diff options
author | twilson <twilson@f38db490-d61c-443f-a65b-d21fe96a405b> | 2010-06-15 22:34:30 +0000 |
---|---|---|
committer | twilson <twilson@f38db490-d61c-443f-a65b-d21fe96a405b> | 2010-06-15 22:34:30 +0000 |
commit | 9d315fae504eb206b35ded494f50be567d3815e1 (patch) | |
tree | 8798a291bf181566a9ff3fbe18c16b9e0bf53eae /configs/meetme.conf.sample | |
parent | 4b4c1dd402247ece3bfdd56f1a097316fd613d4b (diff) |
Merged revisions 270658 via svnmerge from
https://origsvn.digium.com/svn/asterisk/trunk
........
r270658 | twilson | 2010-06-15 15:18:04 -0500 (Tue, 15 Jun 2010) | 20 lines
Make contactdeny apply to src ip when nat=yes
chan_sip's "contactdeny" feature screens the "to be registered contact".
In case of nat=yes it should not use the address information from the
Contact header (which is not used at all for routing), but the source
IP address of the request.
Thus, if nat=yes and a client sends a request from a denied IP address
(e.g. by spoofing the src-IP address) it can bypass the screening.
This commit makes contactdeny apply to the src ip when nat=yes instead.
(closes issue #17276)
Reported by: klaus3000
Patches:
patch-asterisk-trunk-contactdeny.txt uploaded by klaus3000 (license 65)
Tested by: klaus3000
Review: [full review board URL with trailing slash]
........
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.4@270724 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'configs/meetme.conf.sample')
0 files changed, 0 insertions, 0 deletions