git.ipfire.org Git - thirdparty/asterisk.git/commit

author	Jaco Kroon <jaco@uls.co.za>
	Wed, 27 Nov 2019 13:54:39 +0000 (15:54 +0200)
committer	George Joseph <gjoseph@digium.com>
	Fri, 20 Mar 2020 13:40:09 +0000 (08:40 -0500)
commit	f4a8c71dc2a61b495adc51543921fc589be48fe6
tree	8b55666a6dabe198235c0d2f633db8fab94774f4	tree \| snapshot
parent	345e072a6d67c1491be8d43a03bfc2fb5a6a5fdd	commit \| diff

res_rtp_asterisk: implement ACL mechanism for ICE and STUN addresses.

A pure blacklist is not good enough, we need a whitelist mechanism as
well, and the simplest way to do that is to re-use existing ACL
infrastructure.

This makes it simpler to blacklist say an entire block (/24) except a
smaller block (eg, a /29 or even a /32). Normally you'd need to
recursively split the block, so if you want to blacklist a /24 except
for a /29 you'd end up with a blacklit for a /25, /26, /27 and /28. I
feel that having an ACL instead of a blacklist only is clearer.

Change-Id: Id57a8df51fcfd3bd85ea67c489c85c6c3ecd7b30
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

configs/samples/rtp.conf.sample		diff \| blob \| blame \| history
doc/CHANGES-staging/res_rtp_asterisk_cli.txt	[new file with mode: 0644]	blob
res/res_rtp_asterisk.c		diff \| blob \| blame \| history