[asterisk-dev] Asterisk Network Security Idea (using tcp_wrappers)
Olle E. Johansson
oej at edvina.net
Mon Mar 30 04:01:20 CDT 2009
30 mar 2009 kl. 10.44 skrev Tzafrir Cohen:
> One thing, though: Asterisk already has a mechanism to allow and deny
> connections on a per-IP address basis. From my limited experince it is
> hardly used. So is there really a point in adding a second mechanism
> that duplicates this functionality?
I was thinking the same way.
We need named ACL's with hooks, as John outlined based on our work at
Astricon.
With proper hooks, anyone that needs to hook into (iptables | ipfw |
pf | anything) can do that.
Adding a second system on top on the one we already have would only be
confusing.
/O
More information about the asterisk-dev
mailing list