[Freeswitch-users] IP Whitelist
Eric Beard
eric at loopfx.com
Wed Jun 8 23:11:34 MSD 2011
It seems I misunderstand the purpose of the acl.conf.xml file.
What I want to do is create an IP whitelist, so only the IPs I designate get a response from FreeSwitch. I'd like to do this with FreeSwitch rather than a firewall.
I have this in acl.conf.xml:
<list name="domains" default="deny">
<!-- domain= is special it scans the domain from the directory to build the ACL -->
<node type="allow" domain="$${domain}"/>
<!-- use cidr= if you wish to allow ip ranges to this domains acl. -->
<node type="allow" cidr="10.1.0.0/24"/>
<!-- Broadvox DID -->
<node type="allow" cidr="209.249.3.74/32"/>
</list>
I was assuming that this would only allow traffic from my local network, 10.1.0.0, and from the single IP 209.249.3.74
But while watching sip traffic, I saw an OPTIONS request from a different IP (sipvicious scan). Freeswitch happily responded to the OPTIONS with an OK.
How can I configure it so that it ignores requests that are not on my whitelist?
Thanks!
-----------------------
Eric Z. Beard, CTO
Loop LLC
w (877) 850-2010 x9249
m (727) 776-2768
eric at loopfx.com<mailto:eric at loopfx.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20110608/9d168a75/attachment.html
More information about the FreeSWITCH-users
mailing list