<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.28.3">
</HEAD>
<BODY>
The kamailo.cfg on the GIT for version 3.1 has this IP auth with the permissions module preconfigured. And the behavour is the expected. Not allowing unauthorized IPs.<BR>
<BR>
Thanks.<BR>
<BR>
El sáb, 15-05-2010 a las 19:41 +0200, Vicente escribió:<BR>
<BLOCKQUOTE TYPE=CITE>
No, I haven't tried that but in that case INVITES from local users wouldn't reache the authorization section.<BR>
<BR>
I've been reading the Domain module documentation and it says that the function checks the From header uri to match one of the domains on the domain table.<BR>
<BR>
What I tried is to place a condition with the call on another part of the script. And then the incoming call is allowed with the IP is added to the trusted table and prohibited if the IP is removed from the table.<BR>
<BR>
But I'm sure I've to be doing something wrong if other people using the module coincide to say that the right place for the condition is inside "if (is_from_local())".<BR>
<BR>
Thanks for the answer.<BR>
<BR>
El sáb, 15-05-2010 a las 19:23 +0200, David Villasmil escribió:
<BLOCKQUOTE TYPE=CITE>
<PRE>
have you tried:
if (!is_from_local()){
if(!allow_trusted()){
...authorization...
I don't remember exactly, but i do remember "is_from_local" is not
exactly well named, it is not really what it says.
David
On Sat, May 15, 2010 at 7:18 PM, Vicente <<A HREF="mailto:vicente@wipzona.es">vicente@wipzona.es</A>> wrote:
> Good afternoon,
>
> I'm trying to configure permissions module to allow calls from an IP
> address. I've the module loaded, the entry on the data base table
> trusted. But according to the examples I've seen on the list and other
> sources, the call to allow_trusted() has to be placed just before the
> INVITE authorization section like:
>
> if (is_from_local()){
> if(!allow_trusted()){
> ...authorization...
>
> In my scenario allow_tusted() is never reached and thus Kamailo allows
> the call regardless the table trusted is populated with the the allowed
> proxy IP or not.
>
> The INVITEs that I want to allow come from another proxy and then I
> understand is_from_local() is always evaluated false for those messages.
> And allow_trusted isn't reached.
>
> Where on the script should the condition to allow only the calls from
> the external proxy IP be placed?
>
> Thanks in advance.
> Vicente.
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> <A HREF="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</A>
> <A HREF="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</A>
>
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<A HREF="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</A>
<A HREF="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</A>
</PRE>
</BLOCKQUOTE>
<BR>
<PRE>
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
<A HREF="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</A>
<A HREF="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</A>
</PRE>
</BLOCKQUOTE>
<BR>
</BODY>
</HTML>