SIP Register Filtering
Contents |
SIP Register Filtering
The SIP Register Filtering feature allows monitoring of SIP registration messages and manipulation of the SIP registration flow. It could be used to protect the system against false SIP registration requests (i.e. as a scanner protection mechanism).
SIP Register Filtering configuration contains a list of rules to verify when receiving a SIP registration message. Each rule contains a list of conditions and a list of actions. Each SIP registration messages are verified against the SIP Register Filtering rule conditions. When a SIP registration message matches the conditions of a SIP Register Filtering rule, the actions of the rule get executed.
SIP Register Filtering Rules
The SIP Register Filtering rules are divides into 2 categories. The first category is Inbound and the second one is Outbound. The Inbound rules are the rules that applies to messages coming from a User-Agent. The Outbound rules are the rules that applies to messages coming from a registrar.
A SIP Register Filtering rule contains multiple conditions that could be ORed or ANDed. The logical combinaison of the conditions matching test will decide whether or not to execute actions of the rule.
Note that if a SIP message matches a rule, depending on the type of action and the rule Continue option, SIP Register Filtering may not continue with next rule of the list after execution of current rule actions.
SIP Register Filtering Rule Conditions
The mandatory SIP Register Filtering rule condition fields are: Operand, Operator and Value. Optionaly, the rule condition may contain a Header Type field identifier depending on selected Operand.
There is three types of supported Operands: Request-Line, Status-Line and Header. The Request-Line operand type refers to the first line of a SIP request message. The Status-Line operand type refers to the first line of a SIP response message. The Header operand type refers to a specific header of a SIP message identified by the Header Type field.
The Value field contains the value or a regular expression to compare or match against the selected Operator.
Here is the list of supported Operators: equal, not_equal, matches_regex, does_not_match_regex, begins_with, does_not_begin_with, contains and does_not_contain. The equal and not_equal operators are verifying if Value field is equal or not equal to the identified Operand. The matches_regex and does_not_match_regex operators are verifying if Value field regular expression matches or does not match the selected Operand. The begins_with and does_not_begin_with operators are verifying if Value field appears at the beginning of the selected Operand. Finally, the contains and does_not_contains operators are verifying if Value field appears in the selected Operand at any position.
SIP Register Filtering Rule Actions
todo
