Bogdan-Andrei Iancu writes:
I was already considering this feature, from same reasons as you. Attacks may hide behind DNS address IPs of critical components of a platform (like GW).
GWs (and any SIP UAs) should reject requests where request uri doesn't designate the SIP UA itself. if they don't, report it as a bug to the manufacturer.
I was thinking having this in core to be able to use it both in stateless (core) and statefull (tm) mode. My concern is where/how to define the IP black list. If it will be kept in core, will the core populated it (via script??) or module should register IPs to the core list? All this in the idea of being able to do a nice provisioning of the IP blacklist.
in order to be useful, blacklist must be kept in a database table, which ser can reload into memory by a fifo command.
-- juha