Kamailio Advanced Training
Click here for more details!

Learn how to build RTC services with Kamailio!

Friday, October 1, 2010

Best of New in Kamailio 3.1.0 - #5: GeoIP API

When providing services world wilde, with a centralized signaling platform and distributed media relays for optimizing voice path, one of the most important decisions to make is which media relay to use for best quality.

One criterion is geographic location of caller and callee - discovering that at runtime is much better than static mapping considering the mobility of users.
Kamailio 3.1.0's new module named geoip provides to configuration file an easy way to discover the location of caller or callee based on IP address. You can query a Max Mind GeoIP database and receive location details such as country code, time zone, a.s.o.

Here is an example of how to detect if the caller and callee are located in same country:
if(lookup("location")) {
# callee is online
geoip_match("$si", "src");
geoip_match("$nh(d)", "dst");
if($gip(src=>cc)==$gip(dst=>cc)) {
xlog("caller and callee located in same country - code: $gip(src=>cc)\n");
}
}
Another beneficial result is to be able to drop traffic coming from specific countries that tried to attack your service or you don't have customers. This is very useful these days, in a time where spit and scanning attacks against VoIP server increases.

Of course, this is an alternative to firewall method, giving you the opportunity to monitor (e.g., write in SIP server logs) if there are attempts of sending calls from such countries. Also, you can count attempts from a specific country and block the country for a while, everything done dynamically in your configuration file.

Blocking all traffic from Canada would be like:
geoip_match("$si", "src");
if($gip(src=>cc)=="CA") {
xlog("SIP message from Canada (ip: $si) - drop it\n");
send_reply("403", "Forbidden");
exit;
}
GeoIP API is very easy to use, the module has one parameter to set the path to GeoIP database, then you can match any IP address (e.g., source IP, next hop IP, IP from Via, Contact or any other header) and store the results in as many containers as you want, then they can be used to compare any attribute between them or against config values.

The documentation of geoip module is available at:

No comments:

Post a Comment