Im looking for a way in asterisk to limit phone registrations to a specific IP network but be able to make exceptions. such as allowing registration from 10.0.0.0/8, 220.127.116.11 and disallowing it from everywhere else. I know that this can be done in with iptables but I want to have all my asterisk configuration in asterisk. I also want to allow anonymous inbound SIP calls from IP ranges that are not allowed to register. That way I can get inbound calls but external agents cant make calls through my system. I want to avoid the bulk registration hack attempts as someone might be able to guess the passwords. I must enable anonymous sip calls as I have some ATA devices that blind forward SIP calls to my system and do not register.