From 721f270b252ea78cc6a433f7908a199258cf2786 Mon Sep 17 00:00:00 2001 From: markster Date: Mon, 7 Jan 2002 02:01:04 +0000 Subject: Version 0.1.10 from FTP git-svn-id: http://svn.digium.com/svn/asterisk/trunk@401 f38db490-d61c-443f-a65b-d21fe96a405b --- configs/iax.conf.sample | 48 ++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) (limited to 'configs/iax.conf.sample') diff --git a/configs/iax.conf.sample b/configs/iax.conf.sample index a2e3716ca..2c474287c 100755 --- a/configs/iax.conf.sample +++ b/configs/iax.conf.sample @@ -10,6 +10,17 @@ port=5036 ;bindaddr=192.168.0.1 ; +; You may specify a global default AMA flag for iaxtel calls. It must be +; one of 'default', 'omit', 'billing', or 'documentation'. These flags +; are used in the generation of call detail records. +; +;amaflags=default +; +; You may specify a default account for Call Detail Records in addition +; to specifying on a per-user basis +; +;accountcode=lss0101 +; ; Specify bandwidth of low, medium, or high to control which codecs are used ; in general. ; @@ -39,9 +50,18 @@ disallow=lpc10 ; Icky sound quality... Mr. Roboto. ; We can register with another IAX server to let him know where we are ; in case we have a dynamic IP address for example ; +; Register with tormenta using username marko and password secretpass +; ;register => marko:secretpass@tormenta.linux-support.net +; +; Register joe at remote host with no password +; ;register => joe@remotehost:5656 ; +; Register marko at tormenta.linux-support.net using RSA key "torkey" +; +;register => marko:[torkey]@tormenta.linux-support.net +; ; Finally, you can set values for your TOS bits to help improve ; performance. Valid values are: ; lowdelay -- Minimize delay @@ -57,6 +77,15 @@ tos=lowdelay [iaxtel] type=user context=default +auth=rsa +inkeys=iaxtel + +[iaxtel2] +; +; Backwards compatible entry for IAXtel pre-RSA +; +type=user +context=default deny=0.0.0.0/0.0.0.0 permit=216.207.245.47/255.255.255.255 @@ -78,14 +107,28 @@ callerid="Guest IAX User" ; set the Caller*ID to be what you want instead of trusting what ; the remote user provides ; +; There are three authentication methods that are supported: md5, plaintext, +; and rsa. The least secure is "plaintext", which sends passwords cleartext +; across the net. "md5" uses a challenge/response md5 sum arrangement, but +; still requires both ends have plain text access to the secret. "rsa" allows +; unidirectional secret knowledge through public/private keys. If "rsa" +; authentication is used, "inkeys" is a list of acceptable public keys on the +; local system that can be used to authenticate the remote peer, separated by +; the ":" character. "outkey" is a single, private key to use to authenticate +; to the other side. Public keys are named /var/lib/asterisk/keys/.pub +; while private keys are named /var/lib/asterisk/keys/.key. Private +; keys should always be 3DES encrypted. +; +; ;[markster] ;type=user ;context=default ;context=local -;auth=md5,plaintext +;auth=md5,plaintext,rsa ;secret=markpasswd ;callerid="Mark Spencer" <(256) 428-6275> ;deny=0.0.0.0/0.0.0.0 +;accountcode=markster0101 ;permit=209.16.236.73/255.255.255.0 ; ; Peers may also be specified, with a secret and @@ -111,6 +154,7 @@ host=216.207.245.57 ;[dynamichost] ;host=dynamic ;secret=mysecret +;inkeys=key1:key2 ;defaultip=216.207.245.34 ;callerid="Some Host" <(256) 428-6011> ; @@ -124,4 +168,4 @@ host=216.207.245.57 ;host=dynamic ;secret=moofoo ;context=default -;allow=0.0.0.0/0.0.0.0 +;permit=0.0.0.0/0.0.0.0 -- cgit v1.2.3