Hi James,
use the domain module to list in DB all your local domains and check in
script if the domain in RURI is local or not. Use
http://www.opensips.org/html/docs/modules/1.6.x/domain.html#id227177
If the domain is not local, reject the registration
Regards,
Bogdan
James Mbuthia wrote:
> Hi,
>
> Am having a problem with someone trying to use my opensips to relay
> calls. Below is a snippet of my log file
>
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_msg: SIP Request:
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_msg: method: <REGISTER>
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_msg: uri: <sip:sip.persiantools.com
> <http://sip.persiantools.com>>
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_msg: version: <SIP/2.0>
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_headers: flags=2
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_via_param: found param type 232, <branch> =
> <z9hG4bK29073721>; state=6
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_via_param: found param type 235, <rport> = <n/a>; state=17
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_via: end of header reached, state=5
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_headers: via found, flags=2
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_headers: this is the first via
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:receive_msg: After parse_msg...
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:receive_msg: preparing to run routing scripts...
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_headers: flags=100
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_to: end of header reached, state=10
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_to: display={}, ruri={sip:[email protected]
> <mailto:sip%[email protected]>}
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:get_hdr_field: <To> [34]; uri=[sip:[email protected]
> <mailto:sip%[email protected]>]
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:get_hdr_field: to body [<sip:[email protected]
> <mailto:sip%[email protected]>>
> ]
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:get_hdr_field: cseq <CSeq>: <22695> <REGISTER>
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:maxfwd:is_maxfwd_present: value = 70
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:uri:has_totag: no totag
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_headers: flags=78
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:tm:t_lookup_request: start searching: hash=51210, isACK=0
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:tm:matching_3261: RFC3261 transaction matching failed
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:tm:t_lookup_request: no transaction found
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:parse_headers: flags=200
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:get_hdr_field: content_length=0
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:get_hdr_field: found end of header
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:rr:find_first_route: No Route headers found
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:rr:loose_route: There is no Route HF
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:grep_sock_info: checking if host==us: 20==13 &&
> [sip.persiantools.com <http://sip.persiantools.com>] == [72.55.133$
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:grep_sock_info: checking if port 5060 matches port 5060
> Oct 8 08:50:32 CL-T020-483CL /usr/local/sbin/opensips[4680]:
> DBG:core:check_self: host != me
>
>
>
> As you can see am getting Register requests
> from sip:[email protected]
> <mailto:sip%[email protected]>. What I wanted to know, how
> do I block all requests from sip.persiantools.com
> <http://sip.persiantools.com>? Do I use the userblacklist module? I
> tried doing that but my problem is that the database entry requires a
> prefix, since I want to block all requests from that specific domain
> how do I go around it? Or conversely how do I make a configuration
> that only allows requests from a specific domain? Any help would be
> highly appreaciated.
>
> regards,
> James
>
> .
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> [email protected]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
--
Bogdan-Andrei Iancu
OpenSIPS Bootcamp
15 - 19 November 2010, Edison, New Jersey, USA
www.voice-system.ro
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
