thanks let me test that…
Here is an alternative. Change the context for the extension to ‘from-internal-checkua’, paste the below into extensions_custom.conf and edit the allowed user agent(s) as needed:
[from-internal-checkua]
exten => _.,1,NoOp('from-internal-checkua')
exten => _.,n,Set(myua=${IF($["${CHANNEL:0:3}" = "SIP"]?${SIP_HEADER(User-Agent)}:${PJSIP_HEADER(read,User-Agent)})})
exten => _.,n,GotoIf($["${myua:0:11}" = "Grandstream"]?validua) ;allow all Grandstream phones
exten => _.,n,GotoIf($["${myua}" = "MicroSIP/3.19.28"]?validua) ;allow a specific version of MicroSIP
;or replace above two lines with a single regex:
;exten => _.,n,Set(ualist=Grandstream|MicroSIP/3.19.28)
;exten => _.,n,GotoIf($[${REGEX("${ualist}", ${myua})}]?validua) ;regex match against a list
exten => _.,n,Answer ;not a valid user agent - play message and hangup
exten => _.,n,playback(your&extension&is&privacy-blocked)
exten => _.,n,Hangup
exten => _.,n(validua),Goto(from-internal,${EXTEN},1) ; pass valid useragent to normal from-internal context
4 Likes
Nice!! (and Happy Birthday), look into using ‘=~’ instead of ‘=’ for the match thus making the test more generic and you wont need to ‘parse’ the string by substring, (unfortunately asterisk’s understanding of regex’ is still imperfect so you will need to always check its effectiveness )
Tried to use what I thought was the more explicit, self documenting syntax.
Always hate it when looking at a language I don’t know and have to figure out what some clever snippet is really doing.
exten => _.,n,GotoIf($["${myua}" =~ “MicroSIP”]?validua) ;allow ANY version of MicroSIP
exten => _.,n,GotoIf($["${myua}" =~ “Zoip”]?effoff) ;disallows ANY version of zoiper
3 Likes
Nice. You might also want to receive an alert when an invalid UA is blocked, in which case a line like:
exten => _.,n,System(echo "Invalid UA ${myua} for exten ${AMPUSER}" | mail -s "Invalid UA Blocked" [email protected])
3 Likes
This could get dropped into extensions_local.conf as an example (kind of like the E164 stuff is).
In general, processes like this are best backed up by Management Activity/Conditions of Employment actions. If you tell them “This is the phone you have to use” and they say “I’ll use my own” the next response is “A condition of your employment is use this phone and no other.” Kind of a self-solving problem after the first two or three.
Hey Dickson,
I need little guidance in deploying this code for from-internal context.
Jerrm,
this is also a good way to block the user agents. If I deployed this context in extensions_custom.com then how can all my extensions with from-internal contexts use that or this will append for those with from-internal context extensions too.
ok I have a question.
Is there any way that I can get list of all the user agents extensions wise which are registered to my sysetm so that I can check out which extension is using which user agent.
thanks dicko you always helping.
yes alert is always needed. so where in the code I can place this ?
Yes, we tried to force them using only zoiper in the beginning but they tried cracked versions and some other on their own. now what we have done we have forced the password policy so that passwords will be assigned by VoIP Admins only but this create a lot of activity for my team.
Try
for ext in $(rasterisk -x 'sip show peers'|egrep "^[0-9]*/[0-9]*.*OK"|sed 's/^\([0-9]*\).*/\1/');do echo -ne "$ext\t";rasterisk -x "sip show peer $ext"|grep Useragent|cut -d ":" -f2;done
1 Like
Hi Dicko,
this works like a charm.
thanks again.
Can you please explain me little the functionality of this command that how actually it is working.
If you want this for all extensions in from-internal, I would use a predial hook. If I get a minute to hack it up and 5 minutes to test I’ll try and post.
Weill the loop looks for numeric extensions that are “OK” (registered) with a grep regex, inside the loop it just queries the extensions that are registered and greps out the Useragent, the echo and sed is just to prettify the output.
Having identified a rogue user, think about changing their password (its in the mysql asterisk database in the sip table if you want to script it) then you would need to fwconsole reload and wait for the whingeing when the extension tries to re-register.
ok that’s cool.
What I did actually I have made a deny context for the extension to block their calling. I just change the context for those extensions and notify their Managers and they will deal with them 
Dicko, If I want to see the user agent from Asterisk how can I check that in asterisk cli. from which command I can get that information.
sip show peer nnnn
Below will check all from-internal calls. Sends an email alert and logs bad agents to the CDR.
Edit the admin email and user agent list. Make sure ALL possible user agents are included in the regex, including your desk phones.
This should be pasted into extensions_custom.conf
[subCheckUA]
exten => s,1,NoOp(==== subCheckUA ====)
same => n,Set(myua=${IF($["${CHANNEL:0:3}" = "SIP"]?${SIP_HEADER(User-Agent)}:${PJSIP_HEADER(read,User-Agent)})})
same => n,ExecIf($["${myua}" =~ "Grandstream GXP|Grandstream Wave|MicroSIP/3.19.28"]?Return()) ;return if valid regex match
same => n,Log(ERROR,Extension ${AMPUSER} - Invalid User Agent ${myua})
same => n,Set(CDR(userfield,r)=${myua})
same => n,System(echo "Invalid UA ${myua} for exten ${AMPUSER}" | mail -s "Invalid UA Blocked" [email protected])
same => n,Answer
same => n,playback(your&extension&is&privacy-blocked)
same => n,Hangup
[macro-dialout-trunk-predial-hook]
exten => s,1,NoOp(==== Trunk Hook ====)
exten => s,n,Gosub(subCheckUA,s,1)
exten => s,n,MacroExit()
[macro-dialout-one-predial-hook]
exten => s,1,NoOp(==== Extension Hook ====)
exten => s,n,Gosub(subCheckUA,s,1)
exten => s,n,MacroExit()
[macro-dial-ringall-predial-hook]
exten => s,1,NoOp(==== RingAll Hook ====)
exten => s,n,Gosub(subCheckUA,s,1)
exten => s,n,MacroExit()
[macro-dial-hunt-predial-hook]
exten => s,1,NoOp(==== Hunt Hook ====)
exten => s,n,Gosub(subCheckUA,s,1)
exten => s,n,MacroExit()
[macro-dialout-dundi-predial-hook]
exten => s,1,NoOp(==== Dundi Hook ====)
exten => s,n,Gosub(subCheckUA,s,1)
exten => s,n,MacroExit()
4 Likes
Where it logs in the CDRs. ?