Just Got Defrauded – How Do I Block Calls Which Contain A Dash (RegEx Noob Question)
Home » Asterisk Users » Just Got Defrauded – How Do I Block Calls Which Contain A Dash (RegEx Noob Question)
Hi list,
I’m using Asterisk2Billing (v2.0.16) and it appears to have an annoying bug. When there are rates for e.g. 44 (UK landline) and 44870 (UK
premium) and a fraudster manages to somehow dial 44-870 instead of 44870
the rate for 44 will match, not the one for 44870.
So, I would like to block all calls on a dialplan level that contain a dash. -44, 4-4, 44-, 44—, -, —, just everything with a friggin’ dash.
My noob-ish try:
exten => _-.,1,NoOp(Blocking dash)
exten => _-.,n,Hangup
Doesn’t work.
On https://wiki.asterisk.org/wiki/display/AST/Pattern+Matching I found:
“The dash (-) character is ignored in extensions and patterns except when it is used in a pattern to specify a range in a character set. It has no effect in matching or sorting extensions.”
How do I do it right?
Thank you!
Markus
5 thoughts on - Just Got Defrauded – How Do I Block Calls Which Contain A Dash (RegEx Noob Question)
How about a \ before the – ?
–qL2sGdnki3DI38wKR1kS5V8xFgRIU0ll9
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Hi,
Am 28.10.2016 um 17:38 schrieb Markus:
why not using FILTER() in your dialplan to eleminate all chars that are not numeric?
Like
Set(VAR=${FILTER(0-9+),${EXTEN}})
That would eleminate all characters you’re not expecting.
Greetings Max
–qL2sGdnki3DI38wKR1kS5V8xFgRIU0ll9
Also, make sure you are using fail2ban and that you have good passwords on your extensions.
Am 28.10.2016 um 17:58 schrieb Max Grobecker:
That’s great! Didn’t know FILTER. Thanks!
44 is *not* UK landline, you shouldn’t even have a rate for it. 44 is the country code. A (very) brief summary is:
441 Landline
442 Landline
443 Landline (at least for billing)
447 Mobile
4470 Personal rate (rarely used, expensive)
44800/8 Freephone
4484/5 Special Services Lower Rate
4487 Special Services Higher Rate
449 Premium rate
Having a correct rates table / normalising and validating your inputs
(as in FILTER) would both have potentially stopped the attack.
Steve