[Freeswitch-users] [!!Mass Mail] freeswitch 1.6.2 acl command show "false" for all

Fred Schulz lte at lte-net.de
Mon Oct 19 10:32:45 MSD 2015 

Hi,


you have to check an IP against an Listname:


acl <ip> <list_name>,Compare an ip to an acl list,mod_commands


So long


________________________________
Von: freeswitch-users-bounces at lists.freeswitch.org <freeswitch-users-bounces at lists.freeswitch.org> im Auftrag von Kiran Patil <kirantpatil at gmail.com>
Gesendet: Montag, 19. Oktober 2015 08:13
An: FreeSWITCH Users Help
Betreff: [!!Mass Mail][Freeswitch-users] freeswitch 1.6.2 acl command show "false" for all

Hi,

I have installed FS-1.6.2 on docker. I am facing below issue when acl is set but show false.

# /usr/local/freeswitch/bin/freeswitch -version
FreeSWITCH version: 1.6.2+git~20150925T145020Z~643e3ff88f~64bit (git 643e3ff 2015-09-25 14:50:20Z 64bit)

I added acls did as below

# reloadacl reloadxml
...
...
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 0.0.0.0/0<http://0.0.0.0/0> (deny) [] to list wan_v6.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding fe80::/10 (deny) [] to list wan_v6.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1420 Created ip list wan_v4.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 0.0.0.0/8<http://0.0.0.0/8> (deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 10.0.0.0/8<http://10.0.0.0/8> (deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 172.16.0.0/12<http://172.16.0.0/12> (deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.168.0.0/16<http://192.168.0.0/16> (deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 169.254.0.0/16<http://169.254.0.0/16> (deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding ::/0 (deny) [] to list wan_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1432 Created ip list any_v6.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 0.0.0.0/0<http://0.0.0.0/0> (deny) [] to list any_v6.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1439 Created ip list any_v4.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding ::/0 (deny) [] to list any_v4.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1446 Created ip list nat.auto default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1448 Adding 172.17.0.1/255.255.0.0<http://172.17.0.1/255.255.0.0> (deny) to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 10.0.0.0/8<http://10.0.0.0/8> (allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 172.16.0.0/12<http://172.16.0.0/12> (allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.168.0.0/16<http://192.168.0.0/16> (allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 100.64.0.0/10<http://100.64.0.0/10> (allow) [] to list nat.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1458 Created ip list loopback.auto default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 127.0.0.0/8<http://127.0.0.0/8> (allow) [] to list loopback.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding ::1/128 (allow) [] to list loopback.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1465 Created ip list localnet.auto default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1468 Adding 172.17.0.1/255.255.0.0<http://172.17.0.1/255.255.0.0> (allow) to list localnet.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1493 Created ip list loopback.auto default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 172.17.42.0/16<http://172.17.42.0/16> (allow) [] to list loopback.auto
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1493 Created ip list lan default (allow)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.168.42.0/24<http://192.168.42.0/24> (deny) [] to list lan
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.168.42.42/32<http://192.168.42.42/32> (allow) [] to list lan
2015-10-19 06:06:55.932042 [NOTICE] switch_core.c:1493 Created ip list domains default (deny)
2015-10-19 06:06:55.932042 [NOTICE] switch_utils.c:534 Adding 192.0.2.0/24<http://192.0.2.0/24> (allow) [brian at 172.17.0.1<mailto:brian at 172.17.0.1>] to list domains
2015-10-19 06:06:55.932042 [INFO] switch_time.c:1415 Timezone reloaded 1781 definitions

I tried to check if acl is working fine and everything shows false.

freeswitch at internal> acl 127.0.0.0
false
freeswitch at internal> acl 127.0.0.0/8<http://127.0.0.0/8>
false
freeswitch at internal> acl 172.17.0.1
false
freeswitch at internal> acl 172.17.0.1/255.255.0.0<http://172.17.0.1/255.255.0.0>
false
freeswitch at internal> acl 172.17.42.0/16<http://172.17.42.0/16>
false
freeswitch at internal> acl 172.17.42.0/24<http://172.17.42.0/24>
false
freeswitch at internal> acl 172.17.42.0/32<http://172.17.42.0/32>
false
freeswitch at internal> acl 192.168.0.0/16<http://192.168.0.0/16>
false

Please let me know how to debug this issue.

Thanks,
Kiran.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20151019/2418f987/attachment.html

Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list