27 Jul
2005
27 Jul
'05
11:53 p.m.
Juha Heinanen wrote:
I think the blacklist should use ser's DB API. Is it possible to
implement this as a separate module?
regards,
klaus
Bogdan-Andrei Iancu writes:
That whould be the easiest solution, but:
- Does this work with Cisco GWs? AFAIK not.
- Also, often the GW is not under my control. Fixing the problem locally
is much easier than discussing the reason of such a GW configuration
with other "VoIP experts".
I agree, but is not the case I was referring to.
Imagine the following
scenario: some user upload as contact or redirect/forward address an uri
like "sip:user@somedomain.com"; he can later switch the DNS entry of the
domain "somedomain.com" to point to your GW IP.
In [Open]SER, the DNS resolve is done when no more scripting is
possible, so .... :)
this is not a problem, because resolving somedomain.com doesn't rewrite
r-uri, which thus arrives to your GW as sip:user@somedomain.com. if
your GWs name is not somedomain.com, the GW should reject the request. again, agree;
the question is where to keep the list: in core and the
core should export fifo command for reload from file maybe (the core
should not be DB dependent)?
if not, then i guess file is the only choice (which is not good).