[asterisk-bugs] [JIRA] (ASTERISK-24874) Asterisk 11/13 Named ACLs don't work as expected
Michael Keuter (JIRA)
noreply at issues.asterisk.org
Fri Mar 13 10:46:34 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-24874?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michael Keuter updated ASTERISK-24874:
--------------------------------------
Description:
When I use this ACL configuration:
acl.conf:
[lan_acl]
deny=0.0.0.0/0.0.0.0
permit=192.168.0.0/255.255.255.0
[vpn_acl]
deny=0.0.0.0/0.0.0.0
permit=192.168.0.0/255.255.255.0
permit=10.8.0.0/255.255.255.0
sip.conf:
[phones](!)
;deny=0.0.0.0/0.0.0.0
;permit=192.168.0.0/255.255.255.0
acl=lan_acl
I get these error messages:
Mar 13 13:46:51 localhost local0.err asterisk[1722]: ERROR[1761]: acl.c:541 in ast_append_acl: Named ACL 'lan_acl' is already included in the ast_acl container.
Mar 13 13:46:51 localhost local0.err asterisk[1722]: ERROR[1761]: chan_sip.c:30923 in build_peer: Bad ACL entry in configuration line 761 : lan_acl
It gets worse when I try to include one named ACL into another as mentioned in the examples, in this case acl.conf is not loaded at all:
[vpn_acl]
acl=lan_acl
permit=10.8.0.0/255.255.255.0
I get these errors:
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: config_options.c:589 in aco_process_var: Could not find option suitable for category 'vpn_acl' named 'acl' at line 87 of
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: config_options.c:402 in process_category: In acl.conf: Processing options for vpn_acl failed
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: named_acl.c:328 in ast_named_acl_find: Attempted to find named ACL 'vpn_acl', but the ACL configuration isn't available.
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: acl.c:541 in ast_append_acl: Named ACL 'vpn_acl' is already included in the ast_acl container.
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: chan_sip.c:30923 in build_peer: Bad ACL entry in configuration line 15 : vpn_acl
was:
When I use this ACL configuration:
{{monospaced}}
acl.conf:
[lan_acl]
deny=0.0.0.0/0.0.0.0
permit=192.168.0.0/255.255.255.0
[vpn_acl]
deny=0.0.0.0/0.0.0.0
permit=192.168.0.0/255.255.255.0
permit=10.8.0.0/255.255.255.0
sip.conf:
[phones](!)
;deny=0.0.0.0/0.0.0.0
;permit=192.168.0.0/255.255.255.0
acl=lan_acl
{{monospaced}}
I get these error messages:
Mar 13 13:46:51 localhost local0.err asterisk[1722]: ERROR[1761]: acl.c:541 in ast_append_acl: Named ACL 'lan_acl' is already included in the ast_acl container.
Mar 13 13:46:51 localhost local0.err asterisk[1722]: ERROR[1761]: chan_sip.c:30923 in build_peer: Bad ACL entry in configuration line 761 : lan_acl
It gets worse when I try to include one named ACL into another as mentioned in the examples, in this case acl.conf is not loaded at all:
[vpn_acl]
acl=lan_acl
permit=10.8.0.0/255.255.255.0
I get these errors:
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: config_options.c:589 in aco_process_var: Could not find option suitable for category 'vpn_acl' named 'acl' at line 87 of
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: config_options.c:402 in process_category: In acl.conf: Processing options for vpn_acl failed
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: named_acl.c:328 in ast_named_acl_find: Attempted to find named ACL 'vpn_acl', but the ACL configuration isn't available.
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: acl.c:541 in ast_append_acl: Named ACL 'vpn_acl' is already included in the ast_acl container.
Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: chan_sip.c:30923 in build_peer: Bad ACL entry in configuration line 15 : vpn_acl
> Asterisk 11/13 Named ACLs don't work as expected
> ------------------------------------------------
>
> Key: ASTERISK-24874
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24874
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Affects Versions: 11.16.0, 13.2.0
> Environment: AstLinux 1.2.2, Linux 3.2
> Reporter: Michael Keuter
>
> When I use this ACL configuration:
> acl.conf:
> [lan_acl]
> deny=0.0.0.0/0.0.0.0
> permit=192.168.0.0/255.255.255.0
> [vpn_acl]
> deny=0.0.0.0/0.0.0.0
> permit=192.168.0.0/255.255.255.0
> permit=10.8.0.0/255.255.255.0
> sip.conf:
> [phones](!)
> ;deny=0.0.0.0/0.0.0.0
> ;permit=192.168.0.0/255.255.255.0
> acl=lan_acl
> I get these error messages:
> Mar 13 13:46:51 localhost local0.err asterisk[1722]: ERROR[1761]: acl.c:541 in ast_append_acl: Named ACL 'lan_acl' is already included in the ast_acl container.
> Mar 13 13:46:51 localhost local0.err asterisk[1722]: ERROR[1761]: chan_sip.c:30923 in build_peer: Bad ACL entry in configuration line 761 : lan_acl
> It gets worse when I try to include one named ACL into another as mentioned in the examples, in this case acl.conf is not loaded at all:
> [vpn_acl]
> acl=lan_acl
> permit=10.8.0.0/255.255.255.0
> I get these errors:
> Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: config_options.c:589 in aco_process_var: Could not find option suitable for category 'vpn_acl' named 'acl' at line 87 of
> Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: config_options.c:402 in process_category: In acl.conf: Processing options for vpn_acl failed
> Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: named_acl.c:328 in ast_named_acl_find: Attempted to find named ACL 'vpn_acl', but the ACL configuration isn't available.
> Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: acl.c:541 in ast_append_acl: Named ACL 'vpn_acl' is already included in the ast_acl container.
> Mar 13 13:49:06 localhost local0.err asterisk[29624]: ERROR[29624]: chan_sip.c:30923 in build_peer: Bad ACL entry in configuration line 15 : vpn_acl
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list