<div style="font-family: Helvetica; font-size: 13px; ">Hi,<div><br></div><div>Thanks, I somehow manage to get IP-addresses that are never supposed to be looked up by dns added to the dns blacklist. Is it someway I accidentally cause lookup even when routing on IP?</div><div><br></div><div>Here is what i do (public ip replaced by me)</div><div><br></div><div>1. INVITE request received with sip:0852281833@sip.mydomain.com;user=phone</div><div><div>2. I do some custom logic to route from db-saved destinations</div><div><div>3. r-uri rewritten to sip:087123456@10.10.10.10:5060</div></div><div>4. 10.10.10.10 offline - 10.10.10.10 is added to blacklist.</div><div><br></div><div>From the config, involved lines:</div><div>avp_db_query("SELECT dest_ip from my_forward_table where number='$rU'", "$avp(result_dest_ip)")</div><div>$var(toruri) = "sip:" + $rU +"@" + $avp(result_dest_ip);</div><div>$ru = $var(tovururi);</div><div><div>t_relay()</div></div></div><div><br></div><div>From command line</div><div><div>> opensipsctl fifo list_blacklists</div><div>List:: dns owner=17 flags=6</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>Rule:: flags=0</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>IP:: 10.10.10.10</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>Mask:: 255.255.255.255</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>Proto:: 1</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>Port:: 5060</div><div><span class="Apple-tab-span" style="white-space:pre"> </span>Expire:: 1474</div></div><div><br></div><div><br></div><div>BR</div><div>Daniel Nihlen</div><div><br></div></div>
<div></div>
<p style="color: #A0A0A8;">On Tuesday 23 April 2013 at 11:54, Bogdan-Andrei Iancu wrote:</p>
<blockquote type="cite" style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px;">
<span><div><div>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<tt>Hello Daniel,<br>
<br>
disable_dns_blacklist is used to store failed IPs which were
discovered via DNS (NAPTR + SRV + A). Once an IP is blacklisted,
it will be blocked in all cases, doesn't matter if calling via
FQDN or directly IP.<br>
<br>
Regards,<br>
</tt>
<pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
<br>
On 04/23/2013 11:30 AM, Daniel Nihlén wrote:
<blockquote type="cite"><div>
<div> Hi, </div>
<div><br>
</div>
<div>(opensips 1.7.2)</div>
<div><br>
</div>
<div>I have </div>
<div>disable_dns_blacklist=no</div>
<div><br>
</div>
<div>Good: Blacklisting for destinations that are discovered by
srv record but not responding are working.</div>
<div><br>
</div>
<div>Bad: But I also get blacklisting on destinations that are
addressed with ip-address. Ex <a href="sip:087123456@x.x.x.x:5060">sip:087123456@x.x.x.x:5060</a>. I was
under the assumption that routing by IP-address should not be
blacklisted (judging by the _dns_ in the parameter name. :). </div>
<div><br>
</div>
<div>Is this the designed behavior am I accidentally using dns for
IP-destiantions?</div>
<div><br>
</div>
<div>Thanks</div>
<div>Daniel Nihlen</div>
<div>+46706604530</div>
<pre wrap=""><fieldset></fieldset>
_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</div></blockquote></div></div></span>
</blockquote>
<div>
<br>
</div>