<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello,<br>
<br>
After a clean install of both, debian and freeswitch ( with
mod_radius_cdr enabled ) <br>
i noticed a few accounting-packages sent to strange ip's on port
1813. <br>
<br>
120.0.0.224 ( at&t )<br>
32.45.27.224 ( chinaunicom )<br>
<br>
i'm pretty sure those packages originate from mod_radius_cdr.<br>
since we're not related with these companys in any way, i'm
wondering why mod_radius_cdr is ( at least trying ) to sent cdr's to
those ip's. <br>
<br>
here is a sample of a cdr sent to at&t: <br>
<br>
------------------------------<br>
<i>U <b>xxx</b>.<b>xxx</b>.<b>xxx</b>.<b>xxx</b>:59323 -> <b>120.0.0.224</b>:1813</i><i><br>
</i><i>....r...`/..I....I..(.....,&0670776c-2388-11e4-aef1-8b582cc877c8......l...<b>xxxxxxxxxxx</b>....l.......l...<b>xxxxxxx</b>....l.............l.......l...default....l...<b>xxxxxxxxxxxx</b>....l...."..l...src/switch_ivr_originate.c.'..l..!2014-08-14T09:53:05.848983+0200......).......O..f</i><br>
----------------------------<br>
<br>
<br>
I also searched the source files of mod_radius_cdr, but sadly ( or
luckily ) no match.<br>
<br>
Somebody cares to look into this?<br>
<br>
If i'm in the wrong place for this question, maybe some of you can
point me in the right direction ;)<br>
<br>
have a nice day, <br>
<br>
regards,<br>
<br>
<br>
</body>
</html>