<div dir="ltr"><span style="font-family:arial,sans-serif;font-size:13px">Hi all,</span><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px">I am using Kamailio to front my freeswitch servers and it is working great. I am getting some problems with authentication, sometimes users which are not registered with kamailio are also able to make calls. I have a feeling that I am doing something really silly with kamailio routing. Following is the AUTH route that I am using, please let me know I am missing something very obvious.</div><div style="font-family:arial,sans-serif;font-size:13px"><br></div><div style="font-family:arial,sans-serif;font-size:13px"><div>route[AUTH] {</div><div>#!ifdef WITH_AUTH</div><div><br></div><div>#!ifdef WITH_FREESWITCH</div><div>    if(route(FSINBOUND))</div><div>        return;</div><div>#!endif</div><div><br></div><div>#!ifdef WITH_IPAUTH</div><div><span style="white-space:pre-wrap">       </span>if((!is_method("REGISTER")) && allow_source_address())</div><div><span style="white-space:pre-wrap"> </span>{</div><div><span style="white-space:pre-wrap">                </span># source IP allowed</div><div><span style="white-space:pre-wrap">              </span>return;</div><div><span style="white-space:pre-wrap">  </span>}</div><div>#!endif</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (is_method("REGISTER") || from_uri==myself)</div><div><span style="white-space:pre-wrap"> </span>{</div><div><span style="white-space:pre-wrap">                </span># authenticate requests</div><div><span style="white-space:pre-wrap">          </span>if (!auth_check("$fd", "subscriber", "1")) {</div><div><span style="white-space:pre-wrap">                       </span>auth_challenge("$fd", "0");</div><div><span style="white-space:pre-wrap">                  </span>exit;</div><div><span style="white-space:pre-wrap">            </span>}</div><div><span style="white-space:pre-wrap">                </span># user authenticated - remove auth header</div><div><span style="white-space:pre-wrap">                </span>if(!is_method("REGISTER|PUBLISH"))</div><div><span style="white-space:pre-wrap">                     </span>consume_credentials();</div><div><span style="white-space:pre-wrap">   </span>}</div><div><span style="white-space:pre-wrap">        </span># if caller is not local subscriber, then check if it calls</div><div><span style="white-space:pre-wrap">      </span># a local destination, otherwise deny, not an open relay here</div><div><span style="white-space:pre-wrap">    </span>if (from_uri!=myself && uri!=myself)</div><div><span style="white-space:pre-wrap">     </span>{</div><div><span style="white-space:pre-wrap">                </span>sl_send_reply("403","Not relaying");</div><div><span style="white-space:pre-wrap">         </span>exit;</div><div><span style="white-space:pre-wrap">    </span>}</div><div><br></div><div>#!endif</div><div><span style="white-space:pre-wrap"> </span>return;</div><div>}</div><div><br></div><div><div>route[FSINBOUND] {</div><div>  if($si== $sel(cfg_get.freeswitch.bindip) && $sp==$sel(cfg_get.freeswitch.bindport))</div><div>     return 1;</div><div>  return -1;</div><div>}</div></div><div><br></div><div><br></div><div><br></div><div>I have set "WITH_AUTH" and "WITH_FREESWITCH". Let me know, if any more details are required.</div><div><br></div><div>System configuration:</div><div>Ubuntu: 12.04 LTS</div><div>Kamailio: 4.1.5 (x86_64/linux)</div><div>Freeswitch: 1.4.7 stable release</div></div><div><br></div>-- <br><div dir="ltr">Thanks and Regards,<br>Ashwin Jain<br></div>
</div>