[asterisk-bugs] [JIRA] (ASTERISK-28697) res_pjsip: Named ACL does not update on reload if changed

Friendly Automation (JIRA) noreply at issues.asterisk.org
Thu Feb 27 12:55:25 CST 2020


    [ https://issues.asterisk.org/jira/browse/ASTERISK-28697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=249856#comment-249856 ] 

Friendly Automation commented on ASTERISK-28697:
------------------------------------------------

Change 13828 merged by Kevin Harwell:
pjsip: Update ACLs on named ACL changes.

[https://gerrit.asterisk.org/c/asterisk/+/13828|https://gerrit.asterisk.org/c/asterisk/+/13828]

> res_pjsip: Named ACL does not update on reload if changed
> ---------------------------------------------------------
>
>                 Key: ASTERISK-28697
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28697
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip_acl
>    Affects Versions: 16.7.0
>            Reporter: Timothy Vanderaerden
>            Assignee: Joshua C. Colp
>            Severity: Minor
>
> Changes that have been made to ACL are not being applied after you reload ACL or/and PJSIP. This happens when you use a named ACL that is configured in _acl.conf_ and referenced in _pjsip.conf_. The only way to enforce the updated ACL is to either restart Asterisk or by removing the ACL reference from PJSIP then reload PJSIP, add that reference to PJSIP again and finally reload PJSIP again.
> *Configuration:*
> {code:title=acl.conf}
> [dispatcher-acl]
> deny=0.0.0.0/0.0.0.0
> permit=dispatcherIP
> {code}
> {code:title=pjsip.conf}
> [dispatcher-acl]
> type=acl
> acl=dispatcher-acl
> {code}
> *Steps to reproduce:*
> 1. Create named ACL in _acl.conf_.
> 2. Reference ACL in _pjsip.con_.
> 3. Reload acl
> 4. pjsip reload
> 5. Update named ACL
> 6. Reload acl
> 7. pjsip reload
> _acl show dispatcher-acl_: shows the updated configuration but PJSIP still uses the old ones. You will get the following message: 
> {noformat}
> Incoming SIP message from {thatIpYouUpdated} did not pass ACL test
> {noformat}
> 1. Remove ACL reference from _pjsip.conf_
> 2. pjsip reload
> 3.. Add that ACL reference back to _pjsip.conf_
> 4. pjsip reload
> Now the changes from ACL are applied to PJSIP.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list