diff options
author | Olle Johansson <oej@edvina.net> | 2009-11-12 10:22:30 +0000 |
---|---|---|
committer | Olle Johansson <oej@edvina.net> | 2009-11-12 10:22:30 +0000 |
commit | cca751350a64d22ec2d44b535f4821c8c3a5d9e1 (patch) | |
tree | 2f1a907f230bc1a5e4d286fe058a625f3bfdc574 /configs/sip.conf.sample | |
parent | 91b9c8fca12c39d89ed0e3d22fed8c8f8b57df3d (diff) |
Clarify some security issues early in the sample configuration
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@229606 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'configs/sip.conf.sample')
-rw-r--r-- | configs/sip.conf.sample | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample index 130f369ce..18a6602bc 100644 --- a/configs/sip.conf.sample +++ b/configs/sip.conf.sample @@ -1,6 +1,18 @@ ; ; SIP Configuration example for Asterisk ; +; Note: Please read the security documentation for Asterisk in order to +; understand the risks of installing Asterisk with the sample +; configuration. If your Asterisk is installed on a public +; IP address connected to the Internet, you will want to learn +; about the various security settings BEFORE you start +; Asterisk. +; Specially note the following settings: +; - Allowguest (default enabled) +; - Permit/deny - IP address filters +; - Contactpermit/contactdeny - IP address filters for registrations +; - Context - Which set of services you offer various users +; ; SIP dial strings ;----------------------------------------------------------- ; In the dialplan (extensions.conf) you can use several @@ -87,6 +99,10 @@ [general] context=default ; Default context for incoming calls ;allowguest=no ; Allow or reject guest calls (default is yes) + ; If your Asterisk is connected to the Internet + ; and you have allowguest=yes + ; you want to check which services you offer everyone + ; out there, by enabling them in the default context (see below). ;match_auth_username=yes ; if available, match user entry using the ; 'username' field from the authentication line ; instead of the From: field. |