Torrey Searle wrote:
I wouldn't dare change the default :-)But the way I understand the code is that it would end up being a switching, as getting a packet from the current source doesn't seem to re-set the counter. I'll do the following, change the conf validation to allow probation = 0 (default will remain 4) if learning_min_sequential is 0, the else in if (rtp->strict_rtp_state == STRICT_RTP_CLOSED) { if (!ast_sockaddr_cmp(&rtp->strict_rtp_address, &addr)) { will be disabled
If an attacker were aggressive with the sending of the RTP and were able to get enough packets in before a legit one, yes. As it is the reception of a legit packet resets the counter each time (the call to rtp_learning_seq_init) so under normal usage a rogue stream can't cause it to switch.
-- Joshua Colp Digium, Inc. | Senior Software Developer 445 Jan Davis Drive NW - Huntsville, AL 35806 - US Check us out at: www.digium.com & www.asterisk.org -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
