mirror of
				https://github.com/asterisk/asterisk.git
				synced 2025-10-25 06:00:36 +00:00 
			
		
		
		
	This commit introduces the security events API. This API is to be used by Asterisk components to report events that have security implications. A simple example is when a connection is made but fails authentication. These events can be used by external tools manipulate firewall rules or something similar after detecting unusual activity based on security events. Inside of Asterisk, the events go through the ast_event API. This means that they have a binary encoding, and it is easy to write code to subscribe to these events and do something with them. One module is provided that is a subscriber to these events - res_security_log. This module turns security events into a parseable text format and sends them to the "security" logger level. Using logger.conf, these log entries may be sent to a file, or to syslog. One service, AMI, has been fully updated for reporting security events. AMI was chosen as it was a fairly straight forward service to convert. The next target will be chan_sip. That will be more complicated and will be done as its own project as the next phase of security events work. For more information on the security events framework, see the documentation generated from doc/tex/. "make asterisk.pdf" Review: https://reviewboard.asterisk.org/r/273/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@206021 65c4cc65-6c06-0410-ace0-fbb531ad65f3
		
			
				
	
	
		
			48 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
			
		
		
	
	
			48 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Bash
		
	
	
		
			Executable File
		
	
	
	
	
| #!/bin/bash
 | |
| 
 | |
| # manager.conf:
 | |
| #
 | |
| # [general]
 | |
| # ...
 | |
| # allowmultipleconnects=no
 | |
| # ...
 | |
| #
 | |
| # [russell]
 | |
| # secret=blah123
 | |
| # read = system,call,log,verbose,command,agent,user,config
 | |
| # write = system,call,log,verbose,command,agent,user,config
 | |
| # deny=0.0.0.0/0.0.0.0
 | |
| # permit=127.0.0.1/255.255.255.255
 | |
| #
 | |
| # [russell2]
 | |
| # secret=blah123
 | |
| # read = system,call,log,verbose,command,agent,user,config
 | |
| # write = system,call,log,verbose,command,agent,user,config
 | |
| # deny=127.0.0.1/255.255.255.255
 | |
| 
 | |
| # Invalid User
 | |
| printf "Action: Login\r\nUsername: foo\r\nSecret: moo\r\n\r\n" | nc localhost 5038
 | |
| 
 | |
| # Invalid Secret
 | |
| printf "Action: Login\r\nUsername: russell\r\nSecret: moo\r\n\r\n" | nc localhost 5038
 | |
| 
 | |
| # Auth Success
 | |
| printf "Action: Login\r\nUsername: russell\r\nSecret: blah123\r\n\r\n" | nc -w 1 localhost 5038
 | |
| 
 | |
| # Failed ACL
 | |
| printf "Action: Login\r\nUsername: russell2\r\nSecret: blah123\r\n\r\n" | nc -w 1 localhost 5038
 | |
| 
 | |
| # Request Not Allowed
 | |
| printf "Action: Login\r\nUsername: russell\r\nSecret: blah123\r\n\r\nAction: Originate\r\n\r\n" | nc -w 1 localhost 5038
 | |
| 
 | |
| # Request Bad Format
 | |
| printf "Action: Login\r\nUsername: russell\r\nSecret: blah123\r\n\r\nAction: FakeActionBLAH\r\n\r\n" | nc -w 1 localhost 5038
 | |
| 
 | |
| # Failed Challenge Response
 | |
| printf "Action: Challenge\r\nUsername: russell\r\nAuthType: MD5\r\n\r\nAction: Login\r\nUsername: russell\r\nAuthType: MD5\r\nKey: 00000000\r\n\r\n" | nc localhost 5038
 | |
| 
 | |
| # Session Limit
 | |
| printf "Action: Login\r\nUsername: russell\r\nSecret: blah123\r\n\r\n" | nc -w 5 localhost 5038 &
 | |
| printf "Action: Login\r\nUsername: russell\r\nSecret: blah123\r\n\r\n" | nc -w 1 localhost 5038
 | |
| 
 |