Add support for direct media ACLs

directmediapermit/directmediadeny support to restrict which peers can do directmedia based on ip address. In some networks not all phones are fully routed, i.e. not all phones can ping each other. This patch adds a way to restrict directmedia for certain peers between certain networks. (closes issue #16645) Reported by: raarts Patches: directmediapermit.patch uploaded by raarts (license 937) Tested by: raarts Review: https://reviewboard.asterisk.org/r/467/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@264626 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2025-10-25 22:18:07 +00:00 · 2010-05-20 17:54:02 +00:00
parent 25b6ac55d8
commit c7303d840e
4 changed files with 160 additions and 90 deletions
--- a/channels/sip/include/sip.h
+++ b/channels/sip/include/sip.h
@@ -997,6 +997,7 @@ struct sip_pvt {
 	time_t lastrtprx;                   /*!< Last RTP received */
 	time_t lastrtptx;                   /*!< Last RTP sent */
 	int rtptimeout;                     /*!< RTP timeout time */
+	struct ast_ha *directmediaha;		/*!< Which IPs are allowed to interchange direct media with this peer - copied from sip_peer */
 	struct sockaddr_in recv;            /*!< Received as */
 	struct sockaddr_in ourip;           /*!< Our IP (as seen from the outside) */
 	enum transfermodes allowtransfer;   /*!< REFER: restriction scheme */
@@ -1196,6 +1197,7 @@ struct sip_peer {
 	struct sockaddr_in defaddr;     /*!<  Default IP address, used until registration */
 	struct ast_ha *ha;              /*!<  Access control list */
 	struct ast_ha *contactha;       /*!<  Restrict what IPs are allowed in the Contact header (for registration) */
+	struct ast_ha *directmediaha;   /*!<  Restrict what IPs are allowed to interchange direct media with */
 	struct ast_variable *chanvars;  /*!<  Variables to set for channel created by user */
 	struct sip_pvt *mwipvt;         /*!<  Subscription for MWI */
 	struct sip_st_cfg stimer;       /*!<  SIP Session-Timers */