res_pjsip_acl: SIP ACL module¶
This configuration documentation is for functionality provided by res_pjsip_acl.
Overview¶
ACL
The ACL module used by 'res_pjsip'. This module is independent of 'endpoints' and operates on all inbound SIP communication using res_pjsip.
There are two main ways of defining your ACL with the options provided. You can use the 'permit' and 'deny' options which act on IP addresses, or the 'contactpermit' and 'contactdeny' options which act on Contact header addresses in incoming REGISTER requests. You can combine the various options to create a mixed ACL.
Additionally, instead of defining an ACL with options, you can reference IP or Contact header ACLs from the file acl.conf by using the 'acl' or 'contactacl' options.
Configuration File: pjsip.conf¶
[acl]: Access Control List¶
Configuration Option Reference¶
| Option Name | Type | Default Value | Regular Expression | Description |
|---|---|---|---|---|
| acl | Custom | false | List of IP ACL section names in acl.conf | |
| contact_acl | Custom | false | List of Contact ACL section names in acl.conf | |
| contact_deny | Custom | false | List of Contact header addresses to deny | |
| contact_permit | Custom | false | List of Contact header addresses to permit | |
| deny | Custom | false | List of IP addresses to deny access from | |
| permit | Custom | false | List of IP addresses to permit access from | |
| type | None | false | Must be of type 'acl'. |
Configuration Option Descriptions¶
acl¶
This matches sections configured in 'acl.conf'. The value is defined as a list of comma-delimited section names.
contact_acl¶
This matches sections configured in 'acl.conf'. The value is defined as a list of comma-delimited section names.
contact_deny¶
The value is a comma-delimited list of IP addresses. IP addresses may have a subnet mask appended. The subnet mask may be written in either CIDR or dotted-decimal notation. Separate the IP address and subnet mask with a slash ('/')
contact_permit¶
The value is a comma-delimited list of IP addresses. IP addresses may have a subnet mask appended. The subnet mask may be written in either CIDR or dotted-decimal notation. Separate the IP address and subnet mask with a slash ('/')
deny¶
The value is a comma-delimited list of IP addresses. IP addresses may have a subnet mask appended. The subnet mask may be written in either CIDR or dotted-decimal notation. Separate the IP address and subnet mask with a slash ('/')
permit¶
The value is a comma-delimited list of IP addresses. IP addresses may have a subnet mask appended. The subnet mask may be written in either CIDR or dotted-decimal notation. Separate the IP address and subnet mask with a slash ('/')
Generated Version¶
This documentation was generated from Asterisk branch 20 using version GIT