[asterisk-users] Is this doable?

Sun Feb 5 22:37:50 CST 2012

On 02/05/2012 03:50 PM, Josh wrote:
> One particular example of this, as I already pointed out in that earlier
> post, is I'd like to ask "anonymous" callers (i.e. callers without any
> caller IDs or callers placed in that group by myself/admin/other) to be
> asked by Asterisk what is the reason for their call
...

Your description sounds almost entirely like the existing call 
screening, so I'm pretty sure you'll be able to accomplish it.  Start 
with call screening, and modify that to suit your needs.

> before routing the
> call, then some sort of moh to be played while Asterisk - at the same
> time - rings a nominated number and plays what the callers just said
> (which should be recorded temporarily, obviously) and I would have 4
> options - accept the call, in which case Asterisk transfers the caller
> to me, reject it with a "not available" message, reject it but allow the
> caller to leave a message, or reject the call returning a message to the
> caller that the number is blacklisted.

I'd encourage you not to give callers much information.  If you tell 
callers that their number is blacklisted, or that the recipient is not 
available (and not offer them voicemail), they're likely to call back 
and provide different or no information.  It'll be more effective to let 
them leave voicemail and then delete and ignore it.  Just a suggestion.

>>> That was my initial intention as I was hoping Linux will map each
>>> request/response using the appropriate interface (i.e. on which
>>> interface it comes from), I realise binding on 0.0.0.0. is not ideal
>>> from a security point of view (I'd rather issue separate udpbind
>>> statements for the interfaces I want to use), but for now it have to do
>>> if there isn't an alternative.
>>
>> Linux *can* do that, but it requires a bit of configuration for route
>> selection.
> All the routes are already configured

IP routing alone isn't actually sufficient (typically) to use multiple 
interfaces.  Under Linux, you have to set up multiple routing tables, 
track connections, mangle reply packets (mark), and use 'ip rule' to 
select the proper routing table for the packet.  If you haven't verified 
that replies go out the right interface, you should look.  If you have, 
then ignore me. :)

> My only worry is
> from a security point of view - 0.0.0.0 binding is for all interfaces,
> which is not something I want, but can live with - for now.
>
> I am a bit baffled though - Asterisk has existed for quite a while now
> and I am not sure why this wasn't implemented sooner - everyone knows
> that using 0.0.0.0 is a security risk.

No... binding to 0.0.0.0 isn't a security risk.  Typically applications 
bind to a specific address so that a single host can have multiple 
addresses, and an application or multiple applications can bind to 
specific addresses to implement virtual hosting.