Match/Permit on PJSIP trunk / Allow several IP addresses


I am using a PJSIP trunk with Gradwell UK and they have a list of IP addresses
where I should allow traffic from. The list is long, a total of 23 IP addresses Gradwell Customer Community and I am adding those through the FreePBX GUI, but it seems that there is no more space to add all of those under the Match (Permit) field.
I copied the addresses from a notepad and saved those, but when I click on the field I am not able to see all of those, I only see a total of 14 IP addresses, so I am not sure if it saved all of them. How can I make sure that all of the IP’s I need to save are there?


Look at /etc/asterisk/pjsip.identify.conf and confirm that the line starting with match= contains all the addresses.

Thanks @Stewart1. I just checked and it only contains the following:

match=,,,,,,,, 194.145.18 8.224/27,,,, /23,

So it only seems to be storing 14 IP addresses. Is there a limit here of how many IP addresses can be permitted? How would I be able to add all the IP addresses I need?


The SQL table that accepts this data is limited to 255 characters, and I suspect there is a similar limit for asterisk, tho I don’t know what it is. Wondering if asterisk will accept multiple match lines for the endpoint.

As a pure GUI work around, you may have to define a additional trunk(s) without registration for the rest of your Match entries.

edit - multiple match lines are supported, so you could add the match entries by editing conf file pjsip.identify_custom_post.conf

[trunk name](+type=identify)

trunk name must match exactly as shown in pjsip.identify.conf


There is no limit in Asterisk, beyond memory. It will accept multiple match lines for an identify section.

1 Like

Thanks very much for the information @lgaetz. I may do it through the GUI because I am not very experienced and not sure how to edit the conf file and would not want to mess anything up there.
So you mentioned I could add another trunk using the GUI? In this case, how would this affect the inbound and outbound routes?
I guess the only other thing I would have to do is add this second trunk to the outbound route right?

Additional trunks would be identical to the first, with the exception that you disable the registration and update the match field. You don’t need to use them in your outbound routes, and you don’t need to make changes to the inbound routes.

Thanks @lgaetz. I have duplicated the trunk, just updated the name and the match field with the remaining IP addresses. I then set the “Allow Anonymous Inbound SIP Calls” and “Allow SIP Guests” to NO, but I get no incoming calls by setting those options to NO.
I was hoping that by adding all of the IP addresses the provider sends the traffic from I would be able to set those options to NO and still get inbound calls.

I have the same problem, any solution?

At the Asterisk command prompt, type
pjsip set logger on
make a failing incoming call, paste the Asterisk log for the call at and post the link here.

@jcolp is there a limit to how long a single match line can be?

@lgaetz depending on the answer to my first question, this should likely be changed then. There will be more and more providers using large pools of addresses like this.

Looks like 8192 bytes.

1 Like

Issue created: [FREEPBX-23226] Expand pjsip match setting to support 8192 bytes - Sangoma Issue Tracker

1 Like

To be specific the maximum line length is 8192. So you’d be… 8186 for the contents assuming no whitespace around things. 8192 - 5 (for match) - 1 (new line). I think.

1 Like

@Stewart1 How do I copy the whole log?

The log file is at /var/log/asterisk/full . At the Asterisk command prompt, type
pjsip set logger on
sip set debug on
make a failing call in, paste whatever got added to the log as a result of the failed call.

I am sorry but I am not very experienced at this. I used tail --lines=500 /var/log/asterisk/full to get the last 500 lines but not sure if what I got contains the failed call data. I am not sure how to identify the failed call.

Just paste it and we’ll take a look.

Does this work log - FreePBX Pastebin ?

Unfortunately, there was enough ‘noise’ from attempted registrations, etc. so the desired call was not present. Look at the last timestamp in the current log, make another failing call attempt, take everything from that timestamp to the end. It’s no problem if 5000 lines or more.