[Freeswitch-users] ACLs / changing to which IPs FS binds to
georg at riseup.net
georg at riseup.net
Wed Jan 25 03:33:39 MSK 2012
Hi all,
I've got a server running FS with five nets associated. There are just
two, from where I receive calls and my phones are registering.
I would like to exclude all the nets by default from being allowed to
contact / register at FS, and only allow
- one net 172.251.X.XXX
- one net 192.168.X.XXX
I tried achieving this trough acl.conf, however, had no success.
I disabled NAT at startup trough -nonat.
'sofia status profile internal' is showing me a public ip of my server
next to "Pres Hosts" (but also one ip out of the mentioned 192.168.X.XXX
net, which is fine).
In internal.xml, I set rtp-ip and sip-ip to this (correct) ip.
I think my main mistake is that I don't understand how things are handled
in acl.conf. So far it looks like this:
<configuration name="acl.conf" description="Network Lists">
<network-lists>
<list name="localnet.auto" default="deny">
<node type="allow" cidr="192.168.X.X/24"/>
<node type="deny" cidr="Public IP/29"/>
</list>
<list name="domains" default="deny">
<node type="allow" domain="192.168.X.XX"/>
<node type="allow" cidr="192.168.X.X/24"/>
</list>
</network-lists>
</configuration>
Thanks in advance,
Georg
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list