<div dir="ltr">You have some learning to do about VoIP and various security models.  See comments inline.<br><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jan 14, 2015 at 10:08 AM, Ahmed Habiba <span dir="ltr">&lt;<a href="mailto:ahabiba@gmail.com" target="_blank">ahabiba@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">Dears,<div><br></div><div>Kindly I noticed a very strange behaviour on Freeswitch that may allow non authorised users to make call through the system below is the log and my notice <font color="#b51a00">highlighted, </font>you help will be appreciated.</div><div><br></div><div><font color="#b51a00">1-Below is a request coming from not authored IP.</font></div><div><font color="#b51a00">2-However the originating IP is “</font><span style="font-family:Menlo;font-size:11px">142.54.179.218</span><font color="#b51a00">” the from is as below as if it is from the same server:</font></div></div></blockquote><div><br></div><div>The IP was 142.54.179.218... thats the real IP we received the request from. </div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><br></div><div><div style="margin:0px;font-size:11px;font-family:Menlo">freeswitch@internal&gt; recv 770 bytes from udp/[142.54.179.218]:5070 at 16:41:34.211099:</div><div style="margin:0px;font-size:11px;font-family:Menlo">   ------------------------------------------------------------------------</div><div style="margin:0px;font-size:11px;font-family:Menlo">   INVITE <a>sip:9009972599796504@177.31.245.177:5080</a> SIP/2.0</div><div style="margin:0px;font-size:11px;font-family:Menlo">   To: 9009972599796504&lt;<a>sip:9009972599796504@177.31.245.177</a>&gt;</div><div style="margin:0px;font-size:11px;font-family:Menlo">   From: <font color="#b51a00">1000&lt;<a>sip:1000@177.31.245.177</a>&gt;</font>;tag=e8473b10</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Via: SIP/2.0/UDP 142.54.179.218:5070;branch=z9hG4bK-d6e1ddab827448435f49ecaf6e613e2e;rport</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Call-ID: d6e1ddab827448435f49ecaf6e613e2e</div><div style="margin:0px;font-size:11px;font-family:Menlo">   CSeq: 1 INVITE</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Contact: &lt;<a>sip:1000@142.54.179.218:5070</a>&gt;</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Max-Forwards: 70</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Allow: INVITE, ACK, CANCEL, BYE</div><div style="margin:0px;font-size:11px;font-family:Menlo">   User-Agent: sipcli/v1.8</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Content-Type: application/sdp</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Content-Length: 285</div><p style="margin:0px;font-size:11px;font-family:Menlo;min-height:13px">   <br></p><div style="margin:0px;font-size:11px;font-family:Menlo">   v=0</div><div style="margin:0px;font-size:11px;font-family:Menlo">   o=sipcli-Session 1883669566 1798766211 IN IP4 142.54.179.218</div><div style="margin:0px;font-size:11px;font-family:Menlo">   s=sipcli</div><div style="margin:0px;font-size:11px;font-family:Menlo">   c=IN IP4 142.54.179.218</div><div style="margin:0px;font-size:11px;font-family:Menlo">   t=0 0</div><div style="margin:0px;font-size:11px;font-family:Menlo">   m=audio 5072 RTP/AVP 18 0 8 101</div><div style="margin:0px;font-size:11px;font-family:Menlo">   a=fmtp:101 0-15</div><div style="margin:0px;font-size:11px;font-family:Menlo">   a=rtpmap:18 G729/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo">   a=rtpmap:0 PCMU/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo">   a=rtpmap:8 PCMA/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo">   a=rtpmap:101 telephone-event/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo">   a=ptime:20</div><div style="margin:0px;font-size:11px;font-family:Menlo">   a=sendrecv</div><div style="margin:0px;font-size:11px;font-family:Menlo"><br></div><div style="margin:0px;font-size:11px;font-family:Menlo"><font color="#b51a00">3-Accordingly Freeswitch start to deal with the call normally</font></div></div></div></blockquote><div><br></div><div>As it should, Its hitting the external profile which doesn&#39;t have authentication on it.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div style="margin:0px;font-size:11px;font-family:Menlo"><font color="#b51a00"><br></font></div><div style="margin:0px;font-size:11px;font-family:Menlo"><font color="#b51a00"><br></font></div><div style="margin:0px;font-size:11px;font-family:Menlo">   ------------------------------------------------------------------------</div><div style="margin:0px;font-size:11px;font-family:Menlo">send 333 bytes to udp/[142.54.179.218]:5070 at 16:41:34.211442:</div><div style="margin:0px;font-size:11px;font-family:Menlo">   ------------------------------------------------------------------------</div><div style="margin:0px;font-size:11px;font-family:Menlo">   SIP/2.0 100 Trying</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Via: SIP/2.0/UDP 142.54.179.218:5070;branch=z9hG4bK-d6e1ddab827448435f49ecaf6e613e2e;rport=5070</div><div style="margin:0px;font-size:11px;font-family:Menlo">   From: 1000&lt;<a>sip:1000@177.31.245.177</a>&gt;;tag=e8473b10</div><div style="margin:0px;font-size:11px;font-family:Menlo">   To: 9009972599796504&lt;<a>sip:9009972599796504@177.31.245.177</a>&gt;</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Call-ID: d6e1ddab827448435f49ecaf6e613e2e</div><div style="margin:0px;font-size:11px;font-family:Menlo">   CSeq: 1 INVITE</div><div style="margin:0px;font-size:11px;font-family:Menlo">   Content-Length: 0</div><p style="margin:0px;font-size:11px;font-family:Menlo;min-height:13px">   <br></p><div style="margin:0px;font-size:11px;font-family:Menlo">   ————————————————————————————————————</div><div style="margin:0px;font-size:11px;font-family:Menlo"><br></div><div style="margin:0px;font-size:11px;font-family:Menlo"><font color="#b51a00">4-as we can see below Freeswitch consider the call coming from my server IP not from the remote IP(My server IP = 177.31.245.177)</font></div></div></div></blockquote><div><br></div><div>No thats false, This is just a channel named thats formed from various bits of data, Its meaningless data and can be set, overridden or changed.  This has no bearing on what freeswitch thinks.  Most likely its using the host element from the From header.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div style="margin:0px;font-size:11px;font-family:Menlo"><br></div><div style="margin:0px;font-size:11px;font-family:Menlo"><span style="color:rgb(52,187,199)">2015-01-14 16:41:34.203196 [NOTICE] switch_channel.c:1055 New Channel sofia/external/</span><font color="#b51a00"><a href="mailto:1000@177.31.245.177" target="_blank">1000@177.31.245.177</a> </font><font color="#34bbc7">[d1879400-9c03-11e4-8cd6-2f1eb174d7b4]</font></div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_session.c:1053 Send signal <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> [BREAK]</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_session.c:1053 Send signal <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> [BREAK]</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:472 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) Running State Change CS_NEW</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] sofia.c:8812 <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> receiving invite from <a href="http://142.54.179.218:5070" target="_blank">142.54.179.218:5070</a> version: 1.4.13 git b942d0f 2014-11-03 19:53:00Z 64bit</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] sofia.c:6606 Channel <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> entering state [received][100]</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] sofia.c:6616 Remote SDP:</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">v=0</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">o=sipcli-Session 1883669566 1798766211 IN IP4 142.54.179.218</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">s=sipcli</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">c=IN IP4 142.54.179.218</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">t=0 0</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">m=audio 5072 RTP/AVP 18 0 8 101</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">a=rtpmap:18 G729/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">a=rtpmap:0 PCMU/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">a=rtpmap:8 PCMA/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">a=rtpmap:101 telephone-event/8000</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">a=fmtp:101 0-15</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">a=ptime:20</div><div style="margin:0px;font-size:11px;font-family:Menlo;min-height:13px"><br></div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] sofia.c:6868 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) State Change CS_NEW -&gt; CS_INIT</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_session.c:1388 Send signal <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> [BREAK]</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:491 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) State NEW</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:472 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) Running State Change CS_INIT</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:512 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) State INIT</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] mod_sofia.c:87 <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> SOFIA INIT</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:40 <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> Standard INIT</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:48 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) State Change CS_INIT -&gt; CS_ROUTING</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_session.c:1388 Send signal <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> [BREAK]</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:512 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) State INIT going to sleep</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:472 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) Running State Change CS_ROUTING</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_channel.c:2184 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) Callstate Change DOWN -&gt; RINGING</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:528 (<a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a>) State ROUTING</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] mod_sofia.c:123 <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> SOFIA ROUTING</div><div style="margin:0px;font-size:11px;font-family:Menlo;color:rgb(175,173,36)">2015-01-14 16:41:34.203196 [DEBUG] switch_core_state_machine.c:166 <a href="mailto:sofia/external/1000@177.31.245.177" target="_blank">sofia/external/1000@177.31.245.177</a> Standard ROUTING</div></div></div></blockquote><div><br></div><div>This is someone from outside calling in to your system, the public context is a sandbox to allow you to isolate and route non-authenticated traffic to your internal contexts via the transfer app, per the vanilla config examples.  This is also whey you need to understand how to secure FreeSWITCH.</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word"><div><div style="margin:0px;font-size:11px;font-family:Menlo"><font color="#b51a00">2015-01-14 16:41:34.203196 [INFO] mod_dialplan_xml.c:558 Processing 1000 &lt;1000&gt;-&gt;9009972599796504 in context public</font></div></div><div><br></div><div><br></div></div><br>_________________________________________________________________________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" target="_blank">http://confluence.freeswitch.org</a><br>
<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><div dir="ltr">







<p><font face="courier new, monospace"><b><i><font size="4">Brian West</font></i></b><br><span style="font-size:x-small"><a href="mailto:brian@freeswitch.org" target="_blank">brian@freeswitch.org</a></span></font></p>
<p><font size="1" face="courier new, monospace"><img src="http://billing.freeswitch.org/templates/default/img/whmcslogo.png"><br></font></p><p><font face="courier new, monospace"><b><i>Twitter: @FreeSWITCH , @briankwest</i></b><br><a href="http://www.freeswitchbook.com" target="_blank">http://www.freeswitchbook.com</a><br><a href="http://www.freeswitchcookbook.com" target="_blank">http://www.freeswitchcookbook.com</a></font></p>
<p><font face="courier new, monospace"><b>T:</b><a href="tel:%2B19184209001" value="+19184209001" target="_blank">+19184209001</a> | <b>F:</b><a href="tel:%2B19184209002" value="+19184209002" target="_blank">+19184209002</a> | <b>M:</b>+1918424WEST (9378)<br><b>iNUM:</b>+883 5100 1420 9001 | <b>ISN:</b>410*543 | <b>Skype:</b>briankwest</font></p></div></div>
</div></div>