<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'>
I think what I am going to do is use a combination of:<br><br>1. Whitelist my gateway IPs.<br><br>2. Any initial INVITES from non-gateway IPs will be authorized and the dialog be added to a simple htable based on callid<br><br>3. Any in-dialog will do a lookup on the htable so that authorization isn't required on bye and the like.<br><br>Does this seem a reasonable course of action?<br><br>One question, what is the best way to whitelist a few (3) gateways?<br>I'd rather not do if($si == "ip1" || $si == "ip2" || $si == "ip3"){<br>Is there any sort of if(in_array($si,"whitelist")){ functionality or a way to iterate through an array of whitelisted ips? (I do not want to configure database support if possible)<br><br>Thanks for the help so far!<br>-Eric<br><br>> Date: Mon, 11 Apr 2011 13:18:10 -0400<br>> From: abalashov@evaristesys.com<br>> To: sr-users@lists.sip-router.org<br>> Subject: Re: [SR-Users] loose_route security<br>> <br>> On 04/11/2011 01:10 PM, Henning Westerholt wrote:<br>> <br>> > Hi Klaus,<br>> ><br>> > sure, there are issues. But we're using the dialog module since now<br>> > since some time in our production setup and it works fine for this<br>> > particular feature set.<br>> <br>> Oh, yeah. I'm a happy and extensive long-time user of the dialog <br>> module too.<br>> <br>> -- <br>> Alex Balashov - Principal<br>> Evariste Systems LLC<br>> 260 Peachtree Street NW<br>> Suite 2200<br>> Atlanta, GA 30303<br>> Tel: +1-678-954-0670<br>> Fax: +1-404-961-1892<br>> Web: http://www.evaristesys.com/<br>> <br>> _______________________________________________<br>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br>> sr-users@lists.sip-router.org<br>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users<br>                                            </body>
</html>