[asterisk-users] Binding to 0.0.0.0 a security risk?
Raj Mathur ( राज माथुर )
raju at linux-delhi.org
Mon Feb 6 21:10:36 CST 2012
On Tuesday 07 Feb 2012, Josh wrote:
> [snip]
> > Unfortunately, (IIRC) Asterisk does not reply to the same interface
> > packets are received from which limits the usefulness of multiple
> > interfaces.
>
> What do you mean by that? If a request is received over eht1 are you
> saying that Asterisk does not respond over the same interface?!
As far as I know, Asterisk would use the default Linux/Unix routing
algorithms to send packets out, in which case yes: responses may not go
out on the same interface packets were received on.
E.g. if you receive packets with non-LAN IP addresses on eth0, while
your default route is set to eth1, in the absence of custom routing
Linux will send the responses over eth1.
There are ways to overcome this for specific situations, but no general
method that I'm aware of (though I'm happy to be corrected).
Regards,
-- Raj
--
Raj Mathur || raju at kandalaya.org || GPG:
http://otheronepercent.blogspot.com || http://kandalaya.org || CC68
It is the mind that moves || http://schizoid.in || D17F
More information about the asterisk-users
mailing list