In 4.6 we're using iptables to restrict access to services. This is different than 4.4 where we had either clunky, home grown authorization schemes (shared secret based) or no protection at all (not security risk, just DoS or Buffer overflow vulnerabilities)
Goals: - Default rules out of box will fit most use cases - Provide some level of customization for the most common tasks - If configuration doesn't meet demands allow user to take over firewall config manually for each server - Plugins can contribute to the default rules - If firewall is handled by separate system allow user to disable firewall config completely Non Goals: - Meet all the demands of all users I put together what i think is a mock-up that meets this demand http://track.sipfoundry.org/secure/attachment/27728/Firewall+Take+2.png As part of this jira ticket - Specifically mock labled : Firewall Take 2 http://track.sipfoundry.org/browse/XX-5197 Comments? _______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users/
