[SR-Users] Security
Daniel-Constantin Mierla
miconda at gmail.com
Wed Apr 16 13:34:01 CEST 2014
ups, replied to wrong message -- ignore this and previous message in
this thread.
Daniel
On 16/04/14 13:32, Daniel-Constantin Mierla wrote:
> Hello,
>
> On 16/04/14 12:49, Daniel-Constantin Mierla wrote:
>> Hello,
>>
>> On 16/04/14 09:52, Keith wrote:
>>> Hi All,
>>>
>>> I am looking to apply some security on invites so I only accept from
>>> IP addresses in the address table or authenticated users. I have the
>>> address table bit working but I am struggling with the authenticated
>>> users bit. Wondering if anyone has done it? I was thinking of using
>>> the location table in some way as those users have authenticated?
>>>
>>> Any ideas would be appreciated.
>> you should authenticate all requests coming from non-trusted peers.
>> The default config file does it for the users that pretend to be
>> local subscribers. Just look at route[AUTH].
>>
>> Relaying on location table might not be safe, you can eventually
>> check the source ip, but then someone can be in the same network
>> behind the nat and call on behalf of another phone registered from
>> the same local network.
>>
>> Also, in sip, phones can call without being registered. Registration
>> is done only to be able to be called.
>
> it was a c&p error in mysql module. Can you try with latest git?
>
> Cheers,
> Daniel
>
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
More information about the sr-users
mailing list