雖然我們都知道開放 SIP URI 是個不安全的連接,但在遇到某些用途時還是需要作有限度的開放,例如服務商 TollFreeForwarding ,這是一家提供 DID 的系統服務商,因為他提供的 DID 服務需要 SIP URI 的轉接,所以在 asterisk 主機需要設定開放來自服務商的 SIP URI 方式撥入,但其他不被允許的來源的 SIP URI 撥入需求應該要被拒絕。
此篇介紹兩個方法均以 Elastix 系統為主,建議用方法二,可避免手動修改任何設定檔。
1. 編輯 /etc/asterisk/extensions_override_freepbx.conf
[from-sip-external]
;give external sip users congestion and hangup
; Yes. This is _really_ meant to be _. - I know asterisk whines about it, but
; I do know what I'm doing. This is correct.
exten => _.,1,NoOp(Received incoming SIP connection from unknown peer to ${EXTEN})
exten => _.,n,Set(DID=${IF($["${EXTEN:1:2}"=""]?s:${EXTEN})})
exten => _.,n,Goto(s,1)
exten => tollfree,1,GotoIf($["${SIPCHANINFO(peerip)}"="xxx.xxx.xxx.xxx"]?from-trunk,${DID},1)
exten => s,1,GotoIf($["${ALLOW_SIP_ANON}"="yes"]?from-trunk,${DID},1)
exten => s,n,Set(TIMEOUT(absolute)=15)
exten => s,n,Answer
exten => s,n,Wait(2)
exten => s,n,Playback(ss-noservice)
exten => s,n,Playtones(congestion)
exten => s,n,Congestion(5)
exten => h,1,NoOp(Hangup)
exten => i,1,NoOp(Invalid)
exten => t,1,NoOp(Timeout)
Tips:
* tollfree 自定義 SIP URI 的名稱,撥入的完整 SIP URI 位址為 tollfree@your-asterisk.ip.address
* xxx.xxx.xxx.xxx 連線來源的 IP 位址,例如是 服務商的系統位址
2. 新增 Inbound Route
Elastix > PBX > PBX Configuration > Inbound Routes
Description: 自定義
DID NUmber: tollfree
Set Destination: <whatever you would like>
Tips:
DID Number 必須與 dialplan 的 extension 相同 (藍字部份)
1. 新增 Trunk
Elastix > PBX > PBX Configuration > Trunk
Outgoing Settings:
Trunk Name: <自定義>
PEER Details: 空白
Incoming Settings:
USER Context: tollfree
USER Details:
host=xxx.xxx.xxx.xxx context=from-trunk insecure=very type=peer
Register String: 空白
Tips:
xxx.xxx.xxx.xxx 是 SIP URI 撥入的來源 IP
2. 新增 Inbound Route
Elastix > PBX > PBX Configuration > Inbound Routes
Description: 自定義
DID NUmber: tollfree
Set Destination: <whatever you would like>
Tips:
DID Number 必須與 Trunk 的 USER Context 相同名稱
Images 0 | ||
---|---|---|
No images to display in the gallery. |