[asterisk-bugs] [Asterisk 0012005]: [patch] SIP INVITES authorization from multiple IP addresses
Asterisk Bug Tracker
noreply at bugs.digium.com
Thu Jan 29 07:26:55 CST 2009
The following issue has been RESOLVED.
======================================================================
http://bugs.digium.com/view.php?id=12005
======================================================================
Reported By: fkasumovic
Assigned To: oej
======================================================================
Project: Asterisk
Issue ID: 12005
Category: Channels/chan_sip/NewFeature
Reproducibility: always
Severity: feature
Priority: normal
Status: resolved
Asterisk Version: SVN
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): trunk
SVN Revision (number only!): 103307
Request Review:
Resolution: suspended
Fixed in Version:
======================================================================
Date Submitted: 2008-02-15 10:23 CST
Last Modified: 2009-01-29 07:26 CST
======================================================================
Summary: [patch] SIP INVITES authorization from multiple IP
addresses
Description:
In current implementation, SIP INVITES are authorized either per username
or per single IP address. Many providers send SIP INVITEs from multiple C
classes and therefore it is very hard (if not impossible) to configure that
via SIP peers.
The only workaround is combination of [general] context and iptables.
Here is a patch that provides such functionality. SIP peer has to be
configured as type=peer, insecure=invite (or insecure=very) with defined
permit/deny rules:
[provider]
type=peer
insecure=very
deny=0.0.0.0/0.0.0.0
permit=10.2.1.0/255.255.255.0
permit=192.168.0.0/255.255.0.0
This is almost identical as to how permit/deny rules work for SIP REGISTER
packets.
======================================================================
----------------------------------------------------------------------
(0099040) oej (manager) - 2009-01-29 07:26
http://bugs.digium.com/view.php?id=12005#c99040
----------------------------------------------------------------------
No response from reporter. Filing this for the future.
Issue History
Date Modified Username Field Change
======================================================================
2009-01-29 07:26 oej Note Added: 0099040
2009-01-29 07:26 oej Status feedback => resolved
2009-01-29 07:26 oej Resolution open => suspended
2009-01-29 07:26 oej Assigned To => oej
======================================================================
More information about the asterisk-bugs
mailing list