[asterisk-dev] [Code Review] Security Event Framework Proposal
Russell Bryant
russell at digium.com
Thu Jun 4 11:04:33 CDT 2009
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/273/
-----------------------------------------------------------
Review request for Asterisk Developers.
Summary
-------
The included changes include a proposal for a security event framework for Asterisk. The document "security_events.txt" contains the proposal. There is also some code that is the beginning of a proposed implementation of the proposal.
This code is not yet close to a state where it should be considered for merging. There are still many more events to implement if we agree to proceed down this path.
Diffs
-----
/trunk/channels/chan_sip.c 199085
/trunk/include/asterisk/event_defs.h 199085
/trunk/include/asterisk/security_events.h PRE-CREATION
/trunk/include/asterisk/security_events_defs.h PRE-CREATION
/trunk/main/event.c 199085
/trunk/main/security_events.c PRE-CREATION
/trunk/security_events.txt PRE-CREATION
/trunk/tests/test_security_events.c PRE-CREATION
Diff: http://reviewboard.digium.com/r/273/diff
Testing
-------
As previously noted, the code is incomplete and is not intended to be reviewed for merging into trunk at this time. However, the test module does generate a FailedACL security event which comes out of the custom security log channel, demonstrating the documented security log format:
*CLI> securityevents test generation
SECURITY[17921]: res_security_log.c:125 security_event_cb: SecurityEvent="FailedACL",Service="TEST",EventVersion="1",AccountID="Username",SessionID="Session123",LocalAddress="IPV4/UDP/192.168.1.1/12121",RemoteAddress="IPV4/UDP/192.168.1.2/12345",Module="test_security_events",ACLName="TEST_ACL",SessionTV="1244131376-695232"
Thanks,
Russell
More information about the asterisk-dev
mailing list