[SR-Users] Best way to ignore HTTP requests
Sebastian Damm
sdamm at pascom.net
Thu Mar 11 17:23:39 CET 2021
I would probably load the xhttp module and then discard those messages there. See the docs of xhttp, though, there's an option that has to be set to accept requests without Content-Length header.
Regards,
Sebastian
----- Ursprüngliche Mail -----
Von: "Ben Kaufman" <ben.kaufman at altigen.com>
An: "sr-users" <sr-users at lists.kamailio.org>
Gesendet: Donnerstag, 11. März 2021 17:19:29
Betreff: Re: [SR-Users] Best way to ignore HTTP requests
I’m sorry – I should have been more clear in what I was looking at.
As a brief summary of the ‘problem’, I see items like this in my logs intermittently (a few times a day):
***
20(3085) ERROR: <core> [core/tcp_read.c:1531]: tcp_read_req(): bad request, state=7, error=4 buf:
GET / HTTP/1.0
parsed:
GET / HTTP/1.0
24(3089) ERROR: <core> [core/tcp_read.c:1531]: tcp_read_req(): bad request, state=7, error=4 buf:
GET [ http://clientapi.ipip.net/echo.php?info=20210311155950 | http://clientapi.ipip.net/echo.php?info=20210311155950 ] HTTP/1.1
Host: clientapi.ipip.net
Accept: */*
Pragma: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64)
***
So, this is just (likely) random scanning from the internet. I mostly just want to remove much of this info from my log files. I’m not serving http on this port. The question about $rP was mostly looking to ignore GET, POST, etc., but I understand that this won’t work due to the fact that it’s message parsing that fails. I was just looking for a way to discard and ignore the bad message rather than trying to process it.
Regards,
Ben Kaufman
[ mailto:ben.kaufman at altigen.com | ben.kaufman at altigen.com ]
Director of Cloud Operations
AltiGen Communications, Inc.
From: sr-users <sr-users-bounces at lists.kamailio.org> On Behalf Of Alex Balashov
Sent: Monday, March 8, 2021 3:08 PM
To: Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
Subject: Re: [SR-Users] Best way to ignore HTTP requests
How would checking $rP help?
Kamailio won’t process HTTP requests on a TCP SIP listener since they lack the SIP/2.0 request line signature.
It’ll process them through xhttp, though. Is that the context in which this is an issue? If so, just expose your xhttp resources via an obscure URL ($hu) and deny anything else.
—
Sent from mobile, with due apologies for brevity and errors.
On Mar 8, 2021, at 4:01 PM, Ben Kaufman < [ mailto:ben.kaufman at altigen.com | ben.kaufman at altigen.com ] > wrote:
I’ve set up a server listening on TCP recently, and notice that I’m receiving intermittent, random HTTP requests from the internet. While it would probably be a good idea to enforce a firewall rule to only allow known hosts to communicate, what would be the best way within Kamailio to ignore http requests? Would just checking $rP work?
Regards,
Ben Kaufman
[ mailto:ben.kaufman at altigen.com | ben.kaufman at altigen.com ]
Director of Cloud Operations
AltiGen Communications, Inc.
_______________________________________________
Kamailio (SER) - Users Mailing List
[ mailto:sr-users at lists.kamailio.org | sr-users at lists.kamailio.org ]
[ https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users | https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users ]
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list