Thanks Steven, that was really a simple solution I overlooked. I added appropriate context=siphones-superuser in the user settings in sip.conf, commented out the includes under default and all inbound/outbound security accounts are routed as I intended.
You were right, even unregistered SIP phones were able to dial out. I think I see a more clearly how default context is used. Phil Avery -----Original Message----- From: Steven Critchfield <[EMAIL PROTECTED]> Sent: Mar 15, 2005 11:06 AM To: PA <[EMAIL PROTECTED]>, Asterisk Users Mailing List - Non-Commercial Discussion <asterisk-users@lists.digium.com> Subject: Re: [Asterisk-Users] Setting up Security Groups On Tue, 2005-03-15 at 07:21 -0800, PA wrote: > Right now here is how I have it structured in extensions.conf. What > am I missing? Why would a sip-basic member be able to make toll > calls? > > [default] > include => sip-basic > include => sip-operator > include => sip-superuser You probably want to remove those 3 entries. I can't remember for sure if you can inherit includes, but I do remember that unregistered sip phones could have access to the default context. Guessing without the benefit of the logs from your machine, your phones may be entering the default context and getting access that they don't deserve. > [sip-superuser] > include => outbound-local > include => outbound-longdistance > include => outbound-tollfree > include => outbound-toll > ---> sip users info follows here > > [sip-operator] > include => outbound-local > include => outbound-longdistance > include => outbound-tollfree > ---> sip users info follows here > > [sip-basic] > include => outbound-local > include => outbound-tollfree > ---> sip users info follows here > > [outbound-local] > ---> outbound calling info follows here > > [outbound-longdistance] > ---> outbound calling info follows here > > [outbound-tollfree] > ---> outbound calling info follows here > > [outbound-toll] > ---> outbound calling info follows here Without the details of these outbound sections, we can't tell if you have a pattern matching problem that is causing your troubles. -- Steven Critchfield <[EMAIL PROTECTED]> _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users Spam detection software, running on the system "zeus.avanzada7.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: On Tue, 2005-03-15 at 07:21 -0800, PA wrote: > Right now here is how I have it structured in extensions.conf. What > am I missing? Why would a sip-basic member be able to make toll > calls? > > [default] > include => sip-basic > include => sip-operator > include => sip-superuser [...] Content analysis details: (0.1 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.1 FORGED_RCVD_HELO Received: contains a forged HELO _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users