[Freeswitch-users] Is there a way for FS not to send back any response to INVITE

Oleg Stolyar olegstolyar at gmail.com
Thu Jun 2 00:38:47 MSD 2016


Thanks Jurijs!

Unfortunately we do need to use TLS.

On Wed, Jun 1, 2016 at 1:26 PM, Jurijs Ivolga <jurijs.ivolga at gmail.com>
wrote:

> Hi Oleg,
>
> With iptables you can block based on what is inside SIP packet(off cause
> if you are not using TLS), take a look on link below:
>
>
> http://www.bertera.it/index.php/2014/01/22/sip-facket-filtering-with-iptables/
>
> It is not best way to achieve what you need, cause as far as I know it is
> resource consuming operations. Best way will be to use Kamailio as SIP
> proxy in front.
>
> With kind regards,
>
> Jurijs
>
> On Wed, Jun 1, 2016 at 11:05 PM, Oleg Stolyar <olegstolyar at gmail.com>
> wrote:
>
>> Thanks guys!  IP tables is how we block most traffic but we can only
>> block traffic by port.  In this case it's about invalid INVITES coming in
>> on a valid port.
>>
>> Do you think this functionality would be useful?
>> Is it worth opening a feature request and perhaps putting a bounty on it?
>>
>> Any idea of the effort?
>>
>> On Wed, Jun 1, 2016 at 1:00 PM, Michael Jerris <mike at jerris.com> wrote:
>>
>>> The only way with our current sip module to accomplish either of these
>>> would be to put a sip proxy out front to handle that behavior, or to
>>> somehow use iptables to block the traffic
>>>
>>> On Jun 1, 2016, at 3:40 PM, Oleg Stolyar <olegstolyar at gmail.com> wrote:
>>>
>>> Hi,
>>>
>>> In order to protect against scanning attacks I'd like for FS to not
>>> respond to INVITES unless they match certain conditions.
>>>
>>> I understand that currently FS always responds with 100 Trying right
>>> away before processing the call and then, if the call does not match
>>> anything in the dialplan, responds with a 302 Moved Temporarily.
>>>
>>> The 302 can be replaced with another response code (for example 403
>>> Forbidden which is what I am doing now) using the *respond* dialplan
>>> app.   However, that might encourage the scanner to keep trying.
>>>
>>> So I guess there are two questions:
>>>
>>> 1. Is there a way not to send back 100 Trying at all?
>>>
>>> 2. Is there a way to not send any final response?
>>>
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160601/4a694653/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list