I-athikili yami ayiyona incazelo egcwele yomkhiqizo, kodwa intuthuko encane kuphela yokushicilelwa okuhle "FusionPBX, noma futhi-kuhle, i-FreeSWITCH". Kubonakala kimi ukuthi isihloko se-ACL ku-FusionPBX asidalulwanga kahle kuso. Ngizozama ukugcwalisa lesi sikhala ngokusekelwe kokuhlangenwe nakho kwami nge-FreeSWITCH/FusionPBX.
Ngakho-ke, sine-FusionPBX efakiwe enenombolo yangaphakathi ebhalisiwe engu-1010 kusizinda sesizinda.sendawo kanye nomzila omisiwe wezingcingo zangaphandle eziya edolobheni. Sisebenzisa i-ACL ukuze sivikele isistimu yethu yocingo ezingcingweni ezingagunyaziwe ezizothatha imali yethu. Labo. kusukela kumanethiwekhi achazwe ku-ACL kuphela avumela amakholi aphumayo. Futhi lapha udinga ukuqonda okucacile kokuthi i-ACL isebenza kanjani ku-FusionPBX, izici zayo, ingqondo kanye nephoyinti layo lokunamathisela.
Njengombhali ohlonishwayo walesi sihloko esingenhla, ngiphinde ngangena kuwo wonke ama-rakes ahlobene ne-ACL.
Ngizoqala SipProfiles.
Womabili amaphrofayili (ngizowabiza kanjalo), kokubili angaphakathi nangaphandle, asesimweni somphakathi, futhi lokhu akwenzeki ngephutha. Ukubhaliswa kwezinombolo kwenzeka kuphrofayela yangaphakathi, futhi sizoyinaka. Kuphrofayela yangaphakathi, izizinda ze-ACL ziboshelwe njenge-apply-inbound-acl. Yilo mugqa onesibopho sokusebenza kwe-ACL ezingeni lephrofayela. Kuze kube manje, yilokho kanye namaphrofayili.
Context
Kusetshenziswa umongo, phakathi kwezinye izinto, ekushayeleni umzila. Yonke imizila engenayo iboshelwe engqikithini Yomphakathi.
Ephumayo (eya edolobheni, kumaselula, ibanga elide, eyamazwe ngamazwe, nanoma iyiphi enye) imizila (ngokuzenzakalelayo) isesimweni segama lesizinda (asiyibize ngokuthi isizinda.local).
I-ACL
Manje ake sibhekane nama-ACL. Ngokuzenzakalelayo, i-FusionPBX esanda kufakwa inama-ACL amabili:
isenzo esizenzakalelayo sesizinda: phika - leli shidi liboshelwe kuphrofayela yangaphakathi
isenzo esizenzakalelayo se-lan: vumela
Kuhlu lwezizinda ze-ACL, sichaza inethiwekhi (kahle, isibonelo, 192.168.0.0/24), senza imvume yokuvumela le nethiwekhi, sisebenzisa i-reloadacl.
Okulandelayo, sibhalisa ifoni kusuka kule nethiwekhi, futhi konke kubonakala kuhamba kahle futhi ngokusho kwemiyalelo futhi ngokunengqondo.
Siqala ukuhlola, sishayele inombolo yangaphandle futhi ... sithola idonadi, noma kunalokho imbobo yedonathi. Ngokushesha!
Siqala ukuhlaziya ilogi kukhonsoli noma nge-Log Viewer FusioPBX.
Sibona inselelo yethu:
switch_channel.c:1104 New Channel sofia/internal/[email protected]Sibona i-ACL esebenzayo:
sofia.c:10208 IP 192.168.0.150 Approved by acl "domains[]". Access Granted.Futhi okunye:
mod_dialplan_xml.c:637 Processing 1010 <1010>->98343379xxxx in context public
switch_core_state_machine.c:311 No Route, Aborting
switch_core_state_machine.c:312 Hangup sofia/internal/[email protected] [CS_ROUTING] [NO_ROUTE_DESTINATION] Awukho umzila! Nakuba umzila sibhalise ngokwethembeka.
Impendulo ilula ngempela.
Selufikile ucingo. I-ACL iphuthelwe. Futhi njengoba i-ACL iboshelwe kuphrofayela yangaphakathi, futhi le phrofayela isezindaweni zomphakathi, i-FreeSWITCH ibheka ngokwethembeka umzila endaweni yomphakathi. Kodwa esimweni somphakathi, umzila ongenayo kuphela, futhi uhlelo lusitshela ngokwethembeka ukuthi ayikho imizila eya edolobheni lapho.
Kunezindlela okungenani ezimbili zokuphuma kulesi simo.
- Namathisela le ACL hhayi kuphrofayela, kodwa enombolweni yangaphakathi ngokwayo. Lokhu kungase kube indlela elungile kakhulu yokuxazulula, ngoba. Kungcono ukubophezela i-ACL eduze ngangokunokwenzeka ku-Extension ukuze kulungiswe kahle. Labo. ungakwazi ukusho ikheli elithile / ikheli lenethiwekhi yocingo lapho ingenza khona ucingo oluphumayo. Ububi balolu khetho ukuthi Isandiso ngasinye kuzodingeka senze lokhu.
- Lungisa i-ACL ukuze isebenze kahle ezingeni lephrofayela. Ngikhethe le nketho, ngoba kubonakale kulula kimi ukungeza inethiwekhi ku-ACL kanye kunokukunquma ekwandiseni ngakunye. Kodwa lokhu kuqondene nomsebenzi wami ngqo. Kweminye imisebenzi, ungadinga indlela ehlukile yokwenza izinqumo.
Ngakho. Masilungise izizinda ze-ACL kanje:
izizinda isenzo esizenzakalelayo: vumela
Ohlwini lwezizinda ze-ACL, sibhalisa inethiwekhi:
phika 192.168.0.0/24
Faka isicelo, layisha kabusha.
Siyahlola: sishayela inombolo ethi 98343379xxxx futhi ... indawo yokuhlola iyeza ... HELLO. Konke kuyasebenza.
Ake sibone ukuthi kwenzekeni ku-FreeSWITCH:
ikholi iyaqala:
switch_channel.c:1104 New Channel sofia/internal/[email protected]I-ACL ayizange iphuthelwe:
[DEBUG] sofia.c:10263 IP 192.168.0.150 Rejected by acl "domains". Falling back to Digest auth.kanye nokunye:
mod_dialplan_xml.c:637 Processing 1010 <1010>->98343379xxxx in context domain.local
sofia/internal/[email protected] Regex (PASS) [Sity] destination_number(98343379xxxx) =~ /^9(8343[23]d{6})$/ break=on-false Umzila usudlulile, bese kuza ukusungulwa koxhumano, okungaphezu kobubanzi besihloko.
Uma sishintsha ikheli lenethiwekhi ku-ACL, kodwa thola isithombe ekuhlolweni kokuqala, i.e. I-ACL izokweqa ikholi futhi umzila uzothi NO_ROUTE_DESTINATION.
Cishe yilokho kuphela engangifuna ukukwengeza ku-ACL FusionPBX.
Ngethemba ukuthi kuzoba usizo kumuntu.
Source: www.habr.com