[arm-allstar] iax2 ACL's --was: arm-allstar Digest, Vol 23, Issue 14

David McGough kb4fxc at inttek.net
Mon Apr 11 17:04:37 EST 2016


Hi Ken,

We've confirmed this is a typo (oops!) in our base config files and will 
correct this in the next release.

Other than generating an obscure looking warning message, I don't believe 
this causes any other negative behavior---so, no security issues, etc.

THANK YOU for pointing this problem so we can fix it!

73, David KB4FXC



On Mon, 11 Apr 2016, Ken wrote:

> Yes - the install routine put these lines into iax.conf  (nothing I did)
> Looks like the syntax of the permit= line is wrong.
> 
> [radio-proxy]
> type=user
> deny=0.0.0.0/0.0.0.0
> permit=/255.255.255.255
> ...
> 
> 
> 
>    1. PI3 (Ken)
> ------------------------------
> Message: 2
> Date: Sun, 10 Apr 2016 20:44:19 -0400 (EDT)
> From: David McGough <kb4fxc at inttek.net>
> To: Ken via arm-allstar <arm-allstar at hamvoip.org>
> Subject: Re: [arm-allstar] iax2 ACL's and WiFi --- was: PI3
> Message-ID:
> 	<Pine.LNX.4.44.1604102030480.10013-100000 at goliath.inttek.net>
> Content-Type: TEXT/PLAIN; charset=ISO-8859-1
> 
> 
> Hi Ken,
> 
> Those iax2 messages are due to the config file. The most interesting of the
> two messages is the "ast_append_ha:  is not a valid IP" warning.
> 
> Take a look for a typo in a deny= or permit= ACL statement somewhere in the
> iax2.conf file. The format of these statements should be:
> 
> deny=<network>/<netmask>
> permit=<network>/<netmask>
> 
> Or, something like:
> 
> deny=192.168.0.0/255.255.0.0
> permit=0.0.0.0/0.0.0.0
> 
> ...which denies all traffic from 192.168.0.0/16 and then permits everything
> else.
> 
> 
> 



More information about the arm-allstar mailing list