Asterisk 13 + PJSIP : IP Access Controls

Hello,

I’m moving from Asterisk 1.8 to Asterisk 13 with PJSIP and am having trouble with per-endpoint access controls on client IP address. With the old sip.conf I would use, for example:

deny=0.0.0.0/0.0.0.0
permit=192.168.1.0/24

With pjsip.conf the documentation leads me to use Access Control Lists but I cannot fathom how to apply ACLs to an Endpoint. Whether I define the ACL in pjsip.conf as a type=acl or in acl.conf I cannot see how to specify which named ACL an Endpoint should apply (named ACLs in acl.conf appear to be applied to all Endpoints irrespective).

My purpose here is to restrict the IP addresses that SIP clients may access the server from. I am not using IP address to identify the client so Identifies are not suitable. Clients will have different IP addresses from which they are allowed and some will not be restricted so the firewall is not suitable.

I’ve had a jolly good read of the documentation and haven’t found how to do this or indeed, if it is something missing from PJSIP currently.

Thanks for your time,

Neil

Being able to specify on an endpoint level is not something anyone has currently implemented. It’s only global at the moment.

Joshua,

Thanks for your reply. Do you know if this is something that will be added at some point? Or shall I just go on and implement the equivalent functionality in AGI?

Thanks,

Neil

I know of noone currently working on it, but it’s certainly possible someone could contribute it in the future.