From 113d05e504ea72db20fc09766f1c7e79d2469533 Mon Sep 17 00:00:00 2001 From: Walter Doekes <walter+asterisk@wjd.nu> Date: Tue, 28 Jan 2020 09:34:45 +0100 Subject: [PATCH] chan_sip: Clarify in sample docs how directmediapermit/-acl should be used It said "restrict [...] which peers should be able to pass [audio] to each other". However, these settings are not global (for which you would expect signaling IPs to be checked). These settings are available per peer only, and the IPs being checked, are the RTP IPs. Change-Id: I2a6c6cd7c2f5f30d1df4844e3e0308a077021660 --- configs/samples/sip.conf.sample | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/configs/samples/sip.conf.sample b/configs/samples/sip.conf.sample index 7971b6494a..4947754900 100644 --- a/configs/samples/sip.conf.sample +++ b/configs/samples/sip.conf.sample @@ -1059,7 +1059,9 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; the device is actually behind NAT. ;directmediadeny=0.0.0.0/0 ; Use directmediapermit and directmediadeny to restrict -;directmediapermit=172.16.0.0/16; which peers should be able to pass directmedia to each other +;directmediapermit=172.16.0.0/16; which RTP source IPs should be able to pass directmedia to + ; each other. Note that directmedia ACLs are not a global + ; setting, but must be defined per peer. ; (There is no default setting, this is just an example) ; Use this if some of your phones are on IP addresses that ; can not reach each other directly. This way you can force -- GitLab