Note that for such simple scenario, a much better choice is to cut the IPs on a firewall. It gives much better performance/DoS resistance.
----- Original Message ----- From: "Freddy Parra" <fparra@xxxxxxxxxx>
Sent: Monday, September 27, 2004 6:51 PM
Right now as far as I know the only way is through radius authentication which supports setupunreg rule. I do have a hack for this without using radius. It authenticates based on IP for unregistered endpoints, and its been running for weeks without any problem with main carriers. I'll be happy to post source changes if anyone needs this. This is for 2.2b5. Basically I have an access list in my Configuration like this
[SetupUnregAuth] Allow=IP1,IP2,IP3, etc....
Only these IPs will be allowed access. This is good since you no longer have to worry about keeping your entire network open if you set
AcceptUnregisteredCalls=1, since this allows anyone to send calls to your gatekeeper. My codes checks for this before executing the access list code. In other words if AcceptUnregisteredCalls=0 then access list is checked.
Regards,
Freddy
------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
_______________________________________________________
List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
