[SR-Users] Add Header
Tony Turner
tony.turner at nodemax.com
Fri Feb 28 12:16:27 CET 2014
Hi Daniel,
Perfect thanks
regards
Tony
-----Original Message-----
From: Daniel Tryba
Sent: Friday, February 28, 2014 9:29 AM
To: sr-users at lists.sip-router.org
Subject: Re: [SR-Users] Add Header
On Thursday 27 February 2014 18:06:13 Tony Turner wrote:
> is it possible with Kamailio to have customers calls come in on a trusted
> IP and when they send calls we add a header with a [client id] which we
> can remove on the next ip switch upstream
>
> So example
>
> Call comes in from customer with IP:
> their trusted IP source xx.xx.xx.xx
> add header with their client ID
Offcourse this is possible. I do something similar to indicat to upstream
sip
servers the call is accounted for.
I store trusted IPs in the address table and check for INVITES from those
IPs.
If one matches I make a lookup in the usr_preferences table to figure out
what
client it is for:
route[AUTHENTICATE]
{
if(!is_method("REGISTER") && allow_address("3", "$si", "$sp") &&
$proto=="tcp")
{
if(!avp_db_query("select username from usr_preferences where
attribute='ip_authentication' and (value='$si:$sp' or value like '$si:%')
order by length(value) limit 1"))
{
sl_send_reply("403", "Not Allowed");
exit;
}
$avp(au)=$avp(i:1);
}
else
{
#normal authentication
...
append_hf() to append a header. Be sure to remove the header from all
incoming
requests first (remove_hf()).
BTW this is insecure for udp traffic. If someone is able to spoof source
adresses this might be abused, hence the tcp only condition.
--
POCOS B.V. - Croy 9c - 5653 LC Eindhoven
Telefoon: 040 293 8661 - Fax: 040 293 8658
http://www.pocos.nl/ - http://www.sipo.nl/
K.v.K. Eindhoven 17097024
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users at lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list