We are looking to further secure our Asterisk installation by inspecting the IP address that a SIP INVITE comes from and performing some logic to determine whether the call should proceed. The purpose of this is to prevent calls to certain expensive destinations if the SIP message is coming from a foreign IP that we don't expect.
I can see that it's possible to use the SIP_HEADER function however that may not contain the public IP address. For example here is an invite from the external IP address 58.28.1.1 but that information is not contained in the SIP header: U 58.28.1.1:5060 -> 203.89.1.1:5060 INVITE sip:1...@domain.com SIP/2.0..Via: SIP/2.0/UDP 192.168.1.103:5060;branch=z9hG4bK-d8754z-fc116e03a80ef774-1---d8754z-;rport. .Max-Forwards: 70 ..Contact: <sip:0003330822222261336@192.168.1.103:5060>..To: <sip:1...@domain.com>..From: <sip:0003330822222261...@domain.com>;tag=7 dcb1e4d..Call-ID: NDMyZmRhY2Q4ZjNhMjAxMDJhOTA3OTU0MzMyNTkzNjI...CSeq: 1 INVITE..Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INF O..Content-Type: application/sdp..Supported: replaces..User-Agent: X-Lite release 5.0.0 stamp 67284..Content-Length: 217....v=0..o=- 12988751314362048 1 IN IP4 192.168.1.103..s=CounterPath X-Lite 5.0.0..c=IN IP4 192.168.1.103..b=AS:1638..t=0 0..m=audio 5062 RTP/AVP 0 8 3 101..a=rtpmap:101 telephone-event/8000..a=fmtp:1 01 0-15..a=sendrecv.. Is it possible to determine the public IP address from the dialplan? Any advice appreciated.
<<attachment: winmail.dat>>
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
