docker/mod/freeswitch/entrypoint.sh
2020-06-29 23:41:58 +02:00

21 lines
707 B
Bash
Executable File

#!/bin/bash
# remove all SIP (port 5060) iptable rules
iptables -S INPUT | grep "\-\-dport 5060 " | cut -d " " -f 2- | xargs -rL1 iptables -D
# block requests to 5060 (tcp/udp)
iptables -A INPUT -i "$NETWORK_INTERFACE" -p tcp --dport 5060 -s 0.0.0.0/0 -j REJECT
iptables -A INPUT -i "$NETWORK_INTERFACE" -p udp --dport 5060 -s 0.0.0.0/0 -j REJECT
# allow some IPs
IFS=',' read -ra ADDR <<< "$SIP_IP_ALLOWLIST"
for IP in "${ADDR[@]}"; do
# process "$i"
echo "allow port 5060/udp for $IP"
iptables -I INPUT -p udp --dport 5060 -s $IP -j ACCEPT
done
dockerize \
-template /etc/freeswitch/vars.xml.tmpl:/etc/freeswitch/vars.xml \
/usr/bin/freeswitch -u freeswitch -g daemon -nonat -nf