[asterisk-bugs] [JIRA] (ASTERISK-19348) With alwaysauthreject=yes AND allowguest=no Asterisk fails to report a SIP Security Event

Michael L. Young (JIRA) noreply at issues.asterisk.org
Tue Feb 5 11:43:58 CST 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-19348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=202580#comment-202580 ] 

Michael L. Young commented on ASTERISK-19348:
---------------------------------------------

motekpc, please stop posting your solution here on the issue tracker.  If you look at this issue, you will see that this is not a proper fix and is not supported.  Therefore, please do not post that here.  Feel free to create a blog post to explain how you were able to do this and direct people there with your own disclaimer.

https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines#AsteriskIssueGuidelines-PatchandCodesubmission

Again, this is not the proper place to be posting a step by step guide on how to modify Asterisk code.

Thanks
                
> With alwaysauthreject=yes AND allowguest=no Asterisk fails to report a SIP Security Event
> -----------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-19348
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-19348
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General
>    Affects Versions: 1.8.9.2, 10.1.2
>            Reporter: Bruce B
>         Attachments: asterisk-19348-auth_fake-sec-event_v1.patch, asterisk-19348-auth_fake-sip-log-event_v1.patch
>
>
> Asterisk should log source IP address of incoming calls when allowguest=no AND alwaysauthreject=yes but it doesn't. It seems to be a deficiency of allowguest feature. The only log found when there is an incoming call is this which doesn't include source IP address:
> NOTICE[10331] chan_sip.c: Sending fake auth rejection for device "Anonymous" <sip:Anonymous at anonymous.invalid>;tag=as4a1b8317
> ***WARNING: source IP address in this MUST be pulled from OS network layer rather than relying on SIP Packets as spoofed source IP is not really the source IP. Better yet maybe include both spoofed source IP and true source IP in a message like this:
> chan_sip.c: NOTICE[xxxxx]: Call attempt was made from SPOOFED SOURCE IP: x.x.x.x with TRUE SOURCE IP: x.x.x.x
> ***It's best to create this log in full log file as well.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list