[Users] privacy=full and contact hf

Bogdan-Andrei Iancu bogdan at voice-system.ro
Tue Jan 31 21:59:07 CET 2006 

Wolfgang,

usually there are two ways to go when you want to protect a GW:
    1) make it invisible (want you are trying to do)
    2) make it inaccessible = set it a private network, accessible only 
via the proxy; from outside, only private, unroutable/useless IPs will 
be visible ;)

basically the major factor is if you control the GW or not...

regards,
bogdan

Wolfgang Hottgenroth wrote:

>Yep, you indeed understand exactly what I'm about to try, replacing the
>contact by something recognizable ... I was wondering whether someelse
>was face the same problem.
>
>Thanks,
>Wolfgang
>
>
>Bogdan-Andrei Iancu wrote:
>  
>
>>Hi,
>>
>>I see what you are trying to do. I have some idea about masking the
>>contact hdr, but you still have to deal with VIA :D.....
>>
>>about Contact...since the contact provided by the GW is the same (let's
>>assume that), before forwarding to the foreign proxy, you may replace
>>the GW contact with a contact pointing to your server and containing a
>>token easy to recognize (maybe a username?).
>>On the way back, if you find the funny contact you inserted (which will
>>be RURI or Route), you have to restore it to the GW contact....
>>
>>never tried this, but it might work....
>>
>>regards,
>>bogdan
>>
>>Wolfgang Hottgenroth wrote:
>>
>>    
>>
>>>Hi,
>>>
>>>
>>>you're right, but here the source is the GW and the destination is
>>>another SIP proxy with SIP phones behind it. And since we are
>>>terminating calls out of the PSTN to this other SIP proxy, ran by a
>>>company without voice-license, I need to remove any hint to the identity
>>>of the caller before handing over the call to that second SIP proxy.
>>>
>>>
>>>Wolfgang
>>>
>>>
>>>
>>>Bogdan-Andrei Iancu wrote:
>>> 
>>>
>>>      
>>>
>>>>Hi Wolfgang,
>>>>
>>>>if the destination is a GW and you set a RPID hdr, you do not need to
>>>>remove the contact and FROM - the GW will silently ignore them.
>>>>
>>>>regards,
>>>>Bogdan
>>>>
>>>>Wolfgang Hottgenroth wrote:
>>>>
>>>>  
>>>>
>>>>        
>>>>
>>>>>Really sure that there is no way only using openser? I don't want to
>>>>>deploy that fat beast additionally just for a single feature.
>>>>>
>>>>>Or is there something I haven't considered yet?
>>>>>
>>>>>
>>>>>Thanks,
>>>>>Wolfgang
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>Klaus Darilion wrote:
>>>>>
>>>>>
>>>>>    
>>>>>
>>>>>          
>>>>>
>>>>>>If you need full privacy, then it is better to use a B2BUA like
>>>>>>Asterisk.
>>>>>>
>>>>>>regards
>>>>>>klaus
>>>>>>
>>>>>>Wolfgang Hottgenroth wrote:
>>>>>>
>>>>>> 
>>>>>>
>>>>>>      
>>>>>>
>>>>>>            
>>>>>>
>>>>>>>Hi,
>>>>>>>
>>>>>>>
>>>>>>>before forwarding a call (INVITE) from the PSTN with flag
>>>>>>>"privacy=full"
>>>>>>>in the Remote-Party-ID hf to a none-voice-licensed carrier I need to
>>>>>>>make sure that the calling party number is completely wiped out from
>>>>>>>the
>>>>>>>SIP requests.
>>>>>>>
>>>>>>>I see this number at three places: the Remote-Party-ID hf itself, the
>>>>>>>
>>>>>>>  
>>>>>>>        
>>>>>>>
>>>>>>>              
>>>>>>>
>>>>>>>>From hf and the Contact hf.
>>>>>>>>               
>>>>>>>>                
>>>>>>>>
>>>>>>>The Remote-Party-ID hf can simply be dropped or replaced by something
>>>>>>>anonymous.
>>>>>>>
>>>>>>>The From hf can be rewritten using uac_replace_from.
>>>>>>>
>>>>>>>But what about the Contact hf? This field is, as far as I can see,
>>>>>>>required for routing purposes, to tell the called party side where to
>>>>>>>send replies. So, if I would manage it to rewrite the field, I would
>>>>>>>have to make sure, the replies sent to the rewritten address once
>>>>>>>again
>>>>>>>will be rewritten to target for the meant destination.
>>>>>>>
>>>>>>>Is there a best practice for this item?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>Thanks,
>>>>>>>Wolfgang
>>>>>>>
>>>>>>>_______________________________________________
>>>>>>>Users mailing list
>>>>>>>Users at openser.org
>>>>>>>http://openser.org/cgi-bin/mailman/listinfo/users
>>>>>>>
>>>>>>>
>>>>>>>           
>>>>>>>              
>>>>>>>
>>>>>_______________________________________________
>>>>>Users mailing list
>>>>>Users at openser.org
>>>>>http://openser.org/cgi-bin/mailman/listinfo/users
>>>>>
>>>>>
>>>>>
>>>>>    
>>>>>          
>>>>>
>>> 
>>>
>>>      
>>>
>
>
>  
>

More information about the Users mailing list