Blacklist or whitelist: Difference between revisions

Occasionally it becomes necessary to limit connections to your node. The blacklist blocks a small number of nodes. The whitelist allows listed notes to connect.

It's very easy to manage both list with these Asterisk CLI commands:

• Blacklist
  • database put blacklist 1998 "any comment"
  • database del blacklist 1998
  • database show blacklist
• Whitelist
  • database put whitelist 1000 "any comment"
  • database del whitelist 1000
  • database show whitelist
• Both
  • database show

Blacklist Configuration

Add this to extensions.conf just below the [radio-secure] context.

[radio-secure]
...

; To add a node to the blacklist: 
; database put blacklist 1998 “any comment”
; to remove:
; database del blacklist 1998
; to list
; database show blacklist
 
[blacklist]
exten => _XXXX!,1,NoOp(${CALLERID(num)})
exten => _XXXX!,n,GotoIf($[${DB_EXISTS(blacklist/${CALLERID(num)})}]?blocked)
exten => _XXXX!,n,Goto(radio-secure,${EXTEN},1)
exten => _XXXX!,n(blocked),Hangup

[whitelist]
exten => _XXXX!,1,NoOp(${CALLERID(num)})
exten => _XXXX!,n,NoOp(${IAXPEER(CURRENTCHANNEL)})
exten => _XXXX!,n,GotoIf($["${IAXPEER(CURRENTCHANNEL)}" = "127.0.0.1"]?radio-secure,${EXTEN},1)  ;permit local IPs
exten => _XXXX!,n,GotoIf($[${DB_EXISTS(whitelist/${CALLERID(num)})}]?radio-secure,${EXTEN},1)
exten => _XXXX!,n,Hangup

In iax.conf modify the [radio] context by adding and/or commenting context = lines.

[radio]
type = user
disallow = all
allow = ulaw
allow = adpcm
allow = gsm
codecpriority = host
;context = radio-secure
;context = whitelist
context = blacklist
transfer = no

Notes: Outbound connections are not blocked. Only one list can be used at a same time and it applies to all nodes on the server.