IƱaki Baz Castillo writes:
Kamailio parser does not detect such header as "P-Asserted-Identity".
Also, it's unfeasible that a proxy checks the syntax of all the headers. Typically a proxy just cares about some few headers.
then use the script function that drops all headers except the ones your gw cares about.
also, you can count the number of failures yourself by using htable, for example, and not defunct your gw based on the first failure.
So the attacker should just send 5 malformed requests rather than one.
see above. also, there is response '400 bad request'. fix your gw to use it.
IMHO that's due to the design of the tables in LCR module. IMHO there should be a table just with gws definition (without containing the lcr_id field). It would make easier the management for cases like the present (just my opinion).
you may be right about that one. when i have time, i'll take a look at it.
-- juha