How can i block unauthorized callers on dialplan

oladapoadebowale · August 11, 2017, 3:25pm

How can i block unauthorized caller using dialplan commands. I have some unauthorized callers which i will like to block and ban from my dialing plan

johnkiniston · August 11, 2017, 3:59pm

There’s stuff like the ZapATeller application. https://wiki.asterisk.org/wiki/display/AST/Asterisk+15+Application_Zapateller

Or the PrivacyManager application https://wiki.asterisk.org/wiki/display/AST/Application_PrivacyManager

The Dial application has hooks that can interface with the PrivacyManager application. https://wiki.asterisk.org/wiki/display/AST/Application_Dial

You can modify your dialplan patterns to match on caller ID with what used to be called ‘ex-girlfriend logic’ https://wiki.asterisk.org/wiki/display/AST/Pattern+Matching

david551 · August 11, 2017, 4:04pm

The parts of the dialplan that can be abused should be in contexts that are neither default nor associated with a peer that can be accessed externally.

For SIP, allowguest should be disabled, unless you need it, and otherwise the default context should be as above.

For SIP, peers should be authenticated using strong passwords, and, ideally, unpredictable device names.

For SIP, peers that can only be authenticated by user and password, should have address range restrictions.

For VoIP in general, tools like fail2ban and be used to dynamically add firewall rules after a failed attack.

oladapoadebowale · August 15, 2017, 1:02am

The issue is there are many attacks which i do database check to see it the orign numbet exist and for those that are fake origins like 123 700 i want to block the IP. I allowed guest in the sip. Is that possible from the dialplan or o have to set something on the fail2ban

ambiorixg12 · August 15, 2017, 1:04am

You can do a basic bash or php script and pass the IP as parameter using the variable ${CHANNEL(peerip)}

[default]
exten => _X.,1,Noop(Dead calls rising)
exten => _X.,n,Set(uri=${CHANNEL(peerip)})
exten => _X.,n,Verbose(3,Unknown call from ${uri} to ${EXTEN})
exten => _X.,n,System(/root/block.sh ${uri})

oladapoadebowale · August 15, 2017, 2:46am

Thank you. I want to block the IP and not allow it access anymore

ambiorixg12 · August 15, 2017, 3:22am

Another workaround would be use Iptables and Asterisk System() command and pass IP value on the variable ${CHANNEL(peerip)}

same=>n,System(/sbin/iptables -A INPUT -s ${CHANNEL(peerip)} -j DROP)

oladapoadebowale · August 15, 2017, 3:28am

Thank you. I was using this command
exten => s,n, System(iptables -w -I INPUT -s ${IP_NUMBER} -j DROP)

And please will it block the IP forever unless I unblock it

ambiorixg12 · August 15, 2017, 3:32am

Iptables is no Asterisk related issue, you first need to learn how to use iptable and then implement it on Asterisk using the System() command, incase you have issue on how to use iptable use the linux command man iptables

Syntax to block an IP address under Linux

iptables -A INPUT -s IP-ADDRESS -j DROP
Replace IP-ADDRESS with your actual IP address. For example, if you wish to block an ip address 65.55.44.100 for whatever reason then type the command as follows:

iptables -A INPUT -s 65.55.44.100 -j DROP

david551 · August 15, 2017, 8:59am

Setting made using iptables -I will only last until the next reboot.