[Kamailio-Users] Accounting: How to avoid a fraudulent BYE with lower CSeq?
Klaus Darilion
klaus.mailinglists at pernau.at
Tue Dec 23 09:26:39 CET 2008
Juha Heinanen schrieb:
> Iñaki Baz Castillo writes:
>
> > - alice sends this BYE:
> >
> > BYE sip:PSTN_NUMBER at PSTN_GATEWAY SIP/2.0
> > Route: <sip:PROXY_IP>
> > Route: <sip:alice at ALICE_PHONE_IP>
>
> in this particular case, you could call to_gw() and find out that
> request is going to gw and, if so, drop the request it is has more than
> one route header (the one for the proxy itself).
Not sure if this is enough - the attacker could omit the Route header
pointing to the proxy. Maybe the check should use $dd which is set if
another Route header is present.
regard
klaus
More information about the Users
mailing list