[sr-dev] topoh issues
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Jan 4 19:53:35 CET 2010
Hi Daniel!
Thanks for topoh, a great module.
1. topology hiding is skipped for REGISTER and PUBLISH - why? For
example I use Kamailio as an outbound proxy for our office as some kind
of firewall and want to add topology hiding (to hide the details of our
LAN). In this scenario it is also needed to mangle REGISTER and PUBLISH too.
Are there any issues from implementation point of view which prevents
mangling for REGISTER|PUBLISH?
I tried removing the method-check and it seems to work fine (at least
for REGISTER with single Contact headers)
Of course this brings in another problem - at the upstream server the
registered Contact is now sip:10.1.1.2;line=sr-......
It would be necessary to have the host part configurable, e.g. in my
setup I would set it to the public IP address of the outbound proxy.
Thus,
str th_ip = {"10.1.1.2", 0};
should be the default and there should be a module paramter to override it.
2. the module uses a default value for encryption. IMO this is insecure.
IMO, either the mask_key parameter should be mandatory or a random one
should be generated at startup.
regards
klaus
More information about the sr-dev
mailing list