permit only certain ip

Discussion in 'General' started by tomcattyy, Mar 26, 2010.

  1. tomcattyy

    Joined:
    Mar 2, 2010
    Messages:
    11
    Likes Received:
    0
    Hello there,

    I have setup the alwaysauthreject=yes to /etc/asterisk/sip_general_additional.conf
    and I want to set up rules to allow only selected ip to make sip registration.
    I try to add
    deny=0.0.0.0/0.0.0.0
    permit=66.19.xx.xx/255.255.255.255
    to the sip_general_additional.conf, but it did not block the registration.
    under the sip.additional
    I tried
    [3002]
    host=66.19.xx.xx/255.255.255.255

    also not do the trick to prevent [3002] to register from another ip?
    Please advice what am I missing here? appreciate your help.
     
  2. dicko

    Joined:
    Oct 24, 2008
    Messages:
    4,099
    Likes Received:
    0
    I think that those rules belong for security reasons on you firewall.

    allow only incoming Paetec et al. and your VSP's on udp/5060.
     
  3. tomcattyy

    Joined:
    Mar 2, 2010
    Messages:
    11
    Likes Received:
    0
    Thanks, ture. Stop traffic at firewall is much better than stop at elastix.
     
  4. fmvillares

    Joined:
    Sep 8, 2007
    Messages:
    1,785
    Likes Received:
    0
    yeap but deny and permit lines also are a good way to block acceses
     

Share This Page