http://track.sipfoundry.org/browse/XX-10157
I think this is important also, although RTP is the most important to prioritize. Thanks, Mike On Fri, May 18, 2012 at 7:32 AM, Douglas Hubler <[email protected]> wrote: > CCing user's list > > On Fri, May 18, 2012 at 6:57 AM, Michael Picher <[email protected]> wrote: > > Some notes on 4.5.2 firewall settings... > > > > For server groups - can you set up subnets in there? if so, this should > be > > labeled 'networks'. i.e., it should be able to accept for instance, > > 192.168.20.5, 172.16.1.0/24, 10.0.0.0/8 > > yes, although it's not mentioned on page nor are the field validators > in place. can you create a bug for 4.6? > > > What does 'Prioritize' mean? For QoS an admin would typically setup > DSCP or > > CoS values. This should be configurable in Settings section. Also, > > typically you'd want to prioritize SIP signaling traffic different from > RTP > > (voice) traffic. So, maybe something like what you did for Server Group > so > > that the admin could configure different values for different types of > > traffic. > > yes, fairly limited, it just adds this to iptables mangle table > > -j DSCP --set-dscp-class EF > > by default, i only prioritize RTP. > > > Also, there should probably be a way to add custom services... > > ...or at least a way to custom the final iptables config file. It > might be simple "include this iptable fragment" in final config. Tony > and others have already requested this is important. > > > > Maybe I'm asking too much for a first pass... > > as long as we prioritize accordingly, we can do what we can. > Considering firewall was only added to 4.6 so we protect mongo, any > bonus features probably wouldn't make it in 4.6 > -- Michael Picher, Director of Technical Services eZuce, Inc. 300 Brickstone Square**** Suite 201**** Andover, MA. 01810 O.978-296-1005 X2015 M.207-956-0262 @mpicher <http://twitter.com/mpicher> www.ezuce.com ------------------------------------------------------------------------------------------------------------ There are 10 kinds of people in the world, those who understand binary and those who don't.
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
