<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>SIP SECURITY WARNING<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Version: v1-0 (cvs today)<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Problem: sip context in general section ignored - goes to default
- allowing unauthorized sip devices to place calls in default context<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Fix [workaround]:<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Remove or rename “default” context in extensions.conf <o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Notes:<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>I am not sure what other asterisk functionality may be affected by this
– review your other config files for references to the “default”
context. Test your configurations to ensure calls are landing in the
correct context. I suggest removing “default” and creating
others like sip-default which include demo and then testing from a sip channel
to make sure you still hit the demo from a registered device but, not from
unregistered devices. Repeat for other channels as necessary.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Detail:<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>I have been working with asterisk for a while now but, had never
tested/noticed this scenario – I had always created device entries in
sip.conf for any devices I tested so I never ran into this. Today on a
new config the phone came up before I had put anything in sip.conf and I
thought – let’s see what happens if we try to call someone –
and it WORKED which was the least expected behavior.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>I am using a cisco 7960 with SIP firmware v6.3 (dosen’t really
matter any sip phone will do this) With a bare asterisk build and setup of v1-0
(pulled from cvs today) on FC3 minimal + asterisk requirements + up2date and
the configs (sip, extensions) below.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Without placing any peer,friend,user entries in sip.conf for the phone
device/extension, I am able to make calls through the “default”
context. In the below example dialing “500” from a sip phone
will execute the inter asterisk connection test (IAX) to digium even though the
context defined in the general section of sip.conf is “sip-unauthorized”
which should play congestion and hang up (as was suggested in “Getting started
with asterisk”).<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Removing or renaming the “default” context in
extensions.conf appears to resolve this issue – congestion is played.
However, adding a real extension such as 900 and mapping it to something like
voicemail shows that the context sip-unauthorized is not being used - also the
following error is logged on the console (verbose = 7) which hints to this as
well – and explains why congestion was played. Instead of looking
for sip-unauthorized as expected it looked for the missing default and then
played congestion when default was not found.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Dec 3 20:26:42 NOTICE[15447]: pbx.c:1318
pbx_extension_helper: Cannot find extension context 'default'<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Sip.conf<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>[general]<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>contex=sip-unauthorized<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>port=5060<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>bindaddr=0.0.0.0<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>localnet=172.16.0.0/255.255.255.0<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><eof><o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'>Extensions.conf<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>[general]<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>static=yes<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>writeprotect=no<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>[globals]<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;CONSOLE=Console/dsp ;
Console interface for demo<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>IAXINFO=guest ;
IAXtel username/password<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;TRUNK=Zap/g2 ;
Trunk interface<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;TRUNKMSD=1 ;
MSD digits to strip (usually 1 or 0)<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>[macro-stdexten];<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>; Standard extension macro:<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>; ${ARG1} -
Extension (we could have used ${MACRO_EXTEN} here as well<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>; ${ARG2} -
Device(s) to ring<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
s,1,Dial(${ARG2},20) ;
Ring the interface, 20 seconds maximum<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
s,2,Goto(s-${DIALSTATUS},1) ;
Jump based on status (NOANSWER,BUSY,CHANUNAVAIL,CONGESTION,ANSWER)<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
s-NOANSWER,1,Voicemail(u${ARG1}) ;
If unavailable, send to voicemail w/ unavail announce<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
s-NOANSWER,2,Goto(default,s,1) ;
If they press #, return to start<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten => s-BUSY,1,Voicemail(b${ARG1}) ;
If busy, send to voicemail w/ busy announce<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
s-BUSY,2,Goto(default,s,1) ;
If they press #, return to start<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
_s-.,1,Goto(s-NOANSWER,1) ;
Treat anything else as no answer<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
a,1,VoicemailMain(${ARG1}) ;
If they press *, send the user into VoicemailMain<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>[default]<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
500,1,Playback(demo-abouttotry); Let them know what's going on<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
500,2,Dial(IAX2/guest@misery.digium.com/s@default) ; Call the
Asterisk demo<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
500,3,Playback(demo-nogo) ; Couldn't connect to the demo site<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten => 500,4,Goto(s,6) ;
Return to the start over message.<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=3 face="Courier New"><span
style='font-size:12.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>[sip-unauthorized]<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;An important point here, if
you do not have a sip aware <o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;firewall and are just using
port forwarding then ensure <o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;that your context points to
somewhere like invalidcalls. <o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;If you do not do this then
someone could call one of your <o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;extensions direct from the
Internet. If you had an FXO card <o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>;in the machine, this could
lead to them being able to make PSTN calls!!<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=1 face="Courier New"><span style='font-size:9.0pt;
font-family:"Courier New"'>;[from <a
href="http://www.automated.it/guidetoasterisk.htm#_Toc49248767">http://www.automated.it/guidetoasterisk.htm#_Toc49248767</a>]<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten => s,1,Answer<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
s,2,Playtones(congestion)<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten => s,3,Congestion<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten =>
900,1,VoicemailMain<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-autospace:none'><font size=1 face="Courier New"><span
style='font-size:9.0pt;font-family:"Courier New"'>exten => 900,2,Hangup<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><eof><o:p></o:p></span></font></p>
<p class=MsoNormal><font size=3 face="Times New Roman"><span style='font-size:
12.0pt'><o:p> </o:p></span></font></p>
</div>
</body>
</html>