Bogdan-Andrei Iancu writes: > I was already considering this feature, from same reasons as you. > Attacks may hide behind DNS address IPs of critical components of a > platform (like GW).
GWs (and any SIP UAs) should reject requests where request uri doesn't designate the SIP UA itself. if they don't, report it as a bug to the manufacturer. > I was thinking having this in core to be able to use it both in > stateless (core) and statefull (tm) mode. My concern is where/how to > define the IP black list. If it will be kept in core, will the core > populated it (via script??) or module should register IPs to the core > list? All this in the idea of being able to do a nice provisioning of > the IP blacklist. in order to be useful, blacklist must be kept in a database table, which ser can reload into memory by a fifo command. -- juha _______________________________________________ Users mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/users
