<div dir="ltr">Hi Lyubo,<div><br></div><div>In this case it may be better to see if your CDR parser can skip the non-numeric caller id values, perhaps by adding a validation check prior to performing the parse action. As a rule of thumb, if your CDR parser can be tripped up by the data it is parsing then it needs to be hardened. I'm sure many here would highly recommend sanitizing/validation as a best practice, particularly when handling data that comes from the public Internet. Another consideration is that you may actually want to have a record of these kinds of attacks in case there is a need to investigate an incident or otherwise analyze attack patterns.</div><div><br></div><div>I would recommend that you change the behavior of the parser from "complaining" to "keeping the CDR database clean but logging invalid input for future reference."</div><div><br></div><div>Hope this helps,</div><div>-MC</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Dec 15, 2017 at 1:11 PM, Lyubo Popov <span dir="ltr"><<a href="mailto:koki.roul@gmail.com" target="_blank">koki.roul@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello all,<div><br><div>Maybe someone can help me with this problem and will be greatly appreciated. We are getting calls with CallerID like this one  <span style="font-family:Verdana,Arial,Helvetica">‘hi'or‘x’='x'. Later when our billing start parsing the CDRs it will complain because of the first character "`". My question I suppose is, how to prevent such calls to get added to the CDRs? We want to reject the call that has non numeric CallerID and not get it added in the CDRs. This is what we have in the dialplan.</span></div></div><div><span style="font-family:Verdana,Arial,Helvetica"><br></span></div><div><div><font face="Verdana, Arial, Helvetica"><extension name="Routing"></font></div><div><font face="Verdana, Arial, Helvetica">        <condition field="${radius_auth_result}" expression="0"/></font></div><div><font face="Verdana, Arial, Helvetica"><br></font></div><div><font face="Verdana, Arial, Helvetica">        <!--</font></div><div><font face="Verdana, Arial, Helvetica">        <condition field="${h323-redirect-number}<wbr>" expression="^(.+)$" break="never"></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="destination_number=$1" /></font></div><div><font face="Verdana, Arial, Helvetica">        </condition></font></div><div><font face="Verdana, Arial, Helvetica">        --></font></div><div><font face="Verdana, Arial, Helvetica">        <condition field="caller_id_number" expression="^([0-9]+)$"></font></div><div><font face="Verdana, Arial, Helvetica">            <anti-action application="hangup"/>            </font></div><div><font face="Verdana, Arial, Helvetica"><span style="white-space:pre-wrap">            </span></condition><span style="white-space:pre-wrap">      </span></font></div><div><font face="Verdana, Arial, Helvetica">        <condition field="destination_number" expression="^(.+)$"></font></div><div><font face="Verdana, Arial, Helvetica">            <!--<action application="info"/>--></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="export" data="nolocal:h323-call-<wbr>origin=originate"/></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="sip_h_X-accountcode=${<wbr>accountcode}" /></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="call_direction=outbound" /></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="hangup_after_bridge=<wbr>true"/></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="continue_on_fail=true"/></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="inherit_codec=true" /></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="call_timeout=20"/></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="fail_on_single_reject=<wbr>USER_BUSY" /></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="origination_caller_id_<wbr>name=${sip_req_user}"/></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="origination_caller_id_<wbr>number=${sip_from_user}"/></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="set" data="execute_on_answer=sched_<wbr>hangup +${h323-credit-time} alloted_timeout" /></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="bridge" data="{sip_invite_from_uri=<wbr>sip:${sip_from_user}@${sip_<wbr>network_ip}}sofia/internal/${<wbr>destination_number}@x.x.x.x:<wbr>5060" /></font></div><div><font face="Verdana, Arial, Helvetica">            <action application="hangup" data="${bridge_hangup_cause}"/<wbr>></font></div><div><font face="Verdana, Arial, Helvetica">        </condition></font></div><div><font face="Verdana, Arial, Helvetica">    </extension></font></div></div><div><font face="Verdana, Arial, Helvetica"><br></font></div><div><font face="Verdana, Arial, Helvetica">Thank you all!</font></div><div><font face="Verdana, Arial, Helvetica"><br></font></div><div><font face="Verdana, Arial, Helvetica">L.Popov</font></div></div><div id="m_-7626445720286026976DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><br>
<table style="border-top:1px solid #d3d4de">
        <tbody><tr>
        <td style="width:55px;padding-top:13px"><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon" target="_blank"><img src="https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif" alt="" width="46" height="29" style="width:46px;height:29px"></a></td>
                <td style="width:470px;padding-top:12px;color:#41424e;font-size:13px;font-family:Arial,Helvetica,sans-serif;line-height:18px">Virus-free. <a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link" style="color:#4453ea" target="_blank">www.avast.com</a>
                </td>
        </tr>
</tbody></table><a href="#m_-7626445720286026976_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"></a></div>
<br>______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.<wbr>freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.<wbr>org</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.<wbr>freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/<wbr>mailman/listinfo/freeswitch-<wbr>users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.<wbr>freeswitch.org/mailman/<wbr>options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br></blockquote></div><br></div>