[asterisk-users] Security issue

Geraint Lee geraint at gmail.com
Mon Feb 9 06:31:25 CST 2009


well, you got the general idea :)

2009/2/9 Tzafrir Cohen <tzafrir.cohen at xorcom.com>

> On Mon, Feb 09, 2009 at 11:09:34AM +0000, Geraint Lee wrote:
> > what about something along the lines of...
> >
> > iptables -A INPUT -p udp --dport 5060 -j DROP
> > iptables -A INPUT -p udp -s 192.168.0.0/24 --dport 5060 -j ACCEPT
> > iptables -A INPUT -p udp -s 10.0.0.0/8 --dport 5060 -j ACCEPT
> > iptables -A INPUT -p udp -s 66.66.66.66 --dport 5060 -j ACCEPT
>
> Err... I guess you meant:
>
> iptables -A INPUT -p udp -s 192.168.0.0/24 --dport 5060 -j ACCEPT
> iptables -A INPUT -p udp -s 10.0.0.0/8 --dport 5060 -j ACCEPT
> iptables -A INPUT -p udp -s 66.66.66.66 --dport 5060 -j ACCEPT
> # only if previous three did not match:
> iptables -A INPUT -p udp --dport 5060 -j DROP
>
> --
>               Tzafrir Cohen
> icq#16849755              jabber:tzafrir.cohen at xorcom.com<jabber%3Atzafrir.cohen at xorcom.com>
> +972-50-7952406           mailto:tzafrir.cohen at xorcom.com
> http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir
>
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20090209/86b5aee6/attachment.htm 


More information about the asterisk-users mailing list