23 Dec
2008
23 Dec
'08
8:26 a.m.
Juha Heinanen schrieb:
IƱaki Baz Castillo writes:
alice sends this BYE:
BYE sip:PSTN_NUMBER@PSTN_GATEWAY SIP/2.0 Route: sip:PROXY_IP Route: sip:alice@ALICE_PHONE_IP
in this particular case, you could call to_gw() and find out that request is going to gw and, if so, drop the request it is has more than one route header (the one for the proxy itself).
Not sure if this is enough - the attacker could omit the Route header pointing to the proxy. Maybe the check should use $dd which is set if another Route header is present.
regard klaus