User's Manual 320 Document #: LTRT-10466
Mediant 500L MSBR
21.5 Configuring SIP Message Policy Rules
The Message Policy table lets you configure up to 20 SIP Message Policy rules. SIP
Message Policy rules are used to block (blacklist) unwanted incoming SIP messages or
permit (whitelist) receipt of desired SIP messages. You can configure legal and illegal
characteristics of a SIP message. This feature is helpful against VoIP fuzzing (also known
as robustness testing), which sends different types of packets to its "victims" for finding
bugs and vulnerabilities. For example, the attacker might try sending a SIP message
containing either an oversized parameter or too many occurrences of a parameter.
To apply SIP Message Policy rules, you need to assign them to SIP Interfaces associated
with the relevant IP Groups (see ''Configuring SIP Interfaces'' on page 283).
Each Message Policy rule can be configured with the following:
Maximum message length
Maximum header length
Maximum message body length
Maximum number of headers
Maximum number of bodies
Option to send 400 "Bad Request" response if message request is rejected
Blacklist and whitelist for defined methods (e.g., INVITE)
Blacklist and whitelist for defined bodies
The following procedure describes how to configure Message Policy rules in the Web
interface. You can also configure Message Policy rules using the table ini file parameter,
MessagePolicy or the CLI command, configure voip > sbc message-policy.
To configure SIP Message Policy rules:
1. Open the Message Policy Table page (Configuration tab > VoIP menu > SIP
Definitions > Msg Policy & Manipulation > Message Policy Table).
2. Click Add; the following dialog box appears:
Figure 21-6: Message Policy Table - Add Record Dialog Box
3. Configure a Message Policy rule according to the parameters described in the table
below.
4. Click Submit, and then save ("burn") your settings to flash memory.
To Next Page
Loading...
