[asterisk-users] Disallow CALLS without registry
Victor Villarreal
mefhigoseth at gmail.com
Fri Feb 10 09:57:10 CST 2017
Hi Antony,
Sory but I don't understand why your Asterisk accept anon calls with the
conf you provide us.
Maybe a full excerpt of an incoming call will help.
Last, there exist dialplan like GROUP and GROUP_COUNT that permits you
count the number of calls in a custom group fashion.
El 10/2/2017 11:51, "Антон Сацкий" <satskiy.a at gmail.com> escribió:
> Thanks Frank -- but this not a solution
> below my current config
>
> [general]
>
> ;sms
> accept_outofcall_message = yes
> outofcall_message_context = messages
> auth_message_requests = no
>
> ;general
> allowguest = no
> jbenable = no
> jbimpl = adaptive
> allow = !all,g722,ulaw,gsm
> udpbindaddr = 0.0.0.0
> transport = udp
>
> language = ru
> context = public
> alwaysauthreject = yes
> nat = force_rport,comedia
> directmedia = no
> allowoverlap = no
> match_auth_username = yes
>
> progressinband = yes
> textsupport = yes
> videosupport = yes
> maxcallbitrate = 1384
> ;
> sendrpid = pai
> rpid_update = yes
> pedantic=no
> ;tos
> tos_sip=cs3
> tos_audio=ef
> tos_video=cs4
>
> 2017-02-10 16:40 GMT+02:00 Frank Vanoni <mailinglist at linuxista.com>:
>
>> On Thu, 2017-02-09 at 14:58 +0200, Антон Сацкий wrote:
>>
>>
>> > so the main question is -- how to Disallow CALLS without registering
>> > on PBX
>>
>> sip.conf configuration
>> In the [general] section, define:
>>
>>
>> [general]
>> ...
>> allowguest=no
>> alwaysauthreject=yes
>> ...
>>
>>
>> The "allowguest" line disables anonymous SIP calls to your PBX. Some SIP
>> providers connect as a guest user, however, so this may be inappropriate
>> for your situation. Also, if you want to accept anonymous SIP calls,
>> this line would block them, so you wouldn't want that. But it is listed
>> here because it is the safest configuration.
>>
>> The "alwaysauthreject" line is important. This causes a hacker to get
>> the same response from your PBX when they try to guess passwords whether
>> or not they guessed a valid username. This also has the side-effect of
>> making poorly written scanning scripts (the vast majority of hacker
>> scripts seem to be poorly written) take less resources on your Asterisk
>> box, as even if they scan a valid username, they'll think it doesn't
>> exist.
>>
>> (Source: https://www.voip-info.org/wiki/view/Asterisk+security )
>>
>>
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>>
>> New to Asterisk? Start here:
>> https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>> http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
>
>
> --
> Best regards
> Antony
> tel. +380669197533
> tel2. +380636564340
> Paypal http://paypal.me/Satskiy
> <http://paypal.me/Satskiy?ppid=PPC000654&cnac=PL&rsta=en_PL(en_DK)&cust=NN8XJS9XEP22C&unptid=21db79ac-ef8d-11e5-9553-9c8e992ea258&t=&cal=4d776c21ca7d2&calc=4d776c21ca7d2&calf=4d776c21ca7d2&unp_tpcid=ppme-social-business-profile-created&page=main:email&pgrp=main:email&e=op&mchn=em&s=ci&mail=sys>
> satskiy.a at gmail.com <mail%3Asatskiy.a at gmail.com>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at: https://community.asterisk.
> org/
>
> New to Asterisk? Start here:
> https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20170210/fd321732/attachment.html>
More information about the asterisk-users
mailing list