VoIP Mailing List Archives
Mailing list archives for the VoIP community |
|
| View previous topic :: View next topic |
| Author |
Message |
noah at allresearch.com
Guest
|
 Posted: Tue Sep 30, 2008 2:43 am Post subject: [Freeswitch-users] Unexpected acl behavior. Feature or bug? |
 |
|
Hi,
As some of you are probably aware, I've had a really hard time getting
asterisk to work with FS.
The effective_caller_id_number and the accountcode were not getting
logged or passed through on outgoing calls.
I finally solved the problem, but attribute it to some unexpected
behavior of the acl setting. I'm curious as to whether this is the
intended behavior, or a bug.
In my sip profile, I had apply-inbound-acl set to a list that
contained the IP of my asterisk box. Apparently, when this happens,
FS was allowing ANY call from my asterisk box without registration.
Subsequently, since FS was just blindly accepting the call with no
registration, it didn't match anything in the directory and no
accountcode or caller-id was set.
By simply removing the inbound-acl setting, I was able to have
everything working perfectly.
My understanding was that the goal of the inbound-acl was to limit
which IP FS would accept SIP requests from. I was not aware that it
would then accept any call blindly without any associated user.
Interesting....
If any of the FS developers are interested in the exact configuration
file that I'm using, please contact me directly and I'll forward the
file to you.
-Noah
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
 |
krice at suspicious.org
Guest
|
| Posted: Tue Sep 30, 2008 2:48 am Post subject: [Freeswitch-users] Unexpected acl behavior. Feature or bug? |
|
|
The ACL is a way to specify a group of trusted machines and the system will
bypass auth on those calls...
If you need something from the directory don't use the ACL...
If you don't want FS to respond to SIP from unknown IP Addresses that's a
more appropriate job for your firewall software (iptables?)
| Quote: | From: Noah Silverman <noah@allresearch.com>
Reply-To: <freeswitch-users@lists.freeswitch.org>
Date: Tue, 30 Sep 2008 00:41:17 -0700
To: <freeswitch-users@lists.freeswitch.org>
Subject: [Freeswitch-users] Unexpected acl behavior. Feature or bug?
Hi,
As some of you are probably aware, I've had a really hard time getting
asterisk to work with FS.
The effective_caller_id_number and the accountcode were not getting
logged or passed through on outgoing calls.
I finally solved the problem, but attribute it to some unexpected
behavior of the acl setting. I'm curious as to whether this is the
intended behavior, or a bug.
In my sip profile, I had apply-inbound-acl set to a list that
contained the IP of my asterisk box. Apparently, when this happens,
FS was allowing ANY call from my asterisk box without registration.
Subsequently, since FS was just blindly accepting the call with no
registration, it didn't match anything in the directory and no
accountcode or caller-id was set.
By simply removing the inbound-acl setting, I was able to have
everything working perfectly.
My understanding was that the goal of the inbound-acl was to limit
which IP FS would accept SIP requests from. I was not aware that it
would then accept any call blindly without any associated user.
Interesting....
If any of the FS developers are interested in the exact configuration
file that I'm using, please contact me directly and I'll forward the
file to you.
-Noah
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
|
noah at allresearch.com
Guest
|
| Posted: Tue Sep 30, 2008 3:14 am Post subject: [Freeswitch-users] Unexpected acl behavior. Feature or bug? |
|
|
That makes sense.
However it might make sense for me to add something to the wiki about
this. It isn't documented anywhere that an "allow" in the acl will
bypass the directory and registration.
On a separate topic, I was just reading a post of yours from February
where you describe your LCR platform. Would you be willing to share
some of your setup and/or software for this?
Thanks,
-N
On Sep 30, 2008, at 12:47 AM, Ken Rice wrote:
| Quote: | The ACL is a way to specify a group of trusted machines and the
system will
bypass auth on those calls...
If you need something from the directory don't use the ACL...
If you don't want FS to respond to SIP from unknown IP Addresses
that's a
more appropriate job for your firewall software (iptables?)
| Quote: | From: Noah Silverman <noah@allresearch.com>
Reply-To: <freeswitch-users@lists.freeswitch.org>
Date: Tue, 30 Sep 2008 00:41:17 -0700
To: <freeswitch-users@lists.freeswitch.org>
Subject: [Freeswitch-users] Unexpected acl behavior. Feature or bug?
Hi,
As some of you are probably aware, I've had a really hard time
getting
asterisk to work with FS.
The effective_caller_id_number and the accountcode were not getting
logged or passed through on outgoing calls.
I finally solved the problem, but attribute it to some unexpected
behavior of the acl setting. I'm curious as to whether this is the
intended behavior, or a bug.
In my sip profile, I had apply-inbound-acl set to a list that
contained the IP of my asterisk box. Apparently, when this happens,
FS was allowing ANY call from my asterisk box without registration.
Subsequently, since FS was just blindly accepting the call with no
registration, it didn't match anything in the directory and no
accountcode or caller-id was set.
By simply removing the inbound-acl setting, I was able to have
everything working perfectly.
My understanding was that the goal of the inbound-acl was to limit
which IP FS would accept SIP requests from. I was not aware that it
would then accept any call blindly without any associated user.
Interesting....
If any of the FS developers are interested in the exact configuration
file that I'm using, please contact me directly and I'll forward the
file to you.
-Noah
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
|
krice at suspicious.org
Guest
|
| Posted: Tue Sep 30, 2008 3:41 am Post subject: [Freeswitch-users] Unexpected acl behavior. Feature or bug? |
|
|
The software in question is a custom dialplan replacement module for
freeswitch that is available for licensing...
As far as the setup goes you set up the sip profiles as normal, ratedecks
and other items are loaded into a DB and routing happens automagically...
| Quote: | From: Noah Silverman <noah@allresearch.com>
Reply-To: <freeswitch-users@lists.freeswitch.org>
Date: Tue, 30 Sep 2008 01:12:00 -0700
To: <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Unexpected acl behavior. Feature or bug?
That makes sense.
However it might make sense for me to add something to the wiki about
this. It isn't documented anywhere that an "allow" in the acl will
bypass the directory and registration.
On a separate topic, I was just reading a post of yours from February
where you describe your LCR platform. Would you be willing to share
some of your setup and/or software for this?
Thanks,
-N
On Sep 30, 2008, at 12:47 AM, Ken Rice wrote:
| Quote: | The ACL is a way to specify a group of trusted machines and the
system will
bypass auth on those calls...
If you need something from the directory don't use the ACL...
If you don't want FS to respond to SIP from unknown IP Addresses
that's a
more appropriate job for your firewall software (iptables?)
| Quote: | From: Noah Silverman <noah@allresearch.com>
Reply-To: <freeswitch-users@lists.freeswitch.org>
Date: Tue, 30 Sep 2008 00:41:17 -0700
To: <freeswitch-users@lists.freeswitch.org>
Subject: [Freeswitch-users] Unexpected acl behavior. Feature or bug?
Hi,
As some of you are probably aware, I've had a really hard time
getting
asterisk to work with FS.
The effective_caller_id_number and the accountcode were not getting
logged or passed through on outgoing calls.
I finally solved the problem, but attribute it to some unexpected
behavior of the acl setting. I'm curious as to whether this is the
intended behavior, or a bug.
In my sip profile, I had apply-inbound-acl set to a list that
contained the IP of my asterisk box. Apparently, when this happens,
FS was allowing ANY call from my asterisk box without registration.
Subsequently, since FS was just blindly accepting the call with no
registration, it didn't match anything in the directory and no
accountcode or caller-id was set.
By simply removing the inbound-acl setting, I was able to have
everything working perfectly.
My understanding was that the goal of the inbound-acl was to limit
which IP FS would accept SIP requests from. I was not aware that it
would then accept any call blindly without any associated user.
Interesting....
If any of the FS developers are interested in the exact configuration
file that I'm using, please contact me directly and I'll forward the
file to you.
-Noah
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
Search
