Hi Iņaki,<br><br>I would blame the ua sending the false BYE. Usually the BYE packets must be authenticated, therefore coming from a trusted source.<br><br>DanB<br><br><div class="gmail_quote">On Feb 8, 2008 5:17 PM, Iņaki Baz Castillo <<a href="mailto:ibc@in.ilimit.es">ibc@in.ilimit.es</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi, I use radius accounting with MySQL backend and MediaProxy (to make fix<br>accounting when there is no BYE).<br>
<br>Imagine this scenario:<br><br>- A calls B. This produces a "Start" acc action, so a SQL INSERT.<br><br>- After 1 minute A crashes (no BYE sent and RTP stop).<br><br>- After 20 secs with no RTP MediaProxy sends an "Update" action to radius<br>
server. This generates a SQL UPDATE that sets the StopTime. So finally the<br>call duration is 80 secs (OK).<br><br>- But now imagine that user B sends a BYE after 2 hours using the same From&To<br>tags and Call-ID. This is terrible!!! OpenSer will notify a "Stop" action to<br>
radius server which will do a new SQL UPDATE query setting the StopTime to<br>7201 secs !!!!<br><br>How to avoid it? how to avoid anyone sending a malicious BYE with From&To tags<br>and Call-ID from any other already ended call?<br>
<font color="#888888"><br>--<br>Iņaki Baz Castillo<br><a href="mailto:ibc@in.ilimit.es">ibc@in.ilimit.es</a><br><br>_______________________________________________<br>Users mailing list<br><a href="mailto:Users@lists.openser.org">Users@lists.openser.org</a><br>
<a href="http://lists.openser.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.openser.org/cgi-bin/mailman/listinfo/users</a><br></font></blockquote></div><br>