[Users] Route in INVITE
Helge Waastad
helge at smartnet.no
Mon Mar 13 15:50:54 CET 2006
Hi,
I did modify my (a little-bit confused) loose route to loose route only
INVITES/ACK with totags (has_totag). The rest should be going through
the normal ACL procedures.
But, could not a request relayed through other proxies also have a to
tag aswell? (and then again bypass security?)
br hw
man, 13,.03.2006 kl. 16.20 +0200, skrev Juha Heinanen:
> Helge Waastad writes:
>
> > I have a UA (ekiga) which adds a Route:<OBP>;lr in INVITE
> > Is this "legal"?
>
> i'm pretty sure that rfc3261 allows so called pre-loaded route sets in
> initial requests, but for security reasons, many proxy configurations
> deny them. i too found recently that nokia phones, when configured to use
> sip, add by default a route header pointing to the outbound proxy.
>
> rather that simply rejecting initial requests with pre-loaded route
> sets, it might be possible to configure the proxy to allow them, but
> only if there is a single route entry that points to the proxy itself.
> i haven't had time to think how this could be tested in openser.cfg.
>
> -- juha
--
Helge Waastad
Senior Konsulent
Smartnet
More information about the Users
mailing list