<div dir="ltr">I have been thinking about only accepting tcp/tls on the public profile and blocking udp at the border.<div>The peer will have to do the 3 way handshake which means we know they have a valid source ip:port before they get up the sip stack</div><div><br></div><div>I'm sure this is not a new idea.</div><div><br></div><div>Any thoughts?<br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div>Sincerely,</div><div dir="ltr"><br></div><div dir="ltr">Russell Treleaven<div><a href="mailto:sip%3Artreleaven@sip.bunnykick.ca" target="_blank">sip:rtreleaven@sip.bunnykick.ca</a>;transport=tcp</div><div><br></div></div></div></div></div>
</div></div>