How to add two permit rules in Elastix?

Discussion in 'General' started by haywoodcox, Apr 15, 2010.

  1. haywoodcox

    Joined:
    Jun 11, 2009
    Messages:
    79
    Likes Received:
    0
    Hi all,

    In the GUI, it only allow add one permit or deny rules. How could I add more, need to add in sip_general_custom.conf? And what is the syntax there such that could match the remaining config in the GUI?

    Best regards,
    Haywood
     
  2. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    I suspect that your allow/deny rules are system wide, if so I would add them to your sip_custom.conf file.

    But the concept is good, only allow trusted connections :)
    regards

    dicko
     
  3. haywoodcox

    Joined:
    Jun 11, 2009
    Messages:
    79
    Likes Received:
    0
    Thanks Dicko,

    So what should be the correct syntax in sip_custom.conf then? Because I already have a profile in sip_additonal.conf.

    sip_additional.conf
    [1711]
    deny=0.0.0.0/0.0.0.0
    type=friend
    secret=88171122
    qualify=yes
    port=5060
    pickupgroup=1
    permit=10.3.1.0/255.255.255.0
    nat=yes
    mailbox=2211@hkvmail
    host=dynamic
    dtmfmode=rfc2833
    dial=SIP/1711
    context=from-internal
    canreinvite=no
    callgroup=1
    callerid=device <1711>
    accountcode=
    call-limit=50

    Is that I just add the following in the sip_custom.conf

    sip_custom.conf
    [1711]
    permit=10.1.1.0/255.255.255.0
     
  4. haywoodcox

    Joined:
    Jun 11, 2009
    Messages:
    79
    Likes Received:
    0
    I tried the above but seems not working.
    I put the settings in sip_custom.conf & sip_general_custom.conf but result are the same.
     
  5. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    The settings are parsed in the order they are encountered in sip.conf, descending into the included files as they are encountered, the last settings win, in your design each extension has deny 0,0,0,0/0,0,0,0 at that point everything previously allowed is now denied again, so I guess I'm saying "Don;t do that"

    dicko
     

Share This Page