[asterisk-dev] -netsec sip_destroy_hook annoyance, libmidcom proposed change

Peter Beckman beckman at purplecow.com
Sun Dec 3 00:27:08 MST 2006


On Sun, 3 Dec 2006, Matthew Rubenstein wrote:

> 	Other than a strict diff, is there any way to see how the netsec
> version of Asterisk is different from the main release?

  I couldn't find the code that makes up the -netsec tags in the web SVN
  trunk repository anywhere, though I didn't look super hard.  -netsec
  implements the ability of Asterisk to open and close firewall ports (I
  believe solely for RTP instead of opening 10000-20000) as needed to secure
  asterisk further than it is now.

> And will netsec run without the Ranch HW, or without any special HW on a
> straight Asterisk/SIP/IAX box?

  -netsec implements MIDCOM, an IETF standard:

  http://www.ietf.org/html.charters/midcom-charter.html

  See RFC 3304, 3303, 3489, 3989, and 4097.

> 	I'm interested in some of the netsec features, and maybe cross-porting
> them to 1.4, but none of the ones that use the Ranch or other HW.

  I'm sure 1.4-netsec will be released; at least I haven't heard any
  rumblings that it will/may be discontinued.  Ranch does nothing special
  other than implement MIDCOM firewall gunk.

Beckman
---------------------------------------------------------------------------
Peter Beckman                                                  Internet Guy
beckman at purplecow.com                             http://www.purplecow.com/
---------------------------------------------------------------------------


More information about the asterisk-dev mailing list