[SR-Users] default kamailio configuration.
Daniel-Constantin Mierla
miconda at gmail.com
Wed Jun 27 10:06:57 CEST 2012
Record-Route is added by proxies to requests creating dialogs to require
that the requests within the dialog will be sent through them. There
Record-Route headers become Route in within dialog requests. In other
words, Route forces next hop address and can be dangerous from security
point of view if not trusted, Record-Route is just to carry some
addresses for later usage, no immediate impact in routing of that request.
Cheers,
Daniel
On 6/26/12 3:15 PM, Vitaliy Aleksandrov wrote:
> I have lost in Route and Record-Route headers.
> But now it's clear for me. Huge thanks.
>>
>> On 25.06.2012 14:44, Vitaliy Aleksandrov wrote:
>>> Hi All,
>>>
>>> After reading default kamailio configuration i can't understand why
>>> does
>>> kamailio remove preloaded route headers from the incoming initial
>>> INVITE
>>> before calling record_route().
>>>
>>> remove_hf("Route");
>>> if (is_method("INVITE|SUBSCRIBE"))
>>> record_route();
>>
>> Pre-loaded route sets can be used to abuse the proxy as an open
>> relay. This is bad. If a request hits my proxy, then I want to define
>> how the message is routed, and I do not want to route the message
>> like somebody else wants it.
>>>
>>> What will happen if an INVITE comes from another SIP proxy which wants
>>> to stay in the middle of the dialogue ?
>>
>> Only "Route" headers are removed, not "Record-Route" headers which
>> create the route-set.
>>
>>> For example, during Re-INVITE UA from our local site will construct
>>> in-dialog INVITE with R-URI taken from the remote contact and send
>>> it to
>>> our local proxy according to RR. Local proxy will process it in
>>> route[WITHNDLG] where loose_route() function will remove top most RR
>>> header because it points to us and since there is no more RR records
>>> forward the request to a destination from the R-URI. As i
>>> understand in
>>> that case remote proxy will not receive any in-dialog requests from us.
>>
>> Sure it does. As only the pre-loaded route is remove, not the
>> Record-Route headers. Thus, the in-dialog route set is not affected,
>> only the out-of-dialog route set (pre-loaded) is manipulated.
>>
>> regards
>> Klaus
>>
>> _______________________________________________
>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu
Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw
More information about the sr-users
mailing list