[Serusers] Loose routing question
Michael Ulitskiy
mulitskiy at acedsl.com
Tue May 3 01:00:49 CEST 2005
Hello,
I'm trying to comprehend loose routing concept and I have
a question that concerns me.
As far as I understand loose routing says that if there're Route
headers in a message it should be forwarded according to the URIs
set in Route headers.
I thought that this is true only within a dialog, but RFC3261 (part 16.6) says:
"Requests establishing a dialog may contain a preloaded Route header field."
Also SER manual says: " the failure not to include loose routing in your scripts
may lead to infinite loops. Make sure that you include the following script
fragment immediately after request sanity checks" and provide the following
piece of code:
if (loose_route()) {
t_relay();
break;
};
which as far as I understand unconditionally forwards message if Route header
is present.
So I'm wondering what about security? If I follow this guidelines how I would
shield my PSTN gateway if anyone can construct message and
pre-load it with URI of my gateway and all my proxies must honor it.
For example I have a PSTN gateway on ip address 10.1.1.5 and proxy
on 10.1.1.10 that supposed to interface outside world.
So I guess if someone construct a message like this:
INVITE sip:12345 at somewhere.com SIP/2.0
...
Route: <sip:12345 at 10.1.1.5;lr>
my proxy will forward it to PSTN gateway and it will make outbound call.
Is this true? Please enlighten me on this.
Thank you,
Michael
More information about the sr-users
mailing list