[Freeswitch-users] ACL not working
Diego Viola
diego.viola at gmail.com
Tue Apr 21 17:57:50 PDT 2009
I'm trying to block inbound calls with internal_auth_calls=true.
On Tue, Apr 21, 2009 at 8:46 PM, Diego Viola <diego.viola at gmail.com> wrote:
> If I turn internal_auth_calls to false it blocks... but why I can't do it
> with internal_auth_calls=true?
>
>
> On Tue, Apr 21, 2009 at 8:45 PM, Diego Viola <diego.viola at gmail.com>wrote:
>
>> This alone should be able to block inbound calls right?:
>>
>> internal.xml:
>>
>> <param name="apply-inbound-acl" value="domains"/>
>>
>> acl.conf.xml:
>>
>> <list name="domains" default="deny">
>> <node type="allow" domain="$${domain}"/>
>> </list>
>>
>> vars.xml:
>>
>> <X-PRE-PROCESS cmd="set" data="internal_auth_calls=true"/>
>>
>>
>>
>> On Tue, Apr 21, 2009 at 8:04 PM, Diego Viola <diego.viola at gmail.com>wrote:
>>
>>> I was just trying to deny everything, and I got confused at what the
>>> "default" in the <list> made, but I got it now.
>>>
>>> So I have <list name="domains" default="deny"> and that alone denies
>>> the registration, which is what I want, but I can still make calls.
>>>
>>> And I have this: <param name="apply-inbound-acl" value="domains"/>
>>>
>>> Shouldn't the "domains" which is defaulted to "deny" block the inbound
>>> calls?
>>>
>>> Thanks, I hope this doesn't make anyone nervous, just trying to learn :)
>>>
>>> Regards,
>>>
>>> Diego
>>>
>>>
>>>
>>>
>>> On Tue, Apr 21, 2009 at 5:34 PM, Michael Collins <msc at freeswitch.org>wrote:
>>>
>>>>
>>>>
>>>> On Tue, Apr 21, 2009 at 1:15 PM, Diego Viola <diego.viola at gmail.com>wrote:
>>>>
>>>>> Nope, I just wanted to allow 1 ip, 192.168.0.100.
>>>>
>>>>
>>>> Then why have a deny for this address? Don't you want something like
>>>> this?
>>>> <node type="allow" cidr="192.168.0.100/32"/>
>>>> -MC
>>>>
>>>>
>>>>>
>>>>>
>>>>> Diego
>>>>>
>>>>> On Tue, Apr 21, 2009 at 9:27 AM, Brian West <brian at freeswitch.org>wrote:
>>>>>
>>>>>> Do you want to allow these IP ranges?
>>>>>> /b
>>>>>>
>>>>>> On Apr 21, 2009, at 6:08 AM, Diego Viola wrote:
>>>>>>
>>>>>> <node type="deny" cidr="192.168.0.100/32"/>
>>>>>> <node type="deny" cidr="192.168.0.0/24"/>
>>>>>>
>>>>>>
>>>>>> Brian West
>>>>>> brian at freeswitch.org
>>>>>>
>>>>>> -- Meet us at ClueCon! http://www.cluecon.com
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Freeswitch-users mailing list
>>>>>> Freeswitch-users at lists.freeswitch.org
>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>> UNSUBSCRIBE:
>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>> http://www.freeswitch.org
>>>>>>
>>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Freeswitch-users mailing list
>>>>> Freeswitch-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:
>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Freeswitch-users mailing list
>>>> Freeswitch-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:
>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20090421/b5104190/attachment-0002.html
More information about the FreeSWITCH-users
mailing list