[Freeswitch-users] Two Major Problems

Michael Collins msc at freeswitch.org
Fri Apr 9 10:22:07 PDT 2010 

On Fri, Apr 9, 2010 at 10:07 AM, Ken Fulmer <
kenfulmer at icstechnologysolutions.com> wrote:

>  Per your suggestion, I changed the following in the
> conf/autoload_configs/acl.conf.xml file:
>
>
>
>     <list name="domains" default="deny">
>
>       <node type="allow" domain="10.10.3.10"/>
>
>       <node type="allow" domain="10.10.3.11"/>
>
>     </list>
>
>
>
> 10.10.3.10 and 10.10.3.11 are the ip addresses of our internal servers.
> However, the calls still fail with the 407 Proxy Authentication Required
> message.
>
>
>
> I get the following log output when I issue the command, reloadacl:
>
>
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:954 Created ip list
> rfc1918.auto default (deny)
>
> freeswitch at internal> 2010-04-09 12:06:31.259954 [NOTICE]
> switch_utils.c:195 Adding 10.0.0.0/8 (allow) [] to list rfc1918.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 172.16.0.0/12 (allow) [] to list rfc1918.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 192.168.0.0/16 (allow) [] to list rfc1918.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:962 Created ip list
> wan.auto default (allow)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding 10.0.0.0/8(deny) [] to list wan.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 172.16.0.0/12 (deny) [] to list wan.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 192.168.0.0/16 (deny) [] to list wan.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:970 Created ip list
> nat.auto default (deny)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:972 Adding
> 10.10.3.12/255.255.255.128 (deny) to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding 10.0.0.0/8(allow) [] to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 172.16.0.0/12 (allow) [] to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding
> 192.168.0.0/16 (allow) [] to list nat.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:981 Created ip list
> loopback.auto default (deny)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_utils.c:195 Adding 127.0.0.0/8(allow) [] to list loopback.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:987 Created ip list
> localnet.auto default (deny)
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:990 Adding
> 10.10.3.12/255.255.255.128 (allow) to list localnet.auto
>
> 2010-04-09 12:06:31.259954 [NOTICE] switch_core.c:1015 Created ip list
> domains default (deny)
>
> 2010-04-09 12:06:31.259954 [WARNING] switch_core.c:1046 Cannot locate
> domain 10.10.3.10
>
> 2010-04-09 12:06:31.259954 [WARNING] switch_core.c:1046 Cannot locate
> domain 10.10.3.11
>
>
>
> Am I doing something incorrectly?
>
I'm afraid so. :)

<node type="allow" cidr="10.10.3.10/32"/>
<node type="allow" cidr="10.10.3.11/32"/>

You're not allowing a domain in, you're allowing an IP address.
-MC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100409/396001d9/attachment-0026.html

More information about the FreeSWITCH-users mailing list