User Tools

Site Tools


tutorials:security:kamailio-security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
tutorials:security:kamailio-security [2019/04/04 10:34]
pepelux
tutorials:security:kamailio-security [2019/05/23 12:42] (current)
pepelux
Line 96: Line 96:
 </code> </code>
  
-==== Change the server header ====+==== Change the server and user agent header ====
  
 When Kamailio sends you a packet back, it will be friendly enough to tell you which version of Kamailio is running. This informs the attacker which types of attacks might make sense. When Kamailio sends you a packet back, it will be friendly enough to tell you which version of Kamailio is running. This informs the attacker which types of attacks might make sense.
Line 117: Line 117:
 sip_warning=0 sip_warning=0
 </code> </code>
 +
 +To change the user agent header (e.g. used from the dispatcher module to send out OPTIONS requests) use this parameter:
 +
 +<code>
 +user_agent_header="User-Agent: My SIP Server"
 +</code>
 +
 ===== Anti-Flood ===== ===== Anti-Flood =====
  
Line 323: Line 330:
  
 <code> <code>
-loadmodule    "geoip.so"+loadmodule    "geoip2.so"
 loadmodule    "secfilter.so" loadmodule    "secfilter.so"
  
Line 334: Line 341:
  
 route[SECURITY_CHECKS] { route[SECURITY_CHECKS] {
-        if (geoip_match("$si", "src")) {+        if (geoip2_match("$si", "src")) { 
 +                secf_check_country($gip2(src=>cc));
                 # return values ...                 # return values ...
                 #  2 = whitelisted                 #  2 = whitelisted
Line 340: Line 348:
                 # -1 = error                 # -1 = error
                 # -2 = blacklisted                 # -2 = blacklisted
-                secf_check_country($gip(src=>cc)); 
                 if ($? == -2) {                 if ($? == -2) {
-                        xalert("$rm from $si blocked because Country '$gip(src=>cc)' is blacklisted");+                        xalert("$rm from $si blocked because Country '$gip2(src=>cc)' is blacklisted");
                         exit;                         exit;
                 }                 }
Line 361: Line 368:
         }         }
    
 +        secf_check_from_hdr();
         # return values ...         # return values ...
         #  4 = name whitelisted         #  4 = name whitelisted
Line 370: Line 378:
         # -3 = domain blacklisted         # -3 = domain blacklisted
         # -4 = name blacklisted         # -4 = name blacklisted
-        secf_check_from_hdr(); 
         switch ($?) {         switch ($?) {
                 case -2:                 case -2:
tutorials/security/kamailio-security.1554366874.txt.gz · Last modified: 2019/04/04 10:34 by pepelux