diff options
author | oej <oej@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-11-12 10:22:30 +0000 |
---|---|---|
committer | oej <oej@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-11-12 10:22:30 +0000 |
commit | b2b8ee2463a49e690121dc793e3b3a185dfd49db (patch) | |
tree | 2f1a907f230bc1a5e4d286fe058a625f3bfdc574 /configs/sip.conf.sample | |
parent | 473a8cdfd17b34afb4a736135bd6537a69e3d7d8 (diff) |
Clarify some security issues early in the sample configuration
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@229606 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'configs/sip.conf.sample')
-rw-r--r-- | configs/sip.conf.sample | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample index 130f369ce..18a6602bc 100644 --- a/configs/sip.conf.sample +++ b/configs/sip.conf.sample @@ -1,6 +1,18 @@ ; ; SIP Configuration example for Asterisk ; +; Note: Please read the security documentation for Asterisk in order to +; understand the risks of installing Asterisk with the sample +; configuration. If your Asterisk is installed on a public +; IP address connected to the Internet, you will want to learn +; about the various security settings BEFORE you start +; Asterisk. +; Specially note the following settings: +; - Allowguest (default enabled) +; - Permit/deny - IP address filters +; - Contactpermit/contactdeny - IP address filters for registrations +; - Context - Which set of services you offer various users +; ; SIP dial strings ;----------------------------------------------------------- ; In the dialplan (extensions.conf) you can use several @@ -87,6 +99,10 @@ [general] context=default ; Default context for incoming calls ;allowguest=no ; Allow or reject guest calls (default is yes) + ; If your Asterisk is connected to the Internet + ; and you have allowguest=yes + ; you want to check which services you offer everyone + ; out there, by enabling them in the default context (see below). ;match_auth_username=yes ; if available, match user entry using the ; 'username' field from the authentication line ; instead of the From: field. |