[OpenSIPS-Users] multidomain, security
Miha
miha at softnet.si
Wed Mar 19 13:20:17 CET 2014
Hi,
I am doing "proxy_authorize" for "!(method=="REGISTER") && is_from_local()".
I request INVITE is not send from user, which does "not contain"
local_domain (defined in domains table) in INVITE, so this will not be
authenticated as this request will not go to this "!(method=="REGISTER")
&& is_from_local()" condition and in my case this invite will go throught.
Was is best practice for droping that kind of invites?
Doing this:
$avp(port)="5060";
if(!$si=="SBC_IP" &&
!lb_is_destination("$si","$(avp(port){s.int})") && !is_from_local()){
drop;
}
?
tnx!
miha
More information about the Users
mailing list