From 524a30297468dc2bb7627f0dd589bd9e7368c744 Mon Sep 17 00:00:00 2001 From: Alexei Gradinari Date: Fri, 13 May 2016 12:38:20 -0400 Subject: res_pjsip: Endpoint IP Access Controls With the old SIP module we can use IP access controls per peer. PJSIP module missing this feature. This patch added next configuration Endpoint options: "acl" - list of IP ACL section names in acl.conf "deny" - List of IP addresses to deny access from "permit" - List of IP addresses to permit access from "contact_acl" - List of Contact ACL section names in acl.conf "contact_deny" - List of Contact header addresses to deny "contact_permit" - List of Contact header addresses to permit This patch also better logging failed request: add custom message instead of "No matching endpoint found" add SIP method to logging ASTERISK-25900 Change-Id: I456dea3909d929d413864fb347d28578415ebf02 --- include/asterisk/res_pjsip.h | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/asterisk/res_pjsip.h b/include/asterisk/res_pjsip.h index f985e3254..d20d27e70 100644 --- a/include/asterisk/res_pjsip.h +++ b/include/asterisk/res_pjsip.h @@ -734,6 +734,10 @@ struct ast_sip_endpoint { unsigned int usereqphone; /*! Do we send messages for connected line updates for unanswered incoming calls immediately to this endpoint? */ unsigned int rpid_immediate; + /* Access control list */ + struct ast_acl_list *acl; + /* Restrict what IPs are allowed in the Contact header (for registration) */ + struct ast_acl_list *contact_acl; }; /*! -- cgit v1.2.3