Index: res/res_pjsip_acl.c
===================================================================
--- res/res_pjsip_acl.c (revision 398277)
+++ res/res_pjsip_acl.c (working copy)
@@ -37,47 +37,72 @@
SIP ACL module
ACL
-
- The ACL module used by res_pjsip. This module is
+
+ The ACL module used by res_pjsip. This module is
independent of endpoints and operates on all inbound
SIP communication using res_pjsip.
- It should be noted that this module can also reference ACLs from
- acl.conf.
+ There are two main ways of defining your ACL with the options
+ provided. You can use the permit and deny options
+ which act on IP addresses, or the contactpermit
+ and contactdeny options which act on Contact Header
+ addresses. You can combine the various options to created a mixed ACL.
- There are two main ways of creating an access list: IP-Domain
- and Contact Header. It is possible to create a combined ACL using
- both IP and Contact.
+ Additionally, instead of defining an ACL with options, you can reference IP or
+ Contact Header ACLs from the file acl.conf by using the acl
+ or contactacl options.
Access Control List
- Name of IP ACL
+ List of IP ACL section names in acl.conf
- This matches sections configured in acl.conf
+ This matches sections configured in acl.conf. This can be
+ an individual section name, or a list of comma-delimited section names.
- Name of Contact ACL
+ List of Contact ACL section names in acl.conf
- This matches sections configured in acl.conf
+ This matches sections configured in acl.conf. This can be
+ an individual section name, or a list of comma-delimited section names.
List of Contact Header addresses to Deny
+
+ The value can be an individual IP address, or a comma-delimited list of
+ IP addresses. You must use CIDR or dot-decimal notation with the IP and mask
+ separated with a slash ('/').
+
List of Contact Header addresses to Permit
+
+ The value can be an individual IP address, or a comma-delimited list of
+ IP addresses. You must use CIDR or dot-decimal notation with the IP and mask
+ separated with a slash ('/').
+
- List of IP-domains to deny access from
+ List of IP addresses to Deny access from
+
+ The value can be an individual IP address, or a comma-delimited list of
+ IP addresses. You must use CIDR or dot-decimal notation with the IP and mask
+ separated with a slash ('/').
+
- List of IP-domains to allow access from
+ List of IP addresses to Permit access from
+
+ The value can be an individual IP address, or a comma-delimited list of
+ IP addresses. You must use CIDR or dot-decimal notation with the IP and mask
+ separated with a slash ('/').
+
- Must be of type 'security'.
+ Must be of type 'acl'.