Blacklist or whitelist: Difference between revisions

Revision as of 19:56, 15 October 2017

Occasionally it becomes necessary to limit connections to your node. The blacklist is used block a poorly operating node or small number of nodes. The whitelist allows only listed notes to connect.

It's very easy to manage both list with these Asterisk CLI commands:

database put blacklist 1998 "any comment"
database del blacklist 1998
database show blacklist
database put whitelist 1000 "any comment"
database del whitelist 1000
database show whitelist
database show

Blacklist Configuration

Add this to extensions.conf just below the [radio-secure] context.

[radio-secure]
...

; To add a node to the blacklist: 
; database put blacklist 1998 “any comment”
; to remove:
; database del blacklist 1998
; to list
; database show blacklist
 
[blacklist]
exten => _XXXX!,1,NoOp(${CALLERID(num)})
exten => _XXXX!,n,GotoIf($[${DB_EXISTS(blacklist/${CALLERID(num)})}]?blocked)
exten => _XXXX!,n,Goto(radio-secure,${EXTEN},1)
exten => _XXXX!,n(blocked),Hangup

[whitelist]
exten => _XXXX!,1,NoOp(${CALLERID(num)})
exten => _XXXX!,n,NoOp(${IAXPEER(CURRENTCHANNEL)})
exten => _XXXX!,n,GotoIf($["${IAXPEER(CURRENTCHANNEL)}" = "127.0.0.1"]?radio-secure,${EXTEN},1)  ;permit local IPs
exten => _XXXX!,n,GotoIf($[${DB_EXISTS(whitelist/${CALLERID(num)})}]?radio-secure,${EXTEN},1)
exten => _XXXX!,n,Hangup

In iax.conf modify the [radio] context by adding and/or commenting context = lines.

[radio]
type = user
disallow = all
allow = ulaw
allow = adpcm
allow = gsm
codecpriority = host
;context = radio-secure
;context = whitelist
context = blacklist
transfer = no

Notes: Neither list blocks outbound connections. Both lists cannot be used at the same time and apply to all nodes on the server.

Blacklist or whitelist: Difference between revisions

Revision as of 19:56, 15 October 2017

Blacklist Configuration

Contributors

Navigation menu

@@ Line 1: / Line 1: @@
-Occasionally it becomes necessary to block a poorly operating node. This method makes it very easy to manage a blacklist with three simple Asterisk CLI commands:
+Occasionally it becomes necessary to limit connections to your node. The blacklist is used block a poorly operating node or small number of nodes. The whitelist allows only listed notes to connect.
+It's very easy to manage both list with these Asterisk CLI commands:
 * database put blacklist 1998 "any comment"
 * database del blacklist 1998
 * database show blacklist
+* database put whitelist 1000 "any comment"
+* database del whitelist 1000
+* database show whitelist
+* database show
 ==Blacklist Configuration==
@@ Line 22: / Line 27: @@
 exten => _XXXX!,n,GotoIf($[${DB_EXISTS(blacklist/${CALLERID(num)})}]?blocked)
 exten => _XXXX!,n,Goto(radio-secure,${EXTEN},1)
-exten => _XXXX!,n(blocked),Hangup;
+exten => _XXXX!,n(blocked),Hangup
+[whitelist]
+exten => _XXXX!,1,NoOp(${CALLERID(num)})
+exten => _XXXX!,n,NoOp(${IAXPEER(CURRENTCHANNEL)})
+exten => _XXXX!,n,GotoIf($["${IAXPEER(CURRENTCHANNEL)}" = "127.0.0.1"]?radio-secure,${EXTEN},1)  ;permit local IPs
+exten => _XXXX!,n,GotoIf($[${DB_EXISTS(whitelist/${CALLERID(num)})}]?radio-secure,${EXTEN},1)
+exten => _XXXX!,n,Hangup
 </pre>
-In iax.conf modify the [radio] context by commenting context = radio-secure and adding context =  blacklist
+In iax.conf modify the [radio] context by adding and/or commenting context = lines.
 <pre>
 [radio]
@@ Line 35: / Line 47: @@
 codecpriority = host
 ;context = radio-secure
+;context = whitelist
 context = blacklist
 transfer = no
 </pre>
+''Notes'': Neither list blocks outbound connections. Both lists cannot be used at the same time and apply to all nodes on the server.
 [[Category:How to]]
 [[Category:Node Configuration]]

Blacklist or whitelist: Difference between revisions

Revision as of 19:56, 15 October 2017

Blacklist Configuration

Contributors

Navigation menu

Search