Inqaku lam alikho inkcazo epheleleyo yemveliso, kodwa ukulungiswa okuncinci kokupapashwa okulungileyo "FusionPBX, okanye kwakhona-kakhulu, i-FreeSWITCH". Kubonakala kum ukuba isihloko ACL in FusionPBX ayichazwanga kakuhle kakhulu kuyo. Ndiza kuzama ukugcwalisa esi sikhewu ngokusekwe kumava am ngeFreeSWITCH/FusionPBX.
Kwaye ke, sine-FusionPBX efakiweyo enenombolo yangaphakathi ebhalisiweyo ye-1010 kwi-domain.indawo yendawo kunye nendlela emiselweyo yeefowuni zangaphandle kwisixeko. Sisebenzisa i-ACL ukukhusela inkqubo yethu yocingo kwiifowuni ezingagunyaziswanga eziya kuthatha imali yethu. Ezo. kuphela ukusuka kuthungelwano oluchazwe kwi-ACL vumela iifowuni eziphumayo. Kwaye apha udinga ukuqonda okucacileyo ngokupheleleyo malunga nendlela i-ACL isebenza ngayo kwi-FusionPBX, iimpawu zayo, ingqiqo kunye nendawo yayo ye-anchor.
Njengombhali ohlonitshwayo wenqaku elingasentla, ndanyathela kwakhona kuzo zonke iiraki ezinxulumene ne-ACL.
Ndiza kuqala SipProfiles.
Zombini iiprofayili (ndiya kubabiza ukuba), zombini ngaphakathi nangaphandle, zikwimeko yoLuntu, kwaye oku akukona ngengozi. Ukubhaliswa kwamanani kwenzeka kwiprofayili yangaphakathi, kwaye siya kunikela ingqalelo kuyo. Kwiprofayile yangaphakathi, imimandla ye-ACL ibotshelelwe njenge-apply-inbound-acl. Ngulo mgca ojongene nokusebenza kwe-ACL kwinqanaba leprofayili. Ukuza kuthi ga ngoku, yiloo nto kunye neeprofayili.
Umxholo
Umxholo usetyenziswa, phakathi kwezinye izinto, kwindlela yokufowuna. Zonke iindlela ezingenayo zibotshelelwe kumxholo woLuntu.
Ephumayo (esixekweni, kwiselula, umgama omde, amazwe ngamazwe, kunye nayo nayiphi na enye) iindlela zi (ngokungagqibekanga) kumxholo wegama lesizinda (masiyibize i-domain.local).
ACL
Ngoku makhe sijongane nee-ACLs. Ngokungagqibekanga, iFusionPBX esanda kufakwa inee-ACL ezimbini:
ithambeka intshukumo engagqibekanga: khanyela - eli phepha libotshelelwe kwiprofayile yangaphakathi
lan intshukumo engagqibekanga: vumela
Kwimimandla ye-ACL uluhlu, sichaza inethiwekhi (kakuhle, umzekelo, 192.168.0.0/24), senza imvume yokuvumela le nethiwekhi, sisebenzisa i-reloadacl.
Emva koko, sibhalisa ifowuni kule nethiwekhi, kwaye yonke into ibonakala ilungile kwaye ngokwemiyalelo kunye nengqiqo.
Siqala ukuvavanya, ukwenza umnxeba kwinombolo yangaphandle kwaye ... sifumana i-donut, okanye kunoko umgodi we-donut. Ngequbuliso!
Siqala ukuhlalutya ilogi kwi-console okanye nge-Log Viewer FusioPBX.
Sibona umngeni wethu:
switch_channel.c:1104 New Channel sofia/internal/[email protected]Sibona i-ACL esebenzayo:
sofia.c:10208 IP 192.168.0.150 Approved by acl "domains[]". Access Granted.Ngokuqhubekayo:
mod_dialplan_xml.c:637 Processing 1010 <1010>->98343379xxxx in context public
switch_core_state_machine.c:311 No Route, Aborting
switch_core_state_machine.c:312 Hangup sofia/internal/[email protected] [CS_ROUTING] [NO_ROUTE_DESTINATION] Akukho ndlela! Nangona indlela siye sabhalisa ngokunyanisekileyo.
Impendulo ilula ngokwenene.
Kuye kwafika umnxeba. I-ACL iphoswe yiyo. Kwaye ekubeni i-ACL ibotshelelwe kwiprofayili yangaphakathi, kwaye le nkcazo ikwimeko yoluntu, i-FreeSWITCH ibheka ngokunyanisekileyo umzila kumxholo woluntu. Kodwa kumxholo woluntu, kuphela umzila ongenayo, kwaye inkqubo isixelela ngokunyanisekileyo ukuba akukho ndlela eziya kwisixeko apho.
Ubuncinane zimbini iindlela zokuphuma kule meko.
- Qhoboshela le ACL hayi kwiprofayile, kodwa kwinani langaphakathi ngokwayo. Oku kunokuba yeyona ndlela ichanekileyo yokusombulula, kuba. Kungcono ukubophelela i-ACL ngokusondeleyo kangangoko kunokwenzeka kwi-Extension ukuze kulungiswe kakuhle. Ezo. ungamisela idilesi ethile / idilesi yenethiwekhi yefowuni apho ingenza umnxeba ophumayo. Ukungalungi kolu khetho kukuba iSandiso ngasinye kuya kufuneka senze oku.
- Lungisa i-ACL ukuze isebenze ngokuchanekileyo kwinqanaba leprofayili. Ndikhethe olu khetho, kuba kwabonakala kum kulula ukongeza uthungelwano kwi-ACL kanye kunokuba ndiyibeke kuLwandiso ngalunye. Kodwa oku kungenxa yomsebenzi wam ngokukodwa. Kweminye imisebenzi, unokufuna ingqiqo eyahlukileyo yokwenza izigqibo.
Ngoko. Masilungise imimandla ye-ACL ngolu hlobo lulandelayo:
ithambeka intshukumo emiselweyo: vumela
Kwimimandla ACL uluhlu, sibhalisa inethiwekhi:
khanyela 192.168.0.0/24
Faka isicelo, phinda ulayishe kwakhona.
Sivavanya: sicofa inombolo 98343379xxxx kwakhona kwaye ... indawo yokukhangela iza ... HELLO. Yonke into iyasebenza.
Makhe sibone ukuba kwenzeke ntoni kwi-FreeSWITCH:
umnxeba uyaqala:
switch_channel.c:1104 New Channel sofia/internal/[email protected]I-ACL ayiphoswanga:
[DEBUG] sofia.c:10263 IP 192.168.0.150 Rejected by acl "domains". Falling back to Digest auth.kwaye ngakumbi:
mod_dialplan_xml.c:637 Processing 1010 <1010>->98343379xxxx in context domain.local
sofia/internal/[email protected] Regex (PASS) [Sity] destination_number(98343379xxxx) =~ /^9(8343[23]d{6})$/ break=on-false Umzila udlulile, kwaye emva koko kuza ukusekwa koqhagamshelo, okungaphaya kobubanzi besihloko.
Ukuba sitshintsha idilesi yenethiwekhi kwi-ACL, kodwa ufumane umfanekiso kuvavanyo lokuqala, okt. I-ACL izakutsiba umnxeba kwaye indlela izothi NO_ROUTE_DESTINATION.
Yiyo yonke into ebendifuna ukuyongeza kwi-ACL FusionPBX.
Ndiyathemba ukuba iya kuba luncedo kumntu.
umthombo: www.habr.com