While setting up my first dial plan, I find that notions like remote ip, network, or incoming network interface seem to be totally lacking regarding calling parties, where * still seems to fully rely on the easily spoofable caller id.
Especially, allowing only certain ips or networks to enter a specific context in the dial plan is apparently not possible, at least in the h323 world. Don't know yet about sip or aix, but I guess it's the same since the extension syntax xyz => extension/somevariable limits routing decisions to built in variables, where ip related info is simply missing, at least as far as I can see (you are wholeheartedly invited to prove me wrong). Question hence: did anybody tackle those issues anyway, maybe on code level (patch/extra module)? Are plans underway to fix that stuff? I just can't believe that, if my above statements were right, anyone would expose an * server to the internet and still feel secure, especially if that server allows connections to billable services (like even bandwidth usually is) ... Any info highly appreciated. Thanks, Bruno. _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
