Hello! We recently configured DiffServ QoS in our network and wanted to tag all RTP traffic from our SIP server with Expedited Forwarding. We set the right TOS bit on our Asterisk server, reloaded and got an error message about a permission problem or something along those lines. We investigated further and came to the conclusion that since Asterisk was running as a normal user we didn't have permissions to set EF, since it appears to be reserved for the root user. Running Asterisk as root is, as you probably understand, sub-optimal and imposes a security risk. I've been searching for a way to give a normal user the right permissions to set DiffServ EF, but couldn't find anything mentioning this. As a temporary workaround we set another TOS bit in Asterisk and rewrite it on our router, but I believe a better approach would be the possibility to assign one or many normal users rights to use EF. Would this be possible? Regards, Mikael Bjerkeland
Attachment:
signature.asc
Description: Dette er en digitalt signert meldingsdel
