Difference between revisions of "Blacklist or whitelist"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
− | Occasionally it becomes necessary to limit connections to your node. | + | Occasionally it becomes necessary to limit connections to your node. With this configuration you can either blacklist (block) or whitelist (allow) inbound connections. Outbound connections are not blocked. |
It's very easy to manage both list with these Asterisk CLI commands: | It's very easy to manage both list with these Asterisk CLI commands: |
Revision as of 20:38, 15 October 2017
Occasionally it becomes necessary to limit connections to your node. With this configuration you can either blacklist (block) or whitelist (allow) inbound connections. Outbound connections are not blocked.
It's very easy to manage both list with these Asterisk CLI commands:
- Blacklist
- database put blacklist 1998 "any comment"
- database del blacklist 1998
- database show blacklist
- Whitelist
- database put whitelist 1000 "any comment"
- database del whitelist 1000
- database show whitelist
- Both
- database show
Blacklist Configuration
Add this to extensions.conf just below the [radio-secure] context.
[radio-secure] ... ; To add a node to the blacklist: ; database put blacklist 1998 “any comment” ; to remove: ; database del blacklist 1998 ; to list ; database show blacklist [blacklist] exten => _XXXX!,1,NoOp(${CALLERID(num)}) exten => _XXXX!,n,GotoIf($[${DB_EXISTS(blacklist/${CALLERID(num)})}]?blocked) exten => _XXXX!,n,Goto(radio-secure,${EXTEN},1) exten => _XXXX!,n(blocked),Hangup [whitelist] exten => _XXXX!,1,NoOp(${CALLERID(num)}) exten => _XXXX!,n,NoOp(${IAXPEER(CURRENTCHANNEL)}) exten => _XXXX!,n,GotoIf($["${IAXPEER(CURRENTCHANNEL)}" = "127.0.0.1"]?radio-secure,${EXTEN},1) ;permit local IPs exten => _XXXX!,n,GotoIf($[${DB_EXISTS(whitelist/${CALLERID(num)})}]?radio-secure,${EXTEN},1) exten => _XXXX!,n,Hangup
In iax.conf modify the [radio] context by adding and/or commenting context = lines.
[radio] type = user disallow = all allow = ulaw allow = adpcm allow = gsm codecpriority = host ;context = radio-secure ;context = whitelist context = blacklist transfer = no
Note: Only one list can be used at a same time and it applies to all nodes on the server.