3 Dec
2019
3 Dec
'19
8:37 p.m.
Hi
Without the force_rport() the reply goes to an incorrect port
Regards
On Tue, 3 Dec 2019 at 17:58, Aymeric Moizard <amoizard(a)gmail.com> wrote:
Hi,
Tks a lot for the answer.
I'm surprised if that would fix the issue. The missing 200 ok was for an
invite with a via containing a public IP and no port.
I would expect sl_send_reply to send something, even if to the wrong port?
Regards
Aymeric
Le mar. 3 déc. 2019 à 16:40, Pepelux <pepeluxx(a)gmail.com> a écrit :
Sorry ... Try to use force_rport() *before*
sl_send_reply
On Tue, 3 Dec 2019 at 16:37, Pepelux <pepeluxx(a)gmail.com> wrote:
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hi Aymeric
Try to use force_rport() after sl_send_reply:
secf_check_ua();
if ($? == -2) {
force_rport();
sl_send_reply("200", "OK");
exit;
}
For secf_check_sqli_all() the module drops the packet if a sqli is
detected in any header but for other functions as secf_check_sqli_ua() it
returns a negative code for detection and you choose if you want to drop
the packet or not
Regards
On Tue, 3 Dec 2019 at 15:48, Aymeric Moizard <amoizard(a)gmail.com> wrote:
Kamailio (SER) - Users
Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hi all,
I'm testing and moving my kamailio script to use the newer secfilter
module.
In the past, I was replying "200 Ok" to "friendly scanners"...
With the newer secfilter module, it looks like I can't send a reply
with "sl_send_reply("200", "OK")"
secf_check_ua();
if ($? == -2) {
sl_send_reply("200", "OK");
exit;
}
I have read the code of the secfilter, but I was not able to see any
specific code to silently discard the SIP request.
I can see in the documentation about "secf_check_sqli_all", that the
SIP message is supposed to be "dropped". I can see
"w_check_sqli_all"
returns 0 on detection and w_check_ua returns -2 upon detection.
Are the message discarded because a negative value was returned?
Would it be doable, using the secfilter, to still reply 200 Ok?
Regards
Aymeric
--
Antisip - http://www.antisip.com
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________