Kamailio Advanced Training
Click here for more details!

Learn how to build RTC services with Kamailio!

Wednesday, December 23, 2009

Best of New in Kamailio 3.0.0 - #8: onsend_route

Kamailio (OpenSER) 3.0.0 provides two new routing block types:
  • onsend_route - executed when a SIP request is sent to network
  • event_route - will be presented in the next post of this series
R-URI or routing headers might have domain names and the DNS resolver is hidden behind functions like t_relay() or forward(). Moreover, there is pretty quite complexity in selecting the next hop by strict or loose routing, outbound proxy address and R-URI address which tied with DNS failover made the options to get the destination address in config impossible with older versions.

The newly introduced onsend_route comes to fill the gap. The actions in this routing block are executed just before sending the message to network, meaning:
  • you get access to the buffer with the version of the SIP request that is sent
  • you get access to all attributes of destination address: address family, transport protocol, ip address and port.
A new set of pseudo-variables and keywords are made available:
  • $snd(name), where 'name' can be 'ip', 'af', 'port' or 'proto'- get access via PV to destination's ip address, address family, port or transport protocol. In addition to details of destination address, when name is 'buf' or 'len' you get access to content of output buffer and its length.
  • snd_ip, snd_af, snd_port, snd_proto - same as above about destination address, but implemented as config keywords
Not all functions exported by core or modules are available in onsend_route, however, you can drop the request, access message flags, use transformations over the output buffer and more. msg:len keyword returns the length of the message to be sent, not the length of original message.

The typical usage is to implement outgoing filtering, a good option to protect against DNS poisoning and malicious DNS records:
onsend_route {
if(isflagset(2) && $snd(ip)=="10.10.10.10"){
drop;
}
}

No comments:

Post a Comment