ā11-16-2022 12:52 AM
Hi Guys ,
There ara a lot of spam calls coming to expressway-e , we have already configured an CPL to block these calls thus they are blocking , but some calls are hitting our internal device like as source is an ip x.x.x.x and the destination is our device 1234@ourdoimain.com , we added new rules to block x.x.x.x it works but now they are coming as x.x.x.y , btw all of these calls are sip calls. My question is , is there any way to create CPL rule to block all incoming calls if source is just an ip ? Or if it is possible we want to block the subnet like as x.x.x.x/24 .
Our CPL is like as below ;
Solved! Go to Solution.
ā11-16-2022 02:52 AM
Both are possible; you just need to build the RegEx pattern. Example: (.+@)?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}((:|;).*)?
ā11-16-2022 02:52 AM
Both are possible; you just need to build the RegEx pattern. Example: (.+@)?\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}((:|;).*)?
ā11-16-2022 03:13 AM
Hello Jonathan ,
thanks for your advice , i think d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}((:|;).*)? is works for me because i do not want to block something@x.x.x.x just want to block x.x.x.x , when i check the pattern on exp i see that " IP address aliases are not supported for pattern matching " it does not mean this pattern does not work with CPL , right ?
ā11-16-2022 06:29 AM
AFAIK, CPLs do not act upon direct IP calls, as that error message indicates. Unless you have defined a Fallback Alias (Configuration > Dial Plan > Configuration) Expressway-E will just drop those call attempts though. Setting a Fallback Alias is rarely a good idea, IMO. The only time I have seen it used is with an MCU video IVR: legacy hardware only capable of a direct IP call would be connected to the MCU to enter a meeting ID they wanted to join.
ā11-16-2022 06:59 AM
Calls are coming as source as like below ;
Alias (1)
Type: Url
Origin: Unknown
Value: 1.2.3.4
So ı created a rule like as below ; and i block "1.2.3.4" but it is not enough because they will try call as 1.2.3.5 later ...
<taa:rule unauthenticated-origin="1.2.3.4" destination=".*">
<reject status="403" reason="Denied by policy"/>
</taa:rule>
AFAIK Fallback Alies configuration is just for the destination , if someone call us with just our domain we can forward these calls to alias@domain .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide