I think what I am going to do is use a combination of:
1. Whitelist my gateway IPs.
2. Any initial INVITES from non-gateway IPs will be authorized and the dialog
be added to a simple htable based on callid
3. Any in-dialog will do a lookup on the htable so that authorization isn't
required on bye and the like.
Does this seem a reasonable course of action?
One question, what is the best way to whitelist a few (3) gateways?
I'd rather not do if($si == "ip1" || $si == "ip2" || $si == "ip3"){
Is there any sort of if(in_array($si,"whitelist")){ functionality or a way to
iterate through an array of whitelisted ips? (I do not want to configure
database support if possible)
Thanks for the help so far!
-Eric
> Date: Mon, 11 Apr 2011 13:18:10 -0400
> From: abalas...@evaristesys.com
> To: sr-users@lists.sip-router.org
> Subject: Re: [SR-Users] loose_route security
>
> On 04/11/2011 01:10 PM, Henning Westerholt wrote:
>
> > Hi Klaus,
> >
> > sure, there are issues. But we're using the dialog module since now
> > since some time in our production setup and it works fine for this
> > particular feature set.
>
> Oh, yeah. I'm a happy and extensive long-time user of the dialog
> module too.
>
> --
> Alex Balashov - Principal
> Evariste Systems LLC
> 260 Peachtree Street NW
> Suite 2200
> Atlanta, GA 30303
> Tel: +1-678-954-0670
> Fax: +1-404-961-1892
> Web: http://www.evaristesys.com/
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users@lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
