[arm-allstar] iax2 ACL's --was: arm-allstar Digest, Vol 23, Issue 14
David McGough
kb4fxc at inttek.net
Mon Apr 11 17:04:37 EST 2016
Hi Ken,
We've confirmed this is a typo (oops!) in our base config files and will
correct this in the next release.
Other than generating an obscure looking warning message, I don't believe
this causes any other negative behavior---so, no security issues, etc.
THANK YOU for pointing this problem so we can fix it!
73, David KB4FXC
On Mon, 11 Apr 2016, Ken wrote:
> Yes - the install routine put these lines into iax.conf (nothing I did)
> Looks like the syntax of the permit= line is wrong.
>
> [radio-proxy]
> type=user
> deny=0.0.0.0/0.0.0.0
> permit=/255.255.255.255
> ...
>
>
>
> 1. PI3 (Ken)
> ------------------------------
> Message: 2
> Date: Sun, 10 Apr 2016 20:44:19 -0400 (EDT)
> From: David McGough <kb4fxc at inttek.net>
> To: Ken via arm-allstar <arm-allstar at hamvoip.org>
> Subject: Re: [arm-allstar] iax2 ACL's and WiFi --- was: PI3
> Message-ID:
> <Pine.LNX.4.44.1604102030480.10013-100000 at goliath.inttek.net>
> Content-Type: TEXT/PLAIN; charset=ISO-8859-1
>
>
> Hi Ken,
>
> Those iax2 messages are due to the config file. The most interesting of the
> two messages is the "ast_append_ha: is not a valid IP" warning.
>
> Take a look for a typo in a deny= or permit= ACL statement somewhere in the
> iax2.conf file. The format of these statements should be:
>
> deny=<network>/<netmask>
> permit=<network>/<netmask>
>
> Or, something like:
>
> deny=192.168.0.0/255.255.0.0
> permit=0.0.0.0/0.0.0.0
>
> ...which denies all traffic from 192.168.0.0/16 and then permits everything
> else.
>
>
>
More information about the arm-allstar
mailing list