On 11-05 08:48, Tjapko Smits wrote:
Thanks Alan,
Ser to asterisk works now. It was quit easy indeed.
According to your subtle remark NAT penetration is not so easy?
I saw this in the cookbook that made me think:
# prevents private ip space from being used if (search("^(Contact|m): .*@(192.168.|10.|172.16)")) { if (method=="REGISTER") { log(1, "LOG: Someone trying to register from private IP\n"); sl_send_reply("479", "Please don't use private IP addresses" ); break; }; }
If you can filter a nated endpoint like this than i should be able to also activate a proxy mechanism that penetrates the nated environment like nathelper or something. Is that a correct suggestion assuming that we are not discussing firewalls or other port blocking mechanisms.
Yes, but it might be better to use nat_uac_test which checks if the IP the request is coming from is different from the IP in Via header field.
Jan.