[asterisk-dev] -netsec sip_destroy_hook annoyance, libmidcom proposed change

Matthew Rubenstein email at mattruby.com
Sun Dec 3 00:55:33 MST 2006 

	I heard on this list last week that -netsec factors out the RTP server
so it can be controlled across a network by an asterisk process. Which
would allow a different RTP server than the one bundled with Asterisk to
be used, like an existing RTP server, if the new RTP server exposed the
same control API that the -netsec RTP server exposed. Does that not seem
correct to you, after examining the -netsec version?


On Sun, 2006-12-03 at 02:27 -0500, Peter Beckman wrote:
> On Sun, 3 Dec 2006, Matthew Rubenstein wrote:
> 
> > 	Other than a strict diff, is there any way to see how the netsec
> > version of Asterisk is different from the main release?
> 
>   I couldn't find the code that makes up the -netsec tags in the web SVN
>   trunk repository anywhere, though I didn't look super hard.  -netsec
>   implements the ability of Asterisk to open and close firewall ports (I
>   believe solely for RTP instead of opening 10000-20000) as needed to secure
>   asterisk further than it is now.
> 
> > And will netsec run without the Ranch HW, or without any special HW on a
> > straight Asterisk/SIP/IAX box?
> 
>   -netsec implements MIDCOM, an IETF standard:
> 
>   http://www.ietf.org/html.charters/midcom-charter.html
> 
>   See RFC 3304, 3303, 3489, 3989, and 4097.
> 
> > 	I'm interested in some of the netsec features, and maybe cross-porting
> > them to 1.4, but none of the ones that use the Ranch or other HW.
> 
>   I'm sure 1.4-netsec will be released; at least I haven't heard any
>   rumblings that it will/may be discontinued.  Ranch does nothing special
>   other than implement MIDCOM firewall gunk.
> 
> Beckman
> ---------------------------------------------------------------------------
> Peter Beckman                                                  Internet Guy
> beckman at purplecow.com                             http://www.purplecow.com/
> ---------------------------------------------------------------------------
-- 

(C) Matthew Rubenstein

More information about the asterisk-dev mailing list