VoIP Mailing List Archives

[kevin at kgolding.co.uk]

Hello,

Am in the progress of setting up a test freeswitch box. Have got
internal extensions working, along with an outgoing gateway.

My issue is getting the incoming calls.

The error I'm getting is: "2009-08-10 21:47:42 [DEBUG] sofia.c:3785
sofia_handle_sip_i_invite() IP 213.166.5.129 Rejected by acl "domains".
Falling back to Digest auth."

After reading the docs, I believed I needed to add the 213.166.5.129 IP
to the "domains" list, but alas I could not find such a list by default.
It appears I was missing an acl.conf.xml file. I have created a new
acl.conf.xml file, and have put the following in it:

<configuration name="acl.conf" description="Network Lists">
<network-lists>
<list name="domains" value="allow">
<node type="allow" domain="$${domain}"/>
<node type="allow" domain="213.166.5.128/28"/>
<node type="allow" domain="87.238.72.128/26"/>
</list>
</network-lists>
</configuration>

But I am still getting the same error for an incoming call.

Best regards,
--
Kevin Golding

_______________________________________________
FreeSWITCH-users mailing list
FreeSWITCH-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org

[brian at freeswitch.org]

First off edit the profile to use your own custom ACL... not the
domains one... secondly you'll have to use cidr= instead of domain=.

Domain= will search the user directory building an ACL list from all
users with the cidr= attribute.

/b


On Aug 10, 2009, at 6:36 PM, Kevin Golding wrote:

[kevin at kgolding.co.uk]

Thanks Brian,

Well spotted with the domain/cidr

I changed the line <param name="apply-inbound-acl" value="domains"/> in
the internal.xml with a new value, and changed the list to match but I
still get the same 'Rejected by acl "domains"' error.

And yes I reloaded the xml.

Kevin

Brian West wrote:

[msc at freeswitch.org]

On Tue, Aug 11, 2009 at 2:38 AM, Kevin Golding <kevin@kgolding.co.uk (kevin@kgolding.co.uk)> wrote:

[brian at freeswitch.org]

you have to now apply the ACL correctly to the sofia profile.

/b

On Aug 11, 2009, at 2:38 AM, Kevin Golding wrote:

[kevin at kgolding.co.uk]

Sorry, but could you give me a pointer on what this involves or where to
read up on it please?

Brian West wrote:

[brian at freeswitch.org]

I would guess in conf/sip_profiles/internal.xml where it applies the
domains ACL to the profile... you can change that or add additional
lines to apply more ACL's to the profile.

/b

On Aug 11, 2009, at 4:21 PM, Kevin Golding wrote:

[kevin at kgolding.co.uk]

Thank you Brian. Have got the ACL issue sorted with your help - thank
you. See new thread for my next problem

kevin

Brian West wrote: