Ian Chilton wrote:
That's what I thought but I was told it was the only way to get incoming SIP working when Asterisk was behind a firewall/NAT. I was told it was not a security risk to do this.
If you *know* that only asterisk is listening on the relevant ports it's less of a risk, but it's such a wide range and (in theory at least) leaves plenty of scope for a trojan to listen on one of those ports.
Perhaps SElinux can help here, does it allpw you to say that only a cerain process has access to the those ports?
Arrghh, I hate the way to:, from: and reply-to: addresses get mangled by lists!
_______________________________________________
Asterisk-Users mailing list
[EMAIL PROTECTED]
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
