[Serusers] how to log unauthorized attemp with clear password
Fabio Macchi
f.macchi at keeptelecom.com
Thu Mar 1 15:01:49 CET 2007
Hi all,
I'm using ser-0.9.7 with mysql authentication.
This is the INVITE handling section of my ser.cfg
# -----------------------------------------------------------------
# INVITE Message Handler
# -----------------------------------------------------------------
if (nat_uac_test("19")) {
setflag(6);
}
if (!allow_trusted()) {
if (!proxy_authorize("sip.keeptelecom.com","subscriber")) {
proxy_challenge("sip.keeptelecom.com","0");
break;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
break;
};
consume_credentials();
};
# ------ Logging calls after succesfully auth -----------
if (isflagset(6)) {
xlog("L_INFO", "<%is> CH <%ct> R-URI <%ru> autenticato: NAT
detected\n");
} else {
xlog("L_INFO", "<%is> CH <%ct> R-URI <%ru> autenticato: no
NAT detected\n");
}
As you cas see, I've added just after authentication section some lines to
log every succesfully authenticated attemp to make a call, with NAT
detection info.
I'd like, in the same way, add a single line to log every wrong user or
wrong password attempt.
My question is: which is the correct place to set this in the configuration
file ?
My first idea was to place xlog instruction just inside the
if(!proxy_authorize){ . , but this produces multiple line in log, because in
a call first invite is sent without proxy_authorization section.
Is there a way, with xlog, to show the client sent password in clear for an
easy troubleshoot ?
Many thanks for any suggestion.
Fabio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20070301/6061775b/attachment.htm>
More information about the sr-users
mailing list