apps sip-whitelist

Required Command-Line Mode = Configure

Use the apps sip-whitelist command to configure SIP whitelisting.

The apps sip-whitelist command has the following syntax:

apps sip-whitelist alias <SIP whitelist file alias>
   add callerid <caller/callee ID >
   add id-range <id-range>

   add ip-addr <ip-address>

create
   delete <all | callerid <caller ID>>
   destroy
   fetch <add | delete> <URL for a SIP whitelist file>

The following table describes the arguments for the apps sip-whitelist command:

Argument

Description

sip-whitelist alias <SIP whitelist file alias>

Specifies an alias of the whitelist file.

add callerid <caller ID>

Adds a single caller ID entry to a whitelist. Specify up to 64 alphanumeric characters.

The supported characters include:

lower case alphabetic, a-z
upper case alphabetic, A-Z
numeric, 0-9
hyphen, -
underscore, _
period, .
exclamation, !
tilde, ~
open bracket, (
close bracket, )
asterisk, *
ampersand, &
equals sign, =
plus sign, +
dollar sign, $
comma, ,
semi-colon, ;
question mark, ?
forward slash, /
at sign, @

For example:

(config) # apps sip-whitelist alias sip-scp add callerid 302701237777777

add id-range <id-range>

Adds the range of caller-ids to the whitelist entries from the given start range to the end range . The start and the end range must contain a maximum of 64 numeric characters. The supported characters include:

numeric, 0-9
range, ..

For example:

(config) # apps sip-whitelist alias sip-scp add id-range 123456700..123456750

add ip-addr <ip-address>

Adds a valid IPv4/IPv6 address to the whitelist entries. IP address must be a valid single:

IPv4 address
IPv6 address

For example:

(config) # apps sip-whitelist alias sip-scp add ip-addr 192.168.1.1

create

Creates a new whitelist.

For example:

(config) # apps sip-whitelist alias sip-scp create

To create a whitelist, refer to How to Create a Whitelist.

delete <all | callerid <caller ID>>

Specifies actions for delete as follows:

all—Deletes all whitelist entries. This deletes all caller ID entries, up to 500,000.
callerid—Deletes a single caller ID entry from a whitelist.

When using delete all to delete a whitelist, unlike destroy, you do not have to delete the whitelist maps, the GigaSMART operation, or disassociate the GigaSMART group from the whitelist.

Examples:

(config) # apps sip-whitelist alias sip-scp delete callerid 302701237777777

(config) # apps sip-whitelist alias sip-scp delete all

destroy

Destroys a whitelist.

For example:

(config) # apps sip-whitelist alias sip-scp destroy

When using destroy to delete a whitelist, unlike delete all, you must first delete the whitelist maps, the GigaSMART operation, and disassociate the GigaSMART group from the whitelist before deleting the whitelist. For the procedure to destroy the whitelist, refer to How to Destroy a Whitelist.

fetch <add | delete> <URL for a SIP whitelist file>

Specifies actions for fetch as follows:

add—Downloads a whitelist file from a specified URL and path. Use this parameter to add up to 20,000 caller IDs.
delete—Deletes the caller ID entries, located in the whitelist file at the specified URL and path, from the whitelist on the node. Use this option to delete up to 20,000 caller IDs.

For both add and delete, whitelist files must adhere to the following:

The caller IDs in whitelist files must be distinct entries, with one caller ID on each line of a file.
In a whitelist file, use only the carriage return (newline) to separate caller ID entries. Do not use any characters, such as commas or colons, to separate caller ID entries in whitelist files.
Each whitelist file can contain a maximum of 20,000 entries.
Whitelist files must have a filename with a .txt suffix.

To fetch a specified whitelist file from a location, use one of the following formats:

http://IPaddress/path/filename.txt
scp://username:password@IPaddress:/path/filename.txt

For SIP whitelisting in a cluster, only fetch the whitelist to the master node in the cluster. On non-master nodes, fetch is not available.

Examples:

(config) # apps sip-whitelist alias sip-scp fetch add http://1.1.1.1/tftp/temp/MyIDs1.txt
(config) # apps sip-whitelist alias sip-scp2 fetch add scp://user1:mypw@1.1.1.1:/home/temp/C_ID_file1.txt

(config) # apps sip-whitelist alias sip-scp fetch delete http://1.1.1.1/tftp/temp/MyIDstoDelete.txt
(config) # apps sip-whitelist alias sip-scp2 fetch delete scp://user1:mypw@1.1.1.1:/home/temp/C_ID_delfile.txt

How to Create a Whitelist

To create a whitelist, use the following CLI command sequence:

Task

Command

Create the whitelist.

(config) # apps sip-whitelist alias sip-scp create

Associate the GigaSMART group to the whitelist.

(config) # gsparams gsgroup gsg1 sip-whitelist add sip-scp

Configure the GigaSMART operation.

(config) # gsop alias sip_wl1 flow-ops sip-whitelist lb app sip metric hashing key caller-id port-list gsg1

Add single entries to the whitelist.


or

Fetch and download whitelist files.

(config) # apps sip-whitelist alias sip-scp1 add callerid 302701237777777
(config) # apps sip-whitelist alias sip-scp1 add callerid 302701237777778

(config) # apps sip-whitelist alias sip-scp1 fetch add http://1.1.1.1/tftp/temp/whitelist1.txt
(config) # apps sip-whitelist alias sip-scp1 fetch add http://1.1.1.1/tftp/temp/whitelist2.txt

Create a second level map, the whitelist map. When the map configuration is complete, the whitelist will take effect.

Note:  The SIP whitelist map does not have any rules.

(config) # map alias SIP-WL-S11
(config map alias SIP-WL-S11) # type secondLevel flowWhitelist-sip
(config map alias SIP-WL-S11) # from vp1
(config map alias SIP-WL-S11) # use gsop sip_wl1
(config map alias SIP-WL-S11) # to pg-wl-1
(config map alias SIP-WL-S11) # exit
(config) #

How to Destroy a Whitelist

To destroy the entire whitelist, use the following CLI command sequence:

Task

Command

Delete a whitelist map.

(config) # no map alias SIP-WL-S11

Delete the GigaSMART operation.

(config) # no gsop alias sip_wl1

Disassociate the GigaSMART group from the whitelist. (You do not need to delete the gsgroup.)

(config) # gsparams gsgroup gsg1 sip-whitelist delete

Destroy () the entire whitelist.

(config) # apps sip-whitelist alias sip-scp1 destroy

Related Commands

The following table summarizes other commands related to the apps sip-whitelist command:

Task

Command

Displays a particular caller ID associated with the GigaSMART group.

# show gsgroup sip-whitelist alias gsg1 caller-id 302701237777777

Displays the SIP whitelist entry count.

# show apps sip-whitelist alias sip-scp count