23.04.2019 0:27, Joshua C. Colp wrote:
On Mon, Apr 22, 2019, at 2:10 PM, Pavel wrote:
<snip>
Tried already.
"line" is good, but not perfect.
Every time I restart asterisk, it will generate new random string for ";line=".
So, every time I restart asterisk, registrar (Server1) will save one
more contact in it's database.
Some will remove obsolete contacts, but some will not.
For example, FreePBX will not remove obsolete contacts, if max_contacts
specified (FreePBX will set rewrite_contact=no in this case).
So, after a number of Asterisk restarts, FreePBX will reject new
registrations, as max_contacts is reached.
It should specify remove_existing to remove old ones to make room for the new
ones. That would be a FreePBX thing, though.
FreePBX is an example, where it can be a critical problem.
3cx will work, but if you will restart asterisk 10 times - you will see
10 times more contacts in 3cx.
When you will make call from 3cx - it will make 10 calls (10 contacts),
untill they will obsolete...
Unfortunately, "line" does not save random between restarts.
It's also unable to specify "random" value in pjsip.conf.
I'm thinking to patch res_pjsip_outbound_registration to add this feature.
Am I wrong and there is another way ?
I don't see any reason why this couldn't be an option.
For flexibility.
Not to register new fake contacts in peer PBX.
It's also a security hole, as anybody can generate INVITE with
";line=random" from any IP address !
You can use an ACL to limit the endpoint to certain source IP addresses.
5+ !
Thank you, ACL is a good idea !
res_pjsip_outbound_registration will only match "line", but will not
take care about source IP, ...
Is there any more clear way to identify incoming INVITE/OPTIONS packets ?
Not very familliar with SIP, not sure, how should it be done.
There is no real defined mechanism within SIP to do this. Phones employ
different mechanisms to differentiate. Some may use a similar mechanism to the
line option. Some run multiple SIP transports on different ports for each
account so they can differentiate based on where it came in on. Some look at
the request URI coming in. Some just don't care.
Sniffered some time ago how it's done in phonerlite, jitsi, linksys, ...
Some use different port, some use ";rinstance=", the same like ";line="
in asterisk.
Was not sure it's a right way to go.
I will probably extend "line" a bit to specify it's value in pjsip.conf .
It will be less than 10 lines of code.
Thank you very much !
Your help will simplify my life a lot :-)
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
Check out the new Asterisk community forum at: https://community.asterisk.org/
New to Asterisk? Start here:
https://wiki.asterisk.org/wiki/display/AST/Getting+Started
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
