From e3bd95f55cfc3e4b131c4bd8f9464d7d67bb4cb2 Mon Sep 17 00:00:00 2001 From: Corey Farrell <git@cfware.com> Date: Thu, 6 Oct 2016 02:29:21 -0400 Subject: [PATCH] chan_sip: Add security event for calls to invalid extension. Log a message to security events when an INVITE is received to an invalid extension. ASTERISK-25869 #close Change-Id: I0da40cd7c2206c825c2f0d4e172275df331fcc8f --- CHANGES | 5 +++++ channels/chan_sip.c | 1 + 2 files changed, 6 insertions(+) diff --git a/CHANGES b/CHANGES index 7dd1aac27e..0295e8a315 100644 --- a/CHANGES +++ b/CHANGES @@ -21,6 +21,11 @@ Core Asterisk is compiled with the LOW_MEMORY compile time option enabled because the cache code does not exist. +chan_sip +------------------ + * Calls to invalid extensions are now reported as an ACL failure security event + "no_extension_match". + res_pjsip ------------------ * The "identify_by" on endpoints can now be set to "ip" to restrict an endpoint diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 9add425649..522e9d1d6e 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -26405,6 +26405,7 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, str ast_log(LOG_NOTICE, "Call from '%s' (%s) to extension" " '%s' rejected because extension not found in context '%s'.\n", S_OR(p->username, p->peername), ast_sockaddr_stringify(&p->recv), decoded_exten, p->context); + sip_report_failed_acl(p, "no_extension_match"); } break; case SIP_GET_DEST_REFUSED: -- GitLab