Acl.conf.xml

From FreeSWITCH Wiki
Jump to: navigation, search
Warning

Superseded by Confluence

 

Contents

Control what IP addresses can and can not access SIP on your FS box

Rules

Import from domain users

If your domain's users have cidr attributes, you can import them into any ACL list

<node type="allow" domain="$${domain}"/>

Overlapping

In the case of overlapping, the more specific of the nodes will take precedence.

<node type="allow" cidr="192.168.42.42/32"/>

will win over

<node type="deny" cidr="192.168.42.0/24"/>

in the same list

Allow or Deny

Rules are taken from most specific to least specific. A node rule will override a list default.

Samples

Sample allow

allows access from anyone on 1.2.3.*

      <configuration name="acl.conf" description="Network Lists">
        <network-lists>
          <list name="test1" default="deny">
            <node type="allow" cidr="1.2.3.0/24"/>
          </list>
        </network-lists>
      </configuration> 

Sample deny

allows access from anyone except 4.3.2.*

      <configuration name="acl.conf" description="Network Lists">
        <network-lists>
          <list name="test2" default="allow">
            <node type="deny" host="4.3.2.0" mask="255.255.255.0"/>
          </list>
        </network-lists>
      </configuration> 

See Also: ACL