[SR-Users] secfilter usage

Aymeric Moizard amoizard at gmail.com
Tue Dec 3 15:46:55 CET 2019


Hi all,

I'm testing and moving my kamailio script to use the newer secfilter module.

In the past, I was replying "200 Ok" to "friendly scanners"...

With the newer secfilter module, it looks like I can't send a reply with
"sl_send_reply("200", "OK")"

secf_check_ua();
if ($? == -2) {
  sl_send_reply("200", "OK");
  exit;
}


I have read the code of the secfilter, but I was not able to see any
specific code to silently discard the SIP request.

I can see in the documentation about "secf_check_sqli_all", that the SIP
message is supposed to be "dropped". I can see "w_check_sqli_all" returns 0
on detection and w_check_ua returns -2 upon detection.

Are the message discarded because a negative value was returned?

Would it be doable, using the secfilter, to still reply 200 Ok?
Regards
Aymeric

-- 
Antisip - http://www.antisip.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191203/ba510477/attachment.html>


More information about the sr-users mailing list