2009/1/7 Dan Pascu <[email protected]>: > But then I can send one with the proper ruri, but a different route set > that puts me in the front of the gateway, so when I receive the BYE, > instead of forwarding it to the gateway as the route set requests, I > reply myself with a 200 OK making it look like it came from the gateway.
This could be avoiding by examinating the $dd value. If it's set it means that a Route header exists, so we could reject the BYE. But this would break a complex scenario with varios sequential proxies doing loose-routing. > In the end it means, the proxy will have to verify everything (dialog > identification elements, cseq, ruri, route set) to avoid fraud and also > wait for a 200 OK, which makes it look more like a b2bua after all So the conclusion is: a secure CDR system can be only achieved in a B2BUA between the proxy and the gateway. Is it? -- Iñaki Baz Castillo <[email protected]> _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
