented sooner - everyone knows 
that using 0.0.0.0 is a security risk.

Thank you for your input, as always!