This is a very good question. I faced the same problem some time ago, and by goggling found out that somebody had actually programmed a patch for this purpose, but it never got approved to go into the main branch of Asterisk. If you google, you'll probably found out details on it.<br>
<br>I am, however, found a very simple way to do it, which is not perfectly secure because it is crackable by any hi tech cracker who could send modified SIP headers, but otherwise it does its job great.<br><br>Here is how you can do it (I use Asterisk 1.4):<br>
<br>First check the user agent name using "sip show peers". Lets say sip user agent is "Sipura/SPA1001-3.1.8(SEc)".<br><br>When a SIP phone registers on your asterisk server, asterisk stores its user agent information in variable ${SIPUSERAGENT}. This means when an extension dials out, you can check in the dialplan if the ${SIPUSERAGENT} matches your user agent or not, and based on the result you can decide how to proceed with the call.<br>
<br>I use AEL, and it'll look like this:<br><br>// Check if the user agent is the one we supplied<br>if ("${SIPUSERAGENT}"!="Sipura/SPA1001-3.1.8(SEc)") {<br> // If not, hangup the call or do something else. I block the IP in iptables and record IP in MySQL for future reference<br>
NoCDR();<br> Hangup();<br>}<br><br>// Otherwise continue the dialplan<br><br>In regular non AEL config, which is harder to work with, it will look something like this:<br><br>exten => _NXXNXXXXXX,1,...<br>exten => _NXXNXXXXXX,n,...<br>
...<br>...<br>...<br>exten => _NXXNXXXXXX,n,GotoIf($["${SIPUSERAGENT}"!="Sipura/SPA1001-3.1.8(SEc)"]?hangup:continue)<br>exten => _NXXNXXXXXX,n(hangup),NoCDR()<br>exten => _NXXNXXXXXX,n,Hangup()<br>
exten => _NXXNXXXXXX,n(continue),...<br>exten => _NXXNXXXXXX,n,...<br><br>As I said earlier, if an experienced cracker really wants, and knows what sip user agent name you are using, he can figure out that you are checking the sip user agent name, and then send custom sip user agent name with the same name. But in your case its probability is very little. In fact I was using a webphone with free calls to anywhere in North American and some other countries right from my website, and wouldn't really care if crackers would crack it or not, because call duration was only one minute, but this setup really helped block a lot of crakcers, because before they would know I was checking extensions by user agent name, their IP address would already be blocked.<br>
<br>--<br>Zeeshan<br><br><div class="gmail_quote">On Mon, Jun 28, 2010 at 7:58 PM, Tarek Sawah <span dir="ltr"><<a href="mailto:tareksawah@hotmail.com">tareksawah@hotmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div>
Greetings list,<div>this question is rather a pain in my side.. i have been trying to figure it out.. it could be simple.</div><div>i have a customer with a callcenter .. we developed a CRM "Customer Relations Management" with an SIP dialers built in.</div>
<div>the question is the following.. is it possible to force the agents (users) to use a certain UserAgent which is the one built-in our system? this way will prevent the agents we are restricting them to only be able to dial through the software which is already restricted to their seats in the call center.. but someone might sniff around .. and get the sip username and password assigned to him and use it through Zoiper or any other softphone to make calls ..our agents are allowed international calls .. so we want to restrict them to only use our dialer.</div>
<div>Is that possible?</div><div>Asterisk version 1.4.33</div><div>regards<br><font color="#888888"><br>-- Tarek Sawah
Integrated Digital Systems
CCNA, MCSE, RHCE, VoIP USA: +1 386 492 9993 <br></font><div class="hm"><br></div></div><div class="hm">                                            <br><hr>The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail. <a href="http://www.windowslive.com/campaign/thenewbusy?tile=multiaccount&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4" target="_blank">Get busy.</a></div>
</div>
<br>--<br>
_____________________________________________________________________<br>
-- Bandwidth and Colocation Provided by <a href="http://www.api-digital.com" target="_blank">http://www.api-digital.com</a> --<br>
New to Asterisk? Join us for a live introductory webinar every Thurs:<br>
<a href="http://www.asterisk.org/hello" target="_blank">http://www.asterisk.org/hello</a><br>
<br>
asterisk-users mailing list<br>
To UNSUBSCRIBE or update options visit:<br>
<a href="http://lists.digium.com/mailman/listinfo/asterisk-users" target="_blank">http://lists.digium.com/mailman/listinfo/asterisk-users</a><br></blockquote></div><br><br clear="all"><br>-- <br>Zeeshan A Zakaria<br>