[Users] feature request
Juha Heinanen
jh at tutpro.com
Wed Jul 27 20:56:16 CEST 2005
Bogdan-Andrei Iancu writes:
> I was already considering this feature, from same reasons as you.
> Attacks may hide behind DNS address IPs of critical components of a
> platform (like GW).
GWs (and any SIP UAs) should reject requests where request uri doesn't
designate the SIP UA itself. if they don't, report it as a bug to the
manufacturer.
> I was thinking having this in core to be able to use it both in
> stateless (core) and statefull (tm) mode. My concern is where/how to
> define the IP black list. If it will be kept in core, will the core
> populated it (via script??) or module should register IPs to the core
> list? All this in the idea of being able to do a nice provisioning of
> the IP blacklist.
in order to be useful, blacklist must be kept in a database table, which
ser can reload into memory by a fifo command.
-- juha
More information about the Users
mailing list