[asterisk-dev] [Code Review] Security Event Framework Proposal

Russell Bryant russell at digium.com
Tue Jun 9 07:49:48 CDT 2009


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/273/
-----------------------------------------------------------

(Updated 2009-06-09 07:49:48.171250)


Review request for Asterisk Developers.


Changes
-------

Updated diff with the latest code.  All events have been implemented except for custom events from the dialplan.  Also, the AMI has been updated to generate security events.


Summary (updated)
-------

The included changes include a proposal for a security event framework for Asterisk.  The document "security_events.txt" contains the proposal.  The associated code is an implementation of the proposal.


Diffs (updated)
-----

  /trunk/channels/chan_sip.c 199738 
  /trunk/include/asterisk/event_defs.h 199738 
  /trunk/include/asterisk/security_events.h PRE-CREATION 
  /trunk/include/asterisk/security_events_defs.h PRE-CREATION 
  /trunk/main/event.c 199738 
  /trunk/main/manager.c 199738 
  /trunk/main/security_events.c PRE-CREATION 
  /trunk/res/res_security_log.c PRE-CREATION 
  /trunk/security_events.txt PRE-CREATION 
  /trunk/tests/test_security_events.c PRE-CREATION 

Diff: http://reviewboard.digium.com/r/273/diff


Testing
-------

A test module has been written to generate security events.  You can run the test command and verify that the events come out in the custom security log channel, demonstrating the documented security log format:

Here is some example output:

*CLI> securityevents test generation

...

SECURITY[17921]: res_security_log.c:125 security_event_cb: SecurityEvent="FailedACL",Service="TEST",EventVersion="1",AccountID="Username",SessionID="Session123",LocalAddress="IPV4/UDP/192.168.1.1/12121",RemoteAddress="IPV4/UDP/192.168.1.2/12345",Module="test_security_events",ACLName="TEST_ACL",SessionTV="1244131376-695232"

...


Thanks,

Russell




More information about the asterisk-dev mailing list