-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Davor Spasoski wrote:
> Thank you Stipe, > > Yes, that's the header, however it only gives the IP address of the > firewall, as it is masquerading the private IP addresses of the handset. > I was told by the operator that they include the "IP address in the cookie > headers appended by Ericsson MIEP (some proxy) to any cookie of the HTTP > server". Don't know what this means, but here's an example they gave me: > > cookie: > > $Version=0;User-Identity-Forward-msisdn=333036393734333533353634; > > User-Identity-Forward-userid=3734333533353634; > > User-Identity-Authentication=Bearer; > > ip-address=10.10.10.132; > > Bearer-Type=w-TCP; > > wtls-security-level=none; > > network-access-type=CSD; > > nas-ip-address=192.168.254.1; > > Called-station-id=35303030303030; > > accounting-session-id=00514BFB ok, obviously they prove all the relevant "mobile/user information" in this HTTP Cookie header. This is interesting, since it would mean that the Ericsson MIEP (never got in touch with that beast yet ;) is actively re-writing the WSP/WTP UDP datagrams and injects this Cookie header into the headers the mobile sends to the WAP gw. Obviously the User-Identity-Forward-userid or -msisdn contains the full MSISDN of the user/mobile. and ip-address it's client IP at the time of request? I'd be interested into seeing this as tcpdump capture? Could you provide a sniffed capture file via tcpdump on the machine that is running Kannel? I suggest passing this to me private (outside of the list), for security policy reasons. Please do this as root user: $ /usr/sbin/tcpump -s 1500 -w /tmp/wap-traffic.cap -i eth0 udp and do some WAP requests that go via the box, then ctrl-c to end. The resulting /tmp/wap-traffic.cap is of interest for reviewing to see exactly what this Ericsson component sends. Kind regards, Stipe - ------------------------------------------------------------------- Kölner Landstrasse 419 40589 Düsseldorf, NRW, Germany tolj.org system architecture Kannel Software Foundation (KSF) http://www.tolj.org/ http://www.kannel.org/ mailto:st_{at}_tolj.org mailto:stolj_{at}_kannel.org - ------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGKd+c9ez0oeKvYs0RAhfKAJ9m1MmdIIo9dy5cDBAi96bccHUN9QCffDaC El2HyfR4WWBF2B/ACtajRbQ= =GXzI -----END PGP SIGNATURE-----
