From d19dec53b5c3eb01bcd288c6bac90fa35662fca0 Mon Sep 17 00:00:00 2001 From: Walter Doekes Date: Tue, 28 Jan 2020 09:34:45 +0100 Subject: [PATCH] chan_sip: Clarify in sample docs how directmediapermit/-acl should be used It said "restrict [...] which peers should be able to pass [audio] to each other". However, these settings are not global (for which you would expect signaling IPs to be checked). These settings are available per peer only, and the IPs being checked, are the RTP IPs. Change-Id: I2a6c6cd7c2f5f30d1df4844e3e0308a077021660 --- configs/samples/sip.conf.sample | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/configs/samples/sip.conf.sample b/configs/samples/sip.conf.sample index 7971b6494a..4947754900 100644 --- a/configs/samples/sip.conf.sample +++ b/configs/samples/sip.conf.sample @@ -1059,7 +1059,9 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; the device is actually behind NAT. ;directmediadeny=0.0.0.0/0 ; Use directmediapermit and directmediadeny to restrict -;directmediapermit=172.16.0.0/16; which peers should be able to pass directmedia to each other +;directmediapermit=172.16.0.0/16; which RTP source IPs should be able to pass directmedia to + ; each other. Note that directmedia ACLs are not a global + ; setting, but must be defined per peer. ; (There is no default setting, this is just an example) ; Use this if some of your phones are on IP addresses that ; can not reach each other directly. This way you can force