Wednesday, July 17, 2013

DNS operations in Kamailio configuration file

Several functions and a new pseudo-variable class were added to ipops module, allowing to do operations with DNS directly from configuration file.
One functionality is related to matching an IP address to a hostname. The hostname is resolved via a DNS query and then the IP is matched against the result set. There are two versions of this function, one using the system resolver and the other using the internal dns resolver, see:
Another enhancement is the possibility to store the result of a system dns query in a variable container and access the values from the config file – the function for the query is dns_query(hostname, pvid):
The result is stored in $dns(pvid=>key) variable – you can see details about what keys can be used as well as an example at:
The system DNS queries use getaddrinfo() C function, resolving both to IPv4 and IPv6.
Among use cases of the new functions:
  • Detect that among addresses behind a host name are some in IPv4 or IPv6, giving the option to force a specific address family
  • Check if the From header domain is matching the source IP, allowing tighter restrictions for peering even without TLS or IP list restrictions
  • IP whitelisting/blacklisting checks before creating complex structures like transactions or dialogs

No comments:

Post a Comment