Setup/Download IAXRpt: Difference between revisions

From AllStarLink Wiki
Jump to navigation Jump to search
imported>N8THN
created page
 
imported>N8THN
m added content
Line 1: Line 1:
[[Category:How to]]
[[Category:How to]]
IAXRPT is a specialized soft phone program which allows users to connect from their PC's to an Allstar node. Setting up IAXRPT access is similar to seting up dial-in access, but a different command line switch is used in extensions.conf, and user autheorization is done in iax.conf.
=== Security Issues ===
{| class="wikitable"
|Incoming IAXRPT connections need to be authorized by making sure the incoming IAX user stanza is protected with a secret. This is the case because incoming IAX calls are not checked against a nodes stanza.
|}
=== Setup ===
First, a user stanza needs to added to iax.conf to allow incoming IAXRPT calls to be routed to a context in extensions.conf. A modified on the following stanza should be placed in iax.conf:
[gui]
type=user         
context=radio-gui 
auth=md5             
secret=nunya  ; *** Important! Change this!!!
host=dynamic     
disallow=all
allow=ulaw 
allow=gsm       
transfer=no
Second, a context stanza is added to extensions.conf to transfer control to the Rpt application:
[radio-gui]                 
exten = 1234,1,Rpt,1234|X    ; Change 1234 to your node number
The X option passed to the Rpt application disables the normal security checks. Because incoming connections are validated in iax.conf, and we don't know where the user will be coming from in advance, the X option is required.

Revision as of 15:34, 28 January 2019

IAXRPT is a specialized soft phone program which allows users to connect from their PC's to an Allstar node. Setting up IAXRPT access is similar to seting up dial-in access, but a different command line switch is used in extensions.conf, and user autheorization is done in iax.conf.

Security Issues

Incoming IAXRPT connections need to be authorized by making sure the incoming IAX user stanza is protected with a secret. This is the case because incoming IAX calls are not checked against a nodes stanza.

Setup

First, a user stanza needs to added to iax.conf to allow incoming IAXRPT calls to be routed to a context in extensions.conf. A modified on the following stanza should be placed in iax.conf:

[gui]
type=user          
context=radio-gui   
auth=md5              
secret=nunya  ; *** Important! Change this!!!
host=dynamic      
disallow=all
allow=ulaw  
allow=gsm        
transfer=no

Second, a context stanza is added to extensions.conf to transfer control to the Rpt application:

[radio-gui]                   
exten = 1234,1,Rpt,1234|X    ; Change 1234 to your node number

The X option passed to the Rpt application disables the normal security checks. Because incoming connections are validated in iax.conf, and we don't know where the user will be coming from in advance, the X option is required.