[Freeswitch-users] Question about inbound ACL
msc at freeswitch.org
Mon May 24 17:07:41 PDT 2010
On Mon, May 24, 2010 at 1:45 PM, RR <ranjtech at gmail.com> wrote:
> Hello List,
> I have tried to read as much as I could and try out a bunch of things but
> it doesn't seem to be working. The scenario is that we have a FS setup as a
> call distributor to our internal SIP servers. The calls come into the FS
> when people call any of the 6000 or so DIDs we own. These DIDs are through
> various providers who's IP addresses we know (obviously). I want to receive
> / process only calls from these external IP addresses and nothing else. So I
> did the following in acl.conf.xml file
> <list name="DIDProviders" default="deny">
> <node type="allow" cidr="64.XXX.XXX.XXX/32"/>
> <node type="allow" cidr="67.XXX.XXX.XXX/30"/>
> then I went into the $FSHOME/conf/sip_profiles/internal.xml and did the
> <param name="apply-inbound-acl" value="DIDProviders"/>
> but I still keep seeing calls from other IPs that are not in the
> "DIDProviders" list getting through.
> What else do I need to do to prevent this? Should this not be in
> internal.xml but in external.xml?
I have to ask: did you do this at the fs_cli:
Need to make sure that your ACLs got reloaded. If so, then the next step is
to turn on full console debugging (which is on by default when using fs_cli)
and try a call. Capture the complete log for a call and drop it in pastebin.
Redact any private information and then paste the link in this thread. We'll
take a look.
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the FreeSWITCH-users