Hello Everyone, When performing certain security tasks using script and database queries, we would like to make sure that we are processing the more secure parts of the SIP packet. As you know fu, fd, tu, and td can be manually set by any user, as we do here in the SIP proxy world:
From: "Mike Peer" <sip:[email protected]>;tag=as15bc6a70. To: <sip:[email protected]>. Contact: <sip:[email protected]>. And therefore not the most secure place to look when performing security critical tasks. (i.e., who is attempting to make/place a call) Not sure what this part of the SIP packet is called: U 2013/04/09 11:27:33.449280 69.147.236.82:5060 -> 192.168.2.5:5060 But it seems like a safe place to look since it looks like it's generated on our side. If so, what OpenSIPS variables return Source: 10.147.23.144:5060 and Destination: 192.168.2.5:5060 Would src_ip and dst_ip be the best place to start? As for dst_ip it will always be the address of the interface that receives the traffic however, what about interfaces that are behind a nat (i.e., public/private ips). Maybe the Via info is safer to process in cases where the caller/callee is going through a sexy little proxy like OpenSIPS? ;) Via: SIP/2.0/UDP 10.147.23.144:5060;branch=z9hG4bK5027614e;rport. Your Insights are greatly appreciated, Nick
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
