Stefan Sayer wrote:
Hello,
I think this is an interesting question, but
Andres wrote:
To answer my own question, I just set up a lab test to verify this.
After the session is up and the address has been 'pre-filled', if rtpproxy receives a packet on the same UDP port as one of the call legs but from a different IP, it changes the address to which it forwards the stream.
It immediately jumped into my mind that this could be a security vulnerability since a remote attacker could effectively bring down all sessions on an rtpproxy just by doing a UDP scan.
...wouldn't they switch back to the correct addresses when the next RTP packet arrives, i.e. after 10/20/30 ms?
No it does not. I tried it. RTPProxy only switches addresses once. Although it is trivial to edit the source code and allow rtpproxy to always listen and adjust to IP Address changes during the entire call.
Andres http://www.neuroredes.com
Stefan