[Freeswitch-users] freeswitch 1.6.2 acl command show "false" for all

Kiran Patil kirantpatil at gmail.com
Mon Oct 19 10:13:00 MSD 2015


Hi,

I have installed FS-1.6.2 on docker. I am facing below issue when acl is
set but show false.

# /usr/local/freeswitch/bin/freeswitch -version
FreeSWITCH version: 1.6.2+git~20150925T145020Z~643e3ff88f~64bit (git
643e3ff 2015-09-25 14:50:20Z 64bit)

I added acls did as below

# reloadacl reloadxml
...
...
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 0.0.0.0/0
(deny) [] to list wan_v6.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding fe80::/10
(deny) [] to list wan_v6.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1420 Created ip list
wan_v4.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 0.0.0.0/8
(deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 10.0.0.0/8
(deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 172.16.0.0/12
(deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.168.0.0/16
(deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 169.254.0.0/16
(deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding ::/0 (deny)
[] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1432 Created ip list
any_v6.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 0.0.0.0/0
(deny) [] to list any_v6.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1439 Created ip list
any_v4.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding ::/0 (deny)
[] to list any_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1446 Created ip list
nat.auto default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1448 Adding
172.17.0.1/255.255.0.0 (deny) to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 10.0.0.0/8
(allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 172.16.0.0/12
(allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.168.0.0/16
(allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 100.64.0.0/10
(allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1458 Created ip list
loopback.auto default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 127.0.0.0/8
(allow) [] to list loopback.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding ::1/128
(allow) [] to list loopback.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1465 Created ip list
localnet.auto default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1468 Adding
172.17.0.1/255.255.0.0 (allow) to list localnet.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1493 Created ip list
loopback.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 172.17.42.0/16
(allow) [] to list loopback.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1493 Created ip list lan
default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding
192.168.42.0/24 (deny) [] to list lan
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding
192.168.42.42/32 (allow) [] to list lan
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1493 Created ip list
domains default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.0.2.0/24
(allow) [brian at 172.17.0.1] to list domains
2015-10-19 06:06:55.932042 [INFO] switch_time.c:1415 Timezone reloaded 1781
definitions

I tried to check if acl is working fine and everything shows false.

freeswitch at internal> acl 127.0.0.0
false
freeswitch at internal> acl 127.0.0.0/8
false
freeswitch at internal> acl 172.17.0.1
false
freeswitch at internal> acl 172.17.0.1/255.255.0.0
false
freeswitch at internal> acl 172.17.42.0/16
false
freeswitch at internal> acl 172.17.42.0/24
false
freeswitch at internal> acl 172.17.42.0/32
false
freeswitch at internal> acl 192.168.0.0/16
false

Please let me know how to debug this issue.

Thanks,
Kiran.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20151019/47a71d06/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list