I feel like I’m pretty familiar with how to create a dialplan and how to have calls traverse it, however, one thing has always made me worry. How can I allow a user in say [context1] to be able to dial users in [context2] without allowing them to also get to things like say an extension that is set to be a queue login for [context2]?
I’m thinking right now of a multi tenant system that needs to be able to call tenant but not necessarily get to some aspects of the second tenants system. Can you have some sort of conditional include statements? I’m sure I’m not the only one to wonder this but I don’t really know how to go about searching for it. Everything I’ve tried has come up empty.
Would using GoTo application for “jumping” between contexts be enough?
I wouldn’t think so unless I’m not understanding correctly. I need to basically search the originating set’s context for the 4 digit extension and then if it doesn’t find it search the others but I don’t want “context1” to be able to get to “context2” agent logon extension.
Consider the following:
[context1]
exten => 1234,1,Dial(SIP/user1,20)
exten => 2345,1,Dial(SIP/user2,20)
exten => 5000,1,Macro(queuelogonoff,queue2name)
include => context2
[context2]
exten => 3456,1,Dial(SIP/user3,20)
exten => 4567,1,Dial(SIP/user4,20)
exten => 5001,1,Macro(queuelogonoff,queue1name)
include => context1
This allows the main goal of allowing the two tenants to use 4 digit dialing to call eachother but doesn’t allow for blocking of context 1 to dial 5001 and login to context2’s queue. Even if I had a statement that was something like exten => *32,1,Goto(context2queuelogin,s,1) wouldn’t the people in context 1 be able to dial *32 and get to whatever it pointed to?
This is a basic example but it shows several problems I have with the systems I’ve built.
I also have a problem with somehow getting DAHDI/1 or some other dahdi channel somehow logged into the queue.I haven’t the foggiest how that happens but I’ve taken steps like making queue logins rather than a 4 digit extension be something like *32 but sometimes it still happens.
Would this work for you?
[context1]
exten => 1234,1,Dial(SIP/user1,20)
exten => 2345,1,Dial(SIP/user2,20)
exten => 5000,1,Macro(queuelogonoff,queue2name)
exten => 3456,1,Goto(context2,3456,1)
exten => 4567,1,Goto(context2,4567,1)
[context2]
exten => 3456,1,Dial(SIP/user3,20)
exten => 4567,1,Dial(SIP/user4,20)
exten => 5001,1,Macro(queuelogonoff,queue1name)
exten => 1234,1,Goto(context1,1234,1)
exten => 2345,1,Goto(context1,2345,1)
This way, extensions 1234, 2345, 3456, 4567 are available in both contexts, but the individual queues are only available inside individual contexts.
Wrong forum.
Put the safe extensions in their own contex and include it from but the trusted and untrusted contexts.
[quote=“david55”]Wrong forum.
Put the safe extensions in their own contex and include it from but the trusted and untrusted contexts.[/quote]
david55,
Apologies, but where might the correct forum be so I don’t make the same type mistake again.
Also, by “safe extensions” you would mean the normal phone endpoint extensions?
[tenant1]
exten => 1111,1,Dial(SIP/Phone1)
exten => 2222,1,Dial(SIP/Phone2)
[tenant2]
exten => 3333,1,Dial(SIP/Phone3)
exten => 4444,1,Dial(SIP/Phone4)
[tenant1logins]
exten => *11,1,Macro(queueloginout,Queue1)
include => tenant1
Like that? Would the people in tenant1 be able to dial the queue logins in tenant logins “backward” like that or am I misunderstanding?
Asterisk Support. Asterisk General is supposed to be for discussion, not advice.
By safe I mean ones that can safely be called by anyone, i.e. not toll numbers or any number with restricted access.
I see, I considered this a discussion about best practices, not support, which is why I placed it in General. I would be grateful if you’d move it for me.