[Freeswitch-users] Question about inbound ACL

RR ranjtech at gmail.com
Mon May 24 15:56:14 PDT 2010


Hi David,

the calls are coming in on port 5060, so I'm assuming it's triggering the
internal profile(?) and as mentioned in my email, we have the acl applied in
the internal.xml file. Yet we see calls from all sorts of IPs. Anything else
we need to look at?

Thanks
RR

On Mon, May 24, 2010 at 6:26 PM, David Ponzone <david.ponzone at gmail.com>wrote:

> Well you need to put the ACL in the SIP Profile your providers are sending
> calls to.
> By default, it's port 5080 for external and port 5060 for internal.
>
> David Ponzone  Direction Technique
> email: david.ponzone at ipeva.fr
> tel:      01 74 03 18 97
> gsm:   06 66 98 76 34
>
> Service Client IPeva
> tel:      0811 46 26 26
> www.ipeva.fr  -   www.ipeva-studio.com
>
> *Ce message et toutes les pièces jointes sont confidentiels et établis à
> l'intention exclusive de ses destinataires. Toute utilisation ou diffusion
> non autorisée est interdite. Tout message électronique est susceptible
> d'altération. **IPeva** décline toute responsabilité au titre de ce
> message s'il a été altéré, déformé ou falsifié. Si vous n'êtes pas
> destinataire de ce message, merci de le détruire immédiatement et d'avertir
> l'expéditeur.*
> *
> *
>
>
>
> Le 24/05/2010 à 22:45, RR a écrit :
>
> Hello List,
>
> I have tried to read as much as I could and try out a bunch of things but
> it doesn't seem to be working. The scenario is that we have a FS setup as a
> call distributor to our internal SIP servers. The calls come into the FS
> when people call any of the 6000 or so DIDs we own. These DIDs are through
> various providers who's IP addresses we know (obviously). I want to receive
> / process only calls from these external IP addresses and nothing else. So I
> did the following in acl.conf.xml file
>
>         <list name="DIDProviders" default="deny">
>           <node type="allow" cidr="64.XXX.XXX.XXX/32"/>
>           <node type="allow" cidr="67.XXX.XXX.XXX/30"/>
>            etc...
>         </list>
>
> then I went into the $FSHOME/conf/sip_profiles/internal.xml and did the
> following:
>
> <param name="apply-inbound-acl" value="DIDProviders"/>
>
> but I still keep seeing calls from other IPs that are not in the
> "DIDProviders" list getting through.
>
> What else do I need to do to prevent this? Should this not be in
> internal.xml but in external.xml?
>
> TIA
> \RR
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20100524/20310019/attachment.html 


More information about the FreeSWITCH-users mailing list