[asterisk-bugs] [JIRA] (ASTERISK-24890) res_pjsip_acl: ACL for the endpoint
Dmitriy Serov (JIRA)
noreply at issues.asterisk.org
Tue Mar 17 02:29:34 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-24890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dmitriy Serov updated ASTERISK-24890:
-------------------------------------
Description:
I continue to migrate from asterisk 11 to 13.2 and continues to face problems of compatibility.
chan_sip has a very good ability to limit registration for a particular PEER to the specified set of IP addresses. I have not found such an opportunity in res_pjsip.
ACL offers only limit of the IP packet or contact without being tied to a particular endpoint. Because registration restrictions by IP require only part of endpoints, then using version 13.2 all registrations are unprotected, insecure.
I propose to implement an option to specify the endpoint in ACL section.
was:
I continue to migrate from asterisk 11 to 13.2 and continues to face problems of compatibility.
chan_sip has a very good ability to limit registration for a particular PEER to the specified set of IP addresses. I have not found such an opportunity in res_pjsip.
ACL offers only limit of the IP packet or contact without being tied to a particular endpoint.
I propose to implement an option to specify the endpoint in ACL section.
> res_pjsip_acl: ACL for the endpoint
> -----------------------------------
>
> Key: ASTERISK-24890
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24890
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Resources/res_pjsip_acl
> Affects Versions: 13.2.0
> Reporter: Dmitriy Serov
> Labels: Security
>
> I continue to migrate from asterisk 11 to 13.2 and continues to face problems of compatibility.
> chan_sip has a very good ability to limit registration for a particular PEER to the specified set of IP addresses. I have not found such an opportunity in res_pjsip.
> ACL offers only limit of the IP packet or contact without being tied to a particular endpoint. Because registration restrictions by IP require only part of endpoints, then using version 13.2 all registrations are unprotected, insecure.
> I propose to implement an option to specify the endpoint in ACL section.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list