[asterisk-dev] FW: Question about permit/deny in pjsip endpoints

Floimair Florian f.floimair at commend.com
Thu Oct 25 02:54:20 CDT 2018


UPDATE:
Additionally, I see this message in the logs:

["2018-10-25 07:52:40.6837"] WARNING[123176]: named_acl.c:333 ast_named_acl_find: ACL 'deny/permit' does not exist. The ACL will be marked as undefined and will automatically fail if applied.




Hello all!

I wanted to try limiting incoming SIP packets to the IP of my Kamailio loadbalancer.
Since I’m using a database backend I tried to achieve this using the permit and deny attributes in ps_endpoints table.
So I set permit=”192.168.1.10/32” and deny to “0.0.0.0/0”, and while this seems to work in general, I get lots of the following WARNINGS in the logs:

["2018-10-25 07:41:34.7761"] WARNING[116934]: acl.c:740 ast_apply_acl: SIP ACL: Rejecting '192.168.1.10' due to use of an invalid ACL 'deny/permit'.

What is the problem with this configuration?
Of course I could alternatively define a named ACL and assign it using acl=name instead, but then what’s the point of the permit and deny options after all?

BR, Florian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20181025/e12b73ac/attachment.html>


More information about the asterisk-dev mailing list