Why not set the allowed country from your ITSP?
Both of the ITSP I use allowed me to set which country I can dial.....
Everything else is blacklisted.
Thank You,
Fernando Fuentes
DIGITALVOIPNET.COM
On Sat, Jan 26, 2013 at 10:35 PM, James Babiak <[email protected]> wrote:
> Oops.
>
> Those dialplan examples should read ...{EXTEN:*3*:1}...{EXTEN:*3*
> :2}...{EXTEN:*3*:3}... as you need to offset the preceding 011 first.
>
> See, I knew I had some errors in there!
>
> --James
>
>
>
> On 01/26/2013 11:29 PM, James Babiak wrote:
>
> David,
>
> There are a few ways you can accomplish this.
>
> How many countries do you want to permit dialing to without a pin? If only
> a static handful, it might be easier to setup more granular dialplan
> entries to handle calls to those permitted countries (ie: _01144XX. for UK,
> etc.) and then have a catch-all (ie: _011XXX.) for everything else which
> could require pin-based authentication. If you have a long list of
> permitted countries, or you need the list to be more dynamic and flexible,
> you could use a generic wildcard on international calls, and then examine
> the first 1-3 digits and see if they are on the "allowed" list (which could
> be in the dialplan itself, or more preferably in a database). If they are,
> process the call, if not, ask for a pin before continuing. Remember that
> CCs can be 1-3 digits in length. Fortunately, there are no 2-digit CCs that
> overlap with 3-digit ones where the first 2 match as well (ie: there isn't
> a 35 and 351 CC). But unless I'm mistaken, this would mean you would need
> to run three different extension comparisons (one for each CC length) to
> match all the possible combinations, assuming of course that you want to
> allow pinless calls to 1, 2 and 3 digit CCs.
>
> So, off the top of my head, I think something like this might work:
> --==--
> exten =>
> _011XXX.,n,GotoIf(${DB_EXISTS(CCwhitelist/${EXTEN:0:1})}?onwhitelist)
> exten =>
> _011XXX.,n,GotoIf(${DB_EXISTS(CCwhitelist/${EXTEN:0:2})}?onwhitelist)
> exten =>
> _011XXX.,n,GotoIf(${DB_EXISTS(CCwhitelist/${EXTEN:0:3})}?onwhitelist)
>
> exten =>
> _011XXX.,n,GotoIf(${DB_EXISTS(CCblacklist/${EXTEN:0:1})}?onblacklist)
> exten =>
> _011XXX.,n,GotoIf(${DB_EXISTS(CCblacklist/${EXTEN:0:2})}?onblacklist)
> exten =>
> _011XXX.,n,GotoIf(${DB_EXISTS(CCblacklist/${EXTEN:0:3})}?onblacklist)
>
> exten => _011XXX.,n,Authenticate(1234,)
> exten => _011XXX.,n, [NORMAL DIALPLAN FOR INTERNATIONAL CALLS]
> ...
>
> exten => _011XXX.,n(onwhitelist), [NORMAL DIALPLAN FOR INTERNATIONAL CALLS]
> ....
>
> exten => _011XXX.,n(onblacklist), [SOMETHING TO BLOCK THE CALLER AND WARN
> YOU]
> ....
> --==--
>
> Bare in mind that I just wrote that quickly, so it's far from complete and
> probably has a few errors (not to mention requiring some fill in the
> blank), but I think the gist of it would fit your needs. You could then
> create two database lists, CCwhitelist and CCblacklist, that could help to
> route International calls to different destinations in the dialplan. The
> above example would actually give you three different levels of security:
> whitelist, blacklist and everything else.
>
> Also, don't simply rely on a pin-based authentication system to block
> international toll fraud, as this would be trivial for someone to brute
> force in a short amount of time (depending on pin length). You should add
> some other mechanism to only allow a small number of attempts before the IP
> is blacklisted and trigger a warning to you that something is wrong.
>
> One security tip I would suggest implementing, which I do and outlined a
> bit above, is to specifically block certain country codes that I know would
> never legitimately be called and have Asterisk warn me if it is ever
> attempted. Basically any number on the list of popular toll fraud
> destinations. Countries like Sierra Leone, Nigeria, most of Africa in
> general, any country that ends in -stan, etc. You can also look at your
> provider's rate-deck and see what countries, which you have no intention of
> allowing calls to, have very high CPMs and put them on the block/warn list.
> This way, even in the event that your PBX is compromised, you will get an
> early warning alert that something is going wrong (via email, etc.) from
> the call attempt itself. Though this only protects against a compromised
> PBX, not the system itself. Some providers will also let you setup this
> level of granular call blocking as a failsafe to prevent crazy bills.
>
> --James
>
> On 01/26/2013 06:11 PM, David Kerr wrote:
>
> Does anyone have a asterisk dialplan that will...
>
> 1) Check an outbound international phone number against a list of
> permitted country codes.
> 2) If country code is on list, connect call.
> 3) if country code is not on list, prompt for a PIN and only connect if
> PIN entered correctly.
>
> Thanks,
> David
>
>
> ------------------------------------------------------------------------------
> Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
> MVPs and experts. ON SALE this month only -- learn more
> at:http://p.sf.net/sfu/learnnow-d2d
>
>
>
> _______________________________________________
> Astlinux-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> [email protected].
>
>
>
>
>
> ------------------------------------------------------------------------------
> Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
> MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
> with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
> MVPs and experts. ON SALE this month only -- learn more at:
> http://p.sf.net/sfu/learnnow-d2d
> _______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> [email protected].
>
------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnnow-d2d
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
