[asterisk-dev] directmediapermit/deny doesn't work in any way approaching correct for any Asterisk version and is poorly named, so we should rework it in trunk

Jonathan Rose jrose at digium.com
Wed May 2 13:30:34 CDT 2012 

Callid in this case is my brain being broken due to having worked on callid logging so much lately.  I meant to say the directmedia host address list.  Strange place to arrive from that yeah.

----- Original Message -----
From: "Kevin P. Fleming" <kpfleming at digium.com>
To: asterisk-dev at lists.digium.com
Sent: Wednesday, May 2, 2012 1:23:01 PM
Subject: Re: [asterisk-dev] directmediapermit/deny doesn't work in any way approaching correct for any Asterisk version and is poorly named, so we should rework it in trunk

On 05/02/2012 01:09 PM, Jonathan Rose wrote:
> None of us really know how this feature ended up going through quite as dysfunctional as it was.  Here is a summary:
>
> directmediapermit/deny should allow a user to specify host addresses which block and allow the use of certain host addresses with directmedia if it would otherwise be available.  Allows supersede denies, so a user could specify something like:
> directmediadeny=0.0.0.0
> directmediapermit=192.168.10.203
> for a peer to allow that peer to use directmedia when making calls only to 192.168.10.203.  Meanwhile any calls to/from another host should keep Asterisk in the RTP path.

Slight clarification: the destination of the call is irrelevant. The 
destination of the *media* associated with the call is what is 
important. Granted, with the vast majority of SIP endpoints these will 
be identical, but it's very common for SIP carriers to have the 
signaling transit through one IP address and media transit through 
completely different (and possibly multiple) IP address(es).

> Unfortunately, that isn't what it does right now at all.
>
> Currently, the permit/deny lists are only used for to the peer they are set for (calls coming from the peer aren't checked against that peer's permit/deny list at all) and to make matters even more ridiculous, the address that is compared against the permit/deny list is the address belonging to the peer the list was set for. To simplify, on directmedia will be blocked in all cases where the peer has blocked itself from callid and it will be allowed for all cases where it has permitted itself for callid. This basically makes this a completely useless feature.

What does 'callid' mean in this paragraph?

-- 
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
Jabber: kfleming at digium.com | SIP: kpfleming at digium.com | Skype: kpfleming
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at www.digium.com & www.asterisk.org

--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-dev

More information about the asterisk-dev mailing list