[asterisk-bugs] [JIRA] (ASTERISK-24890) res_pjsip_acl: patch proposal - endpoint specific ACL
Rusty Newton (JIRA)
noreply at issues.asterisk.org
Mon Mar 23 09:01:35 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-24890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=225557#comment-225557 ]
Rusty Newton commented on ASTERISK-24890:
-----------------------------------------
I can't see much opposition to your idea in general, however it is a good idea to first propose new features on the development mailing list for discussion: http://lists.digium.com/mailman/listinfo/asterisk-dev
> res_pjsip_acl: patch proposal - endpoint specific ACL
> -----------------------------------------------------
>
> Key: ASTERISK-24890
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24890
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Resources/res_pjsip_acl
> Affects Versions: 13.2.0
> Reporter: Dmitriy Serov
> Labels: Security
>
> I continue to migrate from asterisk 11 to 13.2 and continues to face problems of compatibility.
> chan_sip has a very good ability to limit registration for a particular PEER to the specified set of IP addresses. I have not found such an opportunity in res_pjsip.
> ACL offers only limit of the IP packet or contact without being tied to a particular endpoint. Because registration restrictions by IP require only part of endpoints, then using version 13.2 all registrations are unprotected, insecure.
> I propose to implement an option to specify the endpoint in ACL section.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list