How to block anonymous calls on OpenSIPS

Attenzione ! Questo articolo è stato scritto più di due anni fa. Ti prego quindi di considerare che le informazioni riportate potrebbero non essere aggiornate o non più valide.

Prerequisites: confidence with Linux shell, know how to install and configure OpenSIPS with MySQL DBMS, know SIP protocol. 

I spent hours figuring out how to block anonymous calls that sometimes arrive on my office voip phone. And not only to me: also my colleagues complain about anonymous calls.

At the end, after doing some analysis about SIP packets regarding anonymous calls, i decide to use pcre_match method from regex module.

But blocking anonymous calls for everyone may not to be a good idea: someone could need to receive calls also from anonymous, so i decide to use also AVPops module to allow single users to bypass the block. In the following example, adding the AVP “allowanon” to the usr_preferences table let the user to bypass the filter.

So, to enable anonymous call blocking I add to /etc/opensips/opensips.cfg:

## Load REGEX module
loadmodule "regex.so"
[...]
route {
  [...]
  if (pcre_match("$fu", "^sip:anonymous")) {
    xlog("L_INFO", "$ci - Anonymous to $rU call detected\n");
    if(avp_db_load("$ru/username","$avp(allowanon)")) {
      # what to do if dest allow anonymous calls
    } else {
      # or if anonymous calls are not allowed
      sl_send_reply("403", "Forbidden - Anonymous calls not allowed");
      exit;
    }
  }
  [...]
}

and in SQL usr_preferences table i add users that needs to receive also anymous calls:

selezione_071

Hint: AVP “value” could be used to enable more actions, like forwards or so on…

After applying the script, you can debug it with your cell phone to do a call with prefix ‘#31#’ (hide the CLI). On opensips.log you should see:

/usr/sbin/opensips[22869]: 147612310b434eaa – Anonymous to [xxxx] call detected

Feel free to ask if something was not clear.

Michele Pinassi

Blogger, appassionato di tecnologia, società e politica. Attualmente Responsabile del Sistema telefonico di Ateneo presso l'Università degli Studi di Siena ed esperto di sicurezza informatica nello staff del DPO. Utilizza quasi esclusivamente software libero.

Potrebbero interessarti anche...

Rispondi

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.

%d blogger hanno fatto clic su Mi Piace per questo: