asterisk users - Aug 2005 - include behavior (word puzzle of the day)

In the example below context2 is included in context3 because it is
included in context1.

 

Is there a way to include context2 in context1, and context1 in
context3, but not context2 in context3 as a result.

 

[Context1]

;sip users with 10 digit extensions

Include => context2

 

[context2]

;media gateway terminating local 10 digit calls

 

[context3]

;inbound PRI via media gateway

Include => context1

 

I have a case where a dialplan is insecure because inbound calls in
context3 can be re-routed back out in context2. Actually, what occurs is
a loop, where the call comes in context3, finds no match in context1,
egresses in context2, and repeats the loop, setting up a lot of calls in
a short period of time!

 

Extensions in context1 need to be able to reach extensions in context2

 

Inbound calls into context3 need to be able to reach extensions in
context1

 

Inbound calls in context3 MUST be restricted from reaching extensions in
context2 which are outside extensions sent out to a SIP provider.

 

It would seem more logical and secure if includes did not cascade, or
would not make 2 "hops"

 

Perhaps I have failed to understand some simple concept that would
resolve this issue?

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.digium.com/pipermail/asterisk-users/attachments/20050804/5c646c88/attachment.htm

With that setup context2 is part of context1, which is a part of
context3, so yeah, you have no security.

 

What you need is something like this:

 

[context1]

;List your sip users here

 

[context2]

;Media gateway

 

[context3]

;Inbound calls start here

Include => context1

 

[context4]

;dialout context that allows trusted extensions to dial out as well as
call each other --start your sip phones here

Include => context1

Include => context2

 

________________________________

From: asterisk-users-bounces@lists.digium.com
[mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Damon
Estep
Sent: Thursday, August 04, 2005 5:27 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: [Asterisk-Users] include behavior (word puzzle of the day)

 

In the example below context2 is included in context3 because it is
included in context1.

 

Is there a way to include context2 in context1, and context1 in
context3, but not context2 in context3 as a result.

 

[Context1]

;sip users with 10 digit extensions

Include => context2

 

[context2]

;media gateway terminating local 10 digit calls

 

[context3]

;inbound PRI via media gateway

Include => context1

 

I have a case where a dialplan is insecure because inbound calls in
context3 can be re-routed back out in context2. Actually, what occurs is
a loop, where the call comes in context3, finds no match in context1,
egresses in context2, and repeats the loop, setting up a lot of calls in
a short period of time!

 

Extensions in context1 need to be able to reach extensions in context2

 

Inbound calls into context3 need to be able to reach extensions in
context1

 

Inbound calls in context3 MUST be restricted from reaching extensions in
context2 which are outside extensions sent out to a SIP provider.

 

It would seem more logical and secure if includes did not cascade, or
would not make 2 "hops"

 

Perhaps I have failed to understand some simple concept that would
resolve this issue?

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.digium.com/pipermail/asterisk-users/attachments/20050804/d691f3bd/attachment.htm

Try something like this:

[context1]
Include => internal-extensions

include => egress



[context2]

include => egress



[context3]

include => pri-ingress

include => internal-extensions


[internal-extensions]

;sip users with 10 digit extensions



[egress]

;media gateway terminating local 10 digit calls



[pri-ingress]

;inbound PRI via media gateway


Regards,
Derek
  ----- Original Message ----- 
  From: Damon Estep 
  To: Asterisk Users Mailing List - Non-Commercial Discussion 
  Sent: Thursday, August 04, 2005 6:26 PM
  Subject: [Asterisk-Users] include behavior (word puzzle of the day)


  In the example below context2 is included in context3 because it is included
in context1.



  Is there a way to include context2 in context1, and context1 in context3, but
not context2 in context3 as a result.



  [Context1]

  ;sip users with 10 digit extensions

  Include => context2



  [context2]

  ;media gateway terminating local 10 digit calls



  [context3]

  ;inbound PRI via media gateway

  Include => context1



  I have a case where a dialplan is insecure because inbound calls in context3
can be re-routed back out in context2. Actually, what occurs is a loop, where
the call comes in context3, finds no match in context1, egresses in context2,
and repeats the loop, setting up a lot of calls in a short period of time!



  Extensions in context1 need to be able to reach extensions in context2



  Inbound calls into context3 need to be able to reach extensions in context1



  Inbound calls in context3 MUST be restricted from reaching extensions in
context2 which are outside extensions sent out to a SIP provider.



  It would seem more logical and secure if includes did not cascade, or would
not make 2 "hops"



  Perhaps I have failed to understand some simple concept that would resolve
this issue?



------------------------------------------------------------------------------


  _______________________________________________
  Asterisk-Users mailing list
  Asterisk-Users@lists.digium.com
  http://lists.digium.com/mailman/listinfo/asterisk-users
  To UNSUBSCRIBE or update options visit:
     http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.digium.com/pipermail/asterisk-users/attachments/20050804/8b760d70/attachment.htm

The key seems to be listing the 10 digit extensions dialplan in a
context other than the context they are defined in in sip.conf, correct?

 

________________________________

From: asterisk-users-bounces@lists.digium.com
[mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of dbruce
Sent: Thursday, August 04, 2005 6:55 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [Asterisk-Users] include behavior (word puzzle of the day)

 

Try something like this:

 

[context1]

Include => internal-extensions

include => egress

 

[context2]

include => egress

 

[context3]

include => pri-ingress

include => internal-extensions

 

[internal-extensions]

;sip users with 10 digit extensions

 

[egress]

;media gateway terminating local 10 digit calls

 

[pri-ingress]

;inbound PRI via media gateway

 

Regards,

Derek

	----- Original Message ----- 

	From: Damon Estep <mailto:damon@suburbanbroadband.net>  

	To: Asterisk Users Mailing List - Non-Commercial Discussion
<mailto:asterisk-users@lists.digium.com>  

	Sent: Thursday, August 04, 2005 6:26 PM

	Subject: [Asterisk-Users] include behavior (word puzzle of the
day)

	 

	In the example below context2 is included in context3 because it
is included in context1.

	 

	Is there a way to include context2 in context1, and context1 in
context3, but not context2 in context3 as a result.

	 

	[Context1]

	;sip users with 10 digit extensions

	Include => context2

	 

	[context2]

	;media gateway terminating local 10 digit calls

	 

	[context3]

	;inbound PRI via media gateway

	Include => context1

	 

	I have a case where a dialplan is insecure because inbound calls
in context3 can be re-routed back out in context2. Actually, what occurs
is a loop, where the call comes in context3, finds no match in context1,
egresses in context2, and repeats the loop, setting up a lot of calls in
a short period of time!

	 

	Extensions in context1 need to be able to reach extensions in
context2

	 

	Inbound calls into context3 need to be able to reach extensions
in context1

	 

	Inbound calls in context3 MUST be restricted from reaching
extensions in context2 which are outside extensions sent out to a SIP
provider.

	 

	It would seem more logical and secure if includes did not
cascade, or would not make 2 "hops"

	 

	Perhaps I have failed to understand some simple concept that
would resolve this issue?

	
________________________________


	_______________________________________________
	Asterisk-Users mailing list
	Asterisk-Users@lists.digium.com
	http://lists.digium.com/mailman/listinfo/asterisk-users
	To UNSUBSCRIBE or update options visit:
	   http://lists.digium.com/mailman/listinfo/asterisk-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.digium.com/pipermail/asterisk-users/attachments/20050805/6f771136/attachment.htm