Well, I mentioned that sendsms-user, the only other real SMS pushing
analogue is using authentication, without IP filters. Box connections, use
only filters without any authentication, and the only exception is HTTP
admin, which has some serious security issues. But these are not related to
SMS submission. You have to also account for dynamic IPs.
You don't really need connections per user. These make sense for addresses
that change a lot (dynamic IPs) for services that require frequent
reconnections. These are business connections that stay on all the time,
without any chance for one user to reuse another's address. It would make
more sense to limit number of active sessions/user.
I guess it doesn't hurt to implement. However, there are so many thngs to do
in smppbox, is that really a priority?
BR,
Nikos
----- Original Message -----
From: "Rene Kluwen" <[email protected]>
To: "'Rene Kluwen'" <[email protected]>; "'Nikos Balkanas'"
<[email protected]>; "'ishagh ouldbah'" <[email protected]>;
<[email protected]>
Sent: Wednesday, July 07, 2010 3:59 AM
Subject: RE: smpp restrict connection to a specific client
Also it will allow ip connections on a per-user level.
Something that cannot be done with external firewall hardware or software.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf
Of Rene Kluwen
Sent: woensdag 7 juli 2010 2:23
To: 'Nikos Balkanas'; 'ishagh ouldbah'; [email protected]
Subject: RE: smpp restrict connection to a specific client
I agree that this kind of stuff is better arranged by real firewall
software.
But in Kannel we have connect-allow-ip c.s. right? So I don't see it is
contrary to Kannel philosophy.
== Rene
-----Original Message-----
From: Nikos Balkanas [mailto:[email protected]]
Sent: woensdag 7 juli 2010 1:56
To: Rene Kluwen; 'ishagh ouldbah'; [email protected]
Subject: Re: smpp restrict connection to a specific client
I wouldn't recommend it. It is contrary to kannel philosophy (vis a vis
sendsms-user). Besides there is better external software for this and
anyone
concerned about that level of security, already has a dedicated firewall
installed.
BR,
Nikos
----- Original Message -----
From: "Rene Kluwen" <[email protected]>
To: "'Nikos Balkanas'" <[email protected]>; "'ishagh ouldbah'"
<[email protected]>; <[email protected]>
Sent: Wednesday, July 07, 2010 1:58 AM
Subject: RE: smpp restrict connection to a specific client
Of course it is possible to add an ip address or list of ip addresses in
smpplogins.txt.
But then again: Is anybody waiting for that?
== Rene
-----Original Message-----
From: Nikos Balkanas [mailto:[email protected]]
Sent: dinsdag 6 juli 2010 20:36
To: Rene Kluwen; 'ishagh ouldbah'; [email protected]
Subject: Re: smpp restrict connection to a specific client
Hi,
All clients need to authenticate against smppbox to send SMPP.
Otherwise any descent firewall should restrict network access.
BR,
Nikos
----- Original Message -----
From: Rene Kluwen
To: 'ishagh ouldbah' ; [email protected]
Sent: Tuesday, July 06, 2010 7:21 PM
Subject: RE: smpp restrict connection to a specific client
If you are talking about restricting source ip addresses, I use iptables
for
that.
== Rene
From: [email protected] [mailto:[email protected]] On
Behalf
Of ishagh ouldbah
Sent: dinsdag 6 juli 2010 16:00
To: [email protected]
Subject: smpp restrict connection to a specific client
Hi all
I have this question regarding smppbox
can i allow conction to only clients that i want
Regards
