[Asterisk-code-review] res_rtp_asterisk: implement ACL mechanism for ICE and STUN addresses. (asterisk[13])

Jaco Kroon asteriskteam at digium.com
Tue Mar 17 08:07:05 CDT 2020


Hello Joshua Colp, George Joseph, Friendly Automation, 

I'd like you to reexamine a change. Please visit

    https://gerrit.asterisk.org/c/asterisk/+/13309

to look at the new patch set (#7).

Change subject: res_rtp_asterisk: implement ACL mechanism for ICE and STUN addresses.
......................................................................

res_rtp_asterisk: implement ACL mechanism for ICE and STUN addresses.

A pure blacklist is not good enough, we need a whitelist mechanism as
well, and the simplest way to do that is to re-use existing ACL
infrastructure.

This makes it simpler to blacklist say an entire block (/24) except a
smaller block (eg, a /29 or even a /32).  Normally you'd need to
recursively split the block, so if you want to blacklist a /24 except
for a /29 you'd end up with a blacklit for a /25, /26, /27 and /28.  I
feel that having an ACL instead of a blacklist only is clearer.

Change-Id: Id57a8df51fcfd3bd85ea67c489c85c6c3ecd7b30
Signed-off-by: Jaco Kroon <jaco at uls.co.za>
---
M configs/samples/rtp.conf.sample
A doc/CHANGES-staging/res_rtp_asterisk_cli.txt
M res/res_rtp_asterisk.c
3 files changed, 127 insertions(+), 104 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/09/13309/7
-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/13309
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Change-Id: Id57a8df51fcfd3bd85ea67c489c85c6c3ecd7b30
Gerrit-Change-Number: 13309
Gerrit-PatchSet: 7
Gerrit-Owner: Jaco Kroon <jaco at uls.co.za>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-MessageType: newpatchset
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200317/bad3bffe/attachment.html>


More information about the asterisk-code-review mailing list