Re: [OpenSIPStack] domain rewriting question
Brought to you by:
joegenbaclor
Menu
▾
▴
Re: [OpenSIPStack] domain rewriting question
|
From: <jo...@op...> - 2008-10-02 02:02:16
|
Andre, I am 50/50 on this one. Half of the argument is as you have already stated in this post. The other half is, this is the first time I have encountered a GW that filters INVITE based on the from header. From is a very weak form of identity assertion since it can be forged very easily using any softphone. This is not mentioning that RFC 3261 not only allows From to be forged easily but also allows it to be anonymized. For example sip:ano...@an...valid to indicate that you want your identity to be private is aperfectly valid from header. Thus, an implementation that relies on From to assert identity is tantamount to a multitude of interoperability issues. Never the less, I'll find time to make the domain rewrite for from configurable via B2BUA Route as well. I guess these sorts of issues is the main reason why SBC's are invented anyway. Joegen Andre Mamitzsch wrote: > Hi, > > I just need some clarification regarding the domain rewriting concept of > the OpenSBC. > > We are using the SBC in upper registration mode. The upper registration > works fine, all register messages are "hijacked" and domain rewriting is > performed. So, everything is fine here. > > > If I try to place a call, I receive the message "forbidden AOR" since no > rewriting in the From: field is performed while the domain in the To: > is replaced as expected. > > In my opinion, the local domain (xyz.net) should be replaced by the > target domain (abc.net) in the From: as well. Or am I wrong here ? > > Regards, > > Andre > > Our setup: > > > +--------+ +-------+ +---------+ > + SIP UA +------------------+ oSBC +-------------------+ SIP Net + > +--------+ +-------+ +---------+ > 192.168.10.3 10.70.3.200 10.70.5.85 > 12...@si... sip.abc.net > > > 2008/10/01 22:35:05.384 DTL: [CID=0x0e3e] ICT(3121173204) > Event(SIPMessage) - SIP/2.0 403 Forbidden AOR > > 2008/10/01 22:35:05.384 DBG: [CID=0x0e3e] TRANSACTION: (ICT) SIP/2.0 403 > Forbidden AOR State: 3 > > 2008/10/01 22:35:05.385 INF: [CID=0x0e3e] >>> ACK sip:78...@si... > SIP/2.0 DST: 10.70.5.85:5060:UDP SRC: 10.70.3.200:5060 enc=0 bytes=656 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] ACK sip:78...@si... SIP/2.0 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] From: "123456" > <sip:12...@si...>;tag=ed94ab1c > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] To: "789123" > <sip:78...@si...>;tag=1_1146_t160890_14h5 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Via: SIP/2.0/UDP > 10.70.3.200:5060;iid=22771;branch=z9hG4bK4ec38706668edd119c5bdb9c33a35a27;uas-addr=10.70.5.85;rport > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] CSeq: 1 ACK > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Call-ID: > ZTMzZjllOTQ1M2UwZGI0YWY2OGRlNjJjNTE2MGZmOTc.-0x0004 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Contact: > <sip:123456@10.70.3.200:5060> > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] User-Agent: OpenSBC v1.1.5-13 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Max-Forwards: 70 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Allow: INVITE, ACK, CANCEL, > OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Supported: timer > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Session-Expires: 1800 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Min-SE: 90 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] Content-Length: 0 > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] > > 2008/10/01 22:35:05.385 DBG: [CID=0x0e3e] > > ------------------------------------------------------------------------- > This SF.Net email is sponsored by the Moblin Your Move Developer's challenge > Build the coolest Linux based applications with Moblin SDK & win great prizes > Grand prize is a trip for two to an Open Source event anywhere in the world > http://moblin-contest.org/redirect.php?banner_id=100&url=/ > _______________________________________________ > opensipstack-devel mailing list > ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensipstack-devel > > ------------------------------------------------------------------------ > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.173 / Virus Database: 270.7.5/1702 - Release Date: 10/1/2008 9:05 AM > > |
